healthplanslakeland.com/
15.197.142.173301 Moved Permanently 86 B IP 15.197.142.173:0
File type HTML document, ASCII text
Hash 23897d7b371b5d370ab785b253a73518
a0d590f048d3726b5574f58110bdbb0af2b95c6c
53f7fbb9c3bdb20b73a471daf6f9290682c29f835a4292a99be1a8174bf4b55e
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: healthplanslakeland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Sep 2022 00:50:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 86
Connection: keep-alive
Location: https://www.healthsherpa.com/?_agent_id=Magnusonins
Server: ip-100-74-2-216.eu-west-2.compute.internal
X-Request-Id: 52a9f0be-e43a-4734-81fc-42c051135aa1
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 00:45:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YcuF9CJkZy2Bg1yHxCWW2CE24do-4aP3VxhXGQAvlTP9CIqR7EWioA==
Age: 321
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3852
Expires: Tue, 06 Sep 2022 01:54:42 GMT
Date: Tue, 06 Sep 2022 00:50:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Grs5ImT915AT7YHdBv6ZAWwZqWSNjQ5WKmyKx7K9925FgcL6ifrjkw==
age: 84913
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 00:50:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash b66e2380775632bcb5b69fc903a75a54
f2c3dec2cc3d775433f16b9c760dcf1877934bbe
6566e4b84ba66e54ab086c3d9329dfcdd21e01ff4536174323182921fa0c62d8
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 06 Sep 2022 00:50:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 05 Sep 2022 22:37:43 GMT
Expires: Tue, 06 Sep 2022 22:37:43 GMT
ETag: "f2c3dec2cc3d775433f16b9c760dcf1877934bbe"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 00:38:16 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 01:28:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: owUmmnd1_YEuQspoQgVdgPS1zzmzbEO9CUTkWBYSx6fzXmR5s0KF7g==
Age: 734
www.healthsherpa.com/?_agent_id=Magnusonins
54.86.224.22200 OK 21 kB URL HTTP/1.1 www.healthsherpa.com/?_agent_id=Magnusonins
IP 54.86.224.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10223)
Hash 4e483c4c8f570abb37125d91e1257114
35324e6f066954b35960bc43b6c4cc08f948b8a2
7b0f2698020a8691e30341a78eb41a1823539d8c834a955d7466ac85ca2b8734
GET /?_agent_id=Magnusonins HTTP/1.1
Host: www.healthsherpa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Etag: W/"a35dc63789626df38e1bc86784e93fee"
Link: <https://d1mm04003omuon.cloudfront.net/assets/application-a5cc6a2cc85e6f7b9fec0636d4085e266aefbd09f90bfaa6a169a1cdfec16bc1.css>; rel=preload; as=style; nopush,<//maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css>; rel=preload; as=style; nopush,<https://d1mm04003omuon.cloudfront.net/assets/lib/underscore-min-1ef429020397ebaba9d3752f605982067439ea7be5f8f5fb75619894161162f2.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/app/namespaces-200ff73079b91ecd05b1b739a469338603fe4d62c192afbbbde87c14e2b1cdba.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/app/utility/browser-4bb9fd2422a5c08b1c8d2d86afba93c4debe1a16d51ad6a272108f038e38aa8c.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/app/utility/agent_attribution-60f62b35da3753d22e730c0cb95e376c67035280b86c4e60f3f7262725ab8f95.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/app/utility/mixpanel-3f1d5ec662c8c7b1ad9441de5e9f2c5fd062b4afe122822972a82721eddf8fc9.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/analytics-fe7da4924497ccf27a1dbee176ad860d0fba060bccc18ab3febb410d0e5606b9.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/global_notifier-a7d739ff3460d9dc48bf30df729bc5d27cf0b2fa6de543e783eb12acfd538527.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/application-cc5a8cf780bdb033aec654465ba9cababe9de75fbc777518d58945d2f992fcf1.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/shims-588a2e97a90e31a88199356e2d69bb7c2f6887f5a40ae856f3352d382a8c0fb2.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/react/vendor_bundle.47ee939047896f36d317.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/react/client_bundle.b48e0d014171d885c53b.js>; rel=preload; as=script; nopush,<https://d1mm04003omuon.cloudfront.net/assets/react/styles_client_bundle.b48e0d014171d885c53b.css>; rel=preload; as=style; nopush
P3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV CONo OUR IND PHY ONL GOV STA DEM COM NAV"
Permissions-Policy: accelerometer=(), autoplay=(self), camera=(), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(self), usb=()
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: experiment_guest_identifier=a6bcaf43c2e32c446e3b24da5e86ab8c; path=/; SameSite=Lax; secure; HttpOnly
googtrans=%2Fen%2Fen; path=/; SameSite=Lax; secure; HttpOnly
_hs_prod_session_key_2020_08_09=dad2d996c82356f8c2b5e7bdaa124e4c; domain=.healthsherpa.com; path=/; expires=Thu, 06 Oct 2022 00:50:30 GMT; secure; HttpOnly; SameSite=None
Strict-Transport-Security: max-age=631138519
Vary: Accept-Encoding, Origin
Via: 1.1 spaces-router (a302eeabfffb)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 486a4636-4194-771f-bcc6-7124c92be7a9
X-Runtime: 0.144891
X-Xss-Protection: 1; mode=block
Date: Tue, 06 Sep 2022 00:50:30 GMT
Transfer-Encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5061
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:31 GMT
Last-Modified: Mon, 05 Sep 2022 23:26:10 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
d1mm04003omuon.cloudfront.net/assets/shims-588a2e97a90e31a88199356e2d69bb7c2f6887f5a40ae856f3352d382a8c0fb2.js
54.230.245.49200 OK 3.1 kB URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/shims-588a2e97a90e31a88199356e2d69bb7c2f6887f5a40ae856f3352d382a8c0fb2.js
IP 54.230.245.49:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (6733), with no line terminators
Hash 550d7e1fda219468d24ced0b32a6215f
73cf59ff5e583503b5b8cda5051b9d36f6d57ad9
d2093ee4bc9d7969b559718901a33fd50f5b6364a12dc8e3ab523e9746977871
GET /assets/shims-588a2e97a90e31a88199356e2d69bb7c2f6887f5a40ae856f3352d382a8c0fb2.js HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3068
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Mon, 05 Sep 2022 07:14:17 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fXQpu8Cd11jgeh1s1CP7QhVe1J3TMDYB1kAe4MP7zCFGT50TOFB2-g==
age: 63374
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3680ddc9d427620db68d57a71a38d3f0
8bc5592390e1d48a977b6ced2aac6e3b16fc6812
d706818748577a8acf201e234c1dbe3efb039a35fd78596e0af6dd20dfae5dea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4127
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:31 GMT
Last-Modified: Mon, 05 Sep 2022 23:41:44 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
d1mm04003omuon.cloudfront.net/assets/application-a5cc6a2cc85e6f7b9fec0636d4085e266aefbd09f90bfaa6a169a1cdfec16bc1.css
54.230.245.49200 OK 176 kB URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/application-a5cc6a2cc85e6f7b9fec0636d4085e266aefbd09f90bfaa6a169a1cdfec16bc1.css
IP 54.230.245.49:0
File type ASCII text, with very long lines (33918)
Size 176 kB (176418 bytes)
Hash ae28e6a7bcc2aa5af07d0a400b78e2e7
11f17755b2282b9bf59be09fd22ed8c2e336f64a
93d543bac4d7d7537d4ebb0e5acc6127221eeb3259cc797a63d210080194ba74
GET /assets/application-a5cc6a2cc85e6f7b9fec0636d4085e266aefbd09f90bfaa6a169a1cdfec16bc1.css HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 176418
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 18:35:45 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Az6qVsTslkvVFEJcsd3DZYxX1BrcPnjTaYtgj-oM0_X5ELq_pj6KRA==
age: 70227
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
104.17.25.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65447)
Hash d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 00:50:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3470652
expires: Sun, 27 Aug 2023 00:50:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3XIQcsKXCI%2FOwTWbqw3tp6VuqQDxscTuTs7uBR%2BKxuKw1EaDvpYzGQcYd7x%2FeMMVJonZ38CK4MkjkOJ8e1fBXYPn5WXAwZVPpZcwmLxqCu%2F2Mjz0qlOTsUtRMB9fX34hNPNGpvK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74633600cb70b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1mm04003omuon.cloudfront.net/assets/app/namespaces-200ff73079b91ecd05b1b739a469338603fe4d62c192afbbbde87c14e2b1cdba.js
54.230.245.49200 OK 103 B URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/app/namespaces-200ff73079b91ecd05b1b739a469338603fe4d62c192afbbbde87c14e2b1cdba.js
IP 54.230.245.49:0
File type ASCII text, with no line terminators
Hash bf2ae47514353f0c7e41e34438cc41e6
a1b772f5fb3f8ab493907b09675d3751b4dc3ce7
f230539896ade8d7b67abf9bf30c3188d4234b80ed7b7509c1780e4d1b5417f6
GET /assets/app/namespaces-200ff73079b91ecd05b1b739a469338603fe4d62c192afbbbde87c14e2b1cdba.js HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 103
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OiAiu_uppJbyw1cnPz2lTKL_ulLRzRvZkVE84cLEWW17xiXwNAB8Kg==
age: 70227
X-Firefox-Spdy: h2
d1mm04003omuon.cloudfront.net/assets/lib/underscore-min-1ef429020397ebaba9d3752f605982067439ea7be5f8f5fb75619894161162f2.js
54.230.245.49200 OK 5.7 kB URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/lib/underscore-min-1ef429020397ebaba9d3752f605982067439ea7be5f8f5fb75619894161162f2.js
IP 54.230.245.49:0
File type ASCII text, with very long lines (16170)
Hash b6522ca95c40bcdf16b55c4044576ca2
2dc9f09e716bedce38f04007268dac40c15ac085
fedf3f0aa21fd6e38d96468fcf87bb805c3f61a3e794ccb335755b43cc0b4d95
GET /assets/lib/underscore-min-1ef429020397ebaba9d3752f605982067439ea7be5f8f5fb75619894161162f2.js HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 5695
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Mon, 05 Sep 2022 05:20:04 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Q1a67QNawnlx1QOfTKTGbZcAe4sX-ZVMbEVEF1_d1n9hef8ln7JUZw==
age: 70227
X-Firefox-Spdy: h2
d1mm04003omuon.cloudfront.net/assets/app/utility/mixpanel-3f1d5ec662c8c7b1ad9441de5e9f2c5fd062b4afe122822972a82721eddf8fc9.js
54.230.245.49200 OK 723 B URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/app/utility/mixpanel-3f1d5ec662c8c7b1ad9441de5e9f2c5fd062b4afe122822972a82721eddf8fc9.js
IP 54.230.245.49:0
File type ASCII text, with very long lines (2802), with no line terminators
Hash 048cd3a01ab464fc2e7d9482f3874940
20f83eb84a38e9de6d33750e94c346570c4bf73c
fed2f1a9ec8c7bdda15d4f06870918659df4b69f4f9346eb89af41ab016392b4
GET /assets/app/utility/mixpanel-3f1d5ec662c8c7b1ad9441de5e9f2c5fd062b4afe122822972a82721eddf8fc9.js HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 723
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 19:30:43 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Mon, 05 Sep 2022 04:54:37 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RGvwA-OI-ap55uujpbe91TRGFm9ZKJlNMlDD1vq6tdfO3L9duFIuzg==
age: 71754
X-Firefox-Spdy: h2
d1mm04003omuon.cloudfront.net/assets/application-cc5a8cf780bdb033aec654465ba9cababe9de75fbc777518d58945d2f992fcf1.js
54.230.245.49200 OK 177 kB URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/application-cc5a8cf780bdb033aec654465ba9cababe9de75fbc777518d58945d2f992fcf1.js
IP 54.230.245.49:0
File type ASCII text, with very long lines (32738)
Size 177 kB (176834 bytes)
Hash 5c1f7404998ed72f6f1a735b25f0c257
2936b781ed746e37273c48ee18433904f3877399
850cd2cacbafa2457aa1b2e76aa3579737bec54ef4befd383556e7e108395fe5
GET /assets/application-cc5a8cf780bdb033aec654465ba9cababe9de75fbc777518d58945d2f992fcf1.js HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 176834
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 19:30:44 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Mon, 05 Sep 2022 06:24:19 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DmOB2FNgF2fvPsS3tyWnSeZQ_VPNofWlFk8wrn_NpZjGr2Sa58lMBg==
age: 66372
X-Firefox-Spdy: h2
cdn.ravenjs.com/3.27.0/raven.min.js
151.101.130.217200 OK 14 kB URL HTTP/2 cdn.ravenjs.com/3.27.0/raven.min.js
IP 151.101.130.217:0
File type Unicode text, UTF-8 text, with very long lines (32021)
Hash 19107e80f91aab694ef54aeb96b2afd0
52a01049fcc168081b6c8b099f341a13d90a6e9d
fa8bf140dfcaaecda524b08b77da6f566a9519d6620e51933be92b72e1f18071
GET /3.27.0/raven.min.js HTTP/1.1
Host: cdn.ravenjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Origin: https://www.healthsherpa.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 04 Sep 2018 11:06:00 GMT
etag: "0619f39d264c6bebca4693c54dd8a468"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 00:50:31 GMT
age: 79427
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
timing-allow-origin: *
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-length: 13741
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3680ddc9d427620db68d57a71a38d3f0
8bc5592390e1d48a977b6ced2aac6e3b16fc6812
d706818748577a8acf201e234c1dbe3efb039a35fd78596e0af6dd20dfae5dea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4127
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:31 GMT
Last-Modified: Mon, 05 Sep 2022 23:41:44 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleoptimize.com/optimize.js?id=OPT-W922KHQ
142.250.74.46200 OK 41 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-W922KHQ
IP 142.250.74.46:0
File type ASCII text, with very long lines (1615)
Hash 846659dcf32c77bc5ce9bd760e3f2822
2f172a13dc19dd86ab93665bb4233f94d404d89c
34e2e3ab9c9aaf329470b7fc59ca0193db36969e6757199b3d52afc6649439e9
GET /optimize.js?id=OPT-W922KHQ HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 00:50:31 GMT
expires: Tue, 06 Sep 2022 00:50:31 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41202
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-851413600
142.250.74.72200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-851413600
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 2906ab1c1d63dd773eac2456f8d832b8
9aa2986010951508a62a442b3a876cc07c634dbf
93a7f915f1bfd2043936026c302e860e4c59f7ebe2e4e3076d1e0f58dcec6fa1
GET /gtag/js?id=AW-851413600 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 00:50:31 GMT
expires: Tue, 06 Sep 2022 00:50:31 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45925
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.healthsherpa.com/assets/agent-index_1.png
54.86.224.22200 OK 16 kB URL HTTP/1.1 www.healthsherpa.com/assets/agent-index_1.png
IP 54.86.224.22:0
File type PNG image data, 840 x 630, 8-bit colormap, non-interlaced\012- data
Hash af9b90eb41ce760c4ad7e4d0336ddfa5
eef36174ecb1844f4f2bf57dfae39ad045d3c29a
f016c73d9b028afafbf7dd869a2745954a33d9ea1fe3d9b3541880f468ccbc7d
GET /assets/agent-index_1.png HTTP/1.1
Host: www.healthsherpa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/?_agent_id=Magnusonins
Connection: keep-alive
Cookie: experiment_guest_identifier=a6bcaf43c2e32c446e3b24da5e86ab8c; googtrans=%2Fen%2Fen; _hs_prod_session_key_2020_08_09=dad2d996c82356f8c2b5e7bdaa124e4c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 15549
Content-Type: image/png
Last-Modified: Thu, 25 Aug 2022 11:57:24 GMT
Strict-Transport-Security: max-age=631138519
Vary: Origin
Via: 1.1 spaces-router (a302eeabfffb)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block
Date: Tue, 06 Sep 2022 00:50:31 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.217.237.91101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.217.237.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YYJlpmsWTsAzebAEW2ul8w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UBVpBOXmEEraWUjTXUNlonqp/ZQ=
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 5146753abe311a52f036ce612e41b050
e1f20a46d138dbc1044bcc41327ffa78d17f6b41
cb6d101e159edbf46ee40c8b6547df6c70939208c764fa41f73ec84820f47e3a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 00:50:31 GMT
Last-Modified: Mon, 05 Sep 2022 23:11:48 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aSrSQA_GjxlDqBNP5PHD_O2UYQ8T07LLS5Vzqtd-nFx3L5JRhsLeLQ==
Age: 5923
d1mm04003omuon.cloudfront.net/assets/analytics-fe7da4924497ccf27a1dbee176ad860d0fba060bccc18ab3febb410d0e5606b9.js
54.230.245.49200 OK 563 B URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/analytics-fe7da4924497ccf27a1dbee176ad860d0fba060bccc18ab3febb410d0e5606b9.js
IP 54.230.245.49:0
File type ASCII text, with very long lines (1621), with no line terminators
Hash cac7f87e7f26d389ad21398f517c0c41
1a1e4a5e95e7edc5b110804d52035b4d76d798c7
44b5ea1f143e3857e6364e12613522023d9f89dd1e86e6ca3cbccf81b1840ee8
GET /assets/analytics-fe7da4924497ccf27a1dbee176ad860d0fba060bccc18ab3febb410d0e5606b9.js HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 563
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zEkzdcWfuq1EoO42_98DVC4_Rlr9YySzy25GfWwd4aY8tFanelogMQ==
X-Firefox-Spdy: h2
d1mm04003omuon.cloudfront.net/assets/app/utility/agent_attribution-60f62b35da3753d22e730c0cb95e376c67035280b86c4e60f3f7262725ab8f95.js
54.230.245.49200 OK 213 B URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/app/utility/agent_attribution-60f62b35da3753d22e730c0cb95e376c67035280b86c4e60f3f7262725ab8f95.js
IP 54.230.245.49:0
File type ASCII text, with very long lines (327), with no line terminators
Hash a1f9082014752397620ecdc1ac0f3a2e
409acd2ea70eca374d8da959ec212da6c3c9db4e
698ed4c6c42aa5ca5dc5e0ded6b596f7082cc4d854b1423527373eacd1bc7732
GET /assets/app/utility/agent_attribution-60f62b35da3753d22e730c0cb95e376c67035280b86c4e60f3f7262725ab8f95.js HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 213
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RmV7-hSE2xIJhChtLm-I9fpZJ1Zol1WTZmTl-H-6y5PfNhvkFJV1mw==
X-Firefox-Spdy: h2
d1mm04003omuon.cloudfront.net/assets/app/utility/browser-4bb9fd2422a5c08b1c8d2d86afba93c4debe1a16d51ad6a272108f038e38aa8c.js
54.230.245.49200 OK 166 B URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/app/utility/browser-4bb9fd2422a5c08b1c8d2d86afba93c4debe1a16d51ad6a272108f038e38aa8c.js
IP 54.230.245.49:0
File type ASCII text, with no line terminators
Hash ae6b79c5d5df6b991b0561b70d0042aa
d20a4e41c8ecc2b04feab5df37be199490d0f49b
3ff74f608b9890e02a521373378de01d355a0298a1be02d0254dfdc16dde1786
GET /assets/app/utility/browser-4bb9fd2422a5c08b1c8d2d86afba93c4debe1a16d51ad6a272108f038e38aa8c.js HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 166
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0vpsvNZv4FnT89NjM4Qv16UDJw2LpLLyp06d2zAIWG-GL-RFO9uiIA==
X-Firefox-Spdy: h2
www.healthsherpa.com/assets/agent-index_2.png
54.86.224.22200 OK 42 kB URL HTTP/1.1 www.healthsherpa.com/assets/agent-index_2.png
IP 54.86.224.22:0
File type PNG image data, 840 x 634, 8-bit colormap, non-interlaced\012- data
Hash d649e176650be39b050d4fef14c05f40
ed43c641f61fe11d479369d4008b0e7bc6cfb202
4cb07be7351be25135bc9884fc3b74b80766172099540d8f9389ad3e8e0164e3
GET /assets/agent-index_2.png HTTP/1.1
Host: www.healthsherpa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/?_agent_id=Magnusonins
Connection: keep-alive
Cookie: experiment_guest_identifier=a6bcaf43c2e32c446e3b24da5e86ab8c; googtrans=%2Fen%2Fen; _hs_prod_session_key_2020_08_09=dad2d996c82356f8c2b5e7bdaa124e4c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 41695
Content-Type: image/png
Last-Modified: Thu, 25 Aug 2022 11:57:24 GMT
Strict-Transport-Security: max-age=631138519
Vary: Origin
Via: 1.1 spaces-router (a302eeabfffb)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block
Date: Tue, 06 Sep 2022 00:50:31 GMT
d1mm04003omuon.cloudfront.net/assets/Avenir/AvenirRoman/AvenirLTStd-Roman.woff2
54.230.245.49200 OK 23 kB URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/Avenir/AvenirRoman/AvenirLTStd-Roman.woff2
IP 54.230.245.49:0
File type Web Open Font Format (Version 2), TrueType, length 22960, version 1.1900\012- data
Hash 0537e1c92731d8c7203a611e959c363d
75ea05a04fb226360cbf5bcd4d3ca549035cd82a
db7001c9f7d34d75bf8c9e755923e9ccbc20b1ef3b65404929a035da331cf7a4
GET /assets/Avenir/AvenirRoman/AvenirLTStd-Roman.woff2 HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.healthsherpa.com
Connection: keep-alive
Referer: https://d1mm04003omuon.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 22960
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 3628800
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NxN8E-AqvCvUJZkbe3EUK6ZmDp8e6WesR9IGoQullow9tTaiAn98Jw==
age: 46613
X-Firefox-Spdy: h2
d1mm04003omuon.cloudfront.net/assets/Avenir/AvenirHeavy/AvenirLTStd-Heavy.woff2
54.230.245.49200 OK 22 kB URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/Avenir/AvenirHeavy/AvenirLTStd-Heavy.woff2
IP 54.230.245.49:0
File type Web Open Font Format (Version 2), TrueType, length 22369, version 1.1900\012- data
Hash c5d78fdcd0ef29404c592f09117e6818
d7cb45d08f18cdd060954e79f3fa5ed1465cb25e
c0a62377115fabfd142efc4b6d5a5c19da3e212aa3ac6d7cef934ceec078d715
GET /assets/Avenir/AvenirHeavy/AvenirLTStd-Heavy.woff2 HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.healthsherpa.com
Connection: keep-alive
Referer: https://d1mm04003omuon.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 22369
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 3628800
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tRvXdCP_9GpTAwVMDuZn28T_GypVqxsDbY36TlULtR9nc4ryv2E4dg==
age: 46613
X-Firefox-Spdy: h2
www.healthsherpa.com/assets/agent-index_3.jpg
54.86.224.22200 OK 46 kB URL HTTP/1.1 www.healthsherpa.com/assets/agent-index_3.jpg
IP 54.86.224.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 840x630, components 3\012- data
Hash ab56b715e6504d992d8273ee70383516
2a2dc2f37adb85adb25a3324b9911ff5823b8403
5f677676f090d5ff47454d72f2781cd9d6cfd39f0ee12edb0ee0da9b5d21341e
GET /assets/agent-index_3.jpg HTTP/1.1
Host: www.healthsherpa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/?_agent_id=Magnusonins
Connection: keep-alive
Cookie: experiment_guest_identifier=a6bcaf43c2e32c446e3b24da5e86ab8c; googtrans=%2Fen%2Fen; _hs_prod_session_key_2020_08_09=dad2d996c82356f8c2b5e7bdaa124e4c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 45785
Content-Type: image/jpeg
Last-Modified: Thu, 25 Aug 2022 11:57:24 GMT
Strict-Transport-Security: max-age=631138519
Vary: Origin
Via: 1.1 spaces-router (a302eeabfffb)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block
Date: Tue, 06 Sep 2022 00:50:31 GMT
s3.amazonaws.com/healthsherpa_photos/whitelabels/logo_images/000/131/007/original/Full_Logo.jpg?1637011746
52.217.140.80200 OK 75 kB URL HTTP/1.1 s3.amazonaws.com/healthsherpa_photos/whitelabels/logo_images/000/131/007/original/Full_Logo.jpg?1637011746
IP 52.217.140.80:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 334x200, components 3\012- data
Hash e2d4647b9b51c4fcbc2d8a6ceeb5d1d6
5019489be9ee25c5a1754d732b3b072563905e20
78ffe0e238f29d511c72256c5910175b875f0d645443808b730956b85619a473
GET /healthsherpa_photos/whitelabels/logo_images/000/131/007/original/Full_Logo.jpg?1637011746 HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: pLAn87IdP9End8S6z4r638rWmG4uZZR6oD83Vr8ayQXPWVWfC+l5WS1P38nM/q65kAPHcLws2cg=
x-amz-request-id: A2WJGEA0N7KGA3YR
Date: Tue, 06 Sep 2022 00:50:32 GMT
Last-Modified: Mon, 15 Nov 2021 21:29:07 GMT
ETag: "e2d4647b9b51c4fcbc2d8a6ceeb5d1d6"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 75161
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15287
Expires: Tue, 06 Sep 2022 05:05:19 GMT
Date: Tue, 06 Sep 2022 00:50:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15287
Expires: Tue, 06 Sep 2022 05:05:19 GMT
Date: Tue, 06 Sep 2022 00:50:32 GMT
Connection: keep-alive
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
104.18.10.207200 OK 6.7 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (27303)
Hash 478239f0b5ded07fe31cd64c63e3682a
ebba8a0720b4361c21ee465c719bf983eefa3e80
3fcc6086bd4864b7f5b9a8b87efe6728e518e73824573c8cea1a66b2acb8ae16
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 00:50:31 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 7869679
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74633600edd10b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15287
Expires: Tue, 06 Sep 2022 05:05:19 GMT
Date: Tue, 06 Sep 2022 00:50:32 GMT
Connection: keep-alive
global.localizecdn.com/localize.js
104.22.25.166200 OK 33 kB URL HTTP/2 global.localizecdn.com/localize.js
IP 104.22.25.166:0
File type ASCII text, with very long lines (60353), with no line terminators
Hash fc5f5b53b8656126817b55e40098eb69
d774c220bc1a0a46063636a5a64127f236828f47
280a31f7381bbb4241443df3abf1f8495ecfb857d31144fdd78f758ec044b263
GET /localize.js HTTP/1.1
Host: global.localizecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 00:50:31 GMT
content-type: application/javascript
cache-control: public, max-age=259200
cf-bgj: minify
age: 25473
etag: W/"f937a111b82f58ce64d22a6eb24c3cbf"
last-modified: Wed, 27 Jul 2022 14:29:16 GMT
vary: Accept-Encoding
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-id: lDNISt6Knk4WOf0eKrk2SyCGtSQpI-VEUwwbNrU1Oh8OJSuqn0rgiw==
x-amz-cf-pop: OSL50-P1
x-amz-meta-x-amz-meta-v: 461
x-amz-server-side-encryption: AES256
x-amz-version-id: zICVQyBlCzZcnHC4xSz9rWz0K9YHNFB_
x-cache: Hit from cloudfront
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74633600edd20b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0efc32eccbf76ac0d89f324d09a7fd1f
f8589eb3907582137d8b9373af745d80eddbf1bb
ee0f5e56c97e50e1c20801ad0a5379982feef16a11137f784f404d14e9c65824
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6482
x-amzn-requestid: 5e5b342b-0224-4916-8656-237b4c90ae66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-5FaYIAMFzjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-412f897b451130af70026eab;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kD_wcIHwmUDV9M9Pl2NtUwRw0CElnHhX6NGZ5PQlnchvdxpLAZhm0w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:46:42 GMT
etag: "f8589eb3907582137d8b9373af745d80eddbf1bb"
content-type: image/jpeg
age: 11030
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d13129-50cd-414b-b7d2-918afd9144b6.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d13129-50cd-414b-b7d2-918afd9144b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bf0314072a1c7cc981f0640ee708c25
47109d3c10438ee4a598d60e43c6f92645eaf0c9
31cc505951d7d9ced676d6b4c600e986bdd835e44ff67a65d1138552291abcbf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d13129-50cd-414b-b7d2-918afd9144b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7677
x-amzn-requestid: e1fcebb9-140c-4a2d-bcb2-79e192757079
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYH6EQgIAMFR4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d65-62f355c751c3c7250070ed91;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:43:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3Rjz2v5eU-sicy0iBG2nxIA4DTp878y_igYE4eyXkGXBaqDvB3TbMg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:58:51 GMT
etag: "47109d3c10438ee4a598d60e43c6f92645eaf0c9"
content-type: image/jpeg
age: 10301
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 08:13:35 GMT
age: 59817
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41c7f9a9-3c6b-4941-9798-9ec7dacff0e6.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41c7f9a9-3c6b-4941-9798-9ec7dacff0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fba6ee2bc4b89cbba972478520565d2
204faf6513d9145bc8412b8b6bcedd7c70a1ba2c
9a2b97e196232b9ee8d36045ec97bb7d573609f1ae18c56cb158c7c1ab2ed9a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41c7f9a9-3c6b-4941-9798-9ec7dacff0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8146
x-amzn-requestid: 41398033-67f0-4a17-863d-db69747514ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYIYG8GoAMFhWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d68-09abc90f73f3cc2a1a629840;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iocOBWse_L_nfOvUKE11ocxHZxLEgcjWV_CIbvAjAxt9IEl0eoTKjg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:11:09 GMT
etag: "204faf6513d9145bc8412b8b6bcedd7c70a1ba2c"
content-type: image/jpeg
age: 9563
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 05:19:01 GMT
age: 70291
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d1mm04003omuon.cloudfront.net/assets/favicon-09669fe2059b9eed9f10010870f87b15d5fda20b89ce6c2d1af432bedd9f1c9e.ico
54.230.245.49200 OK 33 kB URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/favicon-09669fe2059b9eed9f10010870f87b15d5fda20b89ce6c2d1af432bedd9f1c9e.ico
IP 54.230.245.49:0
File type MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 974161a4fa05da089067e2f46e1bda41
6648d91b06fb86b7029d9dcdfbf2cca89497832a
09669fe2059b9eed9f10010870f87b15d5fda20b89ce6c2d1af432bedd9f1c9e
GET /assets/favicon-09669fe2059b9eed9f10010870f87b15d5fda20b89ce6c2d1af432bedd9f1c9e.ico HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 32988
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:32 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pC7r2ejOiTusF-lezB5yMcPhZTt0k2xCD4Ct0YIhVhh3FudJd5avjw==
age: 46613
X-Firefox-Spdy: h2
d1mm04003omuon.cloudfront.net/assets/apple-touch-icon-iphone-144-76dce6e0c364c2d98d91ffc3ac1d2b05da28ae17bda231dd392f13db6992b717.png
54.230.245.49200 OK 2.5 kB URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/apple-touch-icon-iphone-144-76dce6e0c364c2d98d91ffc3ac1d2b05da28ae17bda231dd392f13db6992b717.png
IP 54.230.245.49:0
File type PNG image data, 144 x 144, 8-bit colormap, non-interlaced\012- data
Hash 6b76c603ccba3aa0071ad8cfdc365150
7c71e57fc5f89fa3630005f8cb735de1e1a2e579
76dce6e0c364c2d98d91ffc3ac1d2b05da28ae17bda231dd392f13db6992b717
GET /assets/apple-touch-icon-iphone-144-76dce6e0c364c2d98d91ffc3ac1d2b05da28ae17bda231dd392f13db6992b717.png HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2527
last-modified: Thu, 25 Aug 2022 11:57:24 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Mon, 05 Sep 2022 09:28:15 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -63FJypx4wJKye71do4idFfD3DCjsg95KSTeIjo3MEHVqP0gB6orRQ==
age: 55337
X-Firefox-Spdy: h2
js.hscollectedforms.net/collectedforms.js
104.17.127.171200 OK 47 kB URL HTTP/2 js.hscollectedforms.net/collectedforms.js
IP 104.17.127.171:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 54dbbba63adbe4a4d20e05549602d284
f48c99050adef4104d96ac59fbe7441fdd709ee5
8e1d3c134ba5dc6cc613df2e6a1b9054f4b560e2a46cf8e04c448c76c931d667
GET /collectedforms.js HTTP/1.1
Host: js.hscollectedforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Origin: https://www.healthsherpa.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 00:50:34 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Mon, 18 Jul 2022 02:17:32 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: gdKWpz_yvObw8s97wY_QgOhrdmJzIElp
etag: W/"877e5f54a66a69786dec54038d0864c4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 3c84f89bba43de446e67a27b8df8b660.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amz-cf-id: 7HRETvxU-rBLLstX9bIVIkCz_ckWME6F3frbCMPAEKevOooJbVNoKg==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.285/bundles/project.js&cfRay=745df47ba83ec7e7-IAD
x-hs-target-asset: collected-forms-embed-js/static-1.285/bundles/project.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 746336139ce7fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.hs-banner.com/21715791.js
172.64.154.85200 OK 15 kB URL HTTP/2 js.hs-banner.com/21715791.js
IP 172.64.154.85:0
File type ASCII text, with very long lines (60657)
Hash 96336f8730eda25439e006d1aef66281
6e8cdb0f484b214cdc9cf8e662217fad5c9f28bd
7f3830404157c4a5f177ec1d4725ba75cd19855c01feb694cc4738ab86b37127
GET /21715791.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 00:50:34 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: vmWumeFXLlKJsAUuxtFasV1cwl2MttTRzxHLxjwox4s4Tg/KbF+pKUeAPkYl3pdr4/rB6hh1uH4=
x-amz-request-id: NBNGZ299BS6DMWGD
last-modified: Wed, 31 Aug 2022 00:06:43 GMT
etag: W/"683500ff6a578b49635fbd3fa4635370"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: ezrA_xqhtfGhFOY2LqGjAfvUwVISHdfe
access-control-allow-origin: https://www.healthsherpa.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
expires: Tue, 06 Sep 2022 00:55:34 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 746336139b590b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.hsadspixel.net/fb.js
104.17.115.176200 OK 3.6 MB IP 104.17.115.176:0
File type ASCII text, with very long lines (5272)
Size 3.6 MB (3594890 bytes)
Hash b9ace5c28c2e0ad15baef10c117790b5
8724b51776068dd1ddf8e2829976cb20861a783f
7f0ebef62e0936e080bcec585ca205df13af814ec0869bc56f4d2ba8e5f7eb2e
GET /fb.js HTTP/1.1
Host: js.hsadspixel.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 00:50:34 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 29 Aug 2022 02:24:13 UTC
etag: W/"b87a46225f6f8c23b129956fa811f1ce"
x-amz-server-side-encryption: AES256
x-amz-version-id: 7UJo2wwrqBK17_VnZoHwOb7a4zSK2Hcf
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e030eb9e2523dd8af200ce39f28ca642.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amz-cf-id: _KxfQvWkl1vXDcXbH-Bx20YndvxqohaSSAm3do742XT6rbnXtnOh3w==
age: 183
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.291/bundles/pixels-release.js&cfRay=745bccc32e1bb4f9-IAD
x-hs-target-asset: adsscriptloaderstatic/static-1.291/bundles/pixels-release.js
x-hs-cache-status: HIT
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 746336139e93b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2
104.16.89.5200 OK 35 B URL HTTP/2 forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2
IP 104.16.89.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2 HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 00:50:34 GMT
content-type: image/gif
content-length: 35
x-trace: 2B74F6E8718BA8ED0A529E50A43E7167F9FC73AB97000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: Accept-Encoding
x-hubspot-correlation-id: d0e042ba-cf88-4340-a273-335d10cc15e3
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74633617ec18b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 06 Sep 2022 00:41:12 GMT
expires: Tue, 06 Sep 2022 02:41:12 GMT
cache-control: public, max-age=7200
age: 563
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 8d3c1e0d0f82cd77e6b7cb243c6ba28c
4ecfce87da65b52cdeea0bd2690c08e4f764822c
e4f603db70435f62863fe6ee0a1e671342e9758da5efeac9f42c3611bf0194e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1495
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:35 GMT
Last-Modified: Tue, 06 Sep 2022 00:25:40 GMT
Server: ECS (amb/6BBD)
X-Cache: HIT
Content-Length: 727
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3df811ac19fde08f49ef246c29cef161
e1c8d54b357adaf32e80427028cc884fa35959e0
e2749178e0bf0c4045a96388a58029ddd92d13a866021737864cd68e11317292
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.mxpnl.com/libs/mixpanel-2.2.min.js
130.211.5.208200 OK 17 kB URL HTTP/2 cdn.mxpnl.com/libs/mixpanel-2.2.min.js
IP 130.211.5.208:0
File type ASCII text, with very long lines (755)
Hash bea784dce86d30e1f2e59387f85cccb6
90665d4cc2e3f1e8c6da1247096c0af28b70ae04
b2cd7990f63541592edc32f6499848c857e53b931f51f0ce877de53e3402405b
GET /libs/mixpanel-2.2.min.js HTTP/1.1
Host: cdn.mxpnl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtGXgvykGO9rbFp5-gvPmb_GqHS8Yi-h-N7bo6vLCzB80oUPM9uMLK_S1UaHABsKA3a_eAXdHgdVNqkAvwQ7v1e5EXHC6_7
x-goog-generation: 1645129320773308
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 17435
content-encoding: gzip
x-goog-hash: crc32c=OghQVA==, md5=vqeE3OhtMOHy5ZOH+FzMtg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 17435
access-control-allow-origin: *
server: UploadServer
date: Tue, 06 Sep 2022 00:43:58 GMT
expires: Tue, 06 Sep 2022 00:53:58 GMT
cache-control: public,max-age=600
age: 397
last-modified: Thu, 17 Feb 2022 20:22:00 GMT
etag: "bea784dce86d30e1f2e59387f85cccb6"
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1623)
Hash 4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 06 Sep 2022 00:50:35 GMT
expires: Tue, 06 Sep 2022 00:50:35 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 8d3c1e0d0f82cd77e6b7cb243c6ba28c
4ecfce87da65b52cdeea0bd2690c08e4f764822c
e4f603db70435f62863fe6ee0a1e671342e9758da5efeac9f42c3611bf0194e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1495
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:35 GMT
Last-Modified: Tue, 06 Sep 2022 00:25:40 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 727
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 80f29cbbe260408ee1418a6fbce5a537
96cfe52bcf90cfdba5cba7907d49a91f44adc032
de264b42b7c59bdadf606387adaca04af680705a947096d048f288c3e5be8517
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76c6ad39ad355f829170427e9076311a
26a82c7dd26986900a4964464e43d9837dfef1f8
40c6ca74d92e002befb684bce24ba4714c260ba30918cc4e9a4bb02ed4f809dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41027940-2&cid=1163845859.1662425430&jid=98947530&gjid=511334160&_gid=1577919078.1662425430&_u=YEDAAEAAAAAAAC~&z=1837902463
142.251.1.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41027940-2&cid=1163845859.1662425430&jid=98947530&gjid=511334160&_gid=1577919078.1662425430&_u=YEDAAEAAAAAAAC~&z=1837902463
IP 142.251.1.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41027940-2&cid=1163845859.1662425430&jid=98947530&gjid=511334160&_gid=1577919078.1662425430&_u=YEDAAEAAAAAAAC~&z=1837902463 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.healthsherpa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.healthsherpa.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Sep 2022 00:50:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76c6ad39ad355f829170427e9076311a
26a82c7dd26986900a4964464e43d9837dfef1f8
40c6ca74d92e002befb684bce24ba4714c260ba30918cc4e9a4bb02ed4f809dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da4692f1529a23a6cfb04391e382c936
7befa8be966f1128ff3c25be47986e7fa7087de9
d8460cc7719813509b4e38be06b8d184306f9451695c3e1974c1d06e5c29039c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/851413600/?random=1662425430267&cv=9&fst=1662425430267&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3DsetLanguage%3Bevent_category%3DLocalize%3Bevent_action%3DsetLanguage%3Bevent_label%3Den%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&tiba=HealthSherpa%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&auid=609657622.1662425430&hn=www.google.com&async=1&rfmt=3&fmt=4
172.217.21.162200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/851413600/?random=1662425430267&cv=9&fst=1662425430267&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3DsetLanguage%3Bevent_category%3DLocalize%3Bevent_action%3DsetLanguage%3Bevent_label%3Den%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&tiba=HealthSherpa%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&auid=609657622.1662425430&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2580), with no line terminators
Hash e4d103e781532a148f8cef4b2e970288
11c9fb1eb369180f2fe98de9f9c414a7df7a6deb
3d152c98a2ec51afe9147358c2481711aba5ed768221daedc0ba9278aadb1145
GET /pagead/viewthroughconversion/851413600/?random=1662425430267&cv=9&fst=1662425430267&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3DsetLanguage%3Bevent_category%3DLocalize%3Bevent_action%3DsetLanguage%3Bevent_label%3Den%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&tiba=HealthSherpa%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&auid=609657622.1662425430&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 00:50:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1120
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Sep-2022 01:05:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/851413600/?random=1662425430252&cv=9&fst=1662425430252&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&tiba=HealthSherpa%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&auid=609657622.1662425430&hn=www.google.com&async=1&rfmt=3&fmt=4
172.217.21.162200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/851413600/?random=1662425430252&cv=9&fst=1662425430252&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&tiba=HealthSherpa%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&auid=609657622.1662425430&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2378), with no line terminators
Hash 8bcc2214069b308cefe9f92071e19a8d
cf5dbce45c42cf66deb581e0006b1a063056e900
31fdaac6fb821995d889cc6882c080da8fb9acf939ffda77cd5da8b58ed021e3
GET /pagead/viewthroughconversion/851413600/?random=1662425430252&cv=9&fst=1662425430252&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&tiba=HealthSherpa%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&auid=609657622.1662425430&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 00:50:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1078
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Sep-2022 01:05:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/851413600/?random=1662425430254&cv=9&fst=1662425430254&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&tiba=HealthSherpa%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&auid=609657622.1662425430&hn=www.google.com&async=1&rfmt=3&fmt=4
172.217.21.162200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/851413600/?random=1662425430254&cv=9&fst=1662425430254&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&tiba=HealthSherpa%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&auid=609657622.1662425430&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2378), with no line terminators
Hash 1709abe3395875c97659e3c447e3573f
467cbac1338fff7cd8ca51b9e5cdebcde8bc6cbd
7d25061f17344f6551ab7c51fbbf1985fcfb5be2bb854e87a82afc101bfee04c
GET /pagead/viewthroughconversion/851413600/?random=1662425430254&cv=9&fst=1662425430254&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&tiba=HealthSherpa%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&auid=609657622.1662425430&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 00:50:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1074
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Sep-2022 01:05:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41027940-2&cid=1163845859.1662425430&jid=98947530&_u=YEDAAEAAAAAAAC~&z=1088665666
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41027940-2&cid=1163845859.1662425430&jid=98947530&_u=YEDAAEAAAAAAAC~&z=1088665666
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41027940-2&cid=1163845859.1662425430&jid=98947530&_u=YEDAAEAAAAAAAC~&z=1088665666 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 00:50:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da4692f1529a23a6cfb04391e382c936
7befa8be966f1128ff3c25be47986e7fa7087de9
d8460cc7719813509b4e38be06b8d184306f9451695c3e1974c1d06e5c29039c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3.amazonaws.com/healthsherpa_photos/whitelabels/custom_hero_images/000/131/007/original/open-uri20211115-22-1luupmt?1637011849
52.217.140.80200 OK 2.8 MB URL HTTP/1.1 s3.amazonaws.com/healthsherpa_photos/whitelabels/custom_hero_images/000/131/007/original/open-uri20211115-22-1luupmt?1637011849
IP 52.217.140.80:0
File type PNG image data, 1550 x 1550, 8-bit/color RGBA, non-interlaced\012- data
Size 2.8 MB (2787440 bytes)
Hash 0672622c8f40feb0359e85ee9fda1112
513a028a1aca8a020999c3a33ee32140d32cd03d
1a8623d6e0da32fb2e115862b7a62ae6261311e9b524845803b930521acad1c3
GET /healthsherpa_photos/whitelabels/custom_hero_images/000/131/007/original/open-uri20211115-22-1luupmt?1637011849 HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: SaSWm6yfk7V26EpuTHKfRSaIzB9d9j9h78x3gJnYWoWDWugfWc6J2zmQMXkfY9NT1PD0RBwlFlU=
x-amz-request-id: NBNWMWDFWKRCFV2V
Date: Tue, 06 Sep 2022 00:50:35 GMT
Last-Modified: Mon, 15 Nov 2021 21:30:50 GMT
ETag: "0672622c8f40feb0359e85ee9fda1112"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 2787440
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 00:50:35 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 293
x-timer: S1662425436.766149,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07869ddc8aa688fe8a93876ef1264055
636614db9c01c03fcc2d10f5f949b513e1a338c9
ab8f4fcf2e21b2e44d69d6e4a6478a7eb6cf8e451202c7dc2854ef68b8e91b2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5370
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:35 GMT
Last-Modified: Mon, 05 Sep 2022 23:21:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 53e4933126779cbf269a5819d467ad4b
1c3c6b27a0660a44717be304d90834cf2f9cf3ce
ed5ad968f7d95b37c817e86b54062702bef60b1ffd3977248aad23072af06b87
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: dXTn/UhwhOhfB6AJLN5Xn8KuXVlW5Mu1zqRZrVBI8KoBkPlBrh3s1j429QkFpJ8LduTXKMtsyfe0koMRUF6WRA==
content-length: 26752
x-fb-trip-id: 2050670934
date: Tue, 06 Sep 2022 00:50:35 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07869ddc8aa688fe8a93876ef1264055
636614db9c01c03fcc2d10f5f949b513e1a338c9
ab8f4fcf2e21b2e44d69d6e4a6478a7eb6cf8e451202c7dc2854ef68b8e91b2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5370
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 00:50:35 GMT
Last-Modified: Mon, 05 Sep 2022 23:21:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
bam.nr-data.net/1/NRJS-bd4f2a578e1bec3d82f?a=585848406&v=1216.487a282&to=JQ1cEUFbW1sEFBdGEgcWWwZAG15ZBQNA&rst=5832&ck=1&ref=https://www.healthsherpa.com/&qt=1&ap=144&be=1001&fe=5769&dc=4225&perf=%7B%22timing%22:%7B%22of%22:1662425424977,%22n%22:0,%22f%22:347,%22dn%22:361,%22dne%22:404,%22c%22:407,%22s%22:506,%22ce%22:724,%22rq%22:724,%22rp%22:724,%22rpe%22:724,%22dl%22:984,%22di%22:4163,%22ds%22:4224,%22de%22:4477,%22dc%22:5767,%22l%22:5767,%22le%22:5778%7D,%22navigation%22:%7B%7D%7D&fcp=1754&jsonp=NREUM.setToken
162.247.241.14200 OK 68 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-bd4f2a578e1bec3d82f?a=585848406&v=1216.487a282&to=JQ1cEUFbW1sEFBdGEgcWWwZAG15ZBQNA&rst=5832&ck=1&ref=https://www.healthsherpa.com/&qt=1&ap=144&be=1001&fe=5769&dc=4225&perf=%7B%22timing%22:%7B%22of%22:1662425424977,%22n%22:0,%22f%22:347,%22dn%22:361,%22dne%22:404,%22c%22:407,%22s%22:506,%22ce%22:724,%22rq%22:724,%22rp%22:724,%22rpe%22:724,%22dl%22:984,%22di%22:4163,%22ds%22:4224,%22de%22:4477,%22dc%22:5767,%22l%22:5767,%22le%22:5778%7D,%22navigation%22:%7B%7D%7D&fcp=1754&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash a63df29d6e0417cc1d00d8743d0ae34c
4fe2dc626d476e9a32c8982587e33fbc8aaf7b0b
025635a81f1246880710db88c48cd051393836cfd7016eb9f4aac7ac7b739a4e
GET /1/NRJS-bd4f2a578e1bec3d82f?a=585848406&v=1216.487a282&to=JQ1cEUFbW1sEFBdGEgcWWwZAG15ZBQNA&rst=5832&ck=1&ref=https://www.healthsherpa.com/&qt=1&ap=144&be=1001&fe=5769&dc=4225&perf=%7B%22timing%22:%7B%22of%22:1662425424977,%22n%22:0,%22f%22:347,%22dn%22:361,%22dne%22:404,%22c%22:407,%22s%22:506,%22ce%22:724,%22rq%22:724,%22rp%22:724,%22rpe%22:724,%22dl%22:984,%22di%22:4163,%22ds%22:4224,%22de%22:4477,%22dc%22:5767,%22l%22:5767,%22le%22:5778%7D,%22navigation%22:%7B%7D%7D&fcp=1754&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 00:50:36 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7463361ddd680b06-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=7bbce255725727c0; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
www.facebook.com/tr/?id=302753557524537&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&rl=&if=false&ts=1662425431724&sw=1280&sh=1024&ud[external_id]=ef78fa3d063945a8778f5c3ede45aaf6&v=2.9.79&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1662425431723.1802675775&it=1662425430887&coo=false&rqm=GET
31.13.72.36200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=302753557524537&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&rl=&if=false&ts=1662425431724&sw=1280&sh=1024&ud[external_id]=ef78fa3d063945a8778f5c3ede45aaf6&v=2.9.79&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1662425431723.1802675775&it=1662425430887&coo=false&rqm=GET
IP 31.13.72.36:0
File type gzip compressed data, from Unix\012- data
Hash 2286cda71eded2215218e1c9418083f5
96fae48e0a2b2947d100151a9aee2ae472cff94a
2d257935559a15955b5b64dd71c5ed53a4f772290d0c47642ad94304f59b0d1a
GET /tr/?id=302753557524537&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&rl=&if=false&ts=1662425431724&sw=1280&sh=1024&ud[external_id]=ef78fa3d063945a8778f5c3ede45aaf6&v=2.9.79&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1662425431723.1802675775&it=1662425430887&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 00:50:36 GMT
expires: Tue, 06 Sep 2022 00:50:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=3350520925179830&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&rl=&if=false&ts=1662425431729&sw=1280&sh=1024&ud[external_id]=ef78fa3d063945a8778f5c3ede45aaf6&v=2.9.79&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1662425431723.1802675775&it=1662425430887&coo=false&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=3350520925179830&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&rl=&if=false&ts=1662425431729&sw=1280&sh=1024&ud[external_id]=ef78fa3d063945a8778f5c3ede45aaf6&v=2.9.79&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1662425431723.1802675775&it=1662425430887&coo=false&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=3350520925179830&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&rl=&if=false&ts=1662425431729&sw=1280&sh=1024&ud[external_id]=ef78fa3d063945a8778f5c3ede45aaf6&v=2.9.79&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1662425431723.1802675775&it=1662425430887&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 00:50:36 GMT
expires: Tue, 06 Sep 2022 00:50:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=920472751333090&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&rl=&if=false&ts=1662425431726&sw=1280&sh=1024&ud[external_id]=ef78fa3d063945a8778f5c3ede45aaf6&v=2.9.79&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1662425431723.1802675775&it=1662425430887&coo=false&rqm=GET
31.13.72.36200 OK 87 kB URL HTTP/2 www.facebook.com/tr/?id=920472751333090&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&rl=&if=false&ts=1662425431726&sw=1280&sh=1024&ud[external_id]=ef78fa3d063945a8778f5c3ede45aaf6&v=2.9.79&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1662425431723.1802675775&it=1662425430887&coo=false&rqm=GET
IP 31.13.72.36:0
File type gzip compressed data, from Unix\012- data
Hash 8ae416e62e83d8352ccd293f98d03cc7
106365d8a4227c11835b6bbc4f6bce99b0a1b8df
ff9781eb745f9ce48238799a4621ac99b76e82723744a9b2c379ea8e2e5b4ba6
GET /tr/?id=920472751333090&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3DMagnusonins&rl=&if=false&ts=1662425431726&sw=1280&sh=1024&ud[external_id]=ef78fa3d063945a8778f5c3ede45aaf6&v=2.9.79&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1662425431723.1802675775&it=1662425430887&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 00:50:36 GMT
expires: Tue, 06 Sep 2022 00:50:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1mm04003omuon.cloudfront.net/assets/react/client_bundle.b48e0d014171d885c53b.js
54.230.245.49200 OK 0 B URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/react/client_bundle.b48e0d014171d885c53b.js
IP 54.230.245.49:0
GET /assets/react/client_bundle.b48e0d014171d885c53b.js HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 22:32:30 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-encoding: gzip
date: Mon, 05 Sep 2022 05:28:01 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aCvp54PGLmOM8CZ0YIMz3FZJikInplbt58CqUDAkw_eNJ15mU6uihw==
age: 69750
X-Firefox-Spdy: h2
d1mm04003omuon.cloudfront.net/assets/react/vendor_bundle.47ee939047896f36d317.js
54.230.245.49200 OK 0 B URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/react/vendor_bundle.47ee939047896f36d317.js
IP 54.230.245.49:0
GET /assets/react/vendor_bundle.47ee939047896f36d317.js HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 22:32:30 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Tue, 06 Sep 2022 00:50:31 GMT
content-encoding: br
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: igN2Hp0a272AzjWdVtcfvaPOGkqmE8CBWyA6THWXi_Z4QDa_S2wUHw==
X-Firefox-Spdy: h2
api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=21715791
104.17.200.204200 OK 0 B URL HTTP/2 api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=21715791
IP 104.17.200.204:0
GET /hs-script-loader-public/v1/config/pixel/json?portalId=21715791 HTTP/1.1
Host: api.hubapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Origin: https://www.healthsherpa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 00:50:34 GMT
content-type: application/json;charset=utf-8
cf-ray: 746336175bc7b500-OSL
access-control-allow-origin: https://www.healthsherpa.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-max-age: 180
x-hubspot-correlation-id: 2697b2d4-b6e0-4b83-b495-cacc3bc5543f
x-trace: 2B45EB710FD951F42827C91C2634B9E20D2F71C475000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FD%2B9DgkKnL03QuHuuSE1VyabPXpLIZb1aKw5aAA4PFAQfXOydFU7DdXc5Mu4qxO8ct2PzdYRkRZYIGBZWeXSvinpQ5iJlSARzoWJM9n1p1MQha685TwzDuNgOTgkkIO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1mm04003omuon.cloudfront.net/assets/react/styles_client_bundle.b48e0d014171d885c53b.css
54.230.245.49200 OK 0 B URL HTTP/2 d1mm04003omuon.cloudfront.net/assets/react/styles_client_bundle.b48e0d014171d885c53b.css
IP 54.230.245.49:0
GET /assets/react/styles_client_bundle.b48e0d014171d885c53b.css HTTP/1.1
Host: d1mm04003omuon.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Fri, 02 Sep 2022 22:32:30 GMT
strict-transport-security: max-age=631138519
via: 1.1 spaces-router (a302eeabfffb), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-encoding: br
date: Mon, 05 Sep 2022 23:51:22 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pykM9mJGHVAN_J3y7kkfmJrf70IZsoHzW4nVdOiLoKvJuSIGzfS-wQ==
age: 3549
X-Firefox-Spdy: h2
js.hs-analytics.net/analytics/1662425400000/21715791.js
104.17.67.176200 OK 0 B URL HTTP/2 js.hs-analytics.net/analytics/1662425400000/21715791.js
IP 104.17.67.176:0
GET /analytics/1662425400000/21715791.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 00:50:35 GMT
content-type: text/javascript
x-amz-id-2: KAU3JHTrg2Hm6VFtZ5TEzvDR6sssNSdAXv9CYOQEwRSz3oisI6nF16GKlrwphELKjBGF3IOPQpd/RCbYgKqyVg==
x-amz-request-id: ZY8GCKM2311JZVWG
last-modified: Wed, 31 Aug 2022 15:15:33 GMT
etag: W/"231dc1fcd98514f166e4ab64cf2b6b75"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
expires: Tue, 06 Sep 2022 00:55:35 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 74633619bfd1b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
forms.hubspot.com/collected-forms/v1/config/json?portalId=21715791&utk=
104.19.154.83200 OK 0 B URL HTTP/2 forms.hubspot.com/collected-forms/v1/config/json?portalId=21715791&utk=
IP 104.19.154.83:0
GET /collected-forms/v1/config/json?portalId=21715791&utk= HTTP/1.1
Host: forms.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Origin: https://www.healthsherpa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 00:50:34 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
x-hubspot-correlation-id: b9c22864-c7f0-4efb-9fe5-23910aef3fe8
access-control-allow-credentials: false
access-control-allow-origin: https://www.healthsherpa.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-robots-tag: none
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=B_vEHHhOx7B7BNjy_99pGgvT0HiJyEjXpSBMvJa68wQ-1662425434-0-AdR8aEz/H5Ktig8xwK8SiKixGUZv2HFXTUl8W/5XHtIph767+2JXEqfoPPShaNWgXvVLcdlHqVtn9xiz/yl/fCA=; path=/; expires=Tue, 06-Sep-22 01:20:34 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0VArw6x2%2FwGJPgJIO0dfts9zbjPPx%2B2bkaKcGm7biADUxZdqxxQd0GlhPsrzMlLcS6i6jwCkKqV5tg4E4WMbyPOCWaVCyvWIjJRTEb8M8NVVHi5FzcNTLSXPHCOvqZwWf56"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74633616baabb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js-na1.hs-scripts.com/21715791.js
104.17.212.204200 OK 0 B URL HTTP/2 js-na1.hs-scripts.com/21715791.js
IP 104.17.212.204:0
GET /21715791.js HTTP/1.1
Host: js-na1.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.healthsherpa.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 00:50:31 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B2429A25C2D2F5731763874A7D0DE8698EB3D4A62000000000000000000
cache-control: public, max-age=30
vary: Accept-Encoding
x-hubspot-correlation-id: 8d4a51f4-68e9-4bc4-b163-fe5b764a8ad8
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.healthsherpa.com
last-modified: Mon, 05 Sep 2022 20:40:05 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 7463360129e9fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2