greenwichwellness.com/
143.204.55.72301 Moved Permanently 167 B IP 143.204.55.72:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: greenwichwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 29 Nov 2022 18:29:42 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://greenwichwellness.com/
X-Cache: Redirect from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: b4ZNAP3jnxSuryJ27P1OANHolhlZE37gUtSJfcn-pojqy2YO1kCx3Q==
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11228
Expires: Tue, 29 Nov 2022 21:36:50 GMT
Date: Tue, 29 Nov 2022 18:29:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2475
Cache-Control: max-age=146564
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 18:29:42 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:12:26 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 18:19:38 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 604
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6964
Expires: Tue, 29 Nov 2022 20:25:46 GMT
Date: Tue, 29 Nov 2022 18:29:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SZmS/CilgJL5I+cLYOEjoKIFY1GJQE3OOymP3o2SM0JYI2V1ryC4aY/ph6n+1lgtD4U/Ew4VP54=
x-amz-request-id: R162MB95WKYH0WQB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 17:45:33 GMT
age: 2649
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 18:29:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 3688bb3229d3374e63f19721aefed60c
0af71d48c832594bcf21183eac5e6a134453f771
6cf39e59a7b0b88adb5b1649ab7db53dff450ef4267ad54ecac075b6399fdf02
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152727
Date: Tue, 29 Nov 2022 18:29:42 GMT
Etag: "6386012d-1d7"
Expires: Thu, 01 Dec 2022 12:55:09 GMT
Last-Modified: Tue, 29 Nov 2022 12:55:09 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KyAZLtK5TGamIl7C4yXtWm7OqbDvGM2K493Dux5L713CVShb0H7Ztg==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 18:11:13 GMT
cache-control: public,max-age=3600
age: 1110
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5953
Cache-Control: max-age=144978
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 18:29:43 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:46:01 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
greenwichwellness.com/
143.204.55.96301 Moved Permanently 169 B IP 143.204.55.96:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 84855c13836b389d5ec7cfd4c9266173
1cf3056ff23c4176fd7ca9816a000ed461d6d323
502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: greenwichwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 169
location: https://www.greenwichwellness.com/
date: Tue, 29 Nov 2022 18:29:43 GMT
server: nginx/1.18.0
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JeSzGDzq3XHHuN-Vf8dObPw0Yusi9jC5lU7_KAFRtJH-S8ZO-DUDkA==
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: X9t0thYPoghWLLWAMbxnNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: puyS/UtLLIkUQiUwclk/x5r8EZs=
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash fbe2e3348a778d6af7ff66791013d170
074ab4fb9749e42356f190d0efdca46a8dc2ff8e
f490eb2a67510eecf21b82e17df3a6a0789e6afd201b56c26b3debb1119cf898
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105397
Date: Tue, 29 Nov 2022 18:29:44 GMT
Etag: "63854090-1d7"
Expires: Wed, 30 Nov 2022 23:46:21 GMT
Last-Modified: Mon, 28 Nov 2022 23:13:20 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BH5mQAFo_N5mPL4WV7f44h7C4HpmQRWl1wJWjr0v9SIiLZhlkOAQlA==
Age: 1981
sa1s3optim.patientpop.com/assets/images/provider/photos/2433499.png
54.230.111.88200 OK 3.7 kB URL HTTP/2 sa1s3optim.patientpop.com/assets/images/provider/photos/2433499.png
IP 54.230.111.88:0
File type PNG image data, 500 x 82, 8-bit colormap, non-interlaced\012- data
Hash 80dba1761c8cf006d02e5ddeae7b4b7b
f80d638ff80de3d2628f5f15dffdd2653bac39b1
759fd218ba416a17c268cf00392d5b03345806af096f0fa326f3e2d03cac5ab3
GET /assets/images/provider/photos/2433499.png HTTP/1.1
Host: sa1s3optim.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 3700
date: Tue, 29 Nov 2022 17:20:48 GMT
x-amzn-requestid: 7ee7a283-5810-4b63-aed7-336b30f7e4df
x-amz-apigw-id: cX7ZjHhCoAMFfgQ=
cache-control: max-age=31536000,public
expires: Wed, 29 Nov 2023 17:20:48 GMT
etag: "3583b61a9b2b450f90d432a1e172819ae334774e"
x-amzn-trace-id: Root=1-63863f70-05252cdd4d63aff5237bbf90;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 17:20:48 GMT
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront), 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, OSL50-P1
x-amz-cf-id: NJkZ1krz0ujK7WG8jt1o15jx54Wi6O4qw3nxCUlhrEzU4fPbkb-mDA==
age: 4136
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 18:29:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sa1s3optim.patientpop.com/assets/production/practices/aff087b4db0fb8f8f0d984796a9d596d2402f34c/images/2433492.jpg
54.230.111.88200 OK 224 kB URL HTTP/2 sa1s3optim.patientpop.com/assets/production/practices/aff087b4db0fb8f8f0d984796a9d596d2402f34c/images/2433492.jpg
IP 54.230.111.88:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1420x700, components 3\012- data
Size 224 kB (223687 bytes)
Hash cdbdb3e7af81eee66ef9069ea709cdbb
e4b9195ff39476369df05eac90f18bcd74acd674
a133785b83ac533f74f4faff8c778bfc592a0f990f3c0e0a9ec98942f53cb28e
GET /assets/production/practices/aff087b4db0fb8f8f0d984796a9d596d2402f34c/images/2433492.jpg HTTP/1.1
Host: sa1s3optim.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 223687
date: Tue, 29 Nov 2022 17:20:49 GMT
x-amzn-requestid: 61f8c5eb-7d4e-4716-9fc0-4f5d5c1cd846
x-amz-apigw-id: cX7ZoFvmoAMFiDw=
cache-control: max-age=31536000,public
expires: Wed, 29 Nov 2023 17:20:48 GMT
etag: "001961e81910cef03d2ab8618139f0fb96c2722a"
x-amzn-trace-id: Root=1-63863f70-49def06522b9955912683898;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 17:20:48 GMT
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront), 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, OSL50-P1
x-amz-cf-id: TKqYNqgDEBg0WeeBm5AnxbzpVkLu-apPluEpbC08g2AmrTLVFIEnrQ==
age: 4135
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 18:29:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oldstandardtt/v8/n6RTCDcIPWSE8UNBa4k-DJDiI8zI8NGcbDOKyTTsY20.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/oldstandardtt/v8/n6RTCDcIPWSE8UNBa4k-DJDiI8zI8NGcbDOKyTTsY20.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11916, version 1.0\012- data
Hash 235b139a09e9ab62c8b3d214d46c3540
5add4c6a8ac1907b2e3746f9f8da189db499d222
a389b8d139060e79b694ae2173e31acf9dfd591117b644d09a0d481441815037
GET /s/oldstandardtt/v8/n6RTCDcIPWSE8UNBa4k-DJDiI8zI8NGcbDOKyTTsY20.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greenwichwellness.com
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11916
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 17:24:38 GMT
expires: Thu, 23 Nov 2023 17:24:38 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 19 Jan 2017 18:53:28 GMT
content-type: font/woff2
age: 522306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sa1s3optim.patientpop.com/assets/images/provider/photos/2433500.jpg
54.230.111.88200 OK 22 kB URL HTTP/2 sa1s3optim.patientpop.com/assets/images/provider/photos/2433500.jpg
IP 54.230.111.88:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 460x365, components 3\012- data
Hash 20aee996241ea81b61975a4acacd31e3
2dcbe645400e7570afa81e3f2ea17bb738dfc82c
f10db2cd86311cb68fa6f4f28c1a27de4467f3d4cad1860a2a69c8d0c10c90a0
GET /assets/images/provider/photos/2433500.jpg HTTP/1.1
Host: sa1s3optim.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 21893
date: Tue, 29 Nov 2022 17:20:48 GMT
x-amzn-requestid: a2d29511-0d53-4c8b-8d4f-2b211de8be32
x-amz-apigw-id: cX7ZjG7ZoAMFSqg=
cache-control: max-age=31536000,public
expires: Wed, 29 Nov 2023 17:20:48 GMT
etag: "e0ec2c47b5fcab6c070cb01cabdd8177ae21b572"
x-amzn-trace-id: Root=1-63863f70-785e97bd3e7992aa08547710;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 17:20:48 GMT
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront), 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, OSL50-P1
x-amz-cf-id: ygcVAp2QWI3NtJEmOFk5xcb6kTnm76zvJY2YFh8LPBS2swhUzAlfsw==
age: 4136
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v11/CcKI4k9un7TZVWzRVT-T8wzyDMXhdD8sAj6OAJTFsBI.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v11/CcKI4k9un7TZVWzRVT-T8wzyDMXhdD8sAj6OAJTFsBI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 13440, version 3.0\012- data
Hash 7050da7d01717994533ec7d8133b5ea5
0e53ae643f7babfa145f9b0b98b350a9e485fbcd
a818021f08b5e887916c2f865ba477c7a83fd7f8cf719f5a9cda9669c8e7ccfd
GET /s/raleway/v11/CcKI4k9un7TZVWzRVT-T8wzyDMXhdD8sAj6OAJTFsBI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greenwichwellness.com
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:27:43 GMT
expires: Fri, 24 Nov 2023 06:27:43 GMT
cache-control: public, max-age=31536000
age: 475321
last-modified: Thu, 19 May 2016 23:54:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sa1s3optim.patientpop.com/assets/docs/329962.jpg
54.230.111.88200 OK 37 kB URL HTTP/2 sa1s3optim.patientpop.com/assets/docs/329962.jpg
IP 54.230.111.88:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1420x700, components 3\012- data
Hash c3d19436000046afb041e69e03c67296
8fe20c5a5961e44c5b60f841cbc1f3c74e64a221
8ab0d575e835692c258ff58a0c832af94716c89b3536d27f2e0f4121d9347d69
GET /assets/docs/329962.jpg HTTP/1.1
Host: sa1s3optim.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 37043
date: Tue, 29 Nov 2022 17:20:48 GMT
x-amzn-requestid: dfb6c655-3c2f-40ab-9160-a78fa7a9047c
x-amz-apigw-id: cX7ZoF-soAMFvHw=
cache-control: max-age=31536000,public
expires: Wed, 29 Nov 2023 17:20:48 GMT
etag: "969b1ddc811110af053360db86139ebe5701a884"
x-amzn-trace-id: Root=1-63863f70-036502362754c8b046061630;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 17:20:48 GMT
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront), 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, OSL50-P1
x-amz-cf-id: Urg7ChZ4d0EXmfFSWswV_FHeXAPlULVl245x9sMtYZLvyHKUcNvJww==
age: 4135
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 18:29:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2q878k4s4718u.cloudfront.net/?practiceUuid=146429c9-85fe-46d9-b938-cbc3134a9d6b&color_palette%5Bprimary%5D=7CB33D&color_palette%5Bsecondary%5D=2b2c2f&color_palette%5Baccent%5D=424242&gaId=UA-214515317-19&domain=http%3A%2F%2Fwww.greenwichwellness.com
54.230.245.88200 OK 866 B URL HTTP/2 d2q878k4s4718u.cloudfront.net/?practiceUuid=146429c9-85fe-46d9-b938-cbc3134a9d6b&color_palette%5Bprimary%5D=7CB33D&color_palette%5Bsecondary%5D=2b2c2f&color_palette%5Baccent%5D=424242&gaId=UA-214515317-19&domain=http%3A%2F%2Fwww.greenwichwellness.com
IP 54.230.245.88:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (497)
Hash f75fb08a9b1beaf6215a200ecf0aa0e6
775703a7b8ad494d8a2e6d90584946d6850d6b58
e6039dc78ed24e84229659950ef9e4ec71abbb0d493a783b22d9e595c9763011
GET /?practiceUuid=146429c9-85fe-46d9-b938-cbc3134a9d6b&color_palette%5Bprimary%5D=7CB33D&color_palette%5Bsecondary%5D=2b2c2f&color_palette%5Baccent%5D=424242&gaId=UA-214515317-19&domain=http%3A%2F%2Fwww.greenwichwellness.com HTTP/1.1
Host: d2q878k4s4718u.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 866
last-modified: Fri, 05 Aug 2022 00:38:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 18:29:45 GMT
etag: "f75fb08a9b1beaf6215a200ecf0aa0e6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3geOxYrEbgeoBgQTCHbG8_IVojvZa8ZvGFS-VulCGPlB8Li0_FqBnQ==
X-Firefox-Spdy: h2
sa1s3.patientpop.com/assets/fonts/provider/OpenSans-Light-webfont.woff
54.230.111.104200 OK 22 kB URL HTTP/2 sa1s3.patientpop.com/assets/fonts/provider/OpenSans-Light-webfont.woff
IP 54.230.111.104:0
File type Web Open Font Format, TrueType, length 22248, version 1.0\012- data
Hash 45b47f3e9c7d74b80f5c6e0a3c513b23
523f9403d934ba017bfe924cdc40f1bb0e5d97e2
a1cb81c9f07f1f399db66ec188c02a1c74bc382df9a8550ab8091aac93dff8a2
GET /assets/fonts/provider/OpenSans-Light-webfont.woff HTTP/1.1
Host: sa1s3.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greenwichwellness.com
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 22248
date: Tue, 29 Nov 2022 18:29:45 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 604800
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Mar 2019 18:43:25 GMT
etag: "45b47f3e9c7d74b80f5c6e0a3c513b23"
cache-control: public, max-age=31536000
x-amz-version-id: G9Ry2j5bJn94lMDZYkt2jvIA.9LxU5BO
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d7Drue_NMzMlAQ8Rhw3eEWpo27q2pd8GEzYpnSrUvsToi39Q9mGmpQ==
X-Firefox-Spdy: h2
sa1s3.patientpop.com/assets/fonts/pp-atomic-fonts/pp-font-awesome-atomic-subset.woff
54.230.111.104200 OK 25 kB URL HTTP/2 sa1s3.patientpop.com/assets/fonts/pp-atomic-fonts/pp-font-awesome-atomic-subset.woff
IP 54.230.111.104:0
File type Web Open Font Format, CFF, length 24680, version 1.0\012- data
Hash b6d676750b43911df2982d49aaf549fa
b60bed08ae99e905199af0ffedc42580e45b2451
6aea627104aee00f7759a73fdf71add52a713b5f11af2eddb7f116643068ad9a
GET /assets/fonts/pp-atomic-fonts/pp-font-awesome-atomic-subset.woff HTTP/1.1
Host: sa1s3.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greenwichwellness.com
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/font-woff
content-length: 24680
date: Tue, 29 Nov 2022 18:29:45 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 604800
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Mar 2019 18:45:36 GMT
etag: "b6d676750b43911df2982d49aaf549fa"
cache-control: public, max-age=31536000
x-amz-version-id: pvMYvRo.QqGNbBMGvBQf1ivrbLs2q00T
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UudnA1TdFk04CeJ-z4zy2urmpMetH3Pso4A1se9B_P76yzzYFGw8bQ==
X-Firefox-Spdy: h2
sa1s3.patientpop.com/assets/fonts/provider/OpenSans-Bold-webfont.woff
54.230.111.104200 OK 22 kB URL HTTP/2 sa1s3.patientpop.com/assets/fonts/provider/OpenSans-Bold-webfont.woff
IP 54.230.111.104:0
File type Web Open Font Format, TrueType, length 22432, version 1.0\012- data
Hash 2e90d5152ce92858b62ba053c7b9d2cb
8cf65f42a2a8c349ccd6ab63b6cbd17c96fd665c
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
GET /assets/fonts/provider/OpenSans-Bold-webfont.woff HTTP/1.1
Host: sa1s3.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greenwichwellness.com
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 22432
date: Tue, 29 Nov 2022 18:29:45 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 604800
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Mar 2019 18:43:46 GMT
etag: "2e90d5152ce92858b62ba053c7b9d2cb"
cache-control: public, max-age=31536000
x-amz-version-id: k6Wj.CSOe9sBIcAZsBytANULsMRx8KOO
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9JqzRrPrgnKolQJQvn_LgBp3uqFcMNGwpOxCIyi4kBdmkYmoEcRFIA==
X-Firefox-Spdy: h2
sa1s3.patientpop.com/assets/fonts/provider/OpenSans-Regular-webfont.woff
54.230.111.104200 OK 23 kB URL HTTP/2 sa1s3.patientpop.com/assets/fonts/provider/OpenSans-Regular-webfont.woff
IP 54.230.111.104:0
File type Web Open Font Format, TrueType, length 22660, version 1.0\012- data
Hash 79515ad0788973c533405f7012dfeccd
5092881fad2caffdc6bf71bdab1ea547b73d3564
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
GET /assets/fonts/provider/OpenSans-Regular-webfont.woff HTTP/1.1
Host: sa1s3.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greenwichwellness.com
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 22660
date: Tue, 29 Nov 2022 18:29:45 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 604800
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Mar 2019 18:44:13 GMT
etag: "79515ad0788973c533405f7012dfeccd"
cache-control: public, max-age=31536000
x-amz-version-id: 7N0CRiXKIkKkxel8gxz35HY45qfxEWkK
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6tBNG5ulGLjiQAKyGllaiXKXVjICD0wZ0Gt7QQEI9mwD0va8MwxzFQ==
X-Firefox-Spdy: h2
sa1s3.patientpop.com/assets/fonts/provider/OpenSans-Semibold-webfont.woff
54.230.111.104200 OK 23 kB URL HTTP/2 sa1s3.patientpop.com/assets/fonts/provider/OpenSans-Semibold-webfont.woff
IP 54.230.111.104:0
File type Web Open Font Format, TrueType, length 22908, version 1.0\012- data
Hash 697574b47bcfdd2c45e3e63c7380dd67
4590722b795938e0b6ff1b99701d1abe37aeabef
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83
GET /assets/fonts/provider/OpenSans-Semibold-webfont.woff HTTP/1.1
Host: sa1s3.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.greenwichwellness.com
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 22908
date: Tue, 29 Nov 2022 18:29:45 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 604800
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Mar 2019 18:44:26 GMT
etag: "697574b47bcfdd2c45e3e63c7380dd67"
cache-control: public, max-age=31536000
x-amz-version-id: ODi5YmIp6SW2mQGawh6wBKgnKWQIK2UY
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lSPxe3A6d65LuGkDxRmWq3eqYU9OSazA7aFYjFu2BiAPEpVVeBHXfg==
X-Firefox-Spdy: h2
www.greenwichwellness.com/assets/iframeResizer.min.js
143.204.55.96200 OK 6.1 kB URL HTTP/2 www.greenwichwellness.com/assets/iframeResizer.min.js
IP 143.204.55.96:0
File type ASCII text, with very long lines (13786)
Hash 5a8cd510853626120d7f1a689700d03c
4a35dc4dbd35d7052fc93700492fdb2ee8eb7fbb
83e998aab0710d7db0811d1a6f7782162c6c3a7d9518e9d44ffef09f34e3b753
Analyzer Verdict Alert fortinet Malware
GET /assets/iframeResizer.min.js HTTP/1.1
Host: www.greenwichwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 29 Nov 2022 18:29:44 GMT
server: nginx/1.18.0
x-ua-compatible: IE=edge,chrome=1
last-modified: 1669070928
cache-control: no-cache
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EtJfkHnIz12unXJUpze_e6a2A-XeDpPiAqdS971C1_UMtumPfJVsYA==
X-Firefox-Spdy: h2
d31y97ze264gaa.cloudfront.net/assets/st/js/st.js?_=1669746583430
143.204.42.52200 OK 26 kB URL HTTP/1.1 d31y97ze264gaa.cloudfront.net/assets/st/js/st.js?_=1669746583430
IP 143.204.42.52:0
File type ASCII text, with very long lines (648)
Hash 4d052cdd5d443b6a64ccf2bfdea32506
d8b28c242f8c8516258dbb45f605db57145e7fc9
047072d4c9db9cfbc90a9acd9cd209fd3f4f1aa099f3ac239e71aba111b37f72
GET /assets/st/js/st.js?_=1669746583430 HTTP/1.1
Host: d31y97ze264gaa.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Sep 2021 16:40:59 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 29 Nov 2022 18:26:30 GMT
ETag: W/"3ada7e792244a7508ebe96ee72971ce6"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1mL-tmIDNoGWXrFtepyAId94dq-mvsZZdlT1ujgUF3B1NxMkC7po4A==
Age: 218
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11171
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 18:29:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11171
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 18:29:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4958
Expires: Tue, 29 Nov 2022 19:52:22 GMT
Date: Tue, 29 Nov 2022 18:29:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4958
Expires: Tue, 29 Nov 2022 19:52:22 GMT
Date: Tue, 29 Nov 2022 18:29:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 49194
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 823e92f62ff7b3c2093828817d7f2866
c501de9eaa581a10b0b5fce40b54bb10f57f7c29
7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ivu6pzZ6dbt3I4tuFMg4oHcuPVdyNS-F3k_lQdmKoXFkdCfSseAEwQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 74569
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:01:55 GMT
age: 73669
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4058fd62595d15c58b3d3266de9865a
d0dff35eb78f129b5da407043037bcf9c27e55c0
ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qh3WqWdBmMG3fzchn3OvxbEpwm2wl_CXi105CL4uJda47N9ZX3CyLA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 09:01:36 GMT
age: 34088
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 74570
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 54693
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sa1s3.patientpop.com/assets/images/patientpop/favicon.ico
54.230.111.104200 OK 198 B URL HTTP/2 sa1s3.patientpop.com/assets/images/patientpop/favicon.ico
IP 54.230.111.104:0
File type MS Windows icon resource - 1 icon, 16x16, 2 colors\012- data
Hash c6acedaff906029fc5455d9ec52c7f42
92cbd806ca421aa2c9ff5e1ff76bbc20913a2f81
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b
GET /assets/images/patientpop/favicon.ico HTTP/1.1
Host: sa1s3.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.greenwichwellness.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 198
date: Tue, 22 Nov 2022 21:07:01 GMT
last-modified: Fri, 06 May 2016 17:50:56 GMT
etag: "c6acedaff906029fc5455d9ec52c7f42"
cache-control: public, max-age=604800
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZyKp7t_57vqN97N9NqNA_3ad0sdbJACtcy-4Wg4Ueb3kTj-qUW_g-w==
age: 595365
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 593331d16498d5a15282e250ac2a2d76
e8c8e27449f29f1ac1fe037cfdb55544642f3f79
8626dabcc92b5182093a9d376a2e783984e955095c1e63d65dbd0e560c2417af
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144625
Date: Tue, 29 Nov 2022 18:29:45 GMT
Etag: "6385ce75-1d7"
Expires: Thu, 01 Dec 2022 10:40:10 GMT
Last-Modified: Tue, 29 Nov 2022 09:18:45 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: brI2Of22D0-czkp_IL_-bEN7RbeNYKu8zX8higlZcT9KO1lFCU1b2Q==
Age: 4885
st1.dialogtech.com/st/?_stk=e4a19193651babae78e8c6a6f7a79aed9e94dabe&dr=&dl=https%3A%2F%2Fwww.greenwichwellness.com%2F&dt=Adam%20Massoud%2C%20DC%3A%20Chiropractor%20Greenwich%2C%20CT%3A%20Greenwich%20Wellness&vp=1268x939&sr=1280x1024&cb=1669746584005&stv=38
52.203.240.124429 Too Many Requests 0 B URL HTTP/2 st1.dialogtech.com/st/?_stk=e4a19193651babae78e8c6a6f7a79aed9e94dabe&dr=&dl=https%3A%2F%2Fwww.greenwichwellness.com%2F&dt=Adam%20Massoud%2C%20DC%3A%20Chiropractor%20Greenwich%2C%20CT%3A%20Greenwich%20Wellness&vp=1268x939&sr=1280x1024&cb=1669746584005&stv=38
IP 52.203.240.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st/?_stk=e4a19193651babae78e8c6a6f7a79aed9e94dabe&dr=&dl=https%3A%2F%2Fwww.greenwichwellness.com%2F&dt=Adam%20Massoud%2C%20DC%3A%20Chiropractor%20Greenwich%2C%20CT%3A%20Greenwich%20Wellness&vp=1268x939&sr=1280x1024&cb=1669746584005&stv=38 HTTP/1.1
Host: st1.dialogtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 429 Too Many Requests
date: Tue, 29 Nov 2022 18:29:45 GMT
content-length: 0
vary: Origin
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
last-modified: Tue Nov 29 2022 18:29:45 GMT+0000 (Coordinated Universal Time)
X-Firefox-Spdy: h2
ui-cdn.patientpop.com/static/fonts/pp-icon-font/pp-icon-font.css
54.230.111.9200 OK 5.6 kB URL HTTP/2 ui-cdn.patientpop.com/static/fonts/pp-icon-font/pp-icon-font.css
IP 54.230.111.9:0
Hash a2f8b4fed7962b204afb9243147c6fe1
fd8a81d5b2ed2fa1da66a9c11083c4430d7d5aa8
6b2069f859483d362c9613c115a8bcadd21fc6db98c6ea18490672d1b0ac00b4
GET /static/fonts/pp-icon-font/pp-icon-font.css HTTP/1.1
Host: ui-cdn.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2q878k4s4718u.cloudfront.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 5596
last-modified: Wed, 09 Mar 2022 23:28:22 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 07:58:43 GMT
etag: "a2f8b4fed7962b204afb9243147c6fe1"
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dK5GnDmEvyLP2ftdoc54Aavoy69To-NDQMJqQVobFT5F-VZM4J3CIQ==
age: 40327
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
151.101.1.229200 OK 52 kB URL HTTP/2 cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
IP 151.101.1.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0553de6fb5c0e46ae241bbfdc52e42aa
3ccb578039976b25552c2dd9b918183ef6443afb
620ba722704113e114a07650aec8a41d2c614dd81c3be6654cf53d3a61a8d3ae
GET /npm/@mdi/font@latest/css/materialdesignicons.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2q878k4s4718u.cloudfront.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 7.0.96
x-jsd-version-type: version
etag: W/"505a4-INFSF/VcDY3YGq5QRH3rBHuiXOA"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 18:29:45 GMT
age: 186
x-served-by: cache-fra-eddf8230124-FRA, cache-bma1643-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 51975
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 29d08411ef7dae8eefe37b48e4ab73b9
ee5be60c1c38abdd463d124268bbf733c45ad78e
9cbff1d3b10b3ba8d97ac0383de37db7a0191a2b3af2caa571b795533c9ddcd2
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 18:29:45 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "7A3A01597C0A6AE21403AEC0EC5AD6BC4D7B6479"
Expires: Wed, 30 Nov 2022 06:00:00 GMT
Last-Modified: Tue, 29 Nov 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1183
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771d691f9fb10b02-OSL
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 18:29:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a0fe20d41a043db700a84924cd9793f3
c0da481fef6cd00558f6e68b074acb34bef8292f
03caeb65ab9e22f6d6fe0d344d327950d20ee9ed144e2da0e5e062943a03fc56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 18:29:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=explicit
142.250.74.132200 OK 554 B URL HTTP/2 www.google.com/recaptcha/api.js?render=explicit
IP 142.250.74.132:0
File type ASCII text, with very long lines (852), with no line terminators
Hash 0a628b8a14a877262721824930709597
31bbb380c04a4229a099a1fb6dea09cf717bcb5f
6c63432c24b1f8eed67f792c68214710fd6444ede5c28f56202e966770d20121
GET /recaptcha/api.js?render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2q878k4s4718u.cloudfront.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 29 Nov 2022 18:29:45 GMT
date: Tue, 29 Nov 2022 18:29:45 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-214515317-19&l=dataLayer
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-214515317-19&l=dataLayer
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 3fd9a8c587bc7cc37f76c581ea1b6d1f
7fb1909a29e1acbbc410210052b7c3f77e519aae
2d849f0b62321f95c11c5913ac064c74a48d3b626e0fe2ea6a7274783d41207b
GET /gtag/js?id=UA-214515317-19&l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2q878k4s4718u.cloudfront.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 18:29:45 GMT
expires: Tue, 29 Nov 2022 18:29:45 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43618
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 18:29:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 18:29:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.99200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://d2q878k4s4718u.cloudfront.net
Connection: keep-alive
Referer: https://d2q878k4s4718u.cloudfront.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:39:14 GMT
expires: Wed, 29 Nov 2023 14:39:14 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 13832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 8a66a0ff6e79b059fa2906e78161c1e3
4dd050deecde842e195948948e57f9a1c1b4fc21
9a45bee68c6108b383ff1b60d2eafe7279262fc6aca50c46537d4ecb961b3937
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162987
Date: Tue, 29 Nov 2022 18:29:46 GMT
Etag: "63861920-1d7"
Expires: Thu, 01 Dec 2022 15:46:13 GMT
Last-Modified: Tue, 29 Nov 2022 14:37:20 GMT
Server: ECS (dcb/7EED)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9ryXk0exlkZZf9ObTyAsFX2lma87BV1QQSoj9oQk5qd0Cd1bIh1Skg==
Age: 4133
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 8a66a0ff6e79b059fa2906e78161c1e3
4dd050deecde842e195948948e57f9a1c1b4fc21
9a45bee68c6108b383ff1b60d2eafe7279262fc6aca50c46537d4ecb961b3937
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164193
Date: Tue, 29 Nov 2022 18:29:46 GMT
Etag: "63861920-1d7"
Expires: Thu, 01 Dec 2022 16:06:19 GMT
Last-Modified: Tue, 29 Nov 2022 14:37:20 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dNQXIt68l6EH63HorY6Kcoskh7c4w14Nqq2urEZ_8FRRdCNhtKjBWQ==
Age: 5339
websites-widget-manager.api.patientpop.com/v1/practices/146429c9-85fe-46d9-b938-cbc3134a9d6b/custom-widget-settings?slug=WEBTOTEXT
3.225.41.174200 OK 0 B URL HTTP/2 websites-widget-manager.api.patientpop.com/v1/practices/146429c9-85fe-46d9-b938-cbc3134a9d6b/custom-widget-settings?slug=WEBTOTEXT
IP 3.225.41.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/practices/146429c9-85fe-46d9-b938-cbc3134a9d6b/custom-widget-settings?slug=WEBTOTEXT HTTP/1.1
Host: websites-widget-manager.api.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: practice-uuid,x-api-key
Referer: https://d2q878k4s4718u.cloudfront.net/
Origin: https://d2q878k4s4718u.cloudfront.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 18:29:46 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 039f90b4-d235-4ae2-b434-dd7d3bd2a32c
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,practice-uuid,service-name,pp-api-auth-token,pp-auth-strategy,pp-practice-uuid,pp-service-name,X-Amz-Date,X-Amz-Security-Token,X-Amz-User-Agent,X-Api-Key
x-amz-apigw-id: cYFgIFNrIAMF0lw=
access-control-allow-methods: OPTIONS,GET,PUT
x-amzn-trace-id: Root=1-63864f9a-2472c6c37a0b09ba6450f4a4
X-Firefox-Spdy: h2
websites-widget-manager.api.patientpop.com/v1/practices/146429c9-85fe-46d9-b938-cbc3134a9d6b/custom-widget-settings?slug=WEBTOTEXT
3.225.41.174200 OK 681 B URL HTTP/2 websites-widget-manager.api.patientpop.com/v1/practices/146429c9-85fe-46d9-b938-cbc3134a9d6b/custom-widget-settings?slug=WEBTOTEXT
IP 3.225.41.174:0
File type JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Hash dd5926cd6a0736cd19f622e989512bca
455bdf95817424ba1f09bebc2514dff735ecd7bd
6c2dbbfe999e3ff856cdd5ebc4ae9bcb5a339d39da0773dc8069dbfb8dcf7ec4
GET /v1/practices/146429c9-85fe-46d9-b938-cbc3134a9d6b/custom-widget-settings?slug=WEBTOTEXT HTTP/1.1
Host: websites-widget-manager.api.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-api-key: kLOpH5b7ig9QjH7W4JY0N2hSqJ3UQwy2aCjWVxdG
practice-uuid: 146429c9-85fe-46d9-b938-cbc3134a9d6b
Origin: https://d2q878k4s4718u.cloudfront.net
Connection: keep-alive
Referer: https://d2q878k4s4718u.cloudfront.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 18:29:46 GMT
content-type: application/json
content-length: 681
x-amzn-requestid: 8c715802-8d84-4dd7-8bbd-a58657af6c39
access-control-allow-origin: *
x-amz-apigw-id: cYFgJE0CIAMFp5g=
x-amzn-trace-id: Root=1-63864f9a-3b8384f61281999775583bde
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2q878k4s4718u.cloudfront.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 16:46:55 GMT
expires: Tue, 29 Nov 2022 18:46:55 GMT
cache-control: public, max-age=7200
age: 6171
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
public.api.patientpop.com/locations/v1/practices/146429c9-85fe-46d9-b938-cbc3134a9d6b/locations
54.230.111.52200 OK 0 B URL HTTP/2 public.api.patientpop.com/locations/v1/practices/146429c9-85fe-46d9-b938-cbc3134a9d6b/locations
IP 54.230.111.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /locations/v1/practices/146429c9-85fe-46d9-b938-cbc3134a9d6b/locations HTTP/1.1
Host: public.api.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: practice-uuid
Referer: https://d2q878k4s4718u.cloudfront.net/
Origin: https://d2q878k4s4718u.cloudfront.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 0
date: Tue, 29 Nov 2022 18:29:47 GMT
x-amzn-requestid: b6ce1d8b-aa0b-47b1-9093-24a1849f4863
access-control-allow-origin: *
access-control-allow-headers: *
x-amz-apigw-id: cYFgQGrAoAMFwig=
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MKGqtI_ZYj1YlNlfyVbBh22WndaEiA_B85xx-uzgGSfbTLpmeYj-iQ==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:48:03 GMT
expires: Fri, 24 Nov 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 420104
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:43 GMT
expires: Fri, 24 Nov 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 438544
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
public.api.patientpop.com/locations/v1/practices/146429c9-85fe-46d9-b938-cbc3134a9d6b/locations
54.230.111.52200 OK 1.0 kB URL HTTP/2 public.api.patientpop.com/locations/v1/practices/146429c9-85fe-46d9-b938-cbc3134a9d6b/locations
IP 54.230.111.52:0
File type JSON data\012- , ASCII text
Hash e872e7639c6b8b10ea58f91e32981170
a2b9d165ee8757743389fe2b72d058d7ae1da7b6
bc39c11204269e47f4127803f8712a54df09e9ca1ed575d46b24a5c7163537dc
GET /locations/v1/practices/146429c9-85fe-46d9-b938-cbc3134a9d6b/locations HTTP/1.1
Host: public.api.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
practice-uuid: 146429c9-85fe-46d9-b938-cbc3134a9d6b
Origin: https://d2q878k4s4718u.cloudfront.net
Connection: keep-alive
Referer: https://d2q878k4s4718u.cloudfront.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 1027
date: Tue, 29 Nov 2022 18:29:47 GMT
x-amzn-requestid: 646b012f-01cb-42c3-a8b3-e206d24e3d4c
x-amzn-remapped-x-amzn-requestid: 4603201b-9f97-4da0-856b-6e1013fad891
x-amzn-remapped-x-amzn-remapped-server: gunicorn
access-control-allow-origin: *
apigw-requestid: cYFgRiidIAMEbcQ=
x-amzn-remapped-content-length: 1027
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token, X-Amz-User-Agent,pp-api-auth-token,pp-auth-strategy,pp-practice-uuid,pp-service-name
x-amzn-remapped-x-amzn-remapped-date: Tue, 29 Nov 2022 18:29:47 GMT
x-amzn-remapped-connection: close
via: 1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront), 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-apigw-id: cYFgRGkCIAMFiWA=
x-amzn-remapped-server: gunicorn
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
x-amzn-remapped-x-amzn-remapped-content-length: 1027
x-amzn-remapped-x-amzn-remapped-connection: keep-alive
x-amzn-remapped-date: Tue, 29 Nov 2022 18:29:47 GMT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
x-amz-cf-pop: IAD89-P1, OSL50-P1
x-amz-cf-id: BahMGS0jq2cgufg8kTHUjreJJDCjc4_VLFViC4ZaKvRKDCqOx9NcCg==
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1216.min.js
151.101.194.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 18:29:47 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 4578
x-timer: S1669746587.381138,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
public.api.patientpop.com/contact_details/v1/mp-contact-details/get-many
54.230.111.52200 OK 0 B URL HTTP/2 public.api.patientpop.com/contact_details/v1/mp-contact-details/get-many
IP 54.230.111.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /contact_details/v1/mp-contact-details/get-many HTTP/1.1
Host: public.api.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://d2q878k4s4718u.cloudfront.net/
Origin: https://d2q878k4s4718u.cloudfront.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 0
date: Tue, 29 Nov 2022 18:29:47 GMT
x-amzn-requestid: 41ef75ab-e463-4b86-9de6-3ee84b5983d5
access-control-allow-origin: *
access-control-allow-headers: *
x-amz-apigw-id: cYFgVHj8oAMF1-Q=
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tRnY8UTbtDNJbvIWzUJ_u4n8dN2T3q7wL0hdpQSBAPzb_EYzb8Y55g==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 18:29:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-214515317-19&cid=1062549407.1669746587&jid=981279901&gjid=671596726&_gid=837276229.1669746587&_u=IGBAgEABAAAAAEAAI~&z=1002116429
74.125.131.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-214515317-19&cid=1062549407.1669746587&jid=981279901&gjid=671596726&_gid=837276229.1669746587&_u=IGBAgEABAAAAAEAAI~&z=1002116429
IP 74.125.131.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-214515317-19&cid=1062549407.1669746587&jid=981279901&gjid=671596726&_gid=837276229.1669746587&_u=IGBAgEABAAAAAEAAI~&z=1002116429 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.greenwichwellness.com
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.greenwichwellness.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 18:29:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bam.nr-data.net/1/78817c6582?a=333407958&v=1216.487a282&to=YlZSMUdXWkEAW0xZV1sccQZBX1tcTkhKUVtBWlMAal5bXwRIWVdd&rst=5034&ck=1&ref=https://www.greenwichwellness.com/&ap=1444&be=1526&fe=4929&dc=2162&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1669746581464,%22n%22:0,%22f%22:1235,%22dn%22:1235,%22dne%22:1235,%22c%22:1235,%22s%22:1235,%22ce%22:1235,%22rq%22:1436,%22rp%22:1499,%22rpe%22:1501,%22dl%22:1509,%22di%22:2161,%22ds%22:2161,%22de%22:2208,%22dc%22:4929,%22l%22:4929,%22le%22:5000%7D,%22navigation%22:%7B%7D%7D&fcp=1817&at=ThFRRw9NSU8%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/78817c6582?a=333407958&v=1216.487a282&to=YlZSMUdXWkEAW0xZV1sccQZBX1tcTkhKUVtBWlMAal5bXwRIWVdd&rst=5034&ck=1&ref=https://www.greenwichwellness.com/&ap=1444&be=1526&fe=4929&dc=2162&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1669746581464,%22n%22:0,%22f%22:1235,%22dn%22:1235,%22dne%22:1235,%22c%22:1235,%22s%22:1235,%22ce%22:1235,%22rq%22:1436,%22rp%22:1499,%22rpe%22:1501,%22dl%22:1509,%22di%22:2161,%22ds%22:2161,%22de%22:2208,%22dc%22:4929,%22l%22:4929,%22le%22:5000%7D,%22navigation%22:%7B%7D%7D&fcp=1817&at=ThFRRw9NSU8%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/78817c6582?a=333407958&v=1216.487a282&to=YlZSMUdXWkEAW0xZV1sccQZBX1tcTkhKUVtBWlMAal5bXwRIWVdd&rst=5034&ck=1&ref=https://www.greenwichwellness.com/&ap=1444&be=1526&fe=4929&dc=2162&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1669746581464,%22n%22:0,%22f%22:1235,%22dn%22:1235,%22dne%22:1235,%22c%22:1235,%22s%22:1235,%22ce%22:1235,%22rq%22:1436,%22rp%22:1499,%22rpe%22:1501,%22dl%22:1509,%22di%22:2161,%22ds%22:2161,%22de%22:2208,%22dc%22:4929,%22l%22:4929,%22le%22:5000%7D,%22navigation%22:%7B%7D%7D&fcp=1817&at=ThFRRw9NSU8%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 18:29:47 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 771d692c4cbab529-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=86978578d5c3d987; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 18:29:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
public.api.patientpop.com/contact_details/v1/mp-contact-details/get-many
54.230.111.52200 OK 446 B URL HTTP/2 public.api.patientpop.com/contact_details/v1/mp-contact-details/get-many
IP 54.230.111.52:0
File type JSON data\012- , ASCII text, with very long lines (446), with no line terminators
Hash 5bdc75cdf4e06a5e03d2ef289a25007d
71d274de0a4f54f4748480b4356bc064ff1a55a4
b60cf10ba15db239837b4dfcec03f1b057829ebd9870d0eb7e39250fb3a9e612
POST /contact_details/v1/mp-contact-details/get-many HTTP/1.1
Host: public.api.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 112
Origin: https://d2q878k4s4718u.cloudfront.net
Connection: keep-alive
Referer: https://d2q878k4s4718u.cloudfront.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 446
date: Tue, 29 Nov 2022 18:29:48 GMT
x-amzn-requestid: 762b303a-0fe0-4d67-b129-6987373cc034
x-amzn-remapped-x-amzn-requestid: d44a8a60-2622-46b2-b4f9-8752f1ae5070
access-control-allow-origin: *
x-amzn-remapped-content-length: 446
x-amzn-remapped-connection: close
via: 1.1 a251e31740a6e166e8fdccf296c41644.cloudfront.net (CloudFront), 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-apigw-id: cYFgWFSGoAMFjTA=
x-amzn-remapped-server: gunicorn
x-amzn-trace-id: Root=1-63864f9b-5b6bcd2b2f619bae4f8c1979;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 18:29:48 GMT
x-cache: Miss from cloudfront
x-amz-cf-pop: IAD89-C1, OSL50-P1
x-amz-cf-id: BVlUlaD3yb_jyTx9Oprb9u6Wz5EHG2FiDL95JZT_B4pNNYoju4AAEQ==
X-Firefox-Spdy: h2
widgets.patientpop.com/bookonlinev2/router/24517
52.6.45.161200 OK 158 kB URL HTTP/2 widgets.patientpop.com/bookonlinev2/router/24517
IP 52.6.45.161:0
Size 158 kB (158536 bytes)
Hash ab63e30d9b29bfde2ef4232959d609a4
d8a608625e89ee35c7c2690a306ce503f7a2f1b6
63cfdf085a6ccc5198d0802ee7bb004ccff2c6b4b7c6d2dbb85084a9a511b971
GET /bookonlinev2/router/24517 HTTP/1.1
Host: widgets.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 18:29:47 GMT
content-type: application/javascript
server: nginx/1.18.0
x-robots-tag: noindex, nofollow
last-modified: 1669070928
cache-control: max-age=1800, no-cache, private
set-cookie: lrvls=eyJpdiI6IlFlZkxJYUduUzZ2djJYRFE3NDdGMHc9PSIsInZhbHVlIjoiU2xWSE45dGFMZlVvTGxUc2xyMldQaXFmTjNpYWhvdlZQV3pTaldjR0ZmMGxkSDVBbWFGc2MzN3pNMVR4VWV3WVprSW8wcktDeU1VK3J6K1dKY0lsV1E9PSIsIm1hYyI6IjYzNGIyNGU1OGRhM2FjOTVjZDljM2ExMDY5ZTU3NzI5YzY2MGMwZmEwMmE1NjZhMzRhZGQwNTFmZGVmMGQ1ODcifQ%3D%3D; expires=Wed, 28-Dec-2022 18:29:47 GMT; Max-Age=2505600; path=/; domain=.patientpop.com; secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
ui-cdn.patientpop.com/static/fonts/pp-icon-font/pp-icon-font.woff2?3fa0a54e7e0f208a7bbf8ec528b3435d
54.230.111.9200 OK 8.1 kB URL HTTP/2 ui-cdn.patientpop.com/static/fonts/pp-icon-font/pp-icon-font.woff2?3fa0a54e7e0f208a7bbf8ec528b3435d
IP 54.230.111.9:0
File type Web Open Font Format (Version 2), TrueType, length 8116, version 1.0\012- data
Hash 2db9bdc409e9ca6a0e81731b910a23fa
b71d38818db87ca6bdfba325d7a7f540dbb426c7
34feb779e2406f0a7e38fe8c0650f6db05e3cb4115f621224bd3106bc830e371
GET /static/fonts/pp-icon-font/pp-icon-font.woff2?3fa0a54e7e0f208a7bbf8ec528b3435d HTTP/1.1
Host: ui-cdn.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://d2q878k4s4718u.cloudfront.net
Connection: keep-alive
Referer: https://ui-cdn.patientpop.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 8116
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 09 Mar 2022 23:28:22 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 18:29:48 GMT
etag: "2db9bdc409e9ca6a0e81731b910a23fa"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZNp8uvDIgevwEFSZvcK--lZpyXoBXsnmlA9EN8I0zFpOTUVwhaFa2g==
age: 40876
X-Firefox-Spdy: h2
ui-cdn.patientpop.com/static/fonts/Inter/Inter-Medium.woff2?v=3.15
54.230.111.9200 OK 106 kB URL HTTP/2 ui-cdn.patientpop.com/static/fonts/Inter/Inter-Medium.woff2?v=3.15
IP 54.230.111.9:0
File type Web Open Font Format (Version 2), TrueType, length 105500, version 1.0\012- data
Size 106 kB (105500 bytes)
Hash 46d7404e4a2eb3cd2ff9bc83023e259c
0ea29babd36e7825170939638ea235fc6fddd96f
cae7b340613b2a060e0e200528f7e962baa13a44d868036cb2ea02fd7034e6d6
GET /static/fonts/Inter/Inter-Medium.woff2?v=3.15 HTTP/1.1
Host: ui-cdn.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://d2q878k4s4718u.cloudfront.net
Connection: keep-alive
Referer: https://d2q878k4s4718u.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 105500
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 22 Mar 2021 04:43:48 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 18:29:48 GMT
etag: "46d7404e4a2eb3cd2ff9bc83023e259c"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p5XRHnHSsIK7Ue0fYbrZlqO8SCCfrOJvta1T_XieqpvhLqnQY3QrOA==
age: 40876
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 10:09:32 GMT
age: 30019
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.greenwichwellness.com/
143.204.55.96200 OK 0 B URL HTTP/2 www.greenwichwellness.com/
IP 143.204.55.96:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.greenwichwellness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Tue, 29 Nov 2022 18:23:49 GMT
server: nginx/1.18.0
x-ua-compatible: IE=edge,chrome=1
cache-control: max-age=3600, public
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mNsozyLrSSAWKDwzXahEQISmPoTbMNywT8rguV0YAbhycQXWNs0hlg==
age: 354
X-Firefox-Spdy: h2
sa1co.patientpop.com/assetsV/practice.application.js/v/d1efaa54eefd54aaac4ad2c77b9d9e95ede2f23b
143.204.55.59200 OK 0 B URL HTTP/2 sa1co.patientpop.com/assetsV/practice.application.js/v/d1efaa54eefd54aaac4ad2c77b9d9e95ede2f23b
IP 143.204.55.59:0
GET /assetsV/practice.application.js/v/d1efaa54eefd54aaac4ad2c77b9d9e95ede2f23b HTTP/1.1
Host: sa1co.patientpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.greenwichwellness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 21 Nov 2022 23:14:33 GMT
server: nginx/1.18.0
x-ua-compatible: IE=edge,chrome=1
last-modified: 1669070928
cache-control: max-age=3600, public
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8UQByTI9M6YkKxCc9wTlZbcP6IBxL8SNEmFCiLjonEcwu2h2KR1b9g==
age: 674110
X-Firefox-Spdy: h2
d2q878k4s4718u.cloudfront.net/js/app.js
54.230.245.88200 OK 0 B URL HTTP/2 d2q878k4s4718u.cloudfront.net/js/app.js
IP 54.230.245.88:0
GET /js/app.js HTTP/1.1
Host: d2q878k4s4718u.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2q878k4s4718u.cloudfront.net/?practiceUuid=146429c9-85fe-46d9-b938-cbc3134a9d6b&color_palette%5Bprimary%5D=7CB33D&color_palette%5Bsecondary%5D=2b2c2f&color_palette%5Baccent%5D=424242&gaId=UA-214515317-19&domain=http%3A%2F%2Fwww.greenwichwellness.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 00:38:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 18:29:44 GMT
etag: W/"5d6758268de6653d9f573736123168d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vO-2RyBSGS8XrRcZk8yHtI8oW2Mnl4v18HsCnfVNpHH-cKKN6xkGmg==
X-Firefox-Spdy: h2
d2q878k4s4718u.cloudfront.net/js/chunk-vendors.js
54.230.245.88200 OK 0 B URL HTTP/2 d2q878k4s4718u.cloudfront.net/js/chunk-vendors.js
IP 54.230.245.88:0
GET /js/chunk-vendors.js HTTP/1.1
Host: d2q878k4s4718u.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2q878k4s4718u.cloudfront.net/?practiceUuid=146429c9-85fe-46d9-b938-cbc3134a9d6b&color_palette%5Bprimary%5D=7CB33D&color_palette%5Bsecondary%5D=2b2c2f&color_palette%5Baccent%5D=424242&gaId=UA-214515317-19&domain=http%3A%2F%2Fwww.greenwichwellness.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 00:38:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 18:29:44 GMT
etag: W/"36c5e1edeb7ef2b7fa6ec2a42e64968c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U7rnCrujNp1aa3i1wA9KirySqDKpdLlBMIhUTfDBbxv-SCKxEWf3gw==
X-Firefox-Spdy: h2