Overview

URLcaresyncsilver.com/
IP 50.28.1.193 (United States)
ASN#32244 LIQUIDWEB
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-27 09:41:35 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (57)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
tr.lfeeder.com (2) 16332 2020-11-16 14:42:44 UTC 2022-11-27 07:36:08 UTC 143.204.55.27
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-27 06:32:50 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
unpkg.com (3) 11693 2016-01-07 23:26:01 UTC 2022-11-27 06:32:26 UTC 104.16.126.175
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-27 05:29:56 UTC 34.102.187.140
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.39.94.191
assets.adobedtm.com (1) 512 2014-01-31 22:40:14 UTC 2020-05-14 16:29:33 UTC 23.38.200.237
snap.licdn.com (1) 1044 2014-10-06 08:43:45 UTC 2020-04-10 04:11:37 UTC 23.36.76.210
forms.hubspot.com (1) 3593 2014-03-21 07:12:37 UTC 2022-11-27 05:30:26 UTC 104.19.154.83
js.adsrvr.org (1) 1664 2014-10-28 22:25:15 UTC 2020-02-11 15:39:45 UTC 143.204.45.46
vaticaprod.wpengine.com (6) 0 2022-11-01 20:18:57 UTC 2022-11-01 20:18:57 UTC 35.233.224.116 Domain (wpengine.com) ranked at: 6882
api.hubapi.com (1) 4102 2012-06-25 18:13:07 UTC 2022-11-27 05:14:19 UTC 104.17.204.204
forms.hsforms.com (1) 5160 2018-03-07 15:21:13 UTC 2022-11-27 05:30:26 UTC 104.16.85.5
twin-iq.kickfire.com (2) 28814 2019-04-27 02:39:34 UTC 2022-01-06 16:18:41 UTC 34.210.180.239
www.influ2.com (1) 55422 2018-03-28 08:22:27 UTC 2022-11-26 08:00:52 UTC 34.107.254.219
ocsp.digicert.com (19) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ocsp.pki.goog (16) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
11053817.fls.doubleclick.net (1) 0 No data No data 142.250.74.70 Domain (doubleclick.net) ranked at: 2267
vars.hotjar.com (1) 1014 2020-11-05 10:13:14 UTC 2022-11-27 05:53:28 UTC 143.204.55.101
insight.adsrvr.org (1) 631 2014-03-25 22:33:59 UTC 2022-11-27 07:45:00 UTC 35.71.131.137
ocsp.sca1b.amazontrust.com (4) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
t.influ2.com (1) 50564 No data No data 172.217.21.179
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 31.13.72.12
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-27 05:29:57 UTC 34.117.237.239
www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-11-27 07:05:16 UTC 142.250.74.3
js.hscollectedforms.net (1) 5697 2018-01-10 15:37:15 UTC 2022-11-27 08:05:39 UTC 104.17.128.171
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
collector.leadinfo.net (3) 81866 2021-05-04 07:53:13 UTC 2022-11-26 07:59:05 UTC 18.203.114.69
adservice.google.com (1) 76 2021-02-20 16:10:48 UTC 2022-11-27 07:30:28 UTC 142.250.74.162
px.ads.linkedin.com (2) 522 2018-06-15 11:29:56 UTC 2019-09-20 11:09:24 UTC 13.107.42.14
api.leadinfo.com (1) 96632 2022-06-04 19:04:32 UTC 2022-11-26 07:59:05 UTC 54.72.54.230
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-27 07:15:06 UTC 142.250.74.174
www.facebook.com (1) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 31.13.72.36
in.hotjar.com (1) 1746 2018-10-22 17:15:59 UTC 2020-11-20 16:45:40 UTC 52.215.128.208
ocsp.godaddy.com (4) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.41
vc.hotjar.io (1) 2334 No data No data 54.230.111.64
static.hotjar.com (2) 641 2014-11-01 05:14:27 UTC 2020-04-26 08:32:02 UTC 143.204.55.98
www.googletagmanager.com (2) 75 2013-05-22 02:07:37 UTC 2022-11-27 06:32:27 UTC 142.250.74.168
www.linkedin.com (1) 608 2015-06-18 16:10:03 UTC 2020-04-27 12:38:34 UTC 13.107.42.14
cdnjs.cloudflare.com (3) 235 2015-04-17 20:46:33 UTC 2022-11-27 07:16:36 UTC 104.17.25.14
www.vaticahealth.com (1) 0 2015-04-20 21:38:22 UTC 2015-04-20 21:38:22 UTC 141.193.213.11 Domain (vaticahealth.com) ranked at: 161347
ws26.hotjar.com (1) 63585 No data No data 52.211.225.181
caresyncsilver.com (1) 0 2021-01-31 04:44:56 UTC 2022-11-13 04:53:46 UTC 50.28.1.193 Unknown ranking
googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-11-27 07:28:50 UTC 142.250.74.98
script.hotjar.com (1) 887 2020-11-05 16:23:46 UTC 2022-11-27 05:32:23 UTC 143.204.55.96
cdn.linkedin.oribi.io (4) 0 2022-10-19 14:36:39 UTC 2022-11-22 13:10:54 UTC 54.230.111.112 Domain (oribi.io) ranked at: 21988
r3.o.lencr.org (4) 344 No data No data 23.36.77.32
vaticahealth.com (1) 161347 2015-04-20 21:38:22 UTC 2022-11-14 06:07:50 UTC 141.193.213.11
lltrck.com (2) 33357 2020-09-24 18:23:17 UTC 2022-11-26 10:24:51 UTC 44.209.161.94
www.caresync.com (1) 0 2014-05-29 22:37:10 UTC 2020-01-22 21:54:18 UTC 15.197.142.173 Unknown ranking
adservice.google.no (2) 96969 2018-06-19 23:38:38 UTC 2020-05-14 07:59:11 UTC 142.250.74.34
js.hs-analytics.net (1) 2411 2013-10-01 15:49:45 UTC 2022-11-27 05:38:49 UTC 104.17.68.176
js.hs-banner.com (1) 2426 2020-03-26 17:45:21 UTC 2022-11-27 05:38:49 UTC 172.64.154.85
cdn.leadinfo.net (1) 93318 2020-02-06 05:24:04 UTC 2022-11-26 07:59:04 UTC 54.230.111.28
js.hs-scripts.com (1) 2571 2018-01-31 16:47:28 UTC 2022-11-27 05:38:48 UTC 104.17.214.204
sc.lfeeder.com (1) 17815 No data No data 143.204.55.27
www.rumiview.com (3) 25977 2018-06-23 14:13:33 UTC 2022-11-27 04:18:12 UTC 199.185.0.231

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-27 2 caresyncsilver.com/ Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 50.28.1.193
Date UQ / IDS / BL URL IP
2023-01-25 09:26:55 +0000 0 - 0 - 2 theceocforeporter.com/873gfhi3f3r 50.28.1.193
2022-11-30 10:37:51 +0000 0 - 0 - 2 theceocforeporter.com/fax.html 50.28.1.193
2022-11-27 09:41:35 +0000 0 - 0 - 1 caresyncsilver.com/ 50.28.1.193
2022-11-07 15:47:24 +0000 0 - 0 - 2 theceocforeporter.com/873gfhi3f3r 50.28.1.193
2022-10-07 20:26:04 +0000 0 - 0 - 2 theceocforeporter.com/873gfhi3f3r 50.28.1.193


Last 5 reports on ASN: LIQUIDWEB
Date UQ / IDS / BL URL IP
2023-02-06 06:47:52 +0000 0 - 0 - 3 avlib.net/studio/kosumosu-eizou/page-3 67.227.226.240
2023-02-06 05:48:43 +0000 0 - 0 - 14 bostoncgc.com/ 67.227.226.240
2023-02-06 05:35:34 +0000 0 - 0 - 7 provitareport.com/2019/11/22/dr-georgia-ede/ 209.59.190.195
2023-02-06 05:09:44 +0000 0 - 0 - 3 69.16.215.168/verification/update/online.amaz (...) 69.16.215.168
2023-02-06 04:54:01 +0000 0 - 0 - 1 e560dfa112bb63b62d2b0f74f681d979ba30ad08d.ph/ 69.16.231.56


Last 1 reports on domain: caresyncsilver.com
Date UQ / IDS / BL URL IP
2022-11-27 09:41:35 +0000 0 - 0 - 1 caresyncsilver.com/ 50.28.1.193


No other reports with similar screenshot

JavaScript

Executed Scripts (86)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (128)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17154
Expires: Sun, 27 Nov 2022 14:27:17 GMT
Date: Sun, 27 Nov 2022 09:41:23 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: caresyncsilver.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         50.28.1.193
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sun, 27 Nov 2022 09:41:23 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 12 Dec 2015 00:24:35 GMT
Accept-Ranges: bytes
Cache-Control: max-age=600
Expires: Sun, 27 Nov 2022 09:51:23 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 289
Keep-Alive: timeout=2, max=500


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   289
Md5:    f92ef2e6c6db4d409e6a5068eb927fea
Sha1:   57b5577ae1f84dbf4ef816c9a74920b49bf34136
Sha256: f071a4088020d5ecbf36429a809d0d1b32bf7030c9cf9f8e45c9e69d31348e52

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5133
Cache-Control: max-age=94518
Date: Sun, 27 Nov 2022 09:41:23 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:56:41 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4679
Expires: Sun, 27 Nov 2022 10:59:22 GMT
Date: Sun, 27 Nov 2022 09:41:23 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 09:17:38 GMT
cache-control: public,max-age=3600
age: 1425
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: eppfpe6SMXpUtemDACloq0HwllPRs9uuApPlZjc9mcco3gv2pmmvlFWw0eg+UtKpkDhPVOIFETc=
x-amz-request-id: YX35FZ13738PT3J3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 08:44:34 GMT
age: 3409
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 27 Nov 2022 09:41:23 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: www.caresync.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://caresyncsilver.com/
Upgrade-Insecure-Requests: 1

search
                                         15.197.142.173
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Date: Sun, 27 Nov 2022 09:41:23 GMT
Content-Length: 59
Connection: keep-alive
Location: https://vaticahealth.com
Server: ip-100-74-2-99.eu-west-2.compute.internal
X-Request-Id: 5fb0f137-1c2f-4c91-8c0a-74245035a297


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   59
Md5:    0728dc0272ff0d473f6d9589d264d4b4
Sha1:   8502f0d5401f2554b1f84f09a6e3a42b31f65bce
Sha256: c2e5adb70eef66f773d400a4a0a19bb978a22b7eaa8713f2412947f4c085c6dc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sun, 27 Nov 2022 09:41:24 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 26 Nov 2022 21:07:05 GMT
Expires: Sun, 27 Nov 2022 21:07:05 GMT
ETag: "ff5ba72ee4025e289c9c86a7fba641f3ef4870ba"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    205df8e7561c82e4276bb56562ff4411
Sha1:   ff5ba72ee4025e289c9c86a7fba641f3ef4870ba
Sha256: 13a454bb7f4cb252542c45d9d3fee65ed8fd2820731ace5e4a69d8576cff9e23
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 09:08:54 GMT
cache-control: public,max-age=3600
age: 1950
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4849
Cache-Control: max-age=89176
Date: Sun, 27 Nov 2022 09:41:24 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:27:40 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HWNiq4ITZRYKAXSLxdaxzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.39.94.191
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CmX43/ncKDcniNR7nyV1Frkas8k=

                                        
                                            GET / HTTP/1.1 
Host: vaticahealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://caresyncsilver.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         141.193.213.11
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
date: Sun, 27 Nov 2022 09:41:24 GMT
content-length: 0
location: https://www.vaticahealth.com/
set-cookie: hencove=103; expires=Tue, 07-Mar-2023 07:48:01 GMT; Max-Age=8640000; path=/; secure
x-powered-by: WP Engine
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:
x-redirect-by: WordPress
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
x-frame-options: ALLOW-FROM https://static.hsappstatic.net/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sbuLO2kI64sWKxLilV3YKWFWynqswVSOzMecDl%2FiO2mHQyFncN2oleebFZvJQ3i5kKyYE9Qzsg8EIAAdj7NQnMr7DG%2BvbU0dboCdgdAMbu76MAucPD2dDnGhnzS5m9UYu4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709e868bb9c0b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sun, 27 Nov 2022 09:41:24 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 26 Nov 2022 21:07:05 GMT
Expires: Sun, 27 Nov 2022 21:07:05 GMT
ETag: "ff5ba72ee4025e289c9c86a7fba641f3ef4870ba"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    205df8e7561c82e4276bb56562ff4411
Sha1:   ff5ba72ee4025e289c9c86a7fba641f3ef4870ba
Sha256: 13a454bb7f4cb252542c45d9d3fee65ed8fd2820731ace5e4a69d8576cff9e23
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4646
Cache-Control: max-age=109862
Date: Sun, 27 Nov 2022 09:41:25 GMT
Etag: "638228c5-117"
Expires: Mon, 28 Nov 2022 16:12:27 GMT
Last-Modified: Sat, 26 Nov 2022 14:55:01 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2695
Cache-Control: max-age=127717
Date: Sun, 27 Nov 2022 09:41:25 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 21:10:02 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3484
Cache-Control: max-age=108700
Date: Sun, 27 Nov 2022 09:41:25 GMT
Etag: "638228c5-117"
Expires: Mon, 28 Nov 2022 15:53:05 GMT
Last-Modified: Sat, 26 Nov 2022 14:55:01 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2695
Cache-Control: max-age=127717
Date: Sun, 27 Nov 2022 09:41:25 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 21:10:02 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /175f7caa2b90/8ce8073a6f4c/launch-d7bbf25ab785.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "217a9ec24e97f854bc3e12c3cb93b834:1653073358.769077"
last-modified: Fri, 20 May 2022 19:02:38 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Sun, 27 Nov 2022 10:41:25 GMT
date: Sun, 27 Nov 2022 09:41:25 GMT
content-length: 20138
access-control-allow-origin: https://www.vaticahealth.com
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32750)
Size:   20138
Md5:    7780959f8f47fbeb9f2ab8930f058343
Sha1:   eb276b8e645031c27378cd76b9a2883af24e7752
Sha256: 047c9dd8e6b97f979d037e1ab0731ca4f544a81c75e2297a80dd42a22b4b4989
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4360
Cache-Control: max-age=129382
Date: Sun, 27 Nov 2022 09:41:25 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 21:37:47 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ajax/libs/ScrollMagic/2.0.7/ScrollMagic.min.js?ver=6.0.3 HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 27 Nov 2022 09:41:25 GMT
content-length: 5437
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf2-4416"
last-modified: Mon, 04 May 2020 16:04:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5654660
expires: Fri, 17 Nov 2023 09:41:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1sLI3OaJCPOrRt%2F79ZiWd6YCGc8qvSfaxqleE6rvr8jy9U6djGbA8BtFl6PeuNwwsqXIZgwDv78xI6RoY5Ru8rCi2EAzuCB0qCg85uEElJ0uBwb4UbtblnHfRbo6CpzzdZOWNWs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7709e8731f6bb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17329)
Size:   5437
Md5:    00bc1f42200b9831dccd3a5b13ef59ae
Sha1:   e06fb51d20e31c09e840e70fa88b094b889156dc
Sha256: 27de72ac8f629595f9f5e5d9c26fec0335a5b4e7cd7547d6f0fb960d4edff09e
                                        
                                            GET /ajax/libs/gsap/3.0.5/gsap.min.js?ver=6.0.3 HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 27 Nov 2022 09:41:25 GMT
content-length: 20311
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e71-ddb1"
last-modified: Mon, 04 May 2020 16:10:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 998026
expires: Fri, 17 Nov 2023 09:41:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkE2CPZa2oYte8PBSQhhMijVP5dJXrCSdLwyQYTQ6iSMZSDKl%2Bv7be4kg%2BPDKmsCrMGY42dcIO%2FkY5NDFaGDGlS3pPjcZCQKZi2s39MHssm0ftfPLslAeSlk5s5D%2BsKgGlKAEIEz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7709e8732f74b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (56420)
Size:   20311
Md5:    c1a503099e37cd986b079f243b756bf1
Sha1:   5a12e6fae6178ba44ae22a88c5c1dc77ada9e387
Sha256: 32a59c239a9e3f58674857e835388efccc658f759c1cb2242577899a8413290e
                                        
                                            GET /ajax/libs/ScrollMagic/2.0.7/plugins/animation.gsap.min.js?ver=6.0.3 HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 27 Nov 2022 09:41:25 GMT
content-length: 582
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf2-508"
last-modified: Mon, 04 May 2020 16:04:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 390388
expires: Fri, 17 Nov 2023 09:41:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RW4rV6xq2JeALbr69VUodZSF8uTQyJwU%2Fq626nEiuT5Yh5B4L5xuld0WVfOftXhoTf7kJfhc48I0qXekNs4R9NMeJrrXqv%2BfiyczEefKtfRZE7OWETVr%2Fn3OsFA81tQ3WKaRkVuZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7709e8732f7bb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1187)
Size:   582
Md5:    1ff410e17cfb6c1ae0a8cdd58b978e6e
Sha1:   6db09a91b053605102a9f2b6c9a6018463e961b1
Sha256: 7bf62c6d6961c9782ed491680d7ec61c0cad3f57ed40b7deb2df0d72ce465ec2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2695
Cache-Control: max-age=127717
Date: Sun, 27 Nov 2022 09:41:25 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 21:10:02 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /up_loader.1.1.0.js HTTP/1.1 
Host: js.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.45.46
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 26 Nov 2022 23:31:36 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FlcOgQI-N0rDbFSA92aHX5q9ejxbFrFOaxzlBxuln0NjkTQJn1pSsg==
Age: 36590


--- Additional Info ---
Magic:  ASCII text, with very long lines (4593), with no line terminators
Size:   1887
Md5:    8dc722d27824e60548fd25752623cd07
Sha1:   33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
Sha256: 14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5040
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 09:41:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5040
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 09:41:25 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 42584
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10199
Md5:    2cd887044e91d7ed0f1a8d7119ff7dd0
Sha1:   ae8aa4ce6ddaccba771fe65446926b60fc5628da
Sha256: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6859
x-amzn-requestid: 4a1b13ad-9455-401d-a914-c1ada2191977
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYTHRroAMFR8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-4e5d630b23cdeb2e4b6d75d1;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D24B6xoLZ2nu1NdlMU5TgJSc-DfzD6vrMzgU3s6tAiAsUuzBb_t89Q==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 08:21:28 GMT
age: 4797
etag: "26b8dd82140c0db021048e11bff65a391dc6b444"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6859
Md5:    f80a9a9b55da31c98663e157dde74a19
Sha1:   26b8dd82140c0db021048e11bff65a391dc6b444
Sha256: 680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 01:46:48 GMT
age: 28477
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13049
Md5:    1db6041a0bdb2319ae85afcc30caaeec
Sha1:   3b0ec6a7188dadf986f72fda8110296d9abd6f35
Sha256: 05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183848d2-b6cc-4349-b07a-3fd8540a63e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4023
x-amzn-requestid: e9fe84db-d488-4ec7-81e6-c819bb625944
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b44BuHsmIAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d3a4-54fbd7892170110e4bafc899;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:13:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GYi18tS1H9gOh6y9rQGwRx9VANq4dYJ_vJIpMD0kWIXFVNSif-sxXA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:05:29 GMT
age: 41756
etag: "f77ff5378766c6b14125de0e003b21f34726672b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4023
Md5:    9de86e0161ef1255306ddfce1c2549d7
Sha1:   f77ff5378766c6b14125de0e003b21f34726672b
Sha256: 7db14b31e7e2d882eb446bd6056ad9e8eed6e1581837a6d54d2e0d26aa2600bb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 42588
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9063
x-amzn-requestid: f00ac8bd-6466-4c92-9b99-0e71b4b2345c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8Jr4ENtoAMFzvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2318-0e3a57932987e29521388dd7;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:04:56 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ntfumip5IjOlyoe6ASlwJ1PjPLN1yZHkK_iiDDKfmMCyI__PrrGVMA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 11:33:57 GMT
age: 79648
etag: "71f737c3cee7766494157cd6491ce247a785c09e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9063
Md5:    e615cdc2e330b5cf76435abce9aa631a
Sha1:   71f737c3cee7766494157cd6491ce247a785c09e
Sha256: 853f68bf79a553b9fbf0e10391424faf0a3c071370d05d369563f7824d1bda84
                                        
                                            GET /6311499.js?integration=WordPress&ver=9.0.338 HTTP/1.1 
Host: js.hs-scripts.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.214.204
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
date: Sun, 27 Nov 2022 09:41:25 GMT
x-trace: 2BCE8F2D7F9F33B58FE4CF6DF9C151B5FF0F3995E5000000000000000000
cache-control: public, max-age=60
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 9c0995b0-4c41-474b-9218-d121a60e9cfd
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.vaticahealth.com
last-modified: Sun, 27 Nov 2022 09:41:25 GMT
cf-cache-status: MISS
expires: Sun, 27 Nov 2022 09:42:25 GMT
server: cloudflare
cf-ray: 7709e873898b0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (539)
Size:   1266
Md5:    0ed10ce36f9e3a35e83d57daadd8c28a
Sha1:   ef5b68ab0e2d6ec3be5747964afbc00287a5ed29
Sha256: 29325b9d72ef1e7ff6722abc0a737066ceb639976bbe824695e80db088746ff5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4093
Cache-Control: max-age=98522
Date: Sun, 27 Nov 2022 09:41:26 GMT
Etag: "6381fea3-2d7"
Expires: Mon, 28 Nov 2022 13:03:28 GMT
Last-Modified: Sat, 26 Nov 2022 11:55:15 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 727

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2806
Cache-Control: max-age=97235
Date: Sun, 27 Nov 2022 09:41:26 GMT
Etag: "6381fea3-2d7"
Expires: Mon, 28 Nov 2022 12:42:01 GMT
Last-Modified: Sat, 26 Nov 2022 11:55:15 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /wp-content/uploads/2020/02/RiskAdjustmentYield-2.png HTTP/1.1 
Host: vaticaprod.wpengine.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         35.233.224.116
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 27 Nov 2022 09:41:26 GMT
content-length: 3873
last-modified: Mon, 31 Oct 2022 04:24:24 GMT
etag: "635f4df8-f21"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 267 x 267, 8-bit/color RGBA, non-interlaced\012- data
Size:   3873
Md5:    cf386f49ab0f9e0d0aab64588eb1c07d
Sha1:   457dba0210e9f5526bdfdb545913d097cc5f719d
Sha256: 903d64a575a4da89fe8de4e2654fda874bddb30aaffd8f1fc05078a69a293883
                                        
                                            GET /wp-content/uploads/2020/02/QualityOfCare-1.png HTTP/1.1 
Host: vaticaprod.wpengine.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         35.233.224.116
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 27 Nov 2022 09:41:26 GMT
content-length: 6266
last-modified: Mon, 31 Oct 2022 04:15:37 GMT
etag: "635f4be9-187a"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 267 x 267, 8-bit/color RGBA, non-interlaced\012- data
Size:   6266
Md5:    4db913d0db2731b1de04f17ccd8d70d2
Sha1:   df6cc709103bd291be76c0a16499c65e23b35a12
Sha256: 073c7df8344215c642c2536271cd9af15bb38def2db8f85c0661409de5f48d52
                                        
                                            GET /wp-content/uploads/2020/02/RiskAdjustment-2.png HTTP/1.1 
Host: vaticaprod.wpengine.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         35.233.224.116
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 27 Nov 2022 09:41:26 GMT
content-length: 4910
last-modified: Mon, 31 Oct 2022 04:10:35 GMT
etag: "635f4abb-132e"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 267 x 267, 8-bit/color RGBA, non-interlaced\012- data
Size:   4910
Md5:    1702db8dd4b27d3b0f8c1f0c1a3fed53
Sha1:   e879b0e6fe22aef8fb9f13d02143134010a4fd31
Sha256: da3321bae167cb5ccd8ebfdca51a624b58003afa038184aa01664cba3739123f
                                        
                                            GET /wp-content/uploads/2020/02/PatientEngagement-1.png HTTP/1.1 
Host: vaticaprod.wpengine.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         35.233.224.116
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 27 Nov 2022 09:41:26 GMT
content-length: 2360
last-modified: Mon, 31 Oct 2022 04:22:54 GMT
etag: "635f4d9e-938"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 267 x 267, 8-bit/color RGBA, non-interlaced\012- data
Size:   2360
Md5:    ccf17e8179ad58861f95e044ea5c02cb
Sha1:   3320755a8ae10c112ef2399731f0f936c667da39
Sha256: ab3c2ae474f1044b908f55c9bf390ec6f91e37655c8ee8688db071453e014176
                                        
                                            GET /wp-content/uploads/2020/02/FinancialPerformance-1.png HTTP/1.1 
Host: vaticaprod.wpengine.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         35.233.224.116
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 27 Nov 2022 09:41:26 GMT
content-length: 6101
last-modified: Mon, 31 Oct 2022 04:24:30 GMT
etag: "635f4dfe-17d5"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 267 x 267, 8-bit/color RGBA, non-interlaced\012- data
Size:   6101
Md5:    fe54f7af6ae5b57c37489b76fe2854b8
Sha1:   48a08ba54943963998af953fd6db100a1e04325b
Sha256: 27f97256d67f18ce75fb57fd84c72f815dc0f7d776150b9fbb253bb2e66e2ce6
                                        
                                            GET /wp-content/uploads/2020/02/StarRatings-1.png HTTP/1.1 
Host: vaticaprod.wpengine.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         35.233.224.116
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 27 Nov 2022 09:41:26 GMT
content-length: 6185
last-modified: Mon, 31 Oct 2022 04:21:20 GMT
etag: "635f4d40-1829"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 267 x 267, 8-bit/color RGBA, non-interlaced\012- data
Size:   6185
Md5:    1f49621d97441d1e1d82778cb15062a4
Sha1:   4c750d20463ba39a57fb2cf485dd05a4d679c540
Sha256: 783c7f99eee2101c7f19b2d0a0aa7660c67e0f76014718cdd3b5ee79ceeb6bc7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   4257
Md5:    36ce6f63832687a9f86e16d3909eeb3f
Sha1:   aeac5a296e0a87f9f267c9ad54e2335b8112f219
Sha256: 92d4a022e732e046531dbb464281ae1f5e191ead07f150967d6e3cc83ead3f85
                                        
                                            GET /gtm.js?id=GTM-M78M59N HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 09:41:27 GMT
expires: Sun, 27 Nov 2022 09:41:27 GMT
cache-control: private, max-age=900
last-modified: Sun, 27 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77691
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   78572
Md5:    5265af87e67f538eecf63e645d674090
Sha1:   c955d0fc1c262b09ae83338930d8f911b0ed988d
Sha256: 2f888783268d8a08b03d4ebc586ff012e574ba46150551ed2619bdcdb423c1a2
                                        
                                            GET /gtm.js?id=GTM-WJZS5GX HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 09:41:27 GMT
expires: Sun, 27 Nov 2022 09:41:27 GMT
cache-control: private, max-age=900
last-modified: Sun, 27 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4652)
Size:   68880
Md5:    f74159e7dad549c34fb56599e327412e
Sha1:   5e009df2b6a429fc917417357860f2658006fa79
Sha256: b281db2916834d43f13e9c43e8a0d43b9776ca5b646663f2bb1f3a884ec6082d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sun, 27 Nov 2022 09:41:27 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 26 Nov 2022 20:23:27 GMT
Expires: Sun, 27 Nov 2022 20:23:27 GMT
ETag: "883408bbde4babd32c8e4815b2820eb37bdf57fe"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    c2e2f684498fff79b73db9efc0bc9e5a
Sha1:   883408bbde4babd32c8e4815b2820eb37bdf57fe
Sha256: 5f72db5c2b99bc524494284b882d105bd57bbb6963888cbc43ad8cd8ded51850
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6226
Cache-Control: max-age=167975
Date: Sun, 27 Nov 2022 09:41:27 GMT
Etag: "6383059c-117"
Expires: Tue, 29 Nov 2022 08:21:02 GMT
Last-Modified: Sun, 27 Nov 2022 06:37:16 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 678
Cache-Control: max-age=148756
Date: Sun, 27 Nov 2022 09:41:27 GMT
Etag: "6382d035-116"
Expires: Tue, 29 Nov 2022 03:00:43 GMT
Last-Modified: Sun, 27 Nov 2022 02:49:25 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278


--- Additional Info ---
Magic:  data
Size:   19881
Md5:    3a150b0c8e01b1211b75fce45e5dd554
Sha1:   94839e6da40efee31593a87dfadbe589ca231109
Sha256: a45fa2b13cbecc23472a9aefdbbf43bfeb6f0815f0d49d1e37f207ac0a2251d9
                                        
                                            GET /scripts/lt-v3.js?llid=34608 HTTP/1.1 
Host: lltrck.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         44.209.161.94
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Sun, 27 Nov 2022 09:41:27 GMT
content-length: 6849
server: Kestrel
cache-control: public, max-age=172800
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   7172
Md5:    c24c2ef6a3dd3d60b62580c7da674705
Sha1:   9479f09a3f170e49369e4b2b36d279dbb24ad6e8
Sha256: 4870a2d59aaf2bb5af8c2b112b38c84393ec2038c7377c47cd707d728e5d7ebb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171400
Date: Sun, 27 Nov 2022 09:41:27 GMT
Etag: "6383191b-1d7"
Expires: Tue, 29 Nov 2022 09:18:07 GMT
Last-Modified: Sun, 27 Nov 2022 08:00:27 GMT
Server: ECS (dcb/7F80)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Zq094vxSROl8hJrZonXQTLCIO-MFYKsvrFaUX5U-IpFB9dRbbzCUSQ==
Age: 4660

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127873
Date: Sun, 27 Nov 2022 09:41:27 GMT
Etag: "63827a44-1d7"
Expires: Mon, 28 Nov 2022 21:12:40 GMT
Last-Modified: Sat, 26 Nov 2022 20:42:44 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mJP6QEADRZyXyn6_dP3aUZiqIHjkfbGqPCWTkByzq2xLcCH8VaRWfg==
Age: 1796

                                        
                                            GET /config/LI-627D5805ED609/ HTTP/1.1 
Host: collector.leadinfo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vaticahealth.com
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         18.203.114.69
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sun, 27 Nov 2022 09:41:27 GMT
content-length: 30
access-control-allow-origin: https://www.vaticahealth.com
vary: Origin
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   58789
Md5:    a77c92cd50c4f3003d2c42f52aef1b35
Sha1:   214e4279e3e337f90e56ce36925cd8d6972956b7
Sha256: 0e977f430e37f54028cada06c2bf6a26f406adb538fa2e4c1310a64ad7a159a4
                                        
                                            GET /v1/identify/LI-627D5805ED609 HTTP/1.1 
Host: api.leadinfo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vaticahealth.com
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.72.54.230
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Sun, 27 Nov 2022 09:41:27 GMT
content-length: 2
server: Apache/2.4.54 (Debian)
x-powered-by: Leadinfo
access-control-allow-origin: https://www.vaticahealth.com
access-control-allow-headers: Origin
access-control-allow-methods: GET
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   7055
Md5:    6adcfb6e01bab8d86d8ffc81d8545e2e
Sha1:   1cb4dc036e82e2b8d524a287ab838e417926bc35
Sha256: 84ea036b5e2c3db9ffc8a8f8e873d083f091ac0461cbe4ba37795a95f8754470
                                        
                                            POST /s/gts1d4/Q9P-Th4o8rI HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3468
Cache-Control: max-age=116571
Date: Sun, 27 Nov 2022 09:41:27 GMT
Etag: "63824796-116"
Expires: Mon, 28 Nov 2022 18:04:18 GMT
Last-Modified: Sat, 26 Nov 2022 17:06:30 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /?sid=wVkO4XZBdLb8Z6Bj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJEQy0xMTA1MzgxNyJdLCJnYUNsaWVudElkcyI6W10sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTguMCJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly93d3cudmF0aWNhaGVhbHRoLmNvbS8iLCJwYWdlVGl0bGUiOiJWYXRpY2EgSGVhbHRoIHwgUmlzayBBZGp1c3RtZW50ICYgUXVhbGl0eSBvZiBDYXJlIENvZGluZyBTb2x1dGlvbiIsInJlZmVycmVyIjoiaHR0cDovL2NhcmVzeW5jc2lsdmVyLmNvbS8ifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJiZWI4YmNhNjdmOGJlYzAzIiwic2NyaXB0SWQiOiJ3VmtPNFhaQmRMYjhaNkJqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS42OTFjOTZmYzUwMDY1MmU1LjE2Njk1NDIwODc1MzQiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ== HTTP/1.1 
Host: tr.lfeeder.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.55.27
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
server: CloudFront
date: Sun, 27 Nov 2022 09:41:27 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F8jjKCtoIyqwUPjWSiS9mb6VoBz_zjm930QqfoTbAEubqKEuioon6A==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /lftracker_v1_wVkO4XZBdLb8Z6Bj.js HTTP/1.1 
Host: sc.lfeeder.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.27
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 23 Nov 2022 16:56:23 GMT
x-amz-version-id: hzHjYvBH9qoxQMsO3znkJpukL2TxnTQA
server: AmazonS3
content-encoding: gzip
date: Sun, 27 Nov 2022 09:03:13 GMT
cache-control: max-age=3600
etag: W/"2141d6e77d992db91e5696243bc92f66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: T49xGjwbwfieYihClTXAsxAvR9_IH0pyOa2CyvLRPZJNc-wMcnMDdA==
age: 2294
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   34553
Md5:    3b8277651d4aa11c01589baefc63a190
Sha1:   ac054437e0ea03beaa5a55b772e6fd47bc062fa2
Sha256: e9d92115f56a2a1fd3f3b6af23bd9377495cda7d473dcf63d0fd4343d82b9fe7
                                        
                                            POST /s/gts1d4/Q9P-Th4o8rI HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/aLGsOFvWJRQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/aLGsOFvWJRQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?sid=wVkO4XZBdLb8Z6Bj&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJEQy0xMTA1MzgxNyIsIkctUDM4MzZNVjZRTCJdLCJnYUNsaWVudElkcyI6WyIxNTI5MzQ2OC4xNjY5NTQyMDg4Il0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNTguMCJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly93d3cudmF0aWNhaGVhbHRoLmNvbS8iLCJwYWdlVGl0bGUiOiJWYXRpY2EgSGVhbHRoIHwgUmlzayBBZGp1c3RtZW50ICYgUXVhbGl0eSBvZiBDYXJlIENvZGluZyBTb2x1dGlvbiIsInJlZmVycmVyIjoiaHR0cDovL2NhcmVzeW5jc2lsdmVyLmNvbS8ifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiI3MGY3NzJkY2Q3NDM2MjgzIiwic2NyaXB0SWQiOiJ3VmtPNFhaQmRMYjhaNkJqIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS42OTFjOTZmYzUwMDY1MmU1LjE2Njk1NDIwODc1MzQiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ== HTTP/1.1 
Host: tr.lfeeder.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.55.27
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
server: CloudFront
date: Sun, 27 Nov 2022 09:41:28 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: befxR_TQbV-Y894eC9r0Vi9YW9SSeuYLhoPdY6qJMyx1knbRG3rDjA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /p/vt/?a=&clid=c5cee6e5-7d91-4245-94c2-b0680d5f53e8&caid=&cb=1669542087627&s=&dt=Vatica%20Health%20%7C%20Risk%20Adjustment%20%26%20Quality%20of%20Care%20Coding%20Solution&ref=https%3A%2F%2Fwww.vaticahealth.com%2F&d=0&da=0 HTTP/1.1 
Host: t.influ2.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.179
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 09:41:28 GMT
content-length: 597
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: R=f85b86fc12ed30ef9e1c16f7; Path=/; Domain=influ2.com; Expires=Mon, 27 Nov 2023 09:41:28 GMT; Secure; SameSite=None
via: 1.1 google
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size:   597
Md5:    bc775cab72715549ed16bc765bc775fa
Sha1:   9dd0752986a9a009472c74abbd59eb7d3b7c6b89
Sha256: d267998c3594ce7f02341a5a8ef2b2705627f2552960e332d73747022406a30b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /activityi;src=11053817;type=siter0;cat=siter0;ord=4883866608971;gtm=2odb90;auiddc=1994392076.1669542087;~oref=https%3A%2F%2Fwww.vaticahealth.com%2F? HTTP/1.1 
Host: 11053817.fls.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.70
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 09:41:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 229
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 27-Nov-2022 09:56:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (452), with no line terminators
Size:   229
Md5:    ea92c33e36782f3b45d883b18d020a8a
Sha1:   c161d0b83c2c71881568dee161e5fdb651e92cee
Sha256: 13ae2f0eaccb549cef2be00489d2b89b47dfde4aeab704a3f3057bc7b97f09ad
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5884
Cache-Control: 'max-age=158059'
Date: Sun, 27 Nov 2022 09:41:28 GMT
Last-Modified: Sun, 27 Nov 2022 08:03:24 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   3004
Md5:    9dd538eaa36933d3db8394e76174ad7f
Sha1:   ea6fdefe8df31f10e4db9fc60052e93fd178a23f
Sha256: fe1ff77aac1aec8b99c88d5a05f66fd8c89512b331d36d222a28e6d18b4cc9e3
                                        
                                            GET /ddm/fls/i/src=11053817;type=siter0;cat=siter0;ord=4883866608971;gtm=2odb90;auiddc=1994392076.1669542087;~oref=https%3A%2F%2Fwww.vaticahealth.com%2F HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11053817.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.162
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 09:41:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (451), with no line terminators
Size:   230
Md5:    3366777f4b9aab25d2f3f81a0947f5cd
Sha1:   8d947726d97235d2007e32548c5e0493e684bfcc
Sha256: 4b7704127c63a32ce0caf4db9f8402035bd304adb7b684ab4bd7c900f4fcd78e
                                        
                                            GET /api/tracking?_llid=34608&_fd=bIS1dIN7Mz%3A4e4dvenG1bXOibHWicISpMnOwcT9%3E&_llreferer=http%3A%2F%2Fcaresyncsilver.com%2F&_lluuid=lsb5cdb3-4cab-4e9d-b0b1-2c5cd4b0492d&_cl=0&_v=3 HTTP/1.1 
Host: lltrck.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         44.209.161.94
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 27 Nov 2022 09:41:28 GMT
content-length: 43
server: Kestrel
set-cookie: trackalyzer=lsb5cdb3-4cab-4e9d-b0b1-2c5cd4b0492d; expires=Mon, 27 Nov 2023 09:41:28 GMT; path=/; SameSite=None; secure
access-control-allow-origin: *
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /hs-script-loader-public/v1/config/pixel/json?portalId=6311499 HTTP/1.1 
Host: api.hubapi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vaticahealth.com
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.17.204.204
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Sun, 27 Nov 2022 09:41:28 GMT
cf-ray: 7709e8810a32b4f7-OSL
access-control-allow-origin: https://www.vaticahealth.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-max-age: 180
x-hubspot-correlation-id: d86b1eba-1407-4de7-a99b-51af0bdc27b1
x-trace: 2B18109F61C12EEB157E90DBBDCB0992D31A8A7058000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CW6hzpRw%2FD2dIs6Nr%2FQB03nIDxhXldMAea0fy1yCbD4gRsL%2FhJK2SCu2q0B5PDlr1PT7bpgigzVpm45pU30zJkr6ow1BJGLgSUZGLG%2B3kKL40B698bxF3ATb7uCfnICx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   378
Md5:    ae6199e433991fddfc53ba540bc49afe
Sha1:   12513025e35011c367e6cee16e73c449f0bdf74e
Sha256: 41e2cfb3dbebe515da80045f6f1c441d950e9f9e4d3dd33735838cb090c2f6bf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5884
Cache-Control: 'max-age=158059'
Date: Sun, 27 Nov 2022 09:41:28 GMT
Last-Modified: Sun, 27 Nov 2022 08:03:24 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /ddm/fls/i/src=11053817;type=siter0;cat=siter0;ord=4883866608971;gtm=2odb90;auiddc=1994392076.1669542087;~oref=https%3A%2F%2Fwww.vaticahealth.com%2F HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.34
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 09:41:28 GMT
expires: Sun, 27 Nov 2022 09:41:28 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   85
Md5:    4a3b3637744caa4a0b08fabbd76cc830
Sha1:   755e5626762ecf38f55012da892a227bf50f15f1
Sha256: 6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
                                        
                                            OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: collector.leadinfo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.vaticahealth.com/
Origin: https://www.vaticahealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         18.203.114.69
HTTP/2 200 OK
                                        
date: Sun, 27 Nov 2022 09:41:28 GMT
content-length: 0
server: spray-can/1.3.3
access-control-allow-origin: https://www.vaticahealth.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   2526
Md5:    38d0708817870fdd601eecb372c7e5e9
Sha1:   f3ade6cf7be2cc4cd80929a41fe9365076d3b113
Sha256: a6b4518c1983ac95800e11e51ab63d6dcdac163ba8f1ad515ec1ba7285490fc8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3859
Cache-Control: max-age=151556
Date: Sun, 27 Nov 2022 09:41:28 GMT
Etag: "6382ceb9-118"
Expires: Tue, 29 Nov 2022 03:47:24 GMT
Last-Modified: Sun, 27 Nov 2022 02:43:05 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: collector.leadinfo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 892
Origin: https://www.vaticahealth.com
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         18.203.114.69
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Sun, 27 Nov 2022 09:41:28 GMT
content-length: 2
server: spray-can/1.3.3
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.vaticahealth.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91124
Date: Sun, 27 Nov 2022 09:41:28 GMT
Etag: "6381db6a-1d7"
Expires: Mon, 28 Nov 2022 11:00:12 GMT
Last-Modified: Sat, 26 Nov 2022 09:24:58 GMT
Server: ECS (dcb/7EC6)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ohVHCGcJfcO1xSL9AMFSuLE6-IHnB-_X8qYsJaw6waSvWjQU4-mPrg==
Age: 5714

                                        
                                            POST /g/collect?v=2&tid=G-P3836MV6QL&gtm=2oeb90&_p=862821276&cid=15293468.1669542088&ul=en-us&sr=1280x1024&_s=1&sid=1669542087&sct=1&seg=0&dl=https%3A%2F%2Fwww.vaticahealth.com%2F&dr=http%3A%2F%2Fcaresyncsilver.com%2F&dt=Vatica%20Health%20%7C%20Risk%20Adjustment%20%26%20Quality%20of%20Care%20Coding%20Solution&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vaticahealth.com
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://www.vaticahealth.com
date: Sun, 27 Nov 2022 09:41:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1 HTTP/1.1 
Host: forms.hsforms.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.85.5
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 27 Nov 2022 09:41:28 GMT
content-length: 35
x-trace: 2BE52E5ABBBCFDF49595C585868E510D88BE15A23C000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin
x-hubspot-correlation-id: ec160d1f-7d21-4ff5-8caf-eb9a8c647da1
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7709e884de7d0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4014
Cache-Control: max-age=151711
Date: Sun, 27 Nov 2022 09:41:28 GMT
Etag: "6382ceb9-118"
Expires: Tue, 29 Nov 2022 03:49:59 GMT
Last-Modified: Sun, 27 Nov 2022 02:43:05 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /twin.js?15315 HTTP/1.1 
Host: twin-iq.kickfire.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.210.180.239
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 27 Nov 2022 09:41:28 GMT
content-length: 424
server: Apache/2.4.52 ()
last-modified: Thu, 06 Jan 2022 20:12:30 GMT
etag: "1a8-5d4ef7d746e6f"
accept-ranges: bytes
x-frame-options: DENY
content-security-policy: frame-ancestors 'none';
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   424
Md5:    5bd1e8c855937dd99944ba4915d8f595
Sha1:   4e256c292e86a29cc05fea86f55740eddc607e6e
Sha256: 034acd3ced0cf00cdfcb684283fdc624a48c2dc8dcddeb55e09412f92971056d
                                        
                                            GET /ddm/fls/i/src=11053817;type=vatic0;cat=https0;ord=1240705637901;gtm=2odb90;auiddc=1994392076.1669542087;~oref=https%3A%2F%2Fwww.vaticahealth.com%2F HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.34
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 09:41:28 GMT
expires: Sun, 27 Nov 2022 09:41:28 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   85
Md5:    4a3b3637744caa4a0b08fabbd76cc830
Sha1:   755e5626762ecf38f55012da892a227bf50f15f1
Sha256: 6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sun, 27 Nov 2022 09:41:29 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 26 Nov 2022 21:56:05 GMT
Expires: Sun, 27 Nov 2022 21:56:05 GMT
ETag: "b0b7d9f6fa560cfc93bb94b18296f2106c626a4c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    dfa654d8233fe07d019e18f24386d049
Sha1:   b0b7d9f6fa560cfc93bb94b18296f2106c626a4c
Sha256: 33d6e905dc0431094366f3e6e45b51415c46ffd1f02452f7b9ef854c93b38ab7
                                        
                                            GET /twin.php?TWIQ=15315&kftwiqpg=https%3A%2F%2Fwww.vaticahealth.com%2F&Hst=www.vaticahealth.com&r=0.7690259236814383 HTTP/1.1 
Host: twin-iq.kickfire.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.210.180.239
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 27 Nov 2022 09:41:28 GMT
server: Apache/2.4.52 ()
x-powered-by: PHP/7.2.34
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-frame-options: DENY
content-security-policy: frame-ancestors 'none';
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size:   375
Md5:    428dd1d27abce0864e808445162ec924
Sha1:   8ff1ffa82437e2b556aa326d5db26303b3aeda29
Sha256: 9c2d5249a8800f24226e77abb64824a8e56d45d30c6e01e22f6ac56b9118751b
                                        
                                            GET /li.lms-analytics/insight.min.js HTTP/1.1 
Host: snap.licdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.210
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=33631
date: Sun, 27 Nov 2022 09:41:29 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12961)
Size:   4581
Md5:    c1a25b303b61b25e995516f5559bcdea
Sha1:   3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
Sha256: 2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3411
Cache-Control: max-age=151081
Date: Sun, 27 Nov 2022 09:41:29 GMT
Etag: "6382ce9f-1d7"
Expires: Tue, 29 Nov 2022 03:39:30 GMT
Last-Modified: Sun, 27 Nov 2022 02:42:39 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 27 Nov 2022 08:41:08 GMT
expires: Sun, 27 Nov 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 3621
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: CIqTNSI14C/lBPShgCJLPOq1gLgB7JYa6gWQO1E3aL/Wp/irGjcB/EiOqjPbvYwRBKdnws1rzsIhx46k1xhpbg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Sun, 27 Nov 2022 09:41:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   27340
Md5:    44ecaa3c2a4929a40141edc4540aaf84
Sha1:   f29a573182333b2500d41bfc389d6c5232dfb348
Sha256: 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
                                        
                                            GET /pagead/viewthroughconversion/740000948/?random=1669542087390&cv=11&fst=1669542087390&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.vaticahealth.com%2F&ref=http%3A%2F%2Fcaresyncsilver.com%2F&tiba=Vatica%20Health%20%7C%20Risk%20Adjustment%20%26%20Quality%20of%20Care%20Coding%20Solution&auid=1994392076.1669542087&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.98
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 09:41:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 921
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 27-Nov-2022 09:56:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2015), with no line terminators
Size:   921
Md5:    9f490b2129bed112ede70ca5f97ef1c0
Sha1:   6d5a7941f6c211de0981d9becdbbdb9a45660f8c
Sha256: 2f8d312cd0e4d63f060500bde9daae8438e0ef93fb6d311881c055866ff1708e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3339
Cache-Control: max-age=151009
Date: Sun, 27 Nov 2022 09:41:29 GMT
Etag: "6382ce9f-1d7"
Expires: Tue, 29 Nov 2022 03:38:18 GMT
Last-Modified: Sun, 27 Nov 2022 02:42:39 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  Applesoft BASIC program data, first line number 17\012- data
Size:   2630
Md5:    c8293f839b547e49577636fc45b472fb
Sha1:   4b149c35f9cb9ce2fe4de9f2a6f841f5d1ada393
Sha256: b9200ca4a2bae62db8d3cce4aa3a898c52bfc97424735848a0c5e8b4e0003b50
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1 
Host: vars.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         143.204.55.101
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4akGGJZY77tX7E-8RfgBp-algmcgBgnBUzoJ2Lkk9WD14isrF-Sxkw==
age: 333083
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size:   1035
Md5:    e0652b84b7b3b650769c759fc520c3f8
Sha1:   0b55d6e28613350c7f41b88f19e726e6751ad03b
Sha256: 94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
                                        
                                            GET /modules.e1bdbadbcc63daea6270.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.96
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 68720
date: Thu, 24 Nov 2022 08:09:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "53db6c810ee48127f87a9c79e206fc67"
last-modified: Thu, 24 Nov 2022 08:08:08 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: B7Asn625NSdODyccBa8eRVM9G9S_h_QlO6kZa9QsHCw2CsQ3ow3D2Q==
age: 264743
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48714)
Size:   68720
Md5:    53db6c810ee48127f87a9c79e206fc67
Sha1:   aa53e521ba10b23524afc519c6e6ba8d1eb5147c
Sha256: f89c4d3c17828a5c54ecc60f5107e2bfe92cb8b4622fb766fda6d1fca1c95fdd
                                        
                                            GET /containers/f583e4ed-db1e-48e1-9929-67ca888013c7.js HTTP/1.1 
Host: www.rumiview.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         199.185.0.231
HTTP/1.1 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 27 Nov 2022 09:41:29 GMT
transfer-encoding: chunked
cache-control: public, must-revalidate, max-age=360
vary: Accept-Encoding, Accept-Encoding, Cookie
x-robots-tag: none
content-encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32031)
Size:   60051
Md5:    b588190a4c4e2784be1a20e10061d882
Sha1:   ec372567fa0bd614098e18f0622597e76d1a898b
Sha256: 5e5cbd0bfb1675cfdc32d7fb8224989215d779cb3e28dd602531de3cf0c5cdb5
                                        
                                            OPTIONS /partner/3092657/domain/vaticahealth.com/token HTTP/1.1 
Host: cdn.linkedin.oribi.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.vaticahealth.com/
Origin: https://www.vaticahealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.112
HTTP/2 200 OK
                                        
content-length: 0
date: Sun, 27 Nov 2022 09:31:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CQlp5wltIuUGWoUdDj-d_N5hYVOh-4aQ8oBJxQUecgv_4QANAnjJGg==
age: 614
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /partner/3092657/domain/vaticahealth.com/token HTTP/1.1 
Host: cdn.linkedin.oribi.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.vaticahealth.com/
Origin: https://www.vaticahealth.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.112
HTTP/2 200 OK
                                        
content-length: 0
date: Sun, 27 Nov 2022 09:31:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dx0XaKCJEUrv__f6HvxGwytPxtsrEbCzcR8xKgSvtbwVsgfqc3kM_w==
age: 614
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 09:41:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/1p-user-list/740000948/?random=1669542087390&cv=11&fst=1669539600000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.vaticahealth.com%2F&ref=http%3A%2F%2Fcaresyncsilver.com%2F&tiba=Vatica%20Health%20%7C%20Risk%20Adjustment%20%26%20Quality%20of%20Care%20Coding%20Solution&fmt=3&is_vtc=1&random=2949140177&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 09:41:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1401
Md5:    131b2189d7d1acfaf19c2a874d2512e8
Sha1:   a6ca56fc8cf61fceff535e158cd2ea4b2bcb5825
Sha256: 6977694edf75fe31b066478d7b7ee370fb98e0b891ac4b2c211d2641c41bcea3
                                        
                                            GET /analytics/1669542300000/6311499.js HTTP/1.1 
Host: js.hs-analytics.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.68.176
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Sun, 27 Nov 2022 09:41:29 GMT
x-amz-id-2: kAx3tWstX8SyuGrCNGPkebFkzi9J9WZNvyNdRvSkeffgSTSeuDoHKzoV+WPetkyVn4mkHJzA5bo=
x-amz-request-id: 13HZPJ31H2639QNK
last-modified: Fri, 04 Nov 2022 20:33:47 GMT
etag: W/"52eba95f2740e60b65dfd4f618ee83e8"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Sun, 27 Nov 2022 09:46:29 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 7709e889c939b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64108)
Size:   20186
Md5:    8992fe8553838ea79c3e52ed3f453150
Sha1:   a943a826084a66d6e02c330c71055133b36f21db
Sha256: 395b964e7771592d25f93d93cbf8437b6ffcb7e884dd9eca7ccef84200d7fe5f
                                        
                                            GET /collect?v=2&fmt=js&pid=3092657&time=1669542089028&url=https%3A%2F%2Fwww.vaticahealth.com%2F HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         13.107.42.14
HTTP/2 302 Found
                                        
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3092657%26time%3D1669542089028%26url%3Dhttps%253A%252F%252Fwww.vaticahealth.com%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQKkTnTpjn4CwgAAAYS4dpQGh5rvoJ3C7w3jNFSIxVYBf9lWOw_cInofWiw3WHcNT0kuvOjTaQ9ksA; Max-Age=2592000; Expires=Tue, 27 Dec 2022 09:41:29 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure AnalyticsSyncHistory=AQKW85iZYQeF0AAAAYS4dpQGdIFatgj9mma-lJ0vdGLM1e-_xcwQcSidTvO0N80SlKN7GsJwrtVlT_HimWEVPw; Max-Age=2592000; Expires=Tue, 27 Dec 2022 09:41:29 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&e8b29124-5824-411b-8d25-6a5610c73fbd"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 27-Nov-2023 09:41:29 GMT; SameSite=None lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2420:u=1:x=1:i=1669542089:t=1669628489:v=2:sig=AQEhHGiv_9wZegtvJoOgyquvW7jhC_wY"; Expires=Mon, 28 Nov 2022 09:41:29 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXucI8yG4igWpMcRE+ViQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5DBCF8B26B054AE6B37E07EECF3DE334 Ref B: OSL30EDGE0219 Ref C: 2022-11-27T09:41:29Z
date: Sun, 27 Nov 2022 09:41:29 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /ppms.js HTTP/1.1 
Host: www.rumiview.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         199.185.0.231
HTTP/1.1 200 OK
content-type: application/javascript
                                        
date: Sun, 27 Nov 2022 09:41:29 GMT
last-modified: Tue, 20 Jul 2021 10:53:42 GMT
transfer-encoding: chunked
vary: Accept-Encoding
etag: W/"60f6ab36-11bae"
expires: Sun, 27 Nov 2022 15:41:29 GMT
cache-control: max-age=21600
x-content-type-options: nosniff
content-encoding: gzip


--- Additional Info ---
Magic:  data
Size:   23901
Md5:    c9d7df0fac7477821d28595ad2bd36f1
Sha1:   4a7723baffc9d470c948923338012fe280e0c3b0
Sha256: a75006830c6a8a90d3ddf7d1d06d5eff76ec3bce7d4d0c4b268459e7ad6752aa
                                        
                                            GET /tr/?id=1150932738847028&ev=PageView&dl=https%3A%2F%2Fwww.vaticahealth.com%2F&rl=http%3A%2F%2Fcaresyncsilver.com%2F&if=false&ts=1669542089628&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669542089627.2010218957&it=1669542089097&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Nov 2022 09:41:30 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /sessions/2967594?s=0.25&r=0.1067144911591763 HTTP/1.1 
Host: vc.hotjar.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vaticahealth.com
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.64
HTTP/2 204 No Content
                                        
access-control-allow-origin: *
cache-control: no-store
date: Sun, 27 Nov 2022 09:41:30 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uk99ZmaYycA_keJF6wSaGcCx0g5PJAmKfMUmj6IYwfWAS6Ous7aLSw==
X-Firefox-Spdy: h2

                                        
                                            GET /partner/3092657/domain/vaticahealth.com/token HTTP/1.1 
Host: cdn.linkedin.oribi.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.vaticahealth.com
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.112
HTTP/2 200 OK
content-type: application/json
                                        
date: Sun, 27 Nov 2022 09:03:12 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D2wA8vS-dVfwOq44sGSuUN5Umy6PIUcnJUOmiMFRkuh0rS1jrFDH2g==
age: 2297
X-Firefox-Spdy: h2

                                        
                                            GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3092657%26time%3D1669542089028%26url%3Dhttps%253A%252F%252Fwww.vaticahealth.com%252F%26liSync%3Dtrue HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vaticahealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         13.107.42.14
HTTP/2 302 Found
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3092657&time=1669542089028&url=https%3A%2F%2Fwww.vaticahealth.com%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None bcookie="v=2&a93086c1-d927-46d2-80af-4c08effb2026"; Domain=.linkedin.com; Expires=Mon, 27-Nov-2023 09:41:30 GMT; Path=/; Secure; SameSite=None bscookie="v=1&202211270941309d998d3e-a520-4177-8f51-92cab8f0d0d5AQEZLnAs3AVeHLBzrUCG2Ae47L07mf1Z"; Domain=.www.linkedin.com; Expires=Mon, 27-Nov-2023 09:41:30 GMT; Path=/; HttpOnly; Secure; SameSite=None li_gc=MTswOzE2Njk1NDIwOTA7MjswMjG3B7O2m5tQ33H7si0fDyIcdm4/G0nB7eEK7s/FwtpNqw==; Domain=.linkedin.com; Expires=Fri, 26 May 2023 09:41:30 GMT; Path=/; Secure; SameSite=None lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2435:u=1:x=1:i=1669542090:t=1669628490:v=2:sig=AQGKUwiCUtZ3MkAfkiHynVt_Ggxj_MDp"; Expires=Mon, 28 Nov 2022 09:41:30 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXucI823COQk8RcQZjwLA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 0FAADEF9710F45E5B6E184F6D5BD02A9 Ref B: OSL30EDGE0219 Ref C: 2022-11-27T09:41:29Z
date: Sun, 27 Nov 2022 09:41:29 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109182
Date: Sun, 27 Nov 2022 09:41:30 GMT
Etag: "63822fdf-1d7"
Expires: Mon, 28 Nov 2022 16:01:12 GMT
Last-Modified: Sat, 26 Nov 2022 15:25:19 GMT
Server: ECS (dcb/7F5D)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XFpzXQdxjrrYV97kFP2DHKp3pXXwVuLQ5QguUdpSrnFvj3Vg_PU-Ug==
Age: 2153

                                        
                                            GET /ppms.php?action_name=Vatica%20Health%20%7C%20Risk%20Adjustment%20%26%20Quality%20of%20Care%20Coding%20Solution&idsite=f583e4ed-db1e-48e1-9929-67ca888013c7&rec=1&r=561754&h=9&m=41&s=29&url=https%3A%2F%2Fwww.vaticahealth.com%2F&urlref=http%3A%2F%2Fcaresyncsilver.com%2F&_id=5d4ea503f89e6f82&_idts=1669542090&_idvc=1&_idn=0&_viewts=1669542090&send_image=1&cookie=1&res=1280x1024&gt_ms=895&pv_id=gzJnqR HTTP/1.1 
Host: www.rumiview.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         199.185.0.231
HTTP/1.1 200 OK
content-type: image/gif
                                        
date: Sun, 27 Nov 2022 09:41:30 GMT
content-length: 43
content-encoding: none


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /collect?v=2&fmt=js&pid=3092657&time=1669542089028&url=https%3A%2F%2Fwww.vaticahealth.com%2F&liSync=true HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vaticahealth.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         13.107.42.14
HTTP/2 200 OK
content-type: application/javascript
                                        
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&add67c35-4dd4-4423-8f92-d740d3c1948f"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 27-Nov-2023 09:41:30 GMT; SameSite=None lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2378:u=1:x=1:i=1669542090:t=1669628490:v=2:sig=AQElXC9HK-Cf4_bu6t2LYgmQVPSZ_Gyf"; Expires=Mon, 28 Nov 2022 09:41:30 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXucI863A+kN1SyID1QDQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: EFB443DEF0D340B98D378383A26D6391 Ref B: OSL30EDGE0219 Ref C: 2022-11-27T09:41:30Z
date: Sun, 27 Nov 2022 09:41:30 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /c/hotjar-2967594.js?sv=7 HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.98
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 09:41:29 GMT
cache-control: max-age=60
etag: W/a16761ad483967886fbced9085370af7
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: I0JfeA872a9sw7pv8ALxETdChTlRnaTWgIDhHxMSs1O0i3Rry8IhYw==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: www.vaticahealth.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://caresyncsilver.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         141.193.213.11
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sun, 27 Nov 2022 09:41:25 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
set-cookie: hencove=103; expires=Tue, 07-Mar-2023 08:53:59 GMT; Max-Age=8640000; path=/; secure
x-powered-by: WP Engine
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data:
link: <https://www.vaticahealth.com/wp-json/>; rel="https://api.w.org/", <https://www.vaticahealth.com/wp-json/wp/v2/pages/17>; rel="alternate"; type="application/json", <https://www.vaticahealth.com/>; rel=shortlink
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
x-frame-options: ALLOW-FROM https://static.hsappstatic.net/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaDwx3wlb2j6s48MMLUa%2FlCxLClZesqrLIs4TxsLvIb1p9I5DSgDkARRNLNk%2BblIPcUmgtBE63KfoQoV%2FY5eDOy0FiF88a2ra2yyFdwF6VAAJcME7rrR4ryGrVrtH7KLu%2B%2F4xDIM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7709e86d78e50b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /react@16/umd/react.development.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.vaticahealth.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.126.175
HTTP/2 302 Found
content-type: text/plain; charset=utf-8
                                        
date: Sun, 27 Nov 2022 09:41:25 GMT
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /react@16.14.0/umd/react.development.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJW6XYXVYBGFHRTAHQC1D9R3-fra
cf-cache-status: HIT
age: 493
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7709e8738f55b51e-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /6311499.js HTTP/1.1 
Host: js.hs-banner.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.64.154.85
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
date: Sun, 27 Nov 2022 09:41:27 GMT
x-amz-id-2: rYSAS5ptDWpz4kXu3nhcWcds8k29YqyZ1p7h28l98mMzXR49zf2fJbZgAN8zidyfcrGbNt/w3+E=
x-amz-request-id: ADMBMMJVV7NG63DA
last-modified: Tue, 25 Oct 2022 20:51:54 GMT
etag: W/"dfda81e08c8e67873398ae53c01aa2da"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: .90c.DUUZQhdYH1U9rLEqOtAOtqcxKZj
access-control-allow-origin: https://www.vaticahealth.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Sun, 27 Nov 2022 09:46:27 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 7709e87d9e82b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /collected-forms/v1/config/json?portalId=6311499&utk= HTTP/1.1 
Host: forms.hubspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vaticahealth.com
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.19.154.83
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Sun, 27 Nov 2022 09:41:28 GMT
vary: origin
x-hubspot-correlation-id: 06962483-c6a1-4de9-aaa5-1881617610a4
access-control-allow-credentials: false
access-control-allow-origin: https://www.vaticahealth.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-robots-tag: none
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=CTZEz.dUPVMnMDjV17otgShxTKm2hakXRxqYH2OArZo-1669542088-0-Af+A5x+zjzjAy7a1+4ERsbYXHsZ/VhYlUuha8RS67oZoZXMr8Tdq6nVvAT1Ab8PmUOIjHrJ1FmQ7PHXFhBhf0nE=; path=/; expires=Sun, 27-Nov-22 10:11:28 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHWuTZR9vcBoZw%2FYCVKhuQsDPjzBXpfdEBl2h4uzwAYdUCWYKvSnsz9mwVNOno7ei4oHH5rr53OOMJ%2FHp5t0fwfJ2EQdhGzCYNT7%2FsZS%2B6LZ3PdvREceXLIGSMIePAm1Jaj0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7709e8835a29b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/hotjar-2967594.js?sv=6 HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.98
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 09:41:29 GMT
cache-control: max-age=60
etag: W/a16761ad483967886fbced9085370af7
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TKFkbwZ4URLX4Vx8PrjbFzmGLvLkjqYXovVyG6wVwGb51Mr2VZnnXA==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /api/v2/client/sites/2967594/visit-data?sv=6 HTTP/1.1 
Host: in.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://www.vaticahealth.com
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.215.128.208
HTTP/2 200 OK
content-type: application/json
                                        
date: Sun, 27 Nov 2022 09:41:30 GMT
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /react-dom@16/umd/react-dom.development.js?ver=6.0.3 HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.126.175
HTTP/2 302 Found
content-type: text/plain; charset=utf-8
                                        
date: Sun, 27 Nov 2022 09:41:25 GMT
access-control-allow-origin: *
location: /react-dom@16/umd/react-dom.development.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJW7D104N7SVF1MWZYMXS1SJ-ams
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7709e8731ed0b51e-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /ping.js HTTP/1.1 
Host: cdn.leadinfo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.28
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 29 Aug 2022 10:11:50 GMT
x-amz-version-id: 1nxpdTzCyJ_sIAuIDK5m_GlZE_sh9FQV
server: AmazonS3
content-encoding: gzip
date: Thu, 20 Oct 2022 11:23:52 GMT
cache-control: private, max-age=900
etag: W/"e9d23815b541934c4bf60ebcb7c4c581"
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sWzAK64gaHIhbr9GTxKTx7Vzih1ym7XRCcr23UuKgiLUT3cenvnErw==
age: 3277055
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /collectedforms.js HTTP/1.1 
Host: js.hscollectedforms.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vaticahealth.com
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.17.128.171
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 27 Nov 2022 09:41:27 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 16 Nov 2022 03:41:33 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: _5EZs_H26Fc6JgVRh7ahoi0orqifRkcW
etag: W/"59a69a76233d8365d7266548d5703c09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6324c5a68bac8fd8e6eead6a5b73f2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4
x-amz-cf-id: s0SmEZfDRR86m_SrmVVnLuRd0M7HakWUUtPFJ0zX2RnuUsrHrlHRCw==
cache-control: s-maxage=600, max-age=300
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.311/bundles/project.js&cfRay=7709e87d8c71b506-IAD
x-hs-target-asset: collected-forms-embed-js/static-1.311/bundles/project.js
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: MISS
server: cloudflare
cf-ray: 7709e87d8c71b506-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /track/up?adv=3o7w61j&ref=https%3A%2F%2Fwww.vaticahealth.com%2F&upid=ntpb6j1&upv=1.1.0 HTTP/1.1 
Host: insight.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.71.131.137
HTTP/2 200 OK
content-type: text/html
                                        
date: Sun, 27 Nov 2022 09:41:30 GMT
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /partner/3092657/domain/vaticahealth.com/token HTTP/1.1 
Host: cdn.linkedin.oribi.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.vaticahealth.com
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.112
HTTP/2 200 OK
content-type: application/json
                                        
date: Sun, 27 Nov 2022 09:03:12 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NKDGlywuqOaE-HzBsstxjbxXBnI2TAN5P3aBCAzoiK4Yo_o1bSTOjg==
age: 2297
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /react@16/umd/react.development.js?ver=6.0.3 HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.126.175
HTTP/2 302 Found
content-type: text/plain; charset=utf-8
                                        
date: Sun, 27 Nov 2022 09:41:25 GMT
access-control-allow-origin: *
location: /react@16/umd/react.development.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJW7D0ZEWNEKSE1TW4E68N26-ams
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7709e872fea7b51e-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /tracker?clid=c5cee6e5-7d91-4245-94c2-b0680d5f53e8 HTTP/1.1 
Host: www.influ2.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.107.254.219
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 27 Nov 2022 09:41:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /api/v2/sites/2967594/recordings/content HTTP/1.1 
Host: ws26.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 361960
Origin: https://www.vaticahealth.com
Connection: keep-alive
Referer: https://www.vaticahealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.211.225.181
HTTP/2 200 OK
content-type: application/json
                                        
date: Sun, 27 Nov 2022 09:41:30 GMT
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---