urlscan.io logo urlscan.io
SecurityTrails logo

www.healthsherpa.com Open in urlscan Pro
54.83.106.187  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.healthcareinsuranceservice.com/
Effective URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Submission: On September 16 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 6 countries across 36 domains to perform 82 HTTP transactions. The main IP is 54.83.106.187, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.healthsherpa.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 5th 2021. Valid for: a year.
This is the only time www.healthsherpa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 142.250.185.147 15169 (GOOGLE)
4 54.83.106.187 14618 (AMAZON-AES)
1 151.101.2.217 54113 (FASTLY)
6 13.225.84.171 16509 (AMAZON-02)
2 104.18.11.207 13335 (CLOUDFLAR...)
1 104.16.19.94 13335 (CLOUDFLAR...)
1 142.250.185.238 15169 (GOOGLE)
2 52.217.4.70 16509 (AMAZON-02)
1 172.217.16.136 15169 (GOOGLE)
5 13.225.78.13 16509 (AMAZON-02)
4 157.240.236.1 32934 (FACEBOOK)
3 142.250.185.142 15169 (GOOGLE)
1 130.211.5.208 15169 (GOOGLE)
1 23.60.50.133 3257 (GTT-BACKB...)
1 13.225.78.103 16509 (AMAZON-02)
3 13.107.21.200 8068 (MICROSOFT...)
1 173.223.60.72 3257 (GTT-BACKB...)
1 142.250.185.130 15169 (GOOGLE)
1 13.224.193.38 16509 (AMAZON-02)
1 108.177.15.154 15169 (GOOGLE)
5 157.240.236.35 32934 (FACEBOOK)
3 142.250.186.98 15169 (GOOGLE)
4 142.250.185.132 15169 (GOOGLE)
1 13.224.193.91 16509 (AMAZON-02)
1 2 108.174.11.37 14413 (LINKEDIN)
1 1 13.107.42.14 8068 (MICROSOFT...)
3 70.42.32.159 22075 (AS-OUTBRAIN)
1 151.101.130.137 54113 (FASTLY)
3 142.250.110.156 15169 (GOOGLE)
1 162.247.243.146 13335 (CLOUDFLAR...)
2 8 13.224.193.94 16509 (AMAZON-02)
13 16 52.17.53.37 16509 (AMAZON-02)
1 2 23.60.51.102 3257 (GTT-BACKB...)
1 69.173.144.138 26667 (RUBICONPR...)
1 18.156.147.57 16509 (AMAZON-02)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 87.248.118.23 34010 (YAHOO-IRD)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2 76.223.111.18 16509 (AMAZON-02)
1 2 35.157.0.85 16509 (AMAZON-02)
1 2 185.33.220.145 29990 (ASN-APPNEX)
1 2 35.244.159.8 15169 (GOOGLE)
1 1 142.250.74.194 15169 (GOOGLE)
1 130.211.34.183 15169 (GOOGLE)
82 41
1    142.250.185.147 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f19.1e100.net
www.healthcareinsuranceservice.com
4    54.83.106.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-106-187.compute-1.amazonaws.com
www.healthsherpa.com
1    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
6    13.225.84.171 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-171.fra2.r.cloudfront.net
d1mm04003omuon.cloudfront.net
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
www.googleoptimize.com
2    52.217.4.70 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f136.1e100.net
www.googletagmanager.com
5    13.225.78.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-13.fra2.r.cloudfront.net
global.localizecdn.com
4    157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net
connect.facebook.net
3    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
1    130.211.5.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.5.211.130.bc.googleusercontent.com
cdn.mxpnl.com
1    23.60.50.133 (Atlanta, United States)

ASN3257 (GTT-BACKBONE GTT, US)
PTR: a23-60-50-133.deploy.static.akamaitechnologies.com
snap.licdn.com
1    13.225.78.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-103.fra2.r.cloudfront.net
static.hotjar.com
3    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    173.223.60.72 (San Jose, United States)

ASN3257 (GTT-BACKBONE GTT, US)
PTR: a173-223-60-72.deploy.static.akamaitechnologies.com
amplify.outbrain.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
1    13.224.193.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-38.fra2.r.cloudfront.net
script.hotjar.com
1    108.177.15.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f154.1e100.net
stats.g.doubleclick.net
5    157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com
www.facebook.com
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads.g.doubleclick.net
4    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
1    13.224.193.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-91.fra2.r.cloudfront.net
vars.hotjar.com
2    108.174.11.37 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-37.fwd.linkedin.com
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
3    70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
sync.outbrain.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    142.250.110.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f156.1e100.net
bid.g.doubleclick.net
1    162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
8    13.224.193.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-94.fra2.r.cloudfront.net
s.adroll.com
16    52.17.53.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-53-37.eu-west-1.compute.amazonaws.com
d.adroll.com
2    23.60.51.102 (Atlanta, United States)

ASN3257 (GTT-BACKBONE GTT, US)
PTR: a23-60-51-102.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    18.156.147.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-147-57.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    87.248.118.23 (Frankfurt am Main, Germany)

ASN34010 (YAHOO-IRD, GB)
PTR: e2.ycpi.vip.deb.yahoo.com
ads.yahoo.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    35.157.0.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-0-85.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
1    130.211.34.183 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 183.34.211.130.bc.googleusercontent.com
api-js.mixpanel.com
Apex Domain
Subdomains		 Transfer
24 adroll.com
s.adroll.com
d.adroll.com
75 KB
8 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
bid.g.doubleclick.net
cm.g.doubleclick.net
5 KB
6 cloudfront.net
d1mm04003omuon.cloudfront.net
497 KB
5 facebook.com
www.facebook.com
522 B
5 localizecdn.com
global.localizecdn.com
28 KB
4 google.com
www.google.com
804 B
4 outbrain.com
amplify.outbrain.com
tr.outbrain.com
sync.outbrain.com
4 KB
4 facebook.net
connect.facebook.net
290 KB
4 healthsherpa.com
www.healthsherpa.com
249 KB
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
3 KB
3 bing.com
bat.bing.com
10 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
63 KB
3 google-analytics.com
www.google-analytics.com
20 KB
2 openx.net
us-u.openx.net
479 B
2 adnxs.com
ib.adnxs.com
2 KB
2 bidswitch.net
x.bidswitch.net
874 B
2 3lift.com
eb2.3lift.com
740 B
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 amazonaws.com
s3.amazonaws.com
3 MB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com
72 KB
1 mixpanel.com
api-js.mixpanel.com
375 B
1 taboola.com
sync.taboola.com
222 B
1 yahoo.com
ads.yahoo.com
446 B
1 pubmatic.com
simage2.pubmatic.com
549 B
1 advertising.com
pixel.advertising.com
125 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 nr-data.net
bam-cell.nr-data.net
921 B
1 newrelic.com
js-agent.newrelic.com
12 KB
1 googleadservices.com
www.googleadservices.com
14 KB
1 licdn.com
snap.licdn.com
2 KB
1 mxpnl.com
cdn.mxpnl.com
25 KB
1 googletagmanager.com
www.googletagmanager.com
39 KB
1 googleoptimize.com
www.googleoptimize.com
39 KB
1 cloudflare.com
cdnjs.cloudflare.com
28 KB
1 ravenjs.com
cdn.ravenjs.com
14 KB
1 healthcareinsuranceservice.com
www.healthcareinsuranceservice.com
150 B
82 36
Domain Requested by
16 d.adroll.com 13 redirects s.adroll.com
8 s.adroll.com 2 redirects www.healthsherpa.com
s.adroll.com
d.adroll.com
6 d1mm04003omuon.cloudfront.net www.healthsherpa.com
d1mm04003omuon.cloudfront.net
5 www.facebook.com www.healthsherpa.com
5 global.localizecdn.com www.healthsherpa.com
cdn.ravenjs.com
4 www.google.com www.healthsherpa.com
4 connect.facebook.net www.healthsherpa.com
connect.facebook.net
4 www.healthsherpa.com www.healthsherpa.com
3 bid.g.doubleclick.net www.googleadservices.com
3 googleads.g.doubleclick.net www.googleadservices.com
3 bat.bing.com www.healthsherpa.com
bat.bing.com
3 www.google-analytics.com www.healthsherpa.com
cdn.ravenjs.com
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 x.bidswitch.net 1 redirects
2 eb2.3lift.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 tr.outbrain.com amplify.outbrain.com
www.healthsherpa.com
2 px.ads.linkedin.com 1 redirects www.healthsherpa.com
2 s3.amazonaws.com www.healthsherpa.com
2 maxcdn.bootstrapcdn.com www.healthsherpa.com
maxcdn.bootstrapcdn.com
1 api-js.mixpanel.com cdn.ravenjs.com
1 cm.g.doubleclick.net 1 redirects
1 sync.taboola.com
1 ads.yahoo.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 pixel.advertising.com
1 pixel.rubiconproject.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.healthsherpa.com
1 www.linkedin.com 1 redirects
1 vars.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net cdn.ravenjs.com
1 script.hotjar.com static.hotjar.com
1 www.googleadservices.com www.googletagmanager.com
1 amplify.outbrain.com www.healthsherpa.com
1 static.hotjar.com www.healthsherpa.com
1 snap.licdn.com www.healthsherpa.com
1 cdn.mxpnl.com www.healthsherpa.com
1 www.googletagmanager.com www.healthsherpa.com
1 www.googleoptimize.com www.healthsherpa.com
1 cdnjs.cloudflare.com www.healthsherpa.com
1 cdn.ravenjs.com www.healthsherpa.com
1 www.healthcareinsuranceservice.com 1 redirects
82 45

This site contains links to these domains. Also see Links.

Domain
www.healthcare.gov
localizejs.com
Subject Issuer Validity Valid
*.healthsherpa.com
Go Daddy Secure Certificate Authority - G2		 2021-09-05 -
2022-10-07		 a year crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
cdn.localizejs.com
Amazon		 2021-02-20 -
2022-03-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-06-26 -
2021-09-24		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-15 -
2022-07-28		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-04-30 -
2022-05-11		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-04-15 -
2021-10-15		 6 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.newrelic.com
R3		 2021-07-19 -
2021-10-17		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
s.adroll.com
Amazon		 2021-08-02 -
2022-08-31		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-09 -
2022-10-08		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-07-26 -
2022-01-19		 6 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-16 -
2021-10-06		 2 months crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.mixpanel.com
GeoTrust RSA CA 2018		 2020-04-20 -
2022-04-21		 2 years crt.sh

This page contains 7 frames:

Primary Page: https://www.healthsherpa.com/?_agent_id=rolando-torres
Frame ID: D302C9A5C0F7129C4BC9E06A23503E49
Requests: 76 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: 5C08B6C73DB5E009CAAD8715E4C58749
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0B4D7F35F5C5A89BB6C94E5092BF65C7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E1A54C00263D76DD93131225AED47796
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: D50426A1D36CB8C53389D2D8DAC83C00
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 8EF7F836177452B4DB8290A634C4C5F5
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: B38F0F070A1CFE993264AFF6EA82C4DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Healthcare Insurance Service | Fast, Easy Obamacare Enrollment

Page URL History Show full URLs

  1. https://www.healthcareinsuranceservice.com/ HTTP 301
    https://www.healthsherpa.com/?_agent_id=rolando-torres Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.mxpnl\.com/libs/mixpanel\-([0-9.]+)\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

82
Requests

100 %
HTTPS

0 %
IPv6

36
Domains

45
Subdomains

41
IPs

6
Countries

5041 kB
Transfer

8091 kB
Size

49
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.healthcareinsuranceservice.com/ HTTP 301
    https://www.healthsherpa.com/?_agent_id=rolando-torres Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2054233&time=1631807680205&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2054233%26time%3D1631807680205%26url%3Dhttps%253A%252F%252Fwww.healthsherpa.com%252F%253F_agent_id%253Drolando-torres%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2054233&time=1631807680205&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&liSync=true
Request Chain 59
  • https://s.adroll.com/j/exp/LOPTHZGUNFAO7BL2WKRK3T/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 60
  • https://s.adroll.com/j/pre/LOPTHZGUNFAO7BL2WKRK3T/XHVCFA3AIVDMVEVXMJAGKE/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 63
  • https://d.adroll.com/pixel/LOPTHZGUNFAO7BL2WKRK3T/XHVCFA3AIVDMVEVXMJAGKE?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&pv=22198921044.244858&cookie=&adroll_s_ref=&keyw= HTTP 302
  • https://s.adroll.com/pixel/LOPTHZGUNFAO7BL2WKRK3T/XHVCFA3AIVDMVEVXMJAGKE/7EPPOZO4DZEZVI3JLOBXW7.js
Request Chain 66
  • https://d.adroll.com/cm/index/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7BL2WKRK3T HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&expiration=1663343682 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&expiration=1663343682&C=1
Request Chain 67
  • https://d.adroll.com/cm/n/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7BL2WKRK3T HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&expires=365
Request Chain 68
  • https://d.adroll.com/cm/onevideo/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7BL2WKRK3T HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 69
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7BL2WKRK3T HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
Request Chain 70
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7BL2WKRK3T HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 71
  • https://d.adroll.com/cm/r/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7BL2WKRK3T HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 72
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7BL2WKRK3T HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
Request Chain 73
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7BL2WKRK3T HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Request Chain 74
  • https://d.adroll.com/cm/b/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7BL2WKRK3T HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
Request Chain 75
  • https://d.adroll.com/cm/x/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7BL2WKRK3T HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
Request Chain 77
  • https://d.adroll.com/cm/o/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7BL2WKRK3T HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=f50ff6f83e9d8154992b501094b5021d HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=f50ff6f83e9d8154992b501094b5021d
Request Chain 78
  • https://d.adroll.com/cm/g/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7BL2WKRK3T&google_nid=adroll4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=9Q_2-D6dgVSZK1AQlLUCHQ HTTP 302
  • https://d.adroll.com/cm/g/in

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.healthsherpa.com/
Redirect Chain
  • https://www.healthcareinsuranceservice.com/
  • https://www.healthsherpa.com/?_agent_id=rolando-torres
58 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.83.106.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-106-187.compute-1.amazonaws.com
Software
/
Resource Hash
ab307018f3c1b10507c652c6a6284b643af000c7e2feb620fea443cb3ee3d648
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Host
www.healthsherpa.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Etag
W/"962289b97d2b1f4ef9b99662794724c4"
P3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV CONo OUR IND PHY ONL GOV STA DEM COM NAV"
Set-Cookie
googtrans=%2Fen%2Fen; path=/; secure; HttpOnly; SameSite=Lax _hs_prod_session_key_2020_08_09=1fd71e26072ad41839b84cb62836f8ca; domain=.healthsherpa.com; path=/; expires=Sat, 16 Oct 2021 15:54:39 -0000; secure; HttpOnly; SameSite=None
Strict-Transport-Security
max-age=631138519
Vary
Accept-Encoding, Origin
Via
1.1 spaces-router (7c9e4e4509a6)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
sameorigin
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
5a9383b7-29a4-0aa2-8905-826765816690
X-Runtime
0.058363
X-Xss-Protection
1; mode=block
Date
Thu, 16 Sep 2021 15:54:39 GMT
Transfer-Encoding
chunked

Redirect headers

location
https://www.healthsherpa.com/?_agent_id=rolando-torres
date
Thu, 16 Sep 2021 15:54:39 GMT
content-type
text/html; charset=UTF-8
server
ghs
content-length
251
x-xss-protection
0
x-frame-options
SAMEORIGIN
raven.min.js
cdn.ravenjs.com/3.27.0/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.27.0/raven.min.js
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e7c3a20e44fa1633d5de0e2f636fb5efd6c084690219211df29668ac2b1082d4

Request headers

Referer
https://www.healthsherpa.com/
Origin
https://www.healthsherpa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:39 GMT
content-encoding
gzip
last-modified
Tue, 04 Sep 2018 11:06:00 GMT
server
Fastly
age
53864
etag
"0619f39d264c6bebca4693c54dd8a468"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
13741
application-9cb3363e9f0c8b5db703bf917d98bb45.css
d1mm04003omuon.cloudfront.net/assets/ 		1 MB
159 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1mm04003omuon.cloudfront.net/assets/application-9cb3363e9f0c8b5db703bf917d98bb45.css
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-171.fra2.r.cloudfront.net
Software
/
Resource Hash
2d77ca316e202e7e58b30fa0f9068fd43ef9034b4a1e97fbe5d846454bf3b2fe
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
via
1.1 spaces-router (7c9e4e4509a6), 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
488588
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
162339
x-xss-protection
1; mode=block
last-modified
Wed, 25 Aug 2021 18:31:49 GMT
x-frame-options
sameorigin
date
Sat, 11 Sep 2021 00:11:31 GMT
x-download-options
noopen
vary
Accept-Encoding,Origin
content-type
text/css
cache-control
public, max-age=604800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
TSwDQ6a6Ng8Un6-SyP8654coM8GSBqt7kosRyFrSNZe4HtKL4KhYcQ==
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
565, 617, 617
age
12651733
cdn-cachedat
2021-04-23 07:30:22
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
db0d5d4116b45a4e6ed2f6ec1d4ab5de
cf-ray
68fb464e29dc2790-PRG
cdn-requestcountrycode
CZ
cdn-requestpullsuccess
True
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
61182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27938
timing-allow-origin
*
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2y7yHB9X80hblUYQWTjAXjaKuwOybYt6ZUoU3HQp2oocu2LAGi1z%2BroI2hk%2BtwD6lNeodpkGpsV3iQzKAjNsAmYNMnbWnLBPlSvA%2FHAqy1DdXG3v62M9OvlA5aP0YNir6zIOUuRv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68fb464e1ad9410d-PRG
expires
Tue, 06 Sep 2022 15:54:39 GMT
application-06dd7f4872bb308eb5d9529698c99511.js
d1mm04003omuon.cloudfront.net/assets/ 		868 KB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1mm04003omuon.cloudfront.net/assets/application-06dd7f4872bb308eb5d9529698c99511.js
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-171.fra2.r.cloudfront.net
Software
/
Resource Hash
ac02c600f54906993eaa8e81f5a1016e02a432bcd7f347b2b76ad7bd6c179a2a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
via
1.1 spaces-router (7c9e4e4509a6), 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
60131
x-cache
Hit from cloudfront
content-encoding
gzip
content-length
250473
x-xss-protection
1; mode=block
last-modified
Wed, 15 Sep 2021 22:48:27 GMT
x-frame-options
sameorigin
date
Wed, 15 Sep 2021 23:12:28 GMT
x-download-options
noopen
vary
Accept-Encoding,Origin
content-type
application/javascript
cache-control
public, max-age=604800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
GfZPASrnUzBjugry59r6AuHwHWEwACxOuXUDtgZqudQeuMCSXCWpHA==
optimize.js
www.googleoptimize.com/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-W922KHQ
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
0b230cb72d21325f7f7a2789d6103263bf9975f4955873dae36d1613db5f88a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39422
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Sep 2021 15:54:39 GMT
HCI_LOGO_2.jpg
s3.amazonaws.com/healthsherpa_photos/whitelabels/logo_images/000/005/532/original/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/healthsherpa_photos/whitelabels/logo_images/000/005/532/original/HCI_LOGO_2.jpg?1479499021
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.4.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ec2e930bd19bdf85c62faedeccd63b958dd385571399bdf450b0861a500525e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 15:54:41 GMT
Last-Modified
Fri, 18 Nov 2016 19:57:02 GMT
Server
AmazonS3
x-amz-request-id
8EXPPXTPNM5AQZ9X
ETag
"3f5c596c1c23605b84adb3a309d9105c"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
48494
x-amz-id-2
MiGNNnFvU+bBya7pzUeFMrGl/qkKkHoQjOdCVeeYdPSZeeZcv6jntbZJFOljUi1HppBrkotJ+pE=
agent-index_1.png
www.healthsherpa.com/assets/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.healthsherpa.com/assets/agent-index_1.png
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.83.106.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-106-187.compute-1.amazonaws.com
Software
/
Resource Hash
820ef5d20e839db6fd3b9310ef685c5c0b6e56cb856cc6725d05aac3694d296e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.healthsherpa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.healthsherpa.com/?_agent_id=rolando-torres
Cookie
googtrans=%2Fen%2Fen; _hs_prod_session_key_2020_08_09=1fd71e26072ad41839b84cb62836f8ca
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/?_agent_id=rolando-torres
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=631138519
Via
1.1 spaces-router (7c9e4e4509a6)
X-Content-Type-Options
nosniff
Last-Modified
Wed, 26 May 2021 16:58:29 GMT
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 16 Sep 2021 15:54:39 GMT
X-Download-Options
noopen
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
public, max-age=604800, no-transform
Vary
Origin
Content-Length
37179
X-Xss-Protection
1; mode=block
agent-index_2.png
www.healthsherpa.com/assets/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.healthsherpa.com/assets/agent-index_2.png
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.83.106.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-106-187.compute-1.amazonaws.com
Software
/
Resource Hash
34826113dc60018d0aaba3e39a8580c749390e118190b37a6af2309645b5e3a6
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.healthsherpa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.healthsherpa.com/?_agent_id=rolando-torres
Cookie
googtrans=%2Fen%2Fen; _hs_prod_session_key_2020_08_09=1fd71e26072ad41839b84cb62836f8ca
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/?_agent_id=rolando-torres
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=631138519
Via
1.1 spaces-router (7c9e4e4509a6)
X-Content-Type-Options
nosniff
Last-Modified
Wed, 26 May 2021 16:58:29 GMT
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 16 Sep 2021 15:54:40 GMT
X-Download-Options
noopen
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
public, max-age=604800, no-transform
Vary
Origin
Content-Length
107553
X-Xss-Protection
1; mode=block
agent-index_3.jpg
www.healthsherpa.com/assets/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.healthsherpa.com/assets/agent-index_3.jpg
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.83.106.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-106-187.compute-1.amazonaws.com
Software
/
Resource Hash
ab326111e495c2c807056d8763d62878cbae793fed7de17e11007401d2dfe434
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.healthsherpa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.healthsherpa.com/?_agent_id=rolando-torres
Cookie
googtrans=%2Fen%2Fen; _hs_prod_session_key_2020_08_09=1fd71e26072ad41839b84cb62836f8ca
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/?_agent_id=rolando-torres
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=631138519
Via
1.1 spaces-router (7c9e4e4509a6)
X-Content-Type-Options
nosniff
Last-Modified
Wed, 26 May 2021 16:58:29 GMT
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 16 Sep 2021 15:54:40 GMT
X-Download-Options
noopen
X-Frame-Options
sameorigin
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, no-transform
Vary
Origin
Content-Length
88718
X-Xss-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-851413600
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f136.1e100.net
Software
Google Tag Manager /
Resource Hash
b8ff2ceaca61db7ac48edd584d95a67576565e49120edf214e93aea4143c2519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39173
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Sep 2021 15:54:39 GMT
localize.js
global.localizecdn.com/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.localizecdn.com/localize.js
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-13.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0cf1ef03b9eb15cbecaa380aa0b33c3bbd272211454f4b067e237f88b663d6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-x-amz-meta-v
449
x-amz-version-id
NBGRcbyYgPgyuF1Cd5WBpWD6B7CBWocc
content-encoding
gzip
etag
W/"d3dc1a443376b1ef2f842afa599cc69a"
age
205829
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 18 Aug 2021 12:44:50 GMT
server
AmazonS3
date
Wed, 15 Sep 2021 19:22:43 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
cache-control
public, max-age=259200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
n7aCQn6deYzrOZL0d3lgzFpj6gdZL034hfLm1gLeWMA08P1UjW7PUA==
AvenirLTStd-Heavy.woff2
d1mm04003omuon.cloudfront.net/assets/Avenir/AvenirHeavy/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1mm04003omuon.cloudfront.net/assets/Avenir/AvenirHeavy/AvenirLTStd-Heavy.woff2
Requested by
Host: d1mm04003omuon.cloudfront.net
URL: https://d1mm04003omuon.cloudfront.net/assets/application-9cb3363e9f0c8b5db703bf917d98bb45.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-171.fra2.r.cloudfront.net
Software
/
Resource Hash
c0a62377115fabfd142efc4b6d5a5c19da3e212aa3ac6d7cef934ceec078d715
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1mm04003omuon.cloudfront.net/assets/application-9cb3363e9f0c8b5db703bf917d98bb45.css
Origin
https://www.healthsherpa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
via
1.1 spaces-router (7c9e4e4509a6), 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
46416
x-cache
Hit from cloudfront
vary
Origin
content-length
22369
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 19:12:27 GMT
x-frame-options
sameorigin
date
Thu, 16 Sep 2021 03:01:03 GMT
x-download-options
noopen
access-control-max-age
3628800
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
cache-control
no-transform
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
x-requested-with
x-amz-cf-id
Wzdg0QVMx6T2O7AeAFMwAzKQnOXCY_RqORsG0GpyiOkIQMYgMv-y6Q==
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://www.healthsherpa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617, 617
age
250842
cdn-cachedat
2021-07-24 16:51:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66624
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c7bda8c3981ec53ab3a6a6ed3b526e4c
accept-ranges
bytes
cf-ray
68fb464f1e10f9ce-PRG
cdn-requestcountrycode
CZ
cdn-status
200
cdn-requestpullsuccess
True
AvenirLTStd-Roman.woff2
d1mm04003omuon.cloudfront.net/assets/Avenir/AvenirRoman/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1mm04003omuon.cloudfront.net/assets/Avenir/AvenirRoman/AvenirLTStd-Roman.woff2
Requested by
Host: d1mm04003omuon.cloudfront.net
URL: https://d1mm04003omuon.cloudfront.net/assets/application-9cb3363e9f0c8b5db703bf917d98bb45.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-171.fra2.r.cloudfront.net
Software
/
Resource Hash
db7001c9f7d34d75bf8c9e755923e9ccbc20b1ef3b65404929a035da331cf7a4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1mm04003omuon.cloudfront.net/assets/application-9cb3363e9f0c8b5db703bf917d98bb45.css
Origin
https://www.healthsherpa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
via
1.1 spaces-router (7c9e4e4509a6), 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
41544
x-cache
Hit from cloudfront
vary
Origin
content-length
22960
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 19:12:27 GMT
x-frame-options
sameorigin
date
Thu, 16 Sep 2021 04:22:15 GMT
x-download-options
noopen
access-control-max-age
3628800
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
cache-control
no-transform
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
x-requested-with
x-amz-cf-id
Mn7QaUmUPZmuLQMdcqwcs6-08DTEmcmtvGD9ApIUOuTfPcLLCZeg8Q==
agent-hero_1.png
s3.amazonaws.com/healthsherpa-assets/images/agent_marketing_landing/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/healthsherpa-assets/images/agent_marketing_landing/agent-hero_1.png
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.4.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6123452d872333895c7f3125e16c3697cab927344673920ae053cbf9ced5bfd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 15:54:41 GMT
Last-Modified
Tue, 17 Oct 2017 18:58:30 GMT
Server
AmazonS3
x-amz-request-id
8EXYN36YCWDQY3K9
ETag
"1b014a507d33c6c9712819d33b0b2765"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3592599
x-amz-id-2
2u9J94DgEtWtFYscEzmXbl7JZ7xfMZRFuq/6SS3Gza0o7WgNKXd3h1a1kdLyNJhhn5GSQplAxRc=
AvenirLTStd-Light.woff2
d1mm04003omuon.cloudfront.net/assets/Avenir/AvenirLight/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1mm04003omuon.cloudfront.net/assets/Avenir/AvenirLight/AvenirLTStd-Light.woff2
Requested by
Host: d1mm04003omuon.cloudfront.net
URL: https://d1mm04003omuon.cloudfront.net/assets/application-9cb3363e9f0c8b5db703bf917d98bb45.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-171.fra2.r.cloudfront.net
Software
/
Resource Hash
ecae2ddf674feda399f30dfaef20b389c2b500d36e35fed0eeb8809b8750e9d9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1mm04003omuon.cloudfront.net/assets/application-9cb3363e9f0c8b5db703bf917d98bb45.css
Origin
https://www.healthsherpa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
via
1.1 spaces-router (7c9e4e4509a6), 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
61312
x-cache
Hit from cloudfront
vary
Origin
content-length
22406
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 19:12:27 GMT
x-frame-options
sameorigin
date
Wed, 15 Sep 2021 22:52:47 GMT
x-download-options
noopen
access-control-max-age
3628800
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=604800, no-transform
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
x-requested-with
x-amz-cf-id
LzS1igekeJ56-5Y5rPXjIlB7ukjh6HO79oB65fXDB8GOG-ThHHBuiw==
AvenirLTStd-Oblique.woff2
d1mm04003omuon.cloudfront.net/assets/Avenir/AvenirOblique/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1mm04003omuon.cloudfront.net/assets/Avenir/AvenirOblique/AvenirLTStd-Oblique.woff2
Requested by
Host: d1mm04003omuon.cloudfront.net
URL: https://d1mm04003omuon.cloudfront.net/assets/application-9cb3363e9f0c8b5db703bf917d98bb45.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-171.fra2.r.cloudfront.net
Software
/
Resource Hash
f391a23e3fbff202593044832d0252809142bbb03cda423935dfd19bdc5d4f4d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1mm04003omuon.cloudfront.net/assets/application-9cb3363e9f0c8b5db703bf917d98bb45.css
Origin
https://www.healthsherpa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
via
1.1 spaces-router (7c9e4e4509a6), 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
447884
x-cache
Hit from cloudfront
vary
Origin
content-length
23903
x-xss-protection
1; mode=block
last-modified
Mon, 24 May 2021 19:12:27 GMT
x-frame-options
sameorigin
date
Sat, 11 Sep 2021 11:29:54 GMT
x-download-options
noopen
access-control-max-age
3628800
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=604800, no-transform
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
x-requested-with
x-amz-cf-id
c0LiFbyf1PCB8D5JvYWKOMjWzq-6Jcqtp9cafPon0LYxFcAgF1nwcw==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
d/0iF50IfRdFOGXrUbW2PMXpKCWidZFItrxAMvwDfVJMv5ItE/n2o0PLkUoll3j4dBiBS2GfcdBX8+qFO4wIsQ==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 16 Sep 2021 15:54:39 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4062
date
Thu, 16 Sep 2021 14:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 16 Sep 2021 16:46:57 GMT
mixpanel-2.2.min.js
cdn.mxpnl.com/libs/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2.2.min.js
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.5.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.5.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:45:33 GMT
content-encoding
gzip
age
546
x-guploader-uploadid
ADPycduOZANe2IWSBueuLJFP2slc_m9X81nJzqQG1HF8LLuQA26kc65AjatmXUFgSFxoxoFcsASh7MfJcqXLKkxob3M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
25572
last-modified
Thu, 28 Jan 2021 18:22:08 GMT
server
UploadServer
etag
"acae467b20997801e459f56a5122c003"
vary
Accept-Encoding
x-goog-hash
crc32c=unGNyw==, md5=rK5GeyCZeAHkWfVqUSLAAw==
x-goog-generation
1611858128167188
access-control-allow-origin
*
cache-control
public,max-age=600
x-goog-stored-content-length
25572
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 16 Sep 2021 15:55:33 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.60.50.133 Atlanta, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
a23-60-50-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 15:54:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Aug 2021 21:34:05 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=46377
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
hotjar-807582.js
static.hotjar.com/c/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-807582.js?sv=6
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-103.fra2.r.cloudfront.net
Software
/
Resource Hash
90c5686df005bbe6a1d0fd780a09988178bd5a55b01153e29840ac9b9ac53e20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:39 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/3f734e4b727c876205f4c8ba6c77962f
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
LweT-2OJLbhDq7ZLJC6inLf9Zif47AHBlfVjAjs3B-Xc3EN7AooYDg==
via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
bat.js
bat.bing.com/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:39 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 18:56:21 GMT
x-msedge-ref
Ref A: 3FF757B34D6F4529BC49ABB902A5D4B9 Ref B: PRG01EDGE0707 Ref C: 2021-09-16T15:54:39Z
etag
"80386a5f63aad71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9827
obtp.js
amplify.outbrain.com/cp/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.223.60.72 San Jose, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
a173-223-60-72.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 15:54:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Jun 2021 09:47:31 GMT
Server
AkamaiNetStorage
ETag
"fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3100
Expires
Thu, 16 Sep 2021 16:14:40 GMT
tl.gif
global.localizecdn.com/api/lib/rKtiqHwBvJ9dR/ 		43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.localizecdn.com/api/lib/rKtiqHwBvJ9dR/tl.gif?l=source&c=8458816
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-13.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:39 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
43
x-amz-cf-id
nxaJ9G5xhk30-_6VoTClokwwAvg7AhXhXLTvfk9K0eSKkka1DUZN5A==
expires
0
tu
global.localizecdn.com/api/lib/rKtiqHwBvJ9dR/ 		420 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://global.localizecdn.com/api/lib/rKtiqHwBvJ9dR/tu?v=449
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.27.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-13.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
4f8397e3111e7d483ebcd1513983a3263ae136248379ae09c58ccd08040f8ab0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:40 GMT
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
etag
W/"1a4-Tx5N9srXH2klU4X2GRdq1NX8XOM"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
420
x-amz-cf-id
TJh7mXmTBXHYVtRsH2Z4HP1L46OOSE5BkhRFem3fLK4QpjOSMVvbww==
expires
0
g
global.localizecdn.com/api/lib/rKtiqHwBvJ9dR/ 		34 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://global.localizecdn.com/api/lib/rKtiqHwBvJ9dR/g?v=0&l=source
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.27.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-13.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
3517c4816bb548af27d4cb8458f8825124a08939115429fa1b52af48bb3b919a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 08:46:39 GMT
content-encoding
gzip
server
nginx
age
25680
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=172800
x-amz-cf-pop
FRA2-C2
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-id
qVe5-A-zvgXTRCT3og8ssDYxSrYBsgUR7AmaJq1jeB6tBwAdM-tqAw==
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-851413600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a5feea0a78c0027e0565b6f0cb360b65e67d24c4300defb266fa9ff1dc89e4a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14047
x-xss-protection
0
server
cafe
etag
13691176309111193505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Sep 2021 15:54:39 GMT
920472751333090
connect.facebook.net/signals/config/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/920472751333090?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
9c43efdfcfd062c65fe40cae04afee18691d61fdcc16f6fb34b785921c7d2e2c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
89844
x-xss-protection
0
pragma
public
x-fb-debug
zeuJ0KHz0bce7mLFJOtW2daZxKAPtovaqBkko3dwKFa+CgWVhOv1TkPmK88RV4eF3a/FDOIESbeJvaJMuq9Zug==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 16 Sep 2021 15:54:39 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=332007091&t=pageview&_s=1&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&ul=en-us&de=UTF-8&dt=Healthcare%20Insurance%20Service%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=258843103&gjid=1692520432&cid=870594812.1631807680&tid=UA-87696419-1&_gid=2044810877.1631807680&_r=1&_slc=1&z=283456669
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.27.0/raven.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.healthsherpa.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.healthsherpa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=332007091&t=pageview&_s=1&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&ul=en-us&de=UTF-8&dt=Healthcare%20Insurance%20Service%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=1202648532&gjid=1036037730&cid=870594812.1631807680&tid=UA-41027940-2&_gid=2044810877.1631807680&_r=1&_slc=1&cd1=guest&cd2=third_party&cd3=8320&cd4=rolando-torres&cd7=Agent%20whitelabel%20landing&z=264720177
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.27.0/raven.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.healthsherpa.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.healthsherpa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
tl.gif
global.localizecdn.com/api/lib/rKtiqHwBvJ9dR/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.localizecdn.com/api/lib/rKtiqHwBvJ9dR/tl.gif?l=en&c=9808827
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-13.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:40 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
server
nginx
x-edge-origin-shield-skipped
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-pop
FRA2-C2
content-length
43
x-amz-cf-id
QvrjBh2IZqduxaBWaLLQSfqoZJJsdSFA7uTohdL5D0DjyCktxy5j1Q==
expires
0
26223154.js
bat.bing.com/p/action/ 		0
111 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/26223154.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Sep 2021 15:54:39 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 72F954CD3AAC47E68189738C31D34E15 Ref B: PRG01EDGE0707 Ref C: 2021-09-16T15:54:40Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=26223154&Ver=2&mid=b7131f08-3d76-464e-a575-183fcad3178e&sid=6696a740170611ecb25be9eb2ec58d3c&vid=66976b00170611eca2a095f6565dbb20&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Healthcare%20Insurance%20Service%20%7C%20Fast,%20Easy%20Obamacare%20Enrollment&p=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&r=&lt=793&evt=pageLoad&msclkid=N&sv=1&rn=840770
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Sep 2021 15:54:39 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 60B07AF6A0C943AC86777131C9A36A45 Ref B: PRG01EDGE0707 Ref C: 2021-09-16T15:54:40Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.5fe2f4f38cf4833026a9.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-807582.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-38.fra2.r.cloudfront.net
Software
/
Resource Hash
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 07:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
635974
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59626
access-control-allow-origin
*
last-modified
Thu, 09 Sep 2021 07:14:26 GMT
etag
"e8c5ca8d148a212696c04c37e713b2a1"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
m90uH7vvbeIQyD9PFT8M8E7hmqM75GVaFh6euiTBjGiYFv9gyYIniw==
collect
stats.g.doubleclick.net/j/ 		2 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-41027940-2&cid=870594812.1631807680&jid=1202648532&gjid=1036037730&_gid=2044810877.1631807680&_u=YEDAAEABAAAAAC~&z=1968580126
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.27.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.healthsherpa.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 16 Sep 2021 15:54:40 GMT
content-type
text/plain
access-control-allow-origin
https://www.healthsherpa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
302753557524537
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/302753557524537?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
8d321dab635c9b2a43467b6ea43859f64b8920f6053a007e023f5878774ce5db
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
90126
x-xss-protection
0
pragma
public
x-fb-debug
hwf2H1SPcKULUXVwUf9NRmlRvYHNa48uh0U0fP6bcpjo/+JXVbpyy0xBnjeCxZPBAx/PZ7H2UOAcED25VMQf9Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 16 Sep 2021 15:54:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=920472751333090&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&rl=&if=false&ts=1631807680037&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631807680034.2133258787&it=1631807679961&coo=false&exp=p1&rqm=GET
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 16 Sep 2021 15:54:40 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/851413600/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/851413600/?random=1631807680044&cv=9&fst=1631807680044&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&tiba=Healthcare%20Insurance%20Service%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8ccb5140e9d7a90c5e2d3e7834e8d13770dd6aa7d13ab62685033b18e0f057d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1065
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=302753557524537&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&rl=&if=false&ts=1631807680068&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631807680034.2133258787&it=1631807679961&coo=false&exp=p1&rqm=GET
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 16 Sep 2021 15:54:40 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-41027940-2&cid=870594812.1631807680&jid=1202648532&_u=YEDAAEABAAAAAC~&z=285195953
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame 5C08 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-807582.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-91.fra2.r.cloudfront.net
Software
/
Resource Hash
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.healthsherpa.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/

Response headers

content-type
text/html
content-length
1044
date
Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"10714b84569172431728622d7c8098e4"
last-modified
Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
sgVbCQo0rO519Vci--zDYcsidimodBXKkOX1eDebITQg23dgSi8-5g==
age
5021375
/
www.google.com/pagead/1p-user-list/851413600/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/851413600/?random=1631807680044&cv=9&fst=1631804400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&tiba=Healthcare%20Insurance%20Service%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&async=1&fmt=3&is_vtc=1&random=1202532615&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/851413600/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/851413600/?random=1631807680167&cv=9&fst=1631807680167&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&tiba=Healthcare%20Insurance%20Service%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
9122c42aacfe8d567894332109cfd137f3d9b8c1687bcb9974e2b284a738a9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1068
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2054233&time=1631807680205&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2054233%26time%3D1631807680205%26url%3Dhttps%253A%252F%252Fwww.healthsherpa.com%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2054233&time=1631807680205&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&liSync=true
0
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2054233&time=1631807680205&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&liSync=true
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.37 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-11-37.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:41 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-type
application/javascript
content-length
0
x-li-uuid
+j4fsnBYpRbgdKzKAysAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options
nosniff
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXMHtUouE9n8tCX10kIRA==
pragma
no-cache
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 804A3351D4E440EB839F04081040A6A1 Ref B: PRG01EDGE0718 Ref C: 2021-09-16T15:54:40Z
x-frame-options
sameorigin
date
Thu, 16 Sep 2021 15:54:40 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2054233&time=1631807680205&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/851413600/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/851413600/?random=1631807680167&cv=9&fst=1631804400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&tiba=Healthcare%20Insurance%20Service%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&async=1&fmt=3&is_vtc=1&random=451463690&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=0078dfadc4d29e275927dac7639afaae49
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 15:54:40 GMT
content-encoding
gzip
X-TraceId
2c77e44d04cd46a872409236119006a4
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=0078dfadc4d29e275927dac7639afaae49&obApiVersion=1.1&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&optOut=false&bust=06794663700735772
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 15:54:40 GMT
Cache-Control
no-cache
X-TraceId
bb88b9325c503dd82b40e67162ab0718
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/851413600/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/851413600/?random=1631807680500&cv=9&fst=1631807680500&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3DsetLanguage%3Bevent_category%3DLocalize%3Bevent_action%3DsetLanguage%3Bevent_label%3Den%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&tiba=Healthcare%20Insurance%20Service%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
49af5e71d52267beae2e07d8ce9297eae8e30070d8c0731b31cc11ea8c49d95e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1112
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/851413600/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/851413600/?random=1631807680500&cv=9&fst=1631804400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3DsetLanguage%3Bevent_category%3DLocalize%3Bevent_action%3DsetLanguage%3Bevent_label%3Den%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&tiba=Healthcare%20Insurance%20Service%20%7C%20Fast%2C%20Easy%20Obamacare%20Enrollment&async=1&fmt=3&is_vtc=1&random=3283502998&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 0B4D 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2655
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.healthsherpa.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.healthsherpa.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://www.healthsherpa.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.healthsherpa.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Thu, 16 Sep 2021 15:54:40 GMT
/
www.facebook.com/tr/ Frame E1A5 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2655
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.healthsherpa.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.healthsherpa.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://www.healthsherpa.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.healthsherpa.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Thu, 16 Sep 2021 15:54:40 GMT
nr-1210.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id
VW8CCHGKR4ZK6Z03
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
11781
x-amz-id-2
MncX4xvX6G/3ZCVU9xhgX1JCQw12l3nC4XnJi5uFxOrjvkq6VeBL/9/vLuSPh4OyPAeJ00ESZNY=
x-served-by
cache-fra19127-FRA
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1631807681.168773,VS0,VE0
date
Thu, 16 Sep 2021 15:54:41 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
11664
pixel
bid.g.doubleclick.net/xbbe/ Frame D504 		0
455 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.110.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bid.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=KAE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.healthsherpa.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkh1OyrZuH-c37qPViPl_gy30INlE9N-VSujMNsTUeoClwPrmrUigIdDC7m
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 16 Sep 2021 15:54:41 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
bid.g.doubleclick.net/xbbe/ Frame 8EF7 		0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.110.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bid.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=KAE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.healthsherpa.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkh1OyrZuH-c37qPViPl_gy30INlE9N-VSujMNsTUeoClwPrmrUigIdDC7m
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 16 Sep 2021 15:54:41 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
bid.g.doubleclick.net/xbbe/ Frame B38F 		0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.110.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bid.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=KAE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.healthsherpa.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkh1OyrZuH-c37qPViPl_gy30INlE9N-VSujMNsTUeoClwPrmrUigIdDC7m
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 16 Sep 2021 15:54:41 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
NRJS-bd4f2a578e1bec3d82f
bam-cell.nr-data.net/1/ 		49 B
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/NRJS-bd4f2a578e1bec3d82f?a=585848406&v=1210.e2a3f80&to=JQ1cEUFbW1sEFBdGEgcWWwZAG15ZBQNA&rst=2044&ck=1&ref=https://www.healthsherpa.com/&qt=1&ap=57&be=524&fe=2015&dc=762&perf=%7B%22timing%22:%7B%22of%22:1631807679133,%22n%22:0,%22f%22:75,%22dn%22:75,%22dne%22:108,%22c%22:108,%22s%22:217,%22ce%22:330,%22rq%22:330,%22rp%22:503,%22rpe%22:612,%22dl%22:507,%22di%22:757,%22ds%22:762,%22de%22:793,%22dc%22:2015,%22l%22:2015,%22le%22:2021%7D,%22navigation%22:%7B%7D%7D&fp=713&fcp=713&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 15:54:42 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlVRDAMDUVZQFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoAC1EKUHRMB05WAhtDAAIIUVVUWFYEBQcDXAUCVUBKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
68fb4657ab362780-PRG
roundtrip.js
s.adroll.com/j/ 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.healthsherpa.com
URL: https://www.healthsherpa.com/?_agent_id=rolando-torres
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ed9c1758a236e742d01ea066f452d3f578d6be81551327a5b67ba8be722569d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Amz-Version-Id
jmFs7KywGuBDQQS_2esYMgDw6mfwd1hF
Via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Etag
"2441168df9ddcfa64f2b072ba490993a"
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
45465
Last-Modified
Mon, 30 Aug 2021 22:12:49 GMT
Server
AmazonS3
Date
Thu, 16 Sep 2021 14:55:39 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
-J5gL6tCC0jUCYT3JiltXCFHKNbhH8z65dJJohUlFN3r8qjcwE9QMQ==
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/LOPTHZGUNFAO7BL2WKRK3T/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Amz-Version-Id
negMAsSEs.M1Zq1srV8VMS7DU8lxhds7
Via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Mon, 19 Jul 2021 22:23:14 GMT
Server
AmazonS3
Date
Wed, 15 Sep 2021 16:55:33 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
-08B8R16u0aWeTEAr8vdy1U56vEZlKy7bABrLohcV09nUchv6wjWrA==

Redirect headers

Date
Wed, 15 Sep 2021 17:13:38 GMT
Via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
X-Amz-Cf-Id
wC0nt-ndzDsIc3yUqmkPS3wLqaw-6HCdPs7nEWKQ3nL3-s0o10rJoQ==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/LOPTHZGUNFAO7BL2WKRK3T/XHVCFA3AIVDMVEVXMJAGKE/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Date
Wed, 15 Sep 2021 20:39:55 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
cEqxOJD-YWg836MhEc94t0Volr1umJjSnbgreC3PV1ilXD5KQ4QbWA==

Redirect headers

Date
Wed, 15 Sep 2021 17:13:38 GMT
Via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
X-Amz-Cf-Id
y1YDSSMAK-GobizZgYp7uYAtLf6qdLuuwSR1c2gUHb3a4Dz-9rDRTQ==
index.js
s.adroll.com/j/pre/LOPTHZGUNFAO7BL2WKRK3T/XHVCFA3AIVDMVEVXMJAGKE/ 		0
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/LOPTHZGUNFAO7BL2WKRK3T/XHVCFA3AIVDMVEVXMJAGKE/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Amz-Version-Id
W5YYkXyCXw3n1LAfBORSR37vbEDRoy4w
Via
1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Thu, 09 Sep 2021 08:37:46 GMT
Server
AmazonS3
Date
Thu, 16 Sep 2021 15:54:42 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
nUJb6QVKPLkNHKXpUI548u2mi-MtcZLzFFXwgCM583EioMhPeGx_og==
LOPTHZGUNFAO7BL2WKRK3T
d.adroll.com/consent/check/ 		395 B
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/LOPTHZGUNFAO7BL2WKRK3T?arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&_s=153e6473173bf63e87643e71110d931b&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.53.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-53-37.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
2c406eaadf2db1dcb023c2aca5ce173faaa9daa3873efce3d92f1e4b9fa0a5cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:41 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-type
application/javascript
content-length
395
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
7EPPOZO4DZEZVI3JLOBXW7.js
s.adroll.com/pixel/LOPTHZGUNFAO7BL2WKRK3T/XHVCFA3AIVDMVEVXMJAGKE/
Redirect Chain
  • https://d.adroll.com/pixel/LOPTHZGUNFAO7BL2WKRK3T/XHVCFA3AIVDMVEVXMJAGKE?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando...
  • https://s.adroll.com/pixel/LOPTHZGUNFAO7BL2WKRK3T/XHVCFA3AIVDMVEVXMJAGKE/7EPPOZO4DZEZVI3JLOBXW7.js
5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/LOPTHZGUNFAO7BL2WKRK3T/XHVCFA3AIVDMVEVXMJAGKE/7EPPOZO4DZEZVI3JLOBXW7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f3adb5d3562a428ba3d40d7f673283144c9ea06eb5f3e516314cd2581d03b98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Amz-Version-Id
KICkJ29RBtA6o_GnZcZcaqB784ViEDAN
Via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Etag
"4a6c467d40085f785b967f2a041fd306"
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
5122
Last-Modified
Wed, 14 Jul 2021 03:42:48 GMT
Server
AmazonS3
Date
Thu, 16 Sep 2021 15:54:43 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
TnOupTACnNlkNCvVMDm-BR2s-UMORL2d5A6hvAymch9e8Pkp-TCzWg==

Redirect headers

pragma
no-cache
x-conversion-value
0.00
server
nginx/1.20.0
x-rule
*
date
Thu, 16 Sep 2021 15:54:41 GMT
x-segment-eid
7EPPOZO4DZEZVI3JLOBXW7
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://s.adroll.com/pixel/LOPTHZGUNFAO7BL2WKRK3T/XHVCFA3AIVDMVEVXMJAGKE/7EPPOZO4DZEZVI3JLOBXW7.js
cache-control
no-store, no-cache, must-revalidate
x-segment-display-name
Visitors to Unsegmented Pages
x-pixel-eid
XHVCFA3AIVDMVEVXMJAGKE
x-segment-name
*
x-advertisable-eid
LOPTHZGUNFAO7BL2WKRK3T
content-length
0
x-conversion-currency
sendrolling.js
s.adroll.com/j/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: d.adroll.com
URL: https://d.adroll.com/pixel/LOPTHZGUNFAO7BL2WKRK3T/XHVCFA3AIVDMVEVXMJAGKE?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&pv=22198921044.244858&cookie=&adroll_s_ref=&keyw=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Amz-Version-Id
aQaoM4Api6Ai8yIAa8_xreTPTBOXCsLN
Via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Etag
"c317a5be7d65fa0c4d68d9735af020e4"
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
11442
Last-Modified
Mon, 13 Sep 2021 21:40:45 GMT
Server
AmazonS3
Date
Thu, 16 Sep 2021 14:56:19 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
Wsj_Kag3lbFLOTz9JsilwVbpT58_mMjQMRV-NTulDK_UwwVR65jsaQ==
348210652031142
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/348210652031142?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
d1c86329aaeb510343896dad3a5db057ef70e8626fde8d6a042ce93aaa0a5f34
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
89365
x-xss-protection
0
pragma
public
x-fb-debug
h/VBkMAbLN9r+K/Ebv/PkDkWmEo/nlHmInvATyLK7Wa7S7YD2uEq3FK2LyjfAMgyeSA847B6G8Rg8CJiyLkXYA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 16 Sep 2021 15:54:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUN...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&expiration=1663343682
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&expiration=1663343682&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&expiration=1663343682&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.60.51.102 Atlanta, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
a23-60-51-102.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Sep 2021 15:54:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Sep 2021 15:54:43 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Sep 2021 15:54:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&expiration=1663343682&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Thu, 16 Sep 2021 15:54:42 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7...
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&expires=365
pragma
no-cache
date
Thu, 16 Sep 2021 15:54:42 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sync
pixel.advertising.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/onevideo/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZ...
  • https://pixel.advertising.com/ups/55980/sync?uid=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55980/sync?uid=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.147.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-147-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:42 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/55980/sync?uid=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma
no-cache
date
Thu, 16 Sep 2021 15:54:42 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
167
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZ...
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
0
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 15:54:42 GMT
Cache-Control
no-cache
X-TraceId
964e8c87aee9fc48d1d8f29648e75658
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
pragma
no-cache
date
Thu, 16 Sep 2021 15:54:42 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
100
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZ...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...
1 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:42 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:1324
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma
no-cache
date
Thu, 16 Sep 2021 15:54:42 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
220
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
v1
ads.yahoo.com/cms/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7...
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:42 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

location
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma
no-cache
date
Thu, 16 Sep 2021 15:54:42 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
165
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZG...
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12411

Redirect headers

location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
pragma
no-cache
date
Thu, 16 Sep 2021 15:54:42 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPT...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=4714&xuid=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date
Thu, 16 Sep 2021 15:54:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7...
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.0.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-0-85.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
date
Thu, 16 Sep 2021 15:54:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7...
  • https://ib.adnxs.com/setuid?entity=172&code=ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Sep 2021 15:54:42 GMT
X-Proxy-Origin
216.131.114.115; 216.131.114.115; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e2d939e7-9c12-4a7f-a143-88524c4c521c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Sep 2021 15:54:42 GMT
X-Proxy-Origin
216.131.114.115; 216.131.114.115; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ef0134ee-1221-41b1-a4d6-80dd7891d659
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
out
d.adroll.com/cm/l/ 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/l/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7BL2WKRK3T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.53.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-53-37.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:42 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7...
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=f50ff6f83e9d8154992b501094b5021d
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=f50ff6f83e9d8154992b501094b5021d
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=f50ff6f83e9d8154992b501094b5021d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:42 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=f50ff6f83e9d8154992b501094b5021d
date
Thu, 16 Sep 2021 15:54:42 GMT
via
1.1 google
server
OXGW/16.216.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=684fc3c2db07d018b8073d24c4c79776-1631807681435&arrfrr=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&xid_ch=f&advertisable=LOPTHZGUNFAO7...
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=9Q_2-D6dgVSZK1AQlLUCHQ
  • https://d.adroll.com/cm/g/in
42 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.53.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-53-37.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:42 GMT
server
nginx/1.20.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Thu, 16 Sep 2021 15:54:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=348210652031142&ev=PageView&dl=https%3A%2F%2Fwww.healthsherpa.com%2F%3F_agent_id%3Drolando-torres&rl=&if=false&ts=1631807682121&cd[segment_eid]=7EPPOZO4DZEZVI3JLOBXW7&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=29&fbp=fb.1.1631807680034.2133258787&it=1631807679961&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.healthsherpa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:54:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 16 Sep 2021 15:54:42 GMT
/
api-js.mixpanel.com/track/ 		25 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1631807684944
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.27.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.34.211.130.bc.googleusercontent.com
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://www.healthsherpa.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Thu, 16 Sep 2021 15:54:44 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.healthsherpa.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
13
alt-svc
clear
content-length
25

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster object| NREUM object| newrelic function| __nr_require object| Raven function| $ function| jQuery object| AjaxResponseMessageHandler string| _blockWildcard boolean| _lsEnabled string| _lsKeyBlocks string| _lsKeyPurge object| _conf function| configTimeToMS function| getBlockTimeLeft function| getStorageBlocks function| saveStorageBlocks function| addStorageBlock function| isStorageBlocking function| isActionable function| action function| trigger function| bindTriggers object| _visibility function| _isPageHidden function| _delay object| _listeners function| pulse function| count function| timeout object| jQuery112405720353623301861 function| _ function| Inputmask object| core object| __core-js_shared__ object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| FixedSticky object| IPv6 function| URI object| Views object| Utility object| API object| ExitIntent object| AdobeAnalytics function| Analytics object| GlobalNotifier function| lity undefined| baseUrl string| ENVIRONMENT string| RECAPTCHA_PUBLIC_KEY_ENTERPRISE_SCORE string| RECAPTCHA_PUBLIC_KEY_V2 string| user_type undefined| confirmationId function| fbq function| _fbq object| analytics_user_attrs object| analytics_agent_attrs string| analytics_page_type string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer function| mixpanel_callback object| mixpanel string| _linkedin_partner_id object| _linkedin_data_partner_ids function| hj object| _hjSettings string| adroll_adv_id string| adroll_pix_id object| uetq function| obApi object| Localize function| loadLazyImages function| resizeContentForFooterPlacement object| google_tag_manager object| google_optimize object| ANALYTICS string| agentSlug object| I18n object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| UET function| UET_init function| UET_push object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| lintrk boolean| _already_called_lintrk boolean| __adroll_loaded string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| adroll_exp_list object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid

49 Cookies

Domain/Path Name / Value
www.healthsherpa.com/ Name: googtrans
Value: %2Fen%2Fen
.healthsherpa.com/ Name: _hs_prod_session_key_2020_08_09
Value: 1fd71e26072ad41839b84cb62836f8ca
.healthsherpa.com/ Name: mp_f28cea73db7f3cc40a1daca0e67c60b6_mixpanel
Value: %7B%22distinct_id%22%3A%20%2217bef512dc93c7-04cda34b9991ad-c343365-1d4c00-17bef512dcaff5%22%2C%22%24device_id%22%3A%20%2217bef512dc93c7-04cda34b9991ad-c343365-1d4c00-17bef512dcaff5%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22initial_source%22%3A%20%22direct%22%2C%22source%22%3A%20%22direct%22%2C%22effectuated%22%3A%20false%2C%22initial_landing_url%22%3A%20%22%2F%3F_agent_id%3Drolando-torres%22%2C%22initial_landing_path%22%3A%20%22%2F%22%7D
.bing.com/ Name: MUID
Value: 37F0B695F8DA69BB0FDCA621F99F686C
.healthsherpa.com/ Name: _gcl_au
Value: 1.1.1498816847.1631807680
.healthsherpa.com/ Name: _ga
Value: GA1.2.870594812.1631807680
.healthsherpa.com/ Name: _gid
Value: GA1.2.2044810877.1631807680
.healthsherpa.com/ Name: _gat_agentTracker
Value: 1
.healthsherpa.com/ Name: _gat
Value: 1
.healthsherpa.com/ Name: _uetsid
Value: 6696a740170611ecb25be9eb2ec58d3c
.healthsherpa.com/ Name: _uetvid
Value: 66976b00170611eca2a095f6565dbb20
.healthsherpa.com/ Name: _fbp
Value: fb.1.1631807680034.2133258787
.healthsherpa.com/ Name: _hjid
Value: 978b5098-ce0f-417b-808d-9b0ddbacf13f
.healthsherpa.com/ Name: _hjFirstSeen
Value: 1
www.healthsherpa.com/ Name: _hjIncludedInSessionSample
Value: 0
.healthsherpa.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
www.healthsherpa.com/ Name: _hjCachedUserAttributes
Value: eyJhdHRyaWJ1dGVzIjp7ImFnZW50X2lkIjo4MzIwLCJhZ2VudF90eXBlIjoidGhpcmRfcGFydHkiLCJ1c2VyX3R5cGUiOiJndWVzdCJ9LCJ1c2VySWQiOiIyNWI1ZmJiYWMzODBjNTI4YzRhZTExYzEzZWNhM2ZkMCJ9
.doubleclick.net/ Name: IDE
Value: AHWqTUkh1OyrZuH-c37qPViPl_gy30INlE9N-VSujMNsTUeoClwPrmrUigIdDC7m
.linkedin.com/ Name: UserMatchHistory
Value: AQLtbMbzsl0LnQAAAXvvUTB0DOy4Xt48o8nyrOYjzd21Y4kHarQtotCDJVssMdlEK7fbN6e35PjENg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIcQJWHy7gOwAAAAXvvUTB1VQWqODl9YQlfTXlmHfSNRYp7QvemAGfGmd9e9zqpT9s7TPAZmL4ed5pltOOk-g
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&cc37b297-abb0-4deb-8181-6e35e1f27f70"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2476:u=1:x=1:i=1631807680:t=1631894080:v=2:sig=AQHn6JEeFjI01NjDMruBBnUZsICfXuhe"
www.healthsherpa.com/ Name: outbrain_cid_fetch
Value: true
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20210916155440621cc587-721c-43ec-8739-1529e2708348AQF_vEa4uGc_L6jytkPRqrDEH0WqvgTy"
.www.healthsherpa.com/ Name: __adroll_fpc
Value: 684fc3c2db07d018b8073d24c4c79776-1631807681435
.www.healthsherpa.com/ Name: __ar_v4
Value: %7CLOPTHZGUNFAO7BL2WKRK3T%3A20210916%3A1%7CXHVCFA3AIVDMVEVXMJAGKE%3A20210916%3A1%7C7EPPOZO4DZEZVI3JLOBXW7%3A20210916%3A1
.yahoo.com/ Name: A3
Value: d=AQABBMJoQ2ECEGG36tfgNdJueNbMC5kNesIFEgEBAQG6RGFNYQAAAAAA_eMAAA&S=AQAAAkBNwrkvkX_aFXw96pyEZus
.3lift.com/ Name: tluid
Value: 12888864838288107270
.adnxs.com/ Name: uuid2
Value: 4732805046399524335
.taboola.com/ Name: t_gid
Value: 78e8ae2a-2d6d-4cbd-8923-9f7e96b0ec51-tuct83cee42
.pubmatic.com/ Name: KRTBCOOKIE_10
Value: 22808-ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ&KRTB&22883-ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
.pubmatic.com/ Name: PugT
Value: 1631807682
.pubmatic.com/ Name: PUBMDCID
Value: 3
.openx.net/ Name: i
Value: cdee45fd-d546-4477-afb1-a509205a682e|1631807682
.bidswitch.net/ Name: tuuid
Value: d38125b2-3f25-4cfd-98b9-196be50edae7
.bidswitch.net/ Name: c
Value: 1631807682
.bidswitch.net/ Name: tuuid_lu
Value: 1631807682
d.adroll.com/ Name: __adroll
Value: f50ff6f83e9d8154992b501094b5021d-g_1631807682-a_1631807681
.adroll.com/ Name: __adroll_shared
Value: f50ff6f83e9d8154992b501094b5021d-g_1631807682-a_1631807681
.adnxs.com/ Name: anj
Value: dTM7k!M4/rD>6NRF']wIg2Hb8KpQlr!@wnfH1Ya.O4]7Q=37YV_tkkxiS9VvbigO[0jrSyjc5Zll]N49j)Uch`K6yq1.=nk_0pUs>zOcBmGcarP(hw9P-HC_#typ[+ZK+o
.outbrain.com/ Name: obuid
Value: 9257238e-8704-4eef-835f-5c9a54e7fa09
.outbrain.com/ Name: adrl
Value: ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
.casalemedia.com/ Name: CMID
Value: YUNowoDzfbaqluSnMkX7xAAA
.casalemedia.com/ Name: CMPS
Value: 3166
.casalemedia.com/ Name: CMPRO
Value: 1135
.casalemedia.com/ Name: CMRUM3
Value: 69614368c32760ZjUwZmY2ZjgzZTlkODE1NDk5MmI1MDEwOTRiNTAyMWQ
.casalemedia.com/ Name: CMST
Value: YUNow2FDaMMA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
amplify.outbrain.com
api-js.mixpanel.com
bam-cell.nr-data.net
bat.bing.com
bid.g.doubleclick.net
cdn.mxpnl.com
cdn.ravenjs.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d1mm04003omuon.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
global.localizecdn.com
googleads.g.doubleclick.net
ib.adnxs.com
js-agent.newrelic.com
maxcdn.bootstrapcdn.com
pixel.advertising.com
pixel.rubiconproject.com
px.ads.linkedin.com
s.adroll.com
s3.amazonaws.com
script.hotjar.com
simage2.pubmatic.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
tr.outbrain.com
us-u.openx.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.healthcareinsuranceservice.com
www.healthsherpa.com
www.linkedin.com
x.bidswitch.net
104.16.19.94
104.18.11.207
108.174.11.37
108.177.15.154
13.107.21.200
13.107.42.14
13.224.193.38
13.224.193.91
13.224.193.94
13.225.78.103
13.225.78.13
13.225.84.171
130.211.34.183
130.211.5.208
141.226.228.48
142.250.110.156
142.250.185.130
142.250.185.132
142.250.185.142
142.250.185.147
142.250.185.238
142.250.186.98
142.250.74.194
151.101.130.137
151.101.2.217
157.240.236.1
157.240.236.35
162.247.243.146
172.217.16.136
173.223.60.72
18.156.147.57
185.33.220.145
185.64.190.80
23.60.50.133
23.60.51.102
35.157.0.85
35.244.159.8
52.17.53.37
52.217.4.70
54.83.106.187
69.173.144.138
70.42.32.159
76.223.111.18
87.248.118.23
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
0b230cb72d21325f7f7a2789d6103263bf9975f4955873dae36d1613db5f88a0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
2c406eaadf2db1dcb023c2aca5ce173faaa9daa3873efce3d92f1e4b9fa0a5cb
2d77ca316e202e7e58b30fa0f9068fd43ef9034b4a1e97fbe5d846454bf3b2fe
2f3adb5d3562a428ba3d40d7f673283144c9ea06eb5f3e516314cd2581d03b98
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
34826113dc60018d0aaba3e39a8580c749390e118190b37a6af2309645b5e3a6
3517c4816bb548af27d4cb8458f8825124a08939115429fa1b52af48bb3b919a
49af5e71d52267beae2e07d8ce9297eae8e30070d8c0731b31cc11ea8c49d95e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f8397e3111e7d483ebcd1513983a3263ae136248379ae09c58ccd08040f8ab0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6123452d872333895c7f3125e16c3697cab927344673920ae053cbf9ced5bfd5
820ef5d20e839db6fd3b9310ef685c5c0b6e56cb856cc6725d05aac3694d296e
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
8ccb5140e9d7a90c5e2d3e7834e8d13770dd6aa7d13ab62685033b18e0f057d5
8d321dab635c9b2a43467b6ea43859f64b8920f6053a007e023f5878774ce5db
8ed9c1758a236e742d01ea066f452d3f578d6be81551327a5b67ba8be722569d
90c5686df005bbe6a1d0fd780a09988178bd5a55b01153e29840ac9b9ac53e20
9122c42aacfe8d567894332109cfd137f3d9b8c1687bcb9974e2b284a738a9a0
9c43efdfcfd062c65fe40cae04afee18691d61fdcc16f6fb34b785921c7d2e2c
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a5feea0a78c0027e0565b6f0cb360b65e67d24c4300defb266fa9ff1dc89e4a1
ab307018f3c1b10507c652c6a6284b643af000c7e2feb620fea443cb3ee3d648
ab326111e495c2c807056d8763d62878cbae793fed7de17e11007401d2dfe434
ac02c600f54906993eaa8e81f5a1016e02a432bcd7f347b2b76ad7bd6c179a2a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0cf1ef03b9eb15cbecaa380aa0b33c3bbd272211454f4b067e237f88b663d6e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8ff2ceaca61db7ac48edd584d95a67576565e49120edf214e93aea4143c2519
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6
c0a62377115fabfd142efc4b6d5a5c19da3e212aa3ac6d7cef934ceec078d715
d1c86329aaeb510343896dad3a5db057ef70e8626fde8d6a042ce93aaa0a5f34
db7001c9f7d34d75bf8c9e755923e9ccbc20b1ef3b65404929a035da331cf7a4
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c3a20e44fa1633d5de0e2f636fb5efd6c084690219211df29668ac2b1082d4
ec2e930bd19bdf85c62faedeccd63b958dd385571399bdf450b0861a500525e3
ecae2ddf674feda399f30dfaef20b389c2b500d36e35fed0eeb8809b8750e9d9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f391a23e3fbff202593044832d0252809142bbb03cda423935dfd19bdc5d4f4d
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995