| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashcdbad2434b7d127a4fc769807a9dc3e7 fa98cd9fc2309ab4423f33f683d17bdb17d76713 560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3379
Expires: Sun, 27 Nov 2022 20:54:37 GMT
Date: Sun, 27 Nov 2022 19:58:18 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash15b59d5e62caedb4bec3ba6724906c1e 960f801e608a56fdd11449f4face29f62cad2b21 8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5346
Cache-Control: max-age=144121
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 12:00:19 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash567df7db606cf5d0871aa5bc9311b6da 4263faac7cbab2fcaf6661911dcad5091c06be17 e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 19:19:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2334
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash71f9c681a82440fd55e76c780a20e55d 3147768cfbcdd06e0c6e69684292e68e99917a80 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6117
Expires: Sun, 27 Nov 2022 21:40:15 GMT
Date: Sun, 27 Nov 2022 19:58:18 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MA9At/ZjMiciRLohDP61HC2xTDOxq/ncRxbj9kWAtmi1WTjAncUsILR0AeAkaiqOtOfN8VV+BrM=
x-amz-request-id: Q59VE7S5ZQSAX7C3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 19:41:46 GMT
age: 992
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/ | 104.16.16.194 | 302 Found | 512 B |
IP104.16.16.194:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (497) Hash6321c249d61ade9f701f05d73a676407 d4ee7f9a77c75f461b218b45a24d07c531c88785 a484ac3c6df9fe741c972660629e88ddc965411d1c79a0eb89483409d11fcb0a
GET / HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 27 Nov 2022 19:58:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://turf-time-az.org/optin-5224087116441286340421651424291831
CF-Ray: 770d70123a440b3d-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Vary: Accept-Encoding
CF-Cache-Status: BYPASS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Request-Method: *
Pragma: no-cache
Status: 302 Found
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: 7e2b2b5694c9e7f9be6c409c50dd2200
X-Runtime: 0.184422
Set-Cookie: __cf_bm=Wxvxp59rzLH5qA.IBcwQNAVMBkdoZt3dlMO.xVLOMtg-1669579098-0-AQG+CDXXrH5UbNkHWXyi85gV/0WeTfq8saeEYuOPxOWeb2hI6NmXV1XGwyi/jfqaoHcSJthBZCCENCY5xvGiksl1hzwjd5/RgV1+mfPp89U1; path=/; expires=Sun, 27-Nov-22 20:28:18 GMT; domain=.turf-time-az.org; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash760356b01ef1382c7ba8485cddd41732 9df1846f9efffee67d30b7d6aaa4d1818053a0e6 19d98ba29fd515fc4cc9efbbedf72043fbd4f41aab9e036a1069fa86bf574480
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121124
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Etag: "6382f77e-117"
Expires: Tue, 29 Nov 2022 05:37:02 GMT
Last-Modified: Sun, 27 Nov 2022 05:37:02 GMT
Server: nginx
Content-Length: 279
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 19:11:12 GMT
cache-control: public,max-age=3600
age: 2826
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash803475345d94e9c4f3648a2f06c61b22 f9d012699ec80160ea7b9cae0109b2bff712724e ae5000b1a3dfd9db4c86d42d1d9948a534b5a2019200b0252658bcf4ba8346e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2534
Cache-Control: max-age=142353
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Etag: "63834085-116"
Expires: Tue, 29 Nov 2022 11:30:51 GMT
Last-Modified: Sun, 27 Nov 2022 10:48:37 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hasha6fee11dfe1b88cd768a0ca3e2bd0c89 59cec9a44a4a92467678afe65f347f68641a2174 50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4447
Cache-Control: max-age=138161
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:20:59 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
|
|
| turf-time-az.org/hosted/images/images/stock/arrows/black/down-3.png | 104.16.15.194 | 200 OK | 59 kB |
URL HTTP/2turf-time-az.org/hosted/images/images/stock/arrows/black/down-3.png IP104.16.15.194:0
File typePNG image data, 911 x 410, 8-bit colormap, non-interlaced\012- data Hashfcdff8d42c2cc8f60f09ffc805e32053 b0561004784b103be1803efdc932ab73273d21a1 84d2ac2a03e32b1dc4a701f1ca4e0a2e28bad6023605373f08b82e9641dc4010
GET /hosted/images/images/stock/arrows/black/down-3.png HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: image/png
content-length: 58816
cf-ray: 770d7017db9ab4e8-OSL
accept-ranges: bytes
age: 361213
cache-control: max-age=31536000
etag: "5d92482e7517a8544723f0b89a32f31c"
expires: Wed, 28 Dec 2022 19:58:18 GMT
last-modified: Fri, 11 Nov 2016 20:39:30 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-polished: origSize=59782
x-amz-cf-pop: OSL50-P1
server: cloudflare
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/hosted/images/2d/61ffe872284674a155376f8e4d19ea/117305556_2707112792889686_7904323547035526952_o.jpg | 104.16.15.194 | 200 OK | 132 kB |
URL HTTP/2turf-time-az.org/hosted/images/2d/61ffe872284674a155376f8e4d19ea/117305556_2707112792889686_7904323547035526952_o.jpg IP104.16.15.194:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1789x1789, components 3\012- data Size132 kB (132109 bytes) Hash28681066f1e0702b3e76e5b0c8f5c498 67c3454d772a65009f8c29d96a821c92ed81d0ad a318ea0e3c8ddd9ecd611834c33acbae98cf6ecb147f4d3748e3a9ab054e59f9
GET /hosted/images/2d/61ffe872284674a155376f8e4d19ea/117305556_2707112792889686_7904323547035526952_o.jpg HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: image/jpeg
content-length: 132109
cf-ray: 770d7017db97b4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "28681066f1e0702b3e76e5b0c8f5c498"
last-modified: Fri, 29 Jan 2021 07:11:26 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash46be323bc79f562de2849d93b20ae76e 8f39777956be6e476b5a1c9648e2c585d7ddeda7 55140433a1d1011107c4f18c87249ba048ac0993ad2be18e0a1255208ac4a5ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1856
Cache-Control: max-age=126917
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Etag: "638306df-117"
Expires: Tue, 29 Nov 2022 07:13:35 GMT
Last-Modified: Sun, 27 Nov 2022 06:42:39 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5af61422c4eaa1b995ec63e463abda26 db75634681ed688840773ce828c169ac9da7d131 506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5af61422c4eaa1b995ec63e463abda26 db75634681ed688840773ce828c169ac9da7d131 506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash263fd6d40218c2b0a2945fa12db8b4e5 db616a4c91fea68c1badef3644d17c033a467dd1 9a5d043d20760ae47a125e8585da97dcaf49405321e810c12e93336f55c95a97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5158
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Last-Modified: Sun, 27 Nov 2022 18:32:21 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash263fd6d40218c2b0a2945fa12db8b4e5 db616a4c91fea68c1badef3644d17c033a467dd1 9a5d043d20760ae47a125e8585da97dcaf49405321e810c12e93336f55c95a97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5608
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Last-Modified: Sun, 27 Nov 2022 18:24:50 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
|
|
| assets.clickfunnels.com/images/closemodal.png | 104.16.14.194 | 200 OK | 672 B |
URL HTTP/2assets.clickfunnels.com/images/closemodal.png IP104.16.14.194:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash19754ed4d508cf576c80cf36e0db8c50 f459beac714e5be68aa75349fa806a5642af456a 5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
GET /images/closemodal.png HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: image/webp
content-length: 672
cf-ray: 770d70182a1afab4-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 962282
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "6359dae3-314"
expires: Wed, 28 Dec 2022 19:58:18 GMT
last-modified: Thu, 27 Oct 2022 01:12:03 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=h2CiC46UfWVVykQurQ9MJFgl159wUPSvM.in_Eeq_e4-1669579098-0-Ab1HlRVS+ctHeRdEsBj41ZQRcyLCAA0hnCo6e08EUjHNHfEEG/OTTFXfFA/zj6TWbslv/wRGuNINUGmQbm2Szgz8AUeAHRAuBrLQQ8n7WvZV; path=/; expires=Sun, 27-Nov-22 20:28:18 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5af61422c4eaa1b995ec63e463abda26 db75634681ed688840773ce828c169ac9da7d131 506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash263fd6d40218c2b0a2945fa12db8b4e5 db616a4c91fea68c1badef3644d17c033a467dd1 9a5d043d20760ae47a125e8585da97dcaf49405321e810c12e93336f55c95a97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5159
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:19 GMT
Last-Modified: Sun, 27 Nov 2022 18:32:21 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
|
|
| push.services.mozilla.com/ | 52.43.228.5 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.43.228.5:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PPkv/z/UhHOqfoJ9QkdrrQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CmyTAgXp0EuPxiLSkrMYIczjzf8=
|
|
| turf-time-az.org/assets/lander.js | 104.16.15.194 | 200 OK | 678 kB |
URL HTTP/2turf-time-az.org/assets/lander.js IP104.16.15.194:0
File typeASCII text, with very long lines (32752) Size678 kB (678323 bytes) Hasha12e745a0a21a9385a0ce5d95a03843e efc7f3dbaea3a2a8675012ccc05fb26a631efe11 688b3aa3000e4d41c879e19dc740f5b559995b07fb8238947c0b88525139bdd4
GET /assets/lander.js HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: application/x-javascript
cf-ray: 770d7017ebbcb4e8-OSL
access-control-allow-origin: *
age: 921
cache-control: public, max-age=1200
etag: W/"637bf1b5-2391a3"
expires: Sun, 27 Nov 2022 20:18:18 GMT
last-modified: Mon, 21 Nov 2022 21:46:29 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 | 142.250.74.10 | 200 OK | 2.9 kB |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 IP142.250.74.10:0
Hash63ed4f145e5cdb33c3f87def844e855f 1baab41465d4e3d063348f856f5866261c69c92d 3c8379a39353c350778ea8b09f61ff34b960adf346f79612239f7cb8c5f4b786
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 19:58:18 GMT
date: Sun, 27 Nov 2022 19:58:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/hosted/images/f8/8bf0cdc51f4fc8974f2b53eb6ea75d/Screen-Shot-2022-02-06-at-10.11.46-AM.png | 104.16.15.194 | 200 OK | 285 kB |
URL HTTP/2turf-time-az.org/hosted/images/f8/8bf0cdc51f4fc8974f2b53eb6ea75d/Screen-Shot-2022-02-06-at-10.11.46-AM.png IP104.16.15.194:0
File typePNG image data, 1238 x 712, 8-bit/color RGB, non-interlaced\012- data Size285 kB (284584 bytes) Hash0268db237365a466e257da2baa2f05de 9750c63c2931691b8179082b936a90faf3aacc80 e4394b069306544d90d63ea3f3f6dba3e789bd17464996fe86ad139990e9dad9
GET /hosted/images/f8/8bf0cdc51f4fc8974f2b53eb6ea75d/Screen-Shot-2022-02-06-at-10.11.46-AM.png HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: image/png
content-length: 284584
cf-ray: 770d7017ebbbb4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "0268db237365a466e257da2baa2f05de"
last-modified: Sun, 06 Feb 2022 18:12:03 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/assets/userevents/application.js | 104.16.15.194 | 200 OK | 2.3 kB |
URL HTTP/2turf-time-az.org/assets/userevents/application.js IP104.16.15.194:0
File typeASCII text, with very long lines (5244), with no line terminators Hash561f486de0369121c9b4b7c5fca25395 a7640af28d978c9caf4fd53c24207ee5c7027d95 9e4f9b4ec4dfbb59ef26b5c28bc90feee5f3d73834a9c086d93f196c81816347
GET /assets/userevents/application.js HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: application/x-javascript
cf-ray: 770d7017db8eb4e8-OSL
access-control-allow-origin: *
age: 1084
cache-control: public, max-age=1200
etag: W/"637bf173-147c"
expires: Sun, 27 Nov 2022 20:18:18 GMT
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 | 216.58.207.195 | 200 OK | 13 kB |
URL HTTP/2fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data Hashab21c24efd75543e16e34807ebc6cdec eb2562f9729079333fbcbbe94868695669dd3301 88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://turf-time-az.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:03:13 GMT
expires: Tue, 21 Nov 2023 21:03:13 GMT
cache-control: public, max-age=31536000
age: 514506
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=sans-serif%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7Csans-serif%7CPoppins%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CDroid+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7CDroid+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CLato%7CNoto+Sans%7Csans-serif%7CLato%7CNoto+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7C%7C | 142.250.74.10 | 200 OK | 13 kB |
URL HTTP/2fonts.googleapis.com/css?family=sans-serif%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7Csans-serif%7CPoppins%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CDroid+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7CDroid+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CLato%7CNoto+Sans%7Csans-serif%7CLato%7CNoto+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7C%7C IP142.250.74.10:0
Hash1c5daf388e58137201ab242983d62e6d 60228ee47b5f812388f15d51d2a309ea38465dec a35949811411bb4881e8fb6e8177c8c0a2267189ec39b7bdb4fe56cd8cc2e15d
GET /css?family=sans-serif%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7Csans-serif%7CPoppins%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CDroid+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7CDroid+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CLato%7CNoto+Sans%7Csans-serif%7CLato%7CNoto+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7C%7C HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 19:58:18 GMT
date: Sun, 27 Nov 2022 19:58:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 | 104.16.56.101 | 200 OK | 27 kB |
URL HTTP/2static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP104.16.56.101:0
Hash529dd9eb11d200dd3967fde44dba85a2 894550c3d7a621cb6428e308fc038060821d772c 26645dc5c9810b296bc9045a6d4ac37f943c65d80817dd0c3dfa7465c92ef297
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://turf-time-az.org
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 770d70187acc0afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/mailcheck.min.js | 104.16.14.194 | 200 OK | 25 kB |
URL HTTP/2app.clickfunnels.com/mailcheck.min.js IP104.16.14.194:0
File typeC source, ASCII text, with very long lines (525) Hash72190f73f3c0cb4b8f544ff26bf48420 47d4f0f14876536e728d377c303036d2f7ccffe3 e567494910b7518e7fe2a8e3c31720ac7769794e7c7eea5d3dd37dbf6a1e732d
GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: application/x-javascript
cf-ray: 770d701a0cddfab4-OSL
access-control-allow-origin: *
age: 4357
etag: W/"637bf173-a8d"
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=XGf6EEJGXsO_PJghgaxZZ0OFdDp.vyh6tyIJ_dzGy5Y-1669579099-0-AWI5n7Y5w2mQFaFPVt/o/rE3zBCYxRBJLRKtB3QnFowrMUJxnaKrDi+fxr3ZqmMBU3WF93AGhWgPc02w62kORPPAPMih/Kp+Eyb1Oa7rk6kC; path=/; expires=Sun, 27-Nov-22 20:28:19 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/hosted/images/23/d48b7897494805bc2025368c7849df/turf-time-az-logo_ccexpress.png | 104.16.15.194 | 200 OK | 174 kB |
URL HTTP/2turf-time-az.org/hosted/images/23/d48b7897494805bc2025368c7849df/turf-time-az-logo_ccexpress.png IP104.16.15.194:0
File typePNG image data, 2048 x 2048, 8-bit/color RGBA, non-interlaced\012- data Size174 kB (174536 bytes) Hashd234c38248e66d1f6531d4fd5923a085 3c9ae2285b212a3f3ef215deba845565695da636 8c1337ecfd85856c4234eeb6122b89734ad664d8d67c5b9a3b7b3abd5d777d9a
GET /hosted/images/23/d48b7897494805bc2025368c7849df/turf-time-az-logo_ccexpress.png HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: image/png
content-length: 174536
cf-ray: 770d7017eba1b4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "d234c38248e66d1f6531d4fd5923a085"
last-modified: Sun, 06 Feb 2022 17:11:04 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashe9895464b828d538dc654c678c82b181 af5791cd48761cb3f3f979b481c23e1508692823 c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| turf-time-az.org/hosted/images/61/41bfb8fbe7494c8f8d8be997f81455/rock.png | 104.16.15.194 | 200 OK | 2.3 MB |
URL HTTP/2turf-time-az.org/hosted/images/61/41bfb8fbe7494c8f8d8be997f81455/rock.png IP104.16.15.194:0
File typePNG image data, 1185 x 911, 8-bit/color RGB, non-interlaced\012- data Size2.3 MB (2337549 bytes) Hashfb731832f5d1609be551cc3440ab289b f9a6c3c63ed2a36952d47d86815ab5d445d27fa1 cb6b3262c58028232bbee4fcf1c2ddec372eb0355287e84ac020eefcc9b2394a
GET /hosted/images/61/41bfb8fbe7494c8f8d8be997f81455/rock.png HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: image/png
content-length: 2337549
cf-ray: 770d7017ebb0b4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "fb731832f5d1609be551cc3440ab289b"
last-modified: Mon, 07 Feb 2022 21:20:58 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/hosted/images/d2/ed664708474d5a906601ee7b7ea902/paver.png | 104.16.15.194 | 200 OK | 2.2 MB |
URL HTTP/2turf-time-az.org/hosted/images/d2/ed664708474d5a906601ee7b7ea902/paver.png IP104.16.15.194:0
File typePNG image data, 1185 x 911, 8-bit/color RGB, non-interlaced\012- data Size2.2 MB (2169120 bytes) Hashecfff5c45b00d1aaeef9088e703373fa 82b10da745a5d71d77c6997cb63ca1d2fa1f2b98 e799dbafb8d668e1e903eddb47e3f5ed2c2aa062c6e86995f4df52f74d32f185
GET /hosted/images/d2/ed664708474d5a906601ee7b7ea902/paver.png HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: image/png
content-length: 2169120
cf-ray: 770d7017eba9b4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "ecfff5c45b00d1aaeef9088e703373fa"
last-modified: Mon, 07 Feb 2022 21:20:57 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash1def611ed1604b222e2c1b4e5b4dbbb3 efab3f910adb2498ed4aa794df938959e861b0f1 e455592a25ecac760d03d4ca2ff3ec5a74332ff8e4d9d38384390a20d3e959f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 213
Cache-Control: max-age=97215
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:20 GMT
Etag: "63829946-1d7"
Expires: Mon, 28 Nov 2022 22:58:35 GMT
Last-Modified: Sat, 26 Nov 2022 22:55:02 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
|
|
| app.clickfunnels.com/userevents/?funnel_id=TVBKQU0rTEVTL2NjU1BYZStGcFdJUT09LS1qWmZRcXM4ZkpObVhrbWZUd3JLVGJnPT0%3D--d8511e82cb530c46b7c761680745d78c27f32cdd&page_id=NStISkkzTVN4VE9iak55eTg4SkVwZz09LS1zVXBqR25wRGhybTIwSFIxd3JLbXVRPT0%3D--2aeaebb204b71c73a8e4b3329288263071dcf397&funnel_step_id=eHkxMzIrQXY3YXJXMmhRTzA2d3JQdz09LS11MlhBa3czejZTcnZxd3BBc0VaVVl3PT0%3D--0562de824dd7a4ef7d66ad3bf2d0f5230a20e075&user_id=UENIbDZtaUhITE9vekJTQTVWSWw4Zz09LS0vdmYwSEJhaEplajlKMDR4Tk1EOUdBPT0%3D--7fb1583f7d9aae871be737fe80936aa184eb78c4&account_id=U0hkRWc5U0ZCcGZZL0l5T3dIbTBKQT09LS1nS3V0WGR1eDFaRkhzek9waXRTMG93PT0%3D--792196725ca57bb932b220bc03cd8be9cbb53240&page_code=NTMwOTE0Mzc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=dc51af98-a69d-4857-a568-4ced2717cf9f&url=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831 | 104.16.14.194 | 202 Accepted | 331 B |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=TVBKQU0rTEVTL2NjU1BYZStGcFdJUT09LS1qWmZRcXM4ZkpObVhrbWZUd3JLVGJnPT0%3D--d8511e82cb530c46b7c761680745d78c27f32cdd&page_id=NStISkkzTVN4VE9iak55eTg4SkVwZz09LS1zVXBqR25wRGhybTIwSFIxd3JLbXVRPT0%3D--2aeaebb204b71c73a8e4b3329288263071dcf397&funnel_step_id=eHkxMzIrQXY3YXJXMmhRTzA2d3JQdz09LS11MlhBa3czejZTcnZxd3BBc0VaVVl3PT0%3D--0562de824dd7a4ef7d66ad3bf2d0f5230a20e075&user_id=UENIbDZtaUhITE9vekJTQTVWSWw4Zz09LS0vdmYwSEJhaEplajlKMDR4Tk1EOUdBPT0%3D--7fb1583f7d9aae871be737fe80936aa184eb78c4&account_id=U0hkRWc5U0ZCcGZZL0l5T3dIbTBKQT09LS1nS3V0WGR1eDFaRkhzek9waXRTMG93PT0%3D--792196725ca57bb932b220bc03cd8be9cbb53240&page_code=NTMwOTE0Mzc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=dc51af98-a69d-4857-a568-4ced2717cf9f&url=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831 IP104.16.14.194:0
File typePNG image data, 12 x 14, 8-bit/color RGBA, non-interlaced\012- data Hash47489ec75254ac9a3bb9bde20b9dd5bb 35517c35292f8623ee396e82d4cad3a4ce063a36 6216c97552a1d4090dffb04a8201ab325f6b0bb8b6810da6cdb015f97af4ef19
GET /userevents/?funnel_id=TVBKQU0rTEVTL2NjU1BYZStGcFdJUT09LS1qWmZRcXM4ZkpObVhrbWZUd3JLVGJnPT0%3D--d8511e82cb530c46b7c761680745d78c27f32cdd&page_id=NStISkkzTVN4VE9iak55eTg4SkVwZz09LS1zVXBqR25wRGhybTIwSFIxd3JLbXVRPT0%3D--2aeaebb204b71c73a8e4b3329288263071dcf397&funnel_step_id=eHkxMzIrQXY3YXJXMmhRTzA2d3JQdz09LS11MlhBa3czejZTcnZxd3BBc0VaVVl3PT0%3D--0562de824dd7a4ef7d66ad3bf2d0f5230a20e075&user_id=UENIbDZtaUhITE9vekJTQTVWSWw4Zz09LS0vdmYwSEJhaEplajlKMDR4Tk1EOUdBPT0%3D--7fb1583f7d9aae871be737fe80936aa184eb78c4&account_id=U0hkRWc5U0ZCcGZZL0l5T3dIbTBKQT09LS1nS3V0WGR1eDFaRkhzek9waXRTMG93PT0%3D--792196725ca57bb932b220bc03cd8be9cbb53240&page_code=NTMwOTE0Mzc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=dc51af98-a69d-4857-a568-4ced2717cf9f&url=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://turf-time-az.org
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Sun, 27 Nov 2022 19:58:20 GMT
content-type: text/html
cf-ray: 770d701f3bd1fab4-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: afccfe3daad371de7f07a952bcb5dc5e
x-runtime: 0.037615
set-cookie: __cf_bm=MJ98a0VUsZK_0a6VxXJaO2tiaKIx9aH_R6uj9VI5tq0-1669579100-0-Af91Fr0mdMuPysQQvgZ/WfKyBqe5M2gxaYDi5/XoDn+Q3+KVN/2QWZcWPlxOADm7QI1wURZb3yi/gMleqP2juH+RDCr2b+D+sC7GScIU14qP; path=/; expires=Sun, 27-Nov-22 20:28:20 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| connect.facebook.net/en_US/fbevents.js | 31.13.72.12 | 200 OK | 27 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP31.13.72.12:0
File typeASCII text, with very long lines (64348) Hash44ecaa3c2a4929a40141edc4540aaf84 f29a573182333b2500d41bfc389d6c5232dfb348 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 1BmUyuK4Q1vMYXlO5pYP1JgZ+DVmgEdjgTqasiEkIlTDgl2uBYr/L7b8c2blwcWPAH+VLwkg3EBk/1s0vc3Jow==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Sun, 27 Nov 2022 19:58:20 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash1def611ed1604b222e2c1b4e5b4dbbb3 efab3f910adb2498ed4aa794df938959e861b0f1 e455592a25ecac760d03d4ca2ff3ec5a74332ff8e4d9d38384390a20d3e959f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 213
Cache-Control: max-age=97215
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:20 GMT
Etag: "63829946-1d7"
Expires: Mon, 28 Nov 2022 22:58:35 GMT
Last-Modified: Sat, 26 Nov 2022 22:55:02 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashaebda342a81ad83f60d2523f54ccda67 e590d9326e4a283e0929a8ffccb13cc4308af0e6 bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3533
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 19:58:20 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashaebda342a81ad83f60d2523f54ccda67 e590d9326e4a283e0929a8ffccb13cc4308af0e6 bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3533
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 19:58:20 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1db6041a0bdb2319ae85afcc30caaeec 3b0ec6a7188dadf986f72fda8110296d9abd6f35 05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 01:46:48 GMT
age: 65492
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2cd887044e91d7ed0f1a8d7119ff7dd0 ae8aa4ce6ddaccba771fe65446926b60fc5628da bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 79599
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4e97baa4851785eac92c719abf481c64 c32a57038d3cdbc514c9081c9938eca6a04fb481 adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8387
x-amzn-requestid: e4ce369f-7654-4c1a-94c2-70c913eb1a01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFL0tEcqIAMFXHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec01d-37bd969f4cdfe220096b8c1f;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:51:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: __2hrJIdzCKzhuJ_YfbSSfz-WwyIqnPugk7P6SuYSjn6b2wwm0otCw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 20:58:18 GMT
age: 82802
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg | 34.120.237.76 | 200 OK | 4.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash841a4b110022a99ddea6f7bf66df0fa1 126771b86638108050cf57c0d12faa27f80f0edb 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 02:31:24 GMT
age: 62816
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash741ddfb19764ac9a77509e7e87cfbfb2 308c08784ce4a0757cbd112807555b83e17a1d56 e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I6egDH0h7D08HhaoQHQ0vgghBhPfje2lGIbnWD-t7p4txzHsFxmZfg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 16:15:23 GMT
age: 13377
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg | 34.120.237.76 | 200 OK | 7.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash76c00eceed956377d7469ef58b0815cb 97a135335f5b1b042adeb385718f8808cb78528b 81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 79692
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/hosted/images/77/c12632dc8648a6828ff50b653494e6/turf-house-bg.png | 104.16.15.194 | 200 OK | 3.2 MB |
URL HTTP/2turf-time-az.org/hosted/images/77/c12632dc8648a6828ff50b653494e6/turf-house-bg.png IP104.16.15.194:0
File typePNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced\012- data Size3.2 MB (3199438 bytes) Hash6f1a93d6b5fed718f61ce901888edb74 8244592f01a31615f3422feec9fe7190eb99d9b4 4ff8b8214a8359db0543c220982ebeb9c0a1999b82309ac38dd33364f43a606b
GET /hosted/images/77/c12632dc8648a6828ff50b653494e6/turf-house-bg.png HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:20 GMT
content-type: image/png
content-length: 3199438
cf-ray: 770d701c6d09b4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "6f1a93d6b5fed718f61ce901888edb74"
last-modified: Mon, 07 Feb 2022 21:31:20 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| www.facebook.com/tr/?id=623520298751239&ev=PageView&dl=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831&rl=&if=false&ts=1669579100683&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669579100682.1410972195&it=1669579100166&coo=false&rqm=GET | 31.13.72.36 | 200 OK | 86 kB |
URL HTTP/2www.facebook.com/tr/?id=623520298751239&ev=PageView&dl=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831&rl=&if=false&ts=1669579100683&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669579100682.1410972195&it=1669579100166&coo=false&rqm=GET IP31.13.72.36:0
File typegzip compressed data, from Unix\012- data Hash1615610428a3690309fe2da4d001ea81 8a0593ba65a3ff752806f5ffdfa171f2fff2b4e1 b4ca2ee9a373ae76ebbc81420118dd534dc94de558d5f6f189782b89c5f9f8fa
GET /tr/?id=623520298751239&ev=PageView&dl=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831&rl=&if=false&ts=1669579100683&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669579100682.1410972195&it=1669579100166&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Nov 2022 19:58:21 GMT
X-Firefox-Spdy: h2
|
|
| www.facebook.com/tr/?id=623520298751239&ev=Microdata&dl=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831&rl=&if=false&ts=1669579101200&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Turf%20Time%20AZ-%20Artificial%20Grass%20Installer%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atitle%22%3A%22Turf%20Time%20AZ-%20Artificial%20Grass%20Installer%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669579100682.1410972195&it=1669579100166&coo=false&es=automatic&tm=3&rqm=GET | 31.13.72.36 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=623520298751239&ev=Microdata&dl=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831&rl=&if=false&ts=1669579101200&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Turf%20Time%20AZ-%20Artificial%20Grass%20Installer%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atitle%22%3A%22Turf%20Time%20AZ-%20Artificial%20Grass%20Installer%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669579100682.1410972195&it=1669579100166&coo=false&es=automatic&tm=3&rqm=GET IP31.13.72.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=623520298751239&ev=Microdata&dl=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831&rl=&if=false&ts=1669579101200&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Turf%20Time%20AZ-%20Artificial%20Grass%20Installer%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atitle%22%3A%22Turf%20Time%20AZ-%20Artificial%20Grass%20Installer%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669579100682.1410972195&it=1669579100166&coo=false&es=automatic&tm=3&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Nov 2022 19:58:21 GMT
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/hosted/images/b2/8c18e96b724abe87de21242ea743b3/271155135_288090793353183_8299225239729257368_n.jpg | 104.16.15.194 | 200 OK | 225 kB |
URL HTTP/2turf-time-az.org/hosted/images/b2/8c18e96b724abe87de21242ea743b3/271155135_288090793353183_8299225239729257368_n.jpg IP104.16.15.194:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1440x1106, components 3\012- data Size225 kB (225147 bytes) Hash16ad618e1df4b68a6454fcc3cfb79dbf c7709ce9dce4a5ed46c5c316f8651b488ba21651 1623661fbeeb698b80763f549bf18a19ed9118e34b2a87b777f3134837684e84
GET /hosted/images/b2/8c18e96b724abe87de21242ea743b3/271155135_288090793353183_8299225239729257368_n.jpg HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:21 GMT
content-type: image/jpeg
content-length: 225147
cf-ray: 770d7017eba6b4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "16ad618e1df4b68a6454fcc3cfb79dbf"
last-modified: Sun, 06 Feb 2022 19:04:18 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/nr-1216.min.js | 151.101.86.137 | 200 OK | 14 kB |
URL HTTP/2js-agent.newrelic.com/nr-1216.min.js IP151.101.86.137:0
File typeASCII text, with very long lines (32022) Hashb7c09cc097b2847f9edc784adba62dcb 5aa648623cf5e3b4b215fe5d068a7904c59f2925 6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 27 Nov 2022 19:58:21 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 2154
x-timer: S1669579102.788999,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/cdn-cgi/rum? | 104.16.15.194 | 204 No Content | 0 B |
URL HTTP/2turf-time-az.org/cdn-cgi/rum? IP104.16.15.194:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 15586
Origin: https://turf-time-az.org
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTMwOTE0Mzc=:visited=true; cf:visitor_id=f71037e2-4b6b-4146-aa3f-9494a26e39eb; addevent_track_cookie=3cbc2c33-8575-4b4a-2ea2-b036e3452a55; _fbp=fb.1.1669579100682.1410972195
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Sun, 27 Nov 2022 19:58:21 GMT
access-control-allow-origin: https://turf-time-az.org
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 770d702a9fd7b4e8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4132&ck=1&ref=https://turf-time-az.org/optin-5224087116441286340421651424291831&ap=447&be=980&fe=3890&dc=2102&perf=%7B%22timing%22:%7B%22of%22:1669579097443,%22n%22:0,%22f%22:565,%22dn%22:570,%22dne%22:570,%22c%22:570,%22s%22:573,%22ce%22:747,%22rq%22:747,%22rp%22:904,%22rpe%22:908,%22dl%22:950,%22di%22:2048,%22ds%22:2101,%22de%22:2314,%22dc%22:3889,%22l%22:3889,%22le%22:4005%7D,%22navigation%22:%7B%7D%7D&fcp=2042&jsonp=NREUM.setToken | 162.247.241.14 | 200 OK | 72 B |
URL HTTP/1.1bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4132&ck=1&ref=https://turf-time-az.org/optin-5224087116441286340421651424291831&ap=447&be=980&fe=3890&dc=2102&perf=%7B%22timing%22:%7B%22of%22:1669579097443,%22n%22:0,%22f%22:565,%22dn%22:570,%22dne%22:570,%22c%22:570,%22s%22:573,%22ce%22:747,%22rq%22:747,%22rp%22:904,%22rpe%22:908,%22dl%22:950,%22di%22:2048,%22ds%22:2101,%22de%22:2314,%22dc%22:3889,%22l%22:3889,%22le%22:4005%7D,%22navigation%22:%7B%7D%7D&fcp=2042&jsonp=NREUM.setToken IP162.247.241.14:0
File typeASCII text, with no line terminators Hash107d93e382e2c9b00fbf9fb0edc65d86 77e750e3ebf9706f4f6dd253785602d70be17c6c a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4132&ck=1&ref=https://turf-time-az.org/optin-5224087116441286340421651424291831&ap=447&be=980&fe=3890&dc=2102&perf=%7B%22timing%22:%7B%22of%22:1669579097443,%22n%22:0,%22f%22:565,%22dn%22:570,%22dne%22:570,%22c%22:570,%22s%22:573,%22ce%22:747,%22rq%22:747,%22rp%22:904,%22rpe%22:908,%22dl%22:950,%22di%22:2048,%22ds%22:2101,%22de%22:2314,%22dc%22:3889,%22l%22:3889,%22le%22:4005%7D,%22navigation%22:%7B%7D%7D&fcp=2042&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 19:58:22 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 770d702b9be30afa-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=2e9f78fd86d38445; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg | 34.120.237.76 | 200 OK | 5.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash433875a1b1fef34e45f2d8ac344c07e3 f2129466436cbbdd58abe42a47fb7af19eba58e6 ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 79606
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.9.0/css/v4-shims.css | 172.64.133.15 | 200 OK | 0 B |
URL HTTP/2use.fontawesome.com/releases/v5.9.0/css/v4-shims.css IP172.64.133.15:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: text/css
x-amz-id-2: WpVlr9E4LNAdFsXi6U7ITEvBAF0od/nY8z13ckAJA/I/wFoGHyoSwlXOyhWr8pqbj6dB1MeQp5k=
x-amz-request-id: CN86A7VHSM61Q680
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1237005
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bU%2BLOW99wPvVb19Hd4tppzioNmBvaaM2GO1YkpF9dxN6Zi5JiuC55GShsNdgT7uxAqlKS5xG6eBGnTRV5nkLaN%2FITKuXD%2FAEOGgkID5kvz7QrVp4QXGrSfKlLWrIbzYTu1p%2Fj%2BZg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770d7018de30070e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/images/background.png?_unique=0.3411663056217713&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//turf-time-az.org/optin-5224087116441286340421651424291831&_title=Turf%20Time%20AZ-%20Artificial%20Grass%20Installer&_key=ecg7b623&_page_key=psk45q5lpq31h32m&_fid=11829108&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://turf-time-az.org/optin-5224087116441286340421651424291831&_referrer= | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2turf-time-az.org/images/background.png?_unique=0.3411663056217713&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//turf-time-az.org/optin-5224087116441286340421651424291831&_title=Turf%20Time%20AZ-%20Artificial%20Grass%20Installer&_key=ecg7b623&_page_key=psk45q5lpq31h32m&_fid=11829108&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://turf-time-az.org/optin-5224087116441286340421651424291831&_referrer= IP104.16.15.194:0
GET /images/background.png?_unique=0.3411663056217713&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//turf-time-az.org/optin-5224087116441286340421651424291831&_title=Turf%20Time%20AZ-%20Artificial%20Grass%20Installer&_key=ecg7b623&_page_key=psk45q5lpq31h32m&_fid=11829108&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://turf-time-az.org/optin-5224087116441286340421651424291831&_referrer= HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTMwOTE0Mzc=:visited=true; cf:visitor_id=f71037e2-4b6b-4146-aa3f-9494a26e39eb; addevent_track_cookie=3cbc2c33-8575-4b4a-2ea2-b036e3452a55; _fbp=fb.1.1669579100682.1410972195
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:21 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 770d7029cdb4b4e8-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: c30245ef10603ae9f9d3ea8d347f757e
x-runtime: 0.020651
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| download.files.com.guanli007.com/files/apk/download/6/wjyfzym.apk | 175.6.25.99 | 200 OK | 0 B |
URL HTTP/1.1download.files.com.guanli007.com/files/apk/download/6/wjyfzym.apk IP175.6.25.99:0 ASN#63835 No.293,Wanbao Avenue
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /files/apk/download/6/wjyfzym.apk HTTP/1.1
Host: download.files.com.guanli007.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 19:58:19 GMT
Content-Type: application/vnd.android.package-archive
Content-Length: 19571449
Last-Modified: Thu, 24 Nov 2022 12:13:39 GMT
Connection: keep-alive
Content-Disposition: attachment; filename= wjyfzym.apk
ETag: "637f5ff3-12aa2f9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes
|
|
| turf-time-az.org/optin-5224087116441286340421651424291831 | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2turf-time-az.org/optin-5224087116441286340421651424291831 IP104.16.15.194:0
GET /optin-5224087116441286340421651424291831 HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: text/html; charset=utf-8
cf-ray: 770d70160fcbb4e8-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Wed, 27 Jul 2022 05:07:14 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: b22096536942616312e8e193dd7cc41a3d5716cd
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: 0cfb03b032799269df9fa5c602be5691
x-runtime: 0.478000
set-cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb; path=/; expires=Sun, 27-Nov-22 20:28:18 GMT; domain=.turf-time-az.org; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/assets/pushcrew.js | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2turf-time-az.org/assets/pushcrew.js IP104.16.15.194:0
GET /assets/pushcrew.js HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: application/x-javascript
cf-ray: 770d7017ebbfb4e8-OSL
access-control-allow-origin: *
age: 1084
cache-control: public, max-age=1200
etag: W/"637bf172-27d"
expires: Sun, 27 Nov 2022 20:18:18 GMT
last-modified: Mon, 21 Nov 2022 21:45:22 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/userevents/?funnel_id=TVBKQU0rTEVTL2NjU1BYZStGcFdJUT09LS1qWmZRcXM4ZkpObVhrbWZUd3JLVGJnPT0%3D--d8511e82cb530c46b7c761680745d78c27f32cdd&page_id=NStISkkzTVN4VE9iak55eTg4SkVwZz09LS1zVXBqR25wRGhybTIwSFIxd3JLbXVRPT0%3D--2aeaebb204b71c73a8e4b3329288263071dcf397&funnel_step_id=eHkxMzIrQXY3YXJXMmhRTzA2d3JQdz09LS11MlhBa3czejZTcnZxd3BBc0VaVVl3PT0%3D--0562de824dd7a4ef7d66ad3bf2d0f5230a20e075&user_id=UENIbDZtaUhITE9vekJTQTVWSWw4Zz09LS0vdmYwSEJhaEplajlKMDR4Tk1EOUdBPT0%3D--7fb1583f7d9aae871be737fe80936aa184eb78c4&account_id=U0hkRWc5U0ZCcGZZL0l5T3dIbTBKQT09LS1nS3V0WGR1eDFaRkhzek9waXRTMG93PT0%3D--792196725ca57bb932b220bc03cd8be9cbb53240&page_code=NTMwOTE0Mzc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=3070e4da-112b-49cb-92fb-a3b3e73dfc61&url=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831 | 104.16.14.194 | 202 Accepted | 0 B |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=TVBKQU0rTEVTL2NjU1BYZStGcFdJUT09LS1qWmZRcXM4ZkpObVhrbWZUd3JLVGJnPT0%3D--d8511e82cb530c46b7c761680745d78c27f32cdd&page_id=NStISkkzTVN4VE9iak55eTg4SkVwZz09LS1zVXBqR25wRGhybTIwSFIxd3JLbXVRPT0%3D--2aeaebb204b71c73a8e4b3329288263071dcf397&funnel_step_id=eHkxMzIrQXY3YXJXMmhRTzA2d3JQdz09LS11MlhBa3czejZTcnZxd3BBc0VaVVl3PT0%3D--0562de824dd7a4ef7d66ad3bf2d0f5230a20e075&user_id=UENIbDZtaUhITE9vekJTQTVWSWw4Zz09LS0vdmYwSEJhaEplajlKMDR4Tk1EOUdBPT0%3D--7fb1583f7d9aae871be737fe80936aa184eb78c4&account_id=U0hkRWc5U0ZCcGZZL0l5T3dIbTBKQT09LS1nS3V0WGR1eDFaRkhzek9waXRTMG93PT0%3D--792196725ca57bb932b220bc03cd8be9cbb53240&page_code=NTMwOTE0Mzc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=3070e4da-112b-49cb-92fb-a3b3e73dfc61&url=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831 IP104.16.14.194:0
GET /userevents/?funnel_id=TVBKQU0rTEVTL2NjU1BYZStGcFdJUT09LS1qWmZRcXM4ZkpObVhrbWZUd3JLVGJnPT0%3D--d8511e82cb530c46b7c761680745d78c27f32cdd&page_id=NStISkkzTVN4VE9iak55eTg4SkVwZz09LS1zVXBqR25wRGhybTIwSFIxd3JLbXVRPT0%3D--2aeaebb204b71c73a8e4b3329288263071dcf397&funnel_step_id=eHkxMzIrQXY3YXJXMmhRTzA2d3JQdz09LS11MlhBa3czejZTcnZxd3BBc0VaVVl3PT0%3D--0562de824dd7a4ef7d66ad3bf2d0f5230a20e075&user_id=UENIbDZtaUhITE9vekJTQTVWSWw4Zz09LS0vdmYwSEJhaEplajlKMDR4Tk1EOUdBPT0%3D--7fb1583f7d9aae871be737fe80936aa184eb78c4&account_id=U0hkRWc5U0ZCcGZZL0l5T3dIbTBKQT09LS1nS3V0WGR1eDFaRkhzek9waXRTMG93PT0%3D--792196725ca57bb932b220bc03cd8be9cbb53240&page_code=NTMwOTE0Mzc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=3070e4da-112b-49cb-92fb-a3b3e73dfc61&url=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://turf-time-az.org
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Sun, 27 Nov 2022 19:58:20 GMT
content-type: text/html
cf-ray: 770d701f2bcffab4-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: bea016965df50ba4c69694fad1ab975e
x-runtime: 0.034544
set-cookie: __cf_bm=pvh.0VaiehrOLbqYMQT_bM_2c.yuWznqNBFfm1LLQ9M-1669579100-0-ASZjOPgK/4xgBGPt3C77IlDMoYlks3SWmozpmlRiSQdp9beaDVNE2uzYsYPd/0DhVdHgm7zGx0i1KhZbGdyd/d+WdhI1tfPdT1BmSUSf+/s5; path=/; expires=Sun, 27-Nov-22 20:28:20 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.9.0/css/all.css | 172.64.133.15 | 200 OK | 0 B |
URL HTTP/2use.fontawesome.com/releases/v5.9.0/css/all.css IP172.64.133.15:0
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: text/css
x-amz-id-2: cIB7RJR8YNkOt3c5odVNIsPWGanLxokh1zS2YvTVv7QSgKdKXNOroM5eyN2MvPjoE855Z9I1sPM=
x-amz-request-id: BCPBKD6BGPB27GGJ
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 110791
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liXer6GrfViPf0v73Mn%2FfWwk%2BqOdBAUhs0i8ti1Hp9HpZdDf%2BfPNK203%2F0FdA04lJv15sAztlIcDyE%2FI0JK9LAMHk%2F1sfCc2RO393IiKLksRCTrYTYBkSk7LjHARIyPGvlHUkZHG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770d7018ade3070e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/vendor.js | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2turf-time-az.org/vendor.js IP104.16.15.194:0
GET /vendor.js HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:20 GMT
content-type: application/javascript
cf-ray: 770d701e49d8b4e8-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss, store
x-request-id: bf9f075f5600d2a53cf6f97529f3d7d6
x-runtime: 0.019531
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/hosted/images/ef/a8fecd03bf411e99a7eb43e3f5508f/AdobeStock_298898714.jpg | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2turf-time-az.org/hosted/images/ef/a8fecd03bf411e99a7eb43e3f5508f/AdobeStock_298898714.jpg IP104.16.15.194:0
GET /hosted/images/ef/a8fecd03bf411e99a7eb43e3f5508f/AdobeStock_298898714.jpg HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: image/jpeg
content-length: 940410
cf-ray: 770d7017ebb2b4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "5613386b8ffb0b5dbf4e76186b5c554e"
last-modified: Sun, 06 Feb 2022 17:29:59 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/hosted/images/74/2dab315ed141158e40eb63f0a5aaac/star-shadow.svg | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2turf-time-az.org/hosted/images/74/2dab315ed141158e40eb63f0a5aaac/star-shadow.svg IP104.16.15.194:0
GET /hosted/images/74/2dab315ed141158e40eb63f0a5aaac/star-shadow.svg HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: image/svg+xml
cf-ray: 770d7017ebb4b4e8-OSL
cache-control: max-age=31536000
etag: W/"37d1684b6e02190492614afade294d55-2"
last-modified: Sun, 06 Feb 2022 17:23:03 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| turf-time-az.org/assets/lander.css | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2turf-time-az.org/assets/lander.css IP104.16.15.194:0
GET /assets/lander.css HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: text/css
cf-ray: 770d7017db84b4e8-OSL
access-control-allow-origin: *
age: 191
cache-control: public, max-age=1200
etag: W/"637bf173-6a514"
expires: Sun, 27 Nov 2022 20:18:18 GMT
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|