Report - turf-time-az.org/

Report Overview

Submitted URL
turf-time-az.org/
IP
104.16.15.194
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-27 19:58:31
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	457 B	28 kB	104.16.56.101
app.clickfunnels.com	34727	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	28 kB	104.16.14.194
download.files.com.guanli007.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	284 B	452 B	175.6.25.99
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
turf-time-az.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	9.3 MB	104.16.16.194
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.43.228.5
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	18 kB	142.250.74.10
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	29 kB	31.13.72.12
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	65 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.5 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	6.6 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.3
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	87 kB	31.13.72.36
js-agent.newrelic.com	378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	15 kB	151.101.86.137
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	799 B	1.7 kB	172.64.133.15
assets.clickfunnels.com	64830	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	1.8 kB	104.16.14.194
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	14 kB	216.58.207.195
bam.nr-data.net	630	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	900 B	602 B	162.247.241.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-27	medium	download.files.com.guanli007.com/files/apk/download/6/wjyfzym.apk	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	js-agent.newrelic.com/nr-1216.min.js	39 kB	2023-03-07	2023-12-02
Pretty URL js-agent.newrelic.com/nr-1216.min.js IP 151.101.86.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-12-02 09:02:29 Times Seen204 Hash 9f533d8cd24b2c5e3b4dc886ecbd43e8 4aaad79f222fbcf885679bb30ac0cb6c14ec06eb 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708 Loading...

	bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4132&ck=1&ref=https://turf-time-az.org/optin-5224087116441286340421651424291831&ap=447&be=980&fe=3890&dc=2102&perf=%7B%22timing%22:%7B%22of%22:1669579097443,%22n%22:0,%22f%22:565,%22dn%22:570,%22dne%22:570,%22c%22:570,%22s%22:573,%22ce%22:747,%22rq%22:747,%22rp%22:904,%22rpe%22:908,%22dl%22:950,%22di%22:2048,%22ds%22:2101,%22de%22:2314,%22dc%22:3889,%22l%22:3889,%22le%22:4005%7D,%22navigation%22:%7B%7D%7D&fcp=2042&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4132&ck=1&ref=https://turf-time-az.org/optin-5224087116441286340421651424291831&ap=447&be=980&fe=3890&dc=2102&perf=%7B%22timing%22:%7B%22of%22:1669579097443,%22n%22:0,%22f%22:565,%22dn%22:570,%22dne%22:570,%22c%22:570,%22s%22:573,%22ce%22:747,%22rq%22:747,%22rp%22:904,%22rpe%22:908,%22dl%22:950,%22di%22:2048,%22ds%22:2101,%22de%22:2314,%22dc%22:3889,%22l%22:3889,%22le%22:4005%7D,%22navigation%22:%7B%7D%7D&fcp=2042&jsonp=NREUM.setToken IP 162.247.241.14 ASN #23467 NEWRELIC-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	turf-time-az.org/optin-5224087116441286340421651424291831	280 B	2023-03-11	2023-05-24
Pretty URL turf-time-az.org/optin-5224087116441286340421651424291831 IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:32:05 Last Seen2023-05-24 15:46:57 Times Seen5 Hash f578506c69a5f58a0381902856d3d8da 4860fded2169ab7726aa0192245a5c09637b169c 5e25908106ab92822033d5c41b7310774d4b464aac478f517c70abc57ee63d86 Loading...

	static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993	17 kB	2023-03-08	2024-02-28
Pretty URL static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP 104.16.56.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:00 Last Seen2024-02-28 12:44:37 Times Seen1362 Hash 33100f2355611b2375f05486299abf05 0b2d1b75f6695e67b884bee2eb72165d6e881a26 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Loading...

	turf-time-az.org/optin-5224087116441286340421651424291831	101 B	2023-03-07	2024-03-20
Pretty URL turf-time-az.org/optin-5224087116441286340421651424291831 IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1072 Hash 58d9451139b4d777d43d7c3e074a944a 58dbf64854e67993dd579ecc78d1a32fea9266ed 85f043b5d0590f154a02cf29f549340485f0e6dd78c70ab8746555092fc9d493 Loading...

	turf-time-az.org/optin-5224087116441286340421651424291831	464 B	2023-03-11	2023-03-11
Pretty URL turf-time-az.org/optin-5224087116441286340421651424291831 IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:32:05 Last Seen2023-03-11 21:32:05 Times Seen1 Hash cd7fdac7e0e897d16e8f512bec460195 9413c200cd5a9d76d964276d5adba9d297679e65 862fd92608b48690053212c37a8149661f95c757d83d8e56aa697234f1371eee Loading...

	turf-time-az.org/assets/pushcrew.js	637 B	2023-03-07	2024-03-20
Pretty URL turf-time-az.org/assets/pushcrew.js IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1405 Hash 0a67c27615e7d2202f261dcc0a82d744 0fa0a8ca56efded583bd4201821015a63c623d44 f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422 Loading...

	turf-time-az.org/vendor.js	18 kB	2023-03-07	2024-03-20
Pretty URL turf-time-az.org/vendor.js IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1309 Hash bf2a8a168c0be1544c34f363c276586e 581e49c9b7bdd06dab54c00931f4256b223e620e 7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d Loading...

	connect.facebook.net/signals/config/623520298751239?v=2.9.89&r=stable	300 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/623520298751239?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:32:05 Last Seen2023-03-11 21:32:05 Times Seen1 Hash 614a704a7bcd080dc755ffdc2103d15b a382b0a05fd9112b92c8e6ac323eced46253c575 63f5711b362f24281e89c748010d357886a26dd0e22b7adbf0a37b03fdfb5af6 Loading...

	turf-time-az.org/optin-5224087116441286340421651424291831	10 kB	2023-03-07	2023-03-17
Pretty URL turf-time-az.org/optin-5224087116441286340421651424291831 IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-03-17 12:27:39 Times Seen1 Hash 61abdb73cf60f39fa1f99dbd202754ac 8d0f53cfd61600543702b775cccfdb6cff316a83 42f0f6e0965f466635a6785e94642889e31ade69c5d6c892182d03c91abd6082 Loading...

	turf-time-az.org/assets/userevents/application.js	5.2 kB	2023-03-08	2024-03-20
Pretty URL turf-time-az.org/assets/userevents/application.js IP 104.16.15.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:42 Last Seen2024-03-20 16:33:23 Times Seen1321 Hash 4849819314b7c1be4146a39b52c5c502 3e09f90cb42c04ff19f66dbbd83e3dbb544b50bf a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 10:44:54 Times Seen36956733 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 1759a28e4a0e2ae5523791fa551ba5a9	119 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:32:05 Last Seen2023-03-11 21:32:05 Times Seen1 Hash 1759a28e4a0e2ae5523791fa551ba5a9 5e4f11cb9a4a4650979e83b61c3c71bc0fccb291 11fe499742ff981e04128ba2b14b48d20f79af54f387e487a053b9f73ed30308 Loading...

HTTP Transactions (65)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3379
Expires: Sun, 27 Nov 2022 20:54:37 GMT
Date: Sun, 27 Nov 2022 19:58:18 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5346
Cache-Control: max-age=144121
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 12:00:19 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 19:19:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2334
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6117
Expires: Sun, 27 Nov 2022 21:40:15 GMT
Date: Sun, 27 Nov 2022 19:58:18 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: MA9At/ZjMiciRLohDP61HC2xTDOxq/ncRxbj9kWAtmi1WTjAncUsILR0AeAkaiqOtOfN8VV+BrM=
x-amz-request-id: Q59VE7S5ZQSAX7C3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 19:41:46 GMT
age: 992
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

turf-time-az.org/

104.16.16.194

302 Found

512 B

URL HTTP/1.1
turf-time-az.org/
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (497)
Size
512 B (512 bytes)
Hash
6321c249d61ade9f701f05d73a676407
d4ee7f9a77c75f461b218b45a24d07c531c88785
a484ac3c6df9fe741c972660629e88ddc965411d1c79a0eb89483409d11fcb0a

HTTP Headers

GET / HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Sun, 27 Nov 2022 19:58:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://turf-time-az.org/optin-5224087116441286340421651424291831
CF-Ray: 770d70123a440b3d-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Vary: Accept-Encoding
CF-Cache-Status: BYPASS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Request-Method: *
Pragma: no-cache
Status: 302 Found
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: 7e2b2b5694c9e7f9be6c409c50dd2200
X-Runtime: 0.184422
Set-Cookie: __cf_bm=Wxvxp59rzLH5qA.IBcwQNAVMBkdoZt3dlMO.xVLOMtg-1669579098-0-AQG+CDXXrH5UbNkHWXyi85gV/0WeTfq8saeEYuOPxOWeb2hI6NmXV1XGwyi/jfqaoHcSJthBZCCENCY5xvGiksl1hzwjd5/RgV1+mfPp89U1; path=/; expires=Sun, 27-Nov-22 20:28:18 GMT; domain=.turf-time-az.org; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
760356b01ef1382c7ba8485cddd41732
9df1846f9efffee67d30b7d6aaa4d1818053a0e6
19d98ba29fd515fc4cc9efbbedf72043fbd4f41aab9e036a1069fa86bf574480

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121124
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Etag: "6382f77e-117"
Expires: Tue, 29 Nov 2022 05:37:02 GMT
Last-Modified: Sun, 27 Nov 2022 05:37:02 GMT
Server: nginx
Content-Length: 279

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 19:11:12 GMT
cache-control: public,max-age=3600
age: 2826
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
803475345d94e9c4f3648a2f06c61b22
f9d012699ec80160ea7b9cae0109b2bff712724e
ae5000b1a3dfd9db4c86d42d1d9948a534b5a2019200b0252658bcf4ba8346e7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2534
Cache-Control: max-age=142353
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Etag: "63834085-116"
Expires: Tue, 29 Nov 2022 11:30:51 GMT
Last-Modified: Sun, 27 Nov 2022 10:48:37 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4447
Cache-Control: max-age=138161
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:20:59 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

turf-time-az.org/hosted/images/images/stock/arrows/black/down-3.png

104.16.15.194

200 OK

59 kB

URL HTTP/2
turf-time-az.org/hosted/images/images/stock/arrows/black/down-3.png
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 911 x 410, 8-bit colormap, non-interlaced\012- data
Size
59 kB (58816 bytes)
Hash
fcdff8d42c2cc8f60f09ffc805e32053
b0561004784b103be1803efdc932ab73273d21a1
84d2ac2a03e32b1dc4a701f1ca4e0a2e28bad6023605373f08b82e9641dc4010

HTTP Headers

GET /hosted/images/images/stock/arrows/black/down-3.png HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: image/png
content-length: 58816
cf-ray: 770d7017db9ab4e8-OSL
accept-ranges: bytes
age: 361213
cache-control: max-age=31536000
etag: "5d92482e7517a8544723f0b89a32f31c"
expires: Wed, 28 Dec 2022 19:58:18 GMT
last-modified: Fri, 11 Nov 2016 20:39:30 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-polished: origSize=59782
x-amz-cf-pop: OSL50-P1
server: cloudflare
X-Firefox-Spdy: h2

turf-time-az.org/hosted/images/2d/61ffe872284674a155376f8e4d19ea/117305556_2707112792889686_7904323547035526952_o.jpg

104.16.15.194

200 OK

132 kB

URL HTTP/2
turf-time-az.org/hosted/images/2d/61ffe872284674a155376f8e4d19ea/117305556_2707112792889686_7904323547035526952_o.jpg
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1789x1789, components 3\012- data
Size
132 kB (132109 bytes)
Hash
28681066f1e0702b3e76e5b0c8f5c498
67c3454d772a65009f8c29d96a821c92ed81d0ad
a318ea0e3c8ddd9ecd611834c33acbae98cf6ecb147f4d3748e3a9ab054e59f9

HTTP Headers

GET /hosted/images/2d/61ffe872284674a155376f8e4d19ea/117305556_2707112792889686_7904323547035526952_o.jpg HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: image/jpeg
content-length: 132109
cf-ray: 770d7017db97b4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "28681066f1e0702b3e76e5b0c8f5c498"
last-modified: Fri, 29 Jan 2021 07:11:26 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
46be323bc79f562de2849d93b20ae76e
8f39777956be6e476b5a1c9648e2c585d7ddeda7
55140433a1d1011107c4f18c87249ba048ac0993ad2be18e0a1255208ac4a5ce

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1856
Cache-Control: max-age=126917
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Etag: "638306df-117"
Expires: Tue, 29 Nov 2022 07:13:35 GMT
Last-Modified: Sun, 27 Nov 2022 06:42:39 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
263fd6d40218c2b0a2945fa12db8b4e5
db616a4c91fea68c1badef3644d17c033a467dd1
9a5d043d20760ae47a125e8585da97dcaf49405321e810c12e93336f55c95a97

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5158
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Last-Modified: Sun, 27 Nov 2022 18:32:21 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
263fd6d40218c2b0a2945fa12db8b4e5
db616a4c91fea68c1badef3644d17c033a467dd1
9a5d043d20760ae47a125e8585da97dcaf49405321e810c12e93336f55c95a97

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5608
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:18 GMT
Last-Modified: Sun, 27 Nov 2022 18:24:50 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

assets.clickfunnels.com/images/closemodal.png

104.16.14.194

200 OK

672 B

URL HTTP/2
assets.clickfunnels.com/images/closemodal.png
IP
104.16.14.194:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
672 B (672 bytes)
Hash
19754ed4d508cf576c80cf36e0db8c50
f459beac714e5be68aa75349fa806a5642af456a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

HTTP Headers

GET /images/closemodal.png HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: image/webp
content-length: 672
cf-ray: 770d70182a1afab4-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 962282
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "6359dae3-314"
expires: Wed, 28 Dec 2022 19:58:18 GMT
last-modified: Thu, 27 Oct 2022 01:12:03 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=h2CiC46UfWVVykQurQ9MJFgl159wUPSvM.in_Eeq_e4-1669579098-0-Ab1HlRVS+ctHeRdEsBj41ZQRcyLCAA0hnCo6e08EUjHNHfEEG/OTTFXfFA/zj6TWbslv/wRGuNINUGmQbm2Szgz8AUeAHRAuBrLQQ8n7WvZV; path=/; expires=Sun, 27-Nov-22 20:28:18 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
263fd6d40218c2b0a2945fa12db8b4e5
db616a4c91fea68c1badef3644d17c033a467dd1
9a5d043d20760ae47a125e8585da97dcaf49405321e810c12e93336f55c95a97

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5159
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:19 GMT
Last-Modified: Sun, 27 Nov 2022 18:32:21 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

push.services.mozilla.com/

52.43.228.5

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.228.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PPkv/z/UhHOqfoJ9QkdrrQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CmyTAgXp0EuPxiLSkrMYIczjzf8=

turf-time-az.org/assets/lander.js

104.16.15.194

200 OK

678 kB

URL HTTP/2
turf-time-az.org/assets/lander.js
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32752)
Size
678 kB (678323 bytes)
Hash
a12e745a0a21a9385a0ce5d95a03843e
efc7f3dbaea3a2a8675012ccc05fb26a631efe11
688b3aa3000e4d41c879e19dc740f5b559995b07fb8238947c0b88525139bdd4

HTTP Headers

GET /assets/lander.js HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: application/x-javascript
cf-ray: 770d7017ebbcb4e8-OSL
access-control-allow-origin: *
age: 921
cache-control: public, max-age=1200
etag: W/"637bf1b5-2391a3"
expires: Sun, 27 Nov 2022 20:18:18 GMT
last-modified: Mon, 21 Nov 2022 21:46:29 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

142.250.74.10

200 OK

2.9 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
2.9 kB (2920 bytes)
Hash
63ed4f145e5cdb33c3f87def844e855f
1baab41465d4e3d063348f856f5866261c69c92d
3c8379a39353c350778ea8b09f61ff34b960adf346f79612239f7cb8c5f4b786

HTTP Headers

GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 19:58:18 GMT
date: Sun, 27 Nov 2022 19:58:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

turf-time-az.org/hosted/images/f8/8bf0cdc51f4fc8974f2b53eb6ea75d/Screen-Shot-2022-02-06-at-10.11.46-AM.png

104.16.15.194

200 OK

285 kB

URL HTTP/2
turf-time-az.org/hosted/images/f8/8bf0cdc51f4fc8974f2b53eb6ea75d/Screen-Shot-2022-02-06-at-10.11.46-AM.png
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1238 x 712, 8-bit/color RGB, non-interlaced\012- data
Size
285 kB (284584 bytes)
Hash
0268db237365a466e257da2baa2f05de
9750c63c2931691b8179082b936a90faf3aacc80
e4394b069306544d90d63ea3f3f6dba3e789bd17464996fe86ad139990e9dad9

HTTP Headers

GET /hosted/images/f8/8bf0cdc51f4fc8974f2b53eb6ea75d/Screen-Shot-2022-02-06-at-10.11.46-AM.png HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: image/png
content-length: 284584
cf-ray: 770d7017ebbbb4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "0268db237365a466e257da2baa2f05de"
last-modified: Sun, 06 Feb 2022 18:12:03 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

turf-time-az.org/assets/userevents/application.js

104.16.15.194

200 OK

2.3 kB

URL HTTP/2
turf-time-az.org/assets/userevents/application.js
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (5244), with no line terminators
Size
2.3 kB (2293 bytes)
Hash
561f486de0369121c9b4b7c5fca25395
a7640af28d978c9caf4fd53c24207ee5c7027d95
9e4f9b4ec4dfbb59ef26b5c28bc90feee5f3d73834a9c086d93f196c81816347

HTTP Headers

GET /assets/userevents/application.js HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: application/x-javascript
cf-ray: 770d7017db8eb4e8-OSL
access-control-allow-origin: *
age: 1084
cache-control: public, max-age=1200
etag: W/"637bf173-147c"
expires: Sun, 27 Nov 2022 20:18:18 GMT
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Size
13 kB (12860 bytes)
Hash
ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

HTTP Headers

GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://turf-time-az.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:03:13 GMT
expires: Tue, 21 Nov 2023 21:03:13 GMT
cache-control: public, max-age=31536000
age: 514506
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=sans-serif%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7Csans-serif%7CPoppins%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CDroid+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7CDroid+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CLato%7CNoto+Sans%7Csans-serif%7CLato%7CNoto+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7C%7C

142.250.74.10

200 OK

13 kB

URL HTTP/2
fonts.googleapis.com/css?family=sans-serif%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7Csans-serif%7CPoppins%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CDroid+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7CDroid+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CLato%7CNoto+Sans%7Csans-serif%7CLato%7CNoto+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7C%7C
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
13 kB (13420 bytes)
Hash
1c5daf388e58137201ab242983d62e6d
60228ee47b5f812388f15d51d2a309ea38465dec
a35949811411bb4881e8fb6e8177c8c0a2267189ec39b7bdb4fe56cd8cc2e15d

HTTP Headers

GET /css?family=sans-serif%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7Csans-serif%7CPoppins%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CDroid+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7CDroid+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CNoto+Sans%7Csans-serif%7CLato%7CNoto+Sans%7Csans-serif%7CLato%7CNoto+Sans%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CLato%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7CLato%7Csans-serif%7CNoto+Sans%7Csans-serif%7C%7C HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 19:58:18 GMT
date: Sun, 27 Nov 2022 19:58:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

104.16.56.101

200 OK

27 kB

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
104.16.56.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
27 kB (27382 bytes)
Hash
529dd9eb11d200dd3967fde44dba85a2
894550c3d7a621cb6428e308fc038060821d772c
26645dc5c9810b296bc9045a6d4ac37f943c65d80817dd0c3dfa7465c92ef297

HTTP Headers

GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://turf-time-az.org
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 770d70187acc0afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

app.clickfunnels.com/mailcheck.min.js

104.16.14.194

200 OK

25 kB

URL HTTP/2
app.clickfunnels.com/mailcheck.min.js
IP
104.16.14.194:0
ASN
#13335 CLOUDFLARENET

File type
C source, ASCII text, with very long lines (525)
Size
25 kB (24719 bytes)
Hash
72190f73f3c0cb4b8f544ff26bf48420
47d4f0f14876536e728d377c303036d2f7ccffe3
e567494910b7518e7fe2a8e3c31720ac7769794e7c7eea5d3dd37dbf6a1e732d

HTTP Headers

GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: application/x-javascript
cf-ray: 770d701a0cddfab4-OSL
access-control-allow-origin: *
age: 4357
etag: W/"637bf173-a8d"
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=XGf6EEJGXsO_PJghgaxZZ0OFdDp.vyh6tyIJ_dzGy5Y-1669579099-0-AWI5n7Y5w2mQFaFPVt/o/rE3zBCYxRBJLRKtB3QnFowrMUJxnaKrDi+fxr3ZqmMBU3WF93AGhWgPc02w62kORPPAPMih/Kp+Eyb1Oa7rk6kC; path=/; expires=Sun, 27-Nov-22 20:28:19 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

turf-time-az.org/hosted/images/23/d48b7897494805bc2025368c7849df/turf-time-az-logo_ccexpress.png

104.16.15.194

200 OK

174 kB

URL HTTP/2
turf-time-az.org/hosted/images/23/d48b7897494805bc2025368c7849df/turf-time-az-logo_ccexpress.png
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2048 x 2048, 8-bit/color RGBA, non-interlaced\012- data
Size
174 kB (174536 bytes)
Hash
d234c38248e66d1f6531d4fd5923a085
3c9ae2285b212a3f3ef215deba845565695da636
8c1337ecfd85856c4234eeb6122b89734ad664d8d67c5b9a3b7b3abd5d777d9a

HTTP Headers

GET /hosted/images/23/d48b7897494805bc2025368c7849df/turf-time-az-logo_ccexpress.png HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: image/png
content-length: 174536
cf-ray: 770d7017eba1b4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "d234c38248e66d1f6531d4fd5923a085"
last-modified: Sun, 06 Feb 2022 17:11:04 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

turf-time-az.org/hosted/images/61/41bfb8fbe7494c8f8d8be997f81455/rock.png

104.16.15.194

200 OK

2.3 MB

URL HTTP/2
turf-time-az.org/hosted/images/61/41bfb8fbe7494c8f8d8be997f81455/rock.png
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1185 x 911, 8-bit/color RGB, non-interlaced\012- data
Size
2.3 MB (2337549 bytes)
Hash
fb731832f5d1609be551cc3440ab289b
f9a6c3c63ed2a36952d47d86815ab5d445d27fa1
cb6b3262c58028232bbee4fcf1c2ddec372eb0355287e84ac020eefcc9b2394a

HTTP Headers

GET /hosted/images/61/41bfb8fbe7494c8f8d8be997f81455/rock.png HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: image/png
content-length: 2337549
cf-ray: 770d7017ebb0b4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "fb731832f5d1609be551cc3440ab289b"
last-modified: Mon, 07 Feb 2022 21:20:58 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

turf-time-az.org/hosted/images/d2/ed664708474d5a906601ee7b7ea902/paver.png

104.16.15.194

200 OK

2.2 MB

URL HTTP/2
turf-time-az.org/hosted/images/d2/ed664708474d5a906601ee7b7ea902/paver.png
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1185 x 911, 8-bit/color RGB, non-interlaced\012- data
Size
2.2 MB (2169120 bytes)
Hash
ecfff5c45b00d1aaeef9088e703373fa
82b10da745a5d71d77c6997cb63ca1d2fa1f2b98
e799dbafb8d668e1e903eddb47e3f5ed2c2aa062c6e86995f4df52f74d32f185

HTTP Headers

GET /hosted/images/d2/ed664708474d5a906601ee7b7ea902/paver.png HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: image/png
content-length: 2169120
cf-ray: 770d7017eba9b4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "ecfff5c45b00d1aaeef9088e703373fa"
last-modified: Mon, 07 Feb 2022 21:20:57 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1def611ed1604b222e2c1b4e5b4dbbb3
efab3f910adb2498ed4aa794df938959e861b0f1
e455592a25ecac760d03d4ca2ff3ec5a74332ff8e4d9d38384390a20d3e959f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 213
Cache-Control: max-age=97215
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:20 GMT
Etag: "63829946-1d7"
Expires: Mon, 28 Nov 2022 22:58:35 GMT
Last-Modified: Sat, 26 Nov 2022 22:55:02 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

app.clickfunnels.com/userevents/?funnel_id=TVBKQU0rTEVTL2NjU1BYZStGcFdJUT09LS1qWmZRcXM4ZkpObVhrbWZUd3JLVGJnPT0%3D--d8511e82cb530c46b7c761680745d78c27f32cdd&page_id=NStISkkzTVN4VE9iak55eTg4SkVwZz09LS1zVXBqR25wRGhybTIwSFIxd3JLbXVRPT0%3D--2aeaebb204b71c73a8e4b3329288263071dcf397&funnel_step_id=eHkxMzIrQXY3YXJXMmhRTzA2d3JQdz09LS11MlhBa3czejZTcnZxd3BBc0VaVVl3PT0%3D--0562de824dd7a4ef7d66ad3bf2d0f5230a20e075&user_id=UENIbDZtaUhITE9vekJTQTVWSWw4Zz09LS0vdmYwSEJhaEplajlKMDR4Tk1EOUdBPT0%3D--7fb1583f7d9aae871be737fe80936aa184eb78c4&account_id=U0hkRWc5U0ZCcGZZL0l5T3dIbTBKQT09LS1nS3V0WGR1eDFaRkhzek9waXRTMG93PT0%3D--792196725ca57bb932b220bc03cd8be9cbb53240&page_code=NTMwOTE0Mzc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=dc51af98-a69d-4857-a568-4ced2717cf9f&url=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831

104.16.14.194

202 Accepted

331 B

URL HTTP/2
app.clickfunnels.com/userevents/?funnel_id=TVBKQU0rTEVTL2NjU1BYZStGcFdJUT09LS1qWmZRcXM4ZkpObVhrbWZUd3JLVGJnPT0%3D--d8511e82cb530c46b7c761680745d78c27f32cdd&page_id=NStISkkzTVN4VE9iak55eTg4SkVwZz09LS1zVXBqR25wRGhybTIwSFIxd3JLbXVRPT0%3D--2aeaebb204b71c73a8e4b3329288263071dcf397&funnel_step_id=eHkxMzIrQXY3YXJXMmhRTzA2d3JQdz09LS11MlhBa3czejZTcnZxd3BBc0VaVVl3PT0%3D--0562de824dd7a4ef7d66ad3bf2d0f5230a20e075&user_id=UENIbDZtaUhITE9vekJTQTVWSWw4Zz09LS0vdmYwSEJhaEplajlKMDR4Tk1EOUdBPT0%3D--7fb1583f7d9aae871be737fe80936aa184eb78c4&account_id=U0hkRWc5U0ZCcGZZL0l5T3dIbTBKQT09LS1nS3V0WGR1eDFaRkhzek9waXRTMG93PT0%3D--792196725ca57bb932b220bc03cd8be9cbb53240&page_code=NTMwOTE0Mzc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=dc51af98-a69d-4857-a568-4ced2717cf9f&url=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831
IP
104.16.14.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 12 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size
331 B (331 bytes)
Hash
47489ec75254ac9a3bb9bde20b9dd5bb
35517c35292f8623ee396e82d4cad3a4ce063a36
6216c97552a1d4090dffb04a8201ab325f6b0bb8b6810da6cdb015f97af4ef19

HTTP Headers

GET /userevents/?funnel_id=TVBKQU0rTEVTL2NjU1BYZStGcFdJUT09LS1qWmZRcXM4ZkpObVhrbWZUd3JLVGJnPT0%3D--d8511e82cb530c46b7c761680745d78c27f32cdd&page_id=NStISkkzTVN4VE9iak55eTg4SkVwZz09LS1zVXBqR25wRGhybTIwSFIxd3JLbXVRPT0%3D--2aeaebb204b71c73a8e4b3329288263071dcf397&funnel_step_id=eHkxMzIrQXY3YXJXMmhRTzA2d3JQdz09LS11MlhBa3czejZTcnZxd3BBc0VaVVl3PT0%3D--0562de824dd7a4ef7d66ad3bf2d0f5230a20e075&user_id=UENIbDZtaUhITE9vekJTQTVWSWw4Zz09LS0vdmYwSEJhaEplajlKMDR4Tk1EOUdBPT0%3D--7fb1583f7d9aae871be737fe80936aa184eb78c4&account_id=U0hkRWc5U0ZCcGZZL0l5T3dIbTBKQT09LS1nS3V0WGR1eDFaRkhzek9waXRTMG93PT0%3D--792196725ca57bb932b220bc03cd8be9cbb53240&page_code=NTMwOTE0Mzc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=dc51af98-a69d-4857-a568-4ced2717cf9f&url=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://turf-time-az.org
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Sun, 27 Nov 2022 19:58:20 GMT
content-type: text/html
cf-ray: 770d701f3bd1fab4-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: afccfe3daad371de7f07a952bcb5dc5e
x-runtime: 0.037615
set-cookie: __cf_bm=MJ98a0VUsZK_0a6VxXJaO2tiaKIx9aH_R6uj9VI5tq0-1669579100-0-Af91Fr0mdMuPysQQvgZ/WfKyBqe5M2gxaYDi5/XoDn+Q3+KVN/2QWZcWPlxOADm7QI1wURZb3yi/gMleqP2juH+RDCr2b+D+sC7GScIU14qP; path=/; expires=Sun, 27-Nov-22 20:28:20 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 1BmUyuK4Q1vMYXlO5pYP1JgZ+DVmgEdjgTqasiEkIlTDgl2uBYr/L7b8c2blwcWPAH+VLwkg3EBk/1s0vc3Jow==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Sun, 27 Nov 2022 19:58:20 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1def611ed1604b222e2c1b4e5b4dbbb3
efab3f910adb2498ed4aa794df938959e861b0f1
e455592a25ecac760d03d4ca2ff3ec5a74332ff8e4d9d38384390a20d3e959f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 213
Cache-Control: max-age=97215
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 19:58:20 GMT
Etag: "63829946-1d7"
Expires: Mon, 28 Nov 2022 22:58:35 GMT
Last-Modified: Sat, 26 Nov 2022 22:55:02 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3533
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 19:58:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3533
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 19:58:20 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13049 bytes)
Hash
1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 01:46:48 GMT
age: 65492
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10199 bytes)
Hash
2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 79599
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8387 bytes)
Hash
4e97baa4851785eac92c719abf481c64
c32a57038d3cdbc514c9081c9938eca6a04fb481
adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8387
x-amzn-requestid: e4ce369f-7654-4c1a-94c2-70c913eb1a01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFL0tEcqIAMFXHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec01d-37bd969f4cdfe220096b8c1f;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:51:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: __2hrJIdzCKzhuJ_YfbSSfz-WwyIqnPugk7P6SuYSjn6b2wwm0otCw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 20:58:18 GMT
age: 82802
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 02:31:24 GMT
age: 62816
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8817 bytes)
Hash
741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I6egDH0h7D08HhaoQHQ0vgghBhPfje2lGIbnWD-t7p4txzHsFxmZfg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 16:15:23 GMT
age: 13377
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7380 bytes)
Hash
76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 79692
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

turf-time-az.org/hosted/images/77/c12632dc8648a6828ff50b653494e6/turf-house-bg.png

104.16.15.194

200 OK

3.2 MB

URL HTTP/2
turf-time-az.org/hosted/images/77/c12632dc8648a6828ff50b653494e6/turf-house-bg.png
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced\012- data
Size
3.2 MB (3199438 bytes)
Hash
6f1a93d6b5fed718f61ce901888edb74
8244592f01a31615f3422feec9fe7190eb99d9b4
4ff8b8214a8359db0543c220982ebeb9c0a1999b82309ac38dd33364f43a606b

HTTP Headers

GET /hosted/images/77/c12632dc8648a6828ff50b653494e6/turf-house-bg.png HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:20 GMT
content-type: image/png
content-length: 3199438
cf-ray: 770d701c6d09b4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "6f1a93d6b5fed718f61ce901888edb74"
last-modified: Mon, 07 Feb 2022 21:31:20 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=623520298751239&ev=PageView&dl=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831&rl=&if=false&ts=1669579100683&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669579100682.1410972195&it=1669579100166&coo=false&rqm=GET

31.13.72.36

200 OK

86 kB

URL HTTP/2
www.facebook.com/tr/?id=623520298751239&ev=PageView&dl=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831&rl=&if=false&ts=1669579100683&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669579100682.1410972195&it=1669579100166&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
gzip compressed data, from Unix\012- data
Size
86 kB (85977 bytes)
Hash
1615610428a3690309fe2da4d001ea81
8a0593ba65a3ff752806f5ffdfa171f2fff2b4e1
b4ca2ee9a373ae76ebbc81420118dd534dc94de558d5f6f189782b89c5f9f8fa

HTTP Headers

GET /tr/?id=623520298751239&ev=PageView&dl=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831&rl=&if=false&ts=1669579100683&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669579100682.1410972195&it=1669579100166&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Nov 2022 19:58:21 GMT
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=623520298751239&ev=Microdata&dl=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831&rl=&if=false&ts=1669579101200&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Turf%20Time%20AZ-%20Artificial%20Grass%20Installer%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atitle%22%3A%22Turf%20Time%20AZ-%20Artificial%20Grass%20Installer%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669579100682.1410972195&it=1669579100166&coo=false&es=automatic&tm=3&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=623520298751239&ev=Microdata&dl=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831&rl=&if=false&ts=1669579101200&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Turf%20Time%20AZ-%20Artificial%20Grass%20Installer%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atitle%22%3A%22Turf%20Time%20AZ-%20Artificial%20Grass%20Installer%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669579100682.1410972195&it=1669579100166&coo=false&es=automatic&tm=3&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=623520298751239&ev=Microdata&dl=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831&rl=&if=false&ts=1669579101200&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Turf%20Time%20AZ-%20Artificial%20Grass%20Installer%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atitle%22%3A%22Turf%20Time%20AZ-%20Artificial%20Grass%20Installer%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669579100682.1410972195&it=1669579100166&coo=false&es=automatic&tm=3&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 27 Nov 2022 19:58:21 GMT
X-Firefox-Spdy: h2

turf-time-az.org/hosted/images/b2/8c18e96b724abe87de21242ea743b3/271155135_288090793353183_8299225239729257368_n.jpg

104.16.15.194

200 OK

225 kB

URL HTTP/2
turf-time-az.org/hosted/images/b2/8c18e96b724abe87de21242ea743b3/271155135_288090793353183_8299225239729257368_n.jpg
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1440x1106, components 3\012- data
Size
225 kB (225147 bytes)
Hash
16ad618e1df4b68a6454fcc3cfb79dbf
c7709ce9dce4a5ed46c5c316f8651b488ba21651
1623661fbeeb698b80763f549bf18a19ed9118e34b2a87b777f3134837684e84

HTTP Headers

GET /hosted/images/b2/8c18e96b724abe87de21242ea743b3/271155135_288090793353183_8299225239729257368_n.jpg HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:21 GMT
content-type: image/jpeg
content-length: 225147
cf-ray: 770d7017eba6b4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "16ad618e1df4b68a6454fcc3cfb79dbf"
last-modified: Sun, 06 Feb 2022 19:04:18 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

js-agent.newrelic.com/nr-1216.min.js

151.101.86.137

200 OK

14 kB

URL HTTP/2
js-agent.newrelic.com/nr-1216.min.js
IP
151.101.86.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32022)
Size
14 kB (14391 bytes)
Hash
b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa

HTTP Headers

GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 27 Nov 2022 19:58:21 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 2154
x-timer: S1669579102.788999,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2

turf-time-az.org/cdn-cgi/rum?

104.16.15.194

204 No Content

0 B

URL HTTP/2
turf-time-az.org/cdn-cgi/rum?
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 15586
Origin: https://turf-time-az.org
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTMwOTE0Mzc=:visited=true; cf:visitor_id=f71037e2-4b6b-4146-aa3f-9494a26e39eb; addevent_track_cookie=3cbc2c33-8575-4b4a-2ea2-b036e3452a55; _fbp=fb.1.1669579100682.1410972195
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
date: Sun, 27 Nov 2022 19:58:21 GMT
access-control-allow-origin: https://turf-time-az.org
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 770d702a9fd7b4e8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4132&ck=1&ref=https://turf-time-az.org/optin-5224087116441286340421651424291831&ap=447&be=980&fe=3890&dc=2102&perf=%7B%22timing%22:%7B%22of%22:1669579097443,%22n%22:0,%22f%22:565,%22dn%22:570,%22dne%22:570,%22c%22:570,%22s%22:573,%22ce%22:747,%22rq%22:747,%22rp%22:904,%22rpe%22:908,%22dl%22:950,%22di%22:2048,%22ds%22:2101,%22de%22:2314,%22dc%22:3889,%22l%22:3889,%22le%22:4005%7D,%22navigation%22:%7B%7D%7D&fcp=2042&jsonp=NREUM.setToken

162.247.241.14

200 OK

72 B

URL HTTP/1.1
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4132&ck=1&ref=https://turf-time-az.org/optin-5224087116441286340421651424291831&ap=447&be=980&fe=3890&dc=2102&perf=%7B%22timing%22:%7B%22of%22:1669579097443,%22n%22:0,%22f%22:565,%22dn%22:570,%22dne%22:570,%22c%22:570,%22s%22:573,%22ce%22:747,%22rq%22:747,%22rp%22:904,%22rpe%22:908,%22dl%22:950,%22di%22:2048,%22ds%22:2101,%22de%22:2314,%22dc%22:3889,%22l%22:3889,%22le%22:4005%7D,%22navigation%22:%7B%7D%7D&fcp=2042&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937

HTTP Headers

GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4132&ck=1&ref=https://turf-time-az.org/optin-5224087116441286340421651424291831&ap=447&be=980&fe=3890&dc=2102&perf=%7B%22timing%22:%7B%22of%22:1669579097443,%22n%22:0,%22f%22:565,%22dn%22:570,%22dne%22:570,%22c%22:570,%22s%22:573,%22ce%22:747,%22rq%22:747,%22rp%22:904,%22rpe%22:908,%22dl%22:950,%22di%22:2048,%22ds%22:2101,%22de%22:2314,%22dc%22:3889,%22l%22:3889,%22le%22:4005%7D,%22navigation%22:%7B%7D%7D&fcp=2042&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 19:58:22 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 770d702b9be30afa-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=2e9f78fd86d38445; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5099 bytes)
Hash
433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 79606
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/v4-shims.css

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: text/css
x-amz-id-2: WpVlr9E4LNAdFsXi6U7ITEvBAF0od/nY8z13ckAJA/I/wFoGHyoSwlXOyhWr8pqbj6dB1MeQp5k=
x-amz-request-id: CN86A7VHSM61Q680
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1237005
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bU%2BLOW99wPvVb19Hd4tppzioNmBvaaM2GO1YkpF9dxN6Zi5JiuC55GShsNdgT7uxAqlKS5xG6eBGnTRV5nkLaN%2FITKuXD%2FAEOGgkID5kvz7QrVp4QXGrSfKlLWrIbzYTu1p%2Fj%2BZg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770d7018de30070e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

turf-time-az.org/images/background.png?_unique=0.3411663056217713&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//turf-time-az.org/optin-5224087116441286340421651424291831&_title=Turf%20Time%20AZ-%20Artificial%20Grass%20Installer&_key=ecg7b623&_page_key=psk45q5lpq31h32m&_fid=11829108&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://turf-time-az.org/optin-5224087116441286340421651424291831&_referrer=

104.16.15.194

200 OK

0 B

URL HTTP/2
turf-time-az.org/images/background.png?_unique=0.3411663056217713&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//turf-time-az.org/optin-5224087116441286340421651424291831&_title=Turf%20Time%20AZ-%20Artificial%20Grass%20Installer&_key=ecg7b623&_page_key=psk45q5lpq31h32m&_fid=11829108&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://turf-time-az.org/optin-5224087116441286340421651424291831&_referrer=
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/background.png?_unique=0.3411663056217713&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//turf-time-az.org/optin-5224087116441286340421651424291831&_title=Turf%20Time%20AZ-%20Artificial%20Grass%20Installer&_key=ecg7b623&_page_key=psk45q5lpq31h32m&_fid=11829108&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://turf-time-az.org/optin-5224087116441286340421651424291831&_referrer= HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTMwOTE0Mzc=:visited=true; cf:visitor_id=f71037e2-4b6b-4146-aa3f-9494a26e39eb; addevent_track_cookie=3cbc2c33-8575-4b4a-2ea2-b036e3452a55; _fbp=fb.1.1669579100682.1410972195
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:21 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 770d7029cdb4b4e8-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: c30245ef10603ae9f9d3ea8d347f757e
x-runtime: 0.020651
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

download.files.com.guanli007.com/files/apk/download/6/wjyfzym.apk

175.6.25.99

200 OK

0 B

URL HTTP/1.1
download.files.com.guanli007.com/files/apk/download/6/wjyfzym.apk
IP
175.6.25.99:0
ASN
#63835 No.293,Wanbao Avenue

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /files/apk/download/6/wjyfzym.apk HTTP/1.1
Host: download.files.com.guanli007.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 19:58:19 GMT
Content-Type: application/vnd.android.package-archive
Content-Length: 19571449
Last-Modified: Thu, 24 Nov 2022 12:13:39 GMT
Connection: keep-alive
Content-Disposition: attachment; filename= wjyfzym.apk
ETag: "637f5ff3-12aa2f9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes

turf-time-az.org/optin-5224087116441286340421651424291831

104.16.15.194

200 OK

0 B

URL HTTP/2
turf-time-az.org/optin-5224087116441286340421651424291831
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /optin-5224087116441286340421651424291831 HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: text/html; charset=utf-8
cf-ray: 770d70160fcbb4e8-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Wed, 27 Jul 2022 05:07:14 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: b22096536942616312e8e193dd7cc41a3d5716cd
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: 0cfb03b032799269df9fa5c602be5691
x-runtime: 0.478000
set-cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb; path=/; expires=Sun, 27-Nov-22 20:28:18 GMT; domain=.turf-time-az.org; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

turf-time-az.org/assets/pushcrew.js

104.16.15.194

200 OK

0 B

URL HTTP/2
turf-time-az.org/assets/pushcrew.js
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/pushcrew.js HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: application/x-javascript
cf-ray: 770d7017ebbfb4e8-OSL
access-control-allow-origin: *
age: 1084
cache-control: public, max-age=1200
etag: W/"637bf172-27d"
expires: Sun, 27 Nov 2022 20:18:18 GMT
last-modified: Mon, 21 Nov 2022 21:45:22 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=TVBKQU0rTEVTL2NjU1BYZStGcFdJUT09LS1qWmZRcXM4ZkpObVhrbWZUd3JLVGJnPT0%3D--d8511e82cb530c46b7c761680745d78c27f32cdd&page_id=NStISkkzTVN4VE9iak55eTg4SkVwZz09LS1zVXBqR25wRGhybTIwSFIxd3JLbXVRPT0%3D--2aeaebb204b71c73a8e4b3329288263071dcf397&funnel_step_id=eHkxMzIrQXY3YXJXMmhRTzA2d3JQdz09LS11MlhBa3czejZTcnZxd3BBc0VaVVl3PT0%3D--0562de824dd7a4ef7d66ad3bf2d0f5230a20e075&user_id=UENIbDZtaUhITE9vekJTQTVWSWw4Zz09LS0vdmYwSEJhaEplajlKMDR4Tk1EOUdBPT0%3D--7fb1583f7d9aae871be737fe80936aa184eb78c4&account_id=U0hkRWc5U0ZCcGZZL0l5T3dIbTBKQT09LS1nS3V0WGR1eDFaRkhzek9waXRTMG93PT0%3D--792196725ca57bb932b220bc03cd8be9cbb53240&page_code=NTMwOTE0Mzc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=3070e4da-112b-49cb-92fb-a3b3e73dfc61&url=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831

104.16.14.194

202 Accepted

0 B

URL HTTP/2
app.clickfunnels.com/userevents/?funnel_id=TVBKQU0rTEVTL2NjU1BYZStGcFdJUT09LS1qWmZRcXM4ZkpObVhrbWZUd3JLVGJnPT0%3D--d8511e82cb530c46b7c761680745d78c27f32cdd&page_id=NStISkkzTVN4VE9iak55eTg4SkVwZz09LS1zVXBqR25wRGhybTIwSFIxd3JLbXVRPT0%3D--2aeaebb204b71c73a8e4b3329288263071dcf397&funnel_step_id=eHkxMzIrQXY3YXJXMmhRTzA2d3JQdz09LS11MlhBa3czejZTcnZxd3BBc0VaVVl3PT0%3D--0562de824dd7a4ef7d66ad3bf2d0f5230a20e075&user_id=UENIbDZtaUhITE9vekJTQTVWSWw4Zz09LS0vdmYwSEJhaEplajlKMDR4Tk1EOUdBPT0%3D--7fb1583f7d9aae871be737fe80936aa184eb78c4&account_id=U0hkRWc5U0ZCcGZZL0l5T3dIbTBKQT09LS1nS3V0WGR1eDFaRkhzek9waXRTMG93PT0%3D--792196725ca57bb932b220bc03cd8be9cbb53240&page_code=NTMwOTE0Mzc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=3070e4da-112b-49cb-92fb-a3b3e73dfc61&url=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831
IP
104.16.14.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /userevents/?funnel_id=TVBKQU0rTEVTL2NjU1BYZStGcFdJUT09LS1qWmZRcXM4ZkpObVhrbWZUd3JLVGJnPT0%3D--d8511e82cb530c46b7c761680745d78c27f32cdd&page_id=NStISkkzTVN4VE9iak55eTg4SkVwZz09LS1zVXBqR25wRGhybTIwSFIxd3JLbXVRPT0%3D--2aeaebb204b71c73a8e4b3329288263071dcf397&funnel_step_id=eHkxMzIrQXY3YXJXMmhRTzA2d3JQdz09LS11MlhBa3czejZTcnZxd3BBc0VaVVl3PT0%3D--0562de824dd7a4ef7d66ad3bf2d0f5230a20e075&user_id=UENIbDZtaUhITE9vekJTQTVWSWw4Zz09LS0vdmYwSEJhaEplajlKMDR4Tk1EOUdBPT0%3D--7fb1583f7d9aae871be737fe80936aa184eb78c4&account_id=U0hkRWc5U0ZCcGZZL0l5T3dIbTBKQT09LS1nS3V0WGR1eDFaRkhzek9waXRTMG93PT0%3D--792196725ca57bb932b220bc03cd8be9cbb53240&page_code=NTMwOTE0Mzc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=3070e4da-112b-49cb-92fb-a3b3e73dfc61&url=https%3A%2F%2Fturf-time-az.org%2Foptin-5224087116441286340421651424291831 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://turf-time-az.org
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Sun, 27 Nov 2022 19:58:20 GMT
content-type: text/html
cf-ray: 770d701f2bcffab4-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: bea016965df50ba4c69694fad1ab975e
x-runtime: 0.034544
set-cookie: __cf_bm=pvh.0VaiehrOLbqYMQT_bM_2c.yuWznqNBFfm1LLQ9M-1669579100-0-ASZjOPgK/4xgBGPt3C77IlDMoYlks3SWmozpmlRiSQdp9beaDVNE2uzYsYPd/0DhVdHgm7zGx0i1KhZbGdyd/d+WdhI1tfPdT1BmSUSf+/s5; path=/; expires=Sun, 27-Nov-22 20:28:20 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/all.css

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.9.0/css/all.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:19 GMT
content-type: text/css
x-amz-id-2: cIB7RJR8YNkOt3c5odVNIsPWGanLxokh1zS2YvTVv7QSgKdKXNOroM5eyN2MvPjoE855Z9I1sPM=
x-amz-request-id: BCPBKD6BGPB27GGJ
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 110791
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liXer6GrfViPf0v73Mn%2FfWwk%2BqOdBAUhs0i8ti1Hp9HpZdDf%2BfPNK203%2F0FdA04lJv15sAztlIcDyE%2FI0JK9LAMHk%2F1sfCc2RO393IiKLksRCTrYTYBkSk7LjHARIyPGvlHUkZHG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770d7018ade3070e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

turf-time-az.org/vendor.js

104.16.15.194

200 OK

0 B

URL HTTP/2
turf-time-az.org/vendor.js
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /vendor.js HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:20 GMT
content-type: application/javascript
cf-ray: 770d701e49d8b4e8-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss, store
x-request-id: bf9f075f5600d2a53cf6f97529f3d7d6
x-runtime: 0.019531
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

turf-time-az.org/hosted/images/ef/a8fecd03bf411e99a7eb43e3f5508f/AdobeStock_298898714.jpg

104.16.15.194

200 OK

0 B

URL HTTP/2
turf-time-az.org/hosted/images/ef/a8fecd03bf411e99a7eb43e3f5508f/AdobeStock_298898714.jpg
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /hosted/images/ef/a8fecd03bf411e99a7eb43e3f5508f/AdobeStock_298898714.jpg HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: image/jpeg
content-length: 940410
cf-ray: 770d7017ebb2b4e8-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "5613386b8ffb0b5dbf4e76186b5c554e"
last-modified: Sun, 06 Feb 2022 17:29:59 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

turf-time-az.org/hosted/images/74/2dab315ed141158e40eb63f0a5aaac/star-shadow.svg

104.16.15.194

200 OK

0 B

URL HTTP/2
turf-time-az.org/hosted/images/74/2dab315ed141158e40eb63f0a5aaac/star-shadow.svg
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /hosted/images/74/2dab315ed141158e40eb63f0a5aaac/star-shadow.svg HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: image/svg+xml
cf-ray: 770d7017ebb4b4e8-OSL
cache-control: max-age=31536000
etag: W/"37d1684b6e02190492614afade294d55-2"
last-modified: Sun, 06 Feb 2022 17:23:03 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

turf-time-az.org/assets/lander.css

104.16.15.194

200 OK

0 B

URL HTTP/2
turf-time-az.org/assets/lander.css
IP
104.16.15.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/lander.css HTTP/1.1
Host: turf-time-az.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://turf-time-az.org/optin-5224087116441286340421651424291831
Cookie: __cf_bm=pxWS3tufpHH7j3BjwPIkfjBZZWS_mRIWunLpCrEk0Iw-1669579098-0-AS85SCy8XmnC+cFXIz/jK3kkapr7Rd/BSghOHhARQzDaD63OmZfPJ8WrpMbHu8jvoXMMwKxBRQa5b0Qdj3CBQNVtYMvdOBs6Yh3+DhvPrTtb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 19:58:18 GMT
content-type: text/css
cf-ray: 770d7017db84b4e8-OSL
access-control-allow-origin: *
age: 191
cache-control: public, max-age=1200
etag: W/"637bf173-6a514"
expires: Sun, 27 Nov 2022 20:18:18 GMT
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations