firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 6223248c33009fd48ef053d1ba379132
bb14f9500425f64883101297baeda1a69ca65fb2
4db22da1db8573be87bd7cf4fb98dd69a47e4938c0e81cb21f015c5a9d485c6f
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 25 Oct 2022 10:53:07 GMT
Expires: Tue, 25 Oct 2022 10:55:33 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1EKA5CYXENDl8lK6gPRhtQKnNk3Jq64OVzyih0csKPlrTlBll6YVCA==
Age: 2862
www.turtlewill.org/vendasta-zapier/
45.84.120.170301 Moved Permanently 707 B URL HTTP/1.1 www.turtlewill.org/vendasta-zapier/
IP 45.84.120.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert quad9 Sinkholed
GET /vendasta-zapier/ HTTP/1.1
Host: www.turtlewill.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 25 Oct 2022 11:40:49 GMT
server: LiteSpeed
location: https://www.turtlewill.org/vendasta-zapier/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6741
Expires: Tue, 25 Oct 2022 13:33:10 GMT
Date: Tue, 25 Oct 2022 11:40:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7515
Expires: Tue, 25 Oct 2022 13:46:04 GMT
Date: Tue, 25 Oct 2022 11:40:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bkMB4xiQ70tJEp/J6KhalDE32JFr1eIaia/u0bcQXB6sWqQtO21rCZ1ZpDeVGACbpmb8uU/Ho28=
x-amz-request-id: ZTWCCF25CH3JNF8G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 25 Oct 2022 11:38:47 GMT
age: 122
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 11:40:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 11:33:32 GMT
Cache-Control: max-age=3600
Expires: Tue, 25 Oct 2022 12:13:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zGZAZjEp3uA5J7OqIunsecb0bS22GlTNx_ZTxdG6lrq62AE7BF1Yqg==
Age: 437
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 518ff04fd536958e285cf07aaf4a2786
fa5dad2391c2a9957340bd629f0462db4f412a5c
608c78964412d5dc7025e9cbfaef345d448a29eae0f11257c49a41f274917b9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1152
Cache-Control: max-age=161111
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:49 GMT
Etag: "63579918-1d7"
Expires: Thu, 27 Oct 2022 08:26:00 GMT
Last-Modified: Tue, 25 Oct 2022 08:06:48 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.turtlewill.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
45.84.120.170200 OK 11 kB URL HTTP/2 www.turtlewill.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 45.84.120.170:0
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.turtlewill.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.turtlewill.org/vendasta-zapier/
Cookie: PHPSESSID=52f07f00bcf781164e5701a83af6360a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 01 Nov 2022 11:40:49 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 04:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Tue, 25 Oct 2022 11:40:49 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.turtlewill.org/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.0.2
45.84.120.170200 OK 4.4 kB URL HTTP/2 www.turtlewill.org/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.0.2
IP 45.84.120.170:0
File type ASCII text, with very long lines (19327), with no line terminators
Hash 25e6280cb3b8749c431917987e877e5e
6b95e92c2468b258d12b6fbf37ace8c0a6984bac
cf392e90fd0727cfc5dcd168d307d7c90d2c35d2fbd4362e52deb94077219d46
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/generatepress/assets/css/main.min.css?ver=3.0.2 HTTP/1.1
Host: www.turtlewill.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.turtlewill.org/vendasta-zapier/
Cookie: PHPSESSID=52f07f00bcf781164e5701a83af6360a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 01 Nov 2022 11:40:49 GMT
content-type: text/css
last-modified: Thu, 31 Dec 2020 16:08:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4389
date: Tue, 25 Oct 2022 11:40:49 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.turtlewill.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
45.84.120.170200 OK 4.0 kB URL HTTP/2 www.turtlewill.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 45.84.120.170:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.turtlewill.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.turtlewill.org/vendasta-zapier/
Cookie: PHPSESSID=52f07f00bcf781164e5701a83af6360a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 01 Nov 2022 11:40:49 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 12:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Tue, 25 Oct 2022 11:40:49 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.turtlewill.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
45.84.120.170200 OK 30 kB URL HTTP/2 www.turtlewill.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 45.84.120.170:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.turtlewill.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.turtlewill.org/vendasta-zapier/
Cookie: PHPSESSID=52f07f00bcf781164e5701a83af6360a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 01 Nov 2022 11:40:49 GMT
content-type: application/javascript
last-modified: Wed, 10 Mar 2021 18:37:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Tue, 25 Oct 2022 11:40:49 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.turtlewill.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
45.84.120.170200 OK 4.6 kB URL HTTP/2 www.turtlewill.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 45.84.120.170:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.turtlewill.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.turtlewill.org/vendasta-zapier/
Cookie: PHPSESSID=52f07f00bcf781164e5701a83af6360a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 01 Nov 2022 11:40:49 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 08:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Tue, 25 Oct 2022 11:40:49 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.turtlewill.org/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.2
45.84.120.170200 OK 1.6 kB URL HTTP/2 www.turtlewill.org/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.2
IP 45.84.120.170:0
File type ASCII text, with very long lines (7320), with no line terminators
Hash 61964e899e75af66fd4d8f7109810f25
9dcaabeccb5f38b67dde7a7c96044b06135f69e9
8b3851eaaea85e982e549b04de5e3fe32202d45e9aba21026c8e6e46751a1776
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.2 HTTP/1.1
Host: www.turtlewill.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.turtlewill.org/vendasta-zapier/
Cookie: PHPSESSID=52f07f00bcf781164e5701a83af6360a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 01 Nov 2022 11:40:49 GMT
content-type: application/javascript
last-modified: Thu, 31 Dec 2020 16:08:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1609
date: Tue, 25 Oct 2022 11:40:49 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.191.251.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.251.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1oibbLjfXEG3085q95r9Tg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gPFEwP7jtVzKNVIXWFRJcCxuKeM=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d2e60932881d1be408ec2e22daed4dfd
cb7f48190d73fdd7302db106c836eb6b6d8e3805
67ef1c9f8ba0e523df5d39472ac11e5bbc0c63ccb955f70fd496f19322c1a93f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3794
Cache-Control: max-age=164467
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:50 GMT
Etag: "63579be3-117"
Expires: Thu, 27 Oct 2022 09:21:57 GMT
Last-Modified: Tue, 25 Oct 2022 08:18:43 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fa80036692e2de07413f4a7a462f2f19
74500a90fa23eed92d1f5cd55abea31891da9d2e
f898a885850248c82f55acc34d5bc8761dd5c286927b9e21f0e659e134bb92d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F898A885850248C82F55ACC34D5BC8761DD5C286927B9E21F0E659E134BB92D3"
Last-Modified: Mon, 24 Oct 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 25 Oct 2022 17:40:50 GMT
Date: Tue, 25 Oct 2022 11:40:50 GMT
Connection: keep-alive
vendasta.grsm.io/qen8e2mdw993
104.18.10.212302 Found 131 B URL HTTP/2 vendasta.grsm.io/qen8e2mdw993
IP 104.18.10.212:0
File type HTML document, ASCII text
Hash c313ab939574be958bea2714128fcfcf
739a52fbf7c86c6148682780967ff1ed89eca44c
c290f9a0ec9be635c9b9daef056b48d009ad926951041bd7bc8b2eaf19322c91
GET /qen8e2mdw993 HTTP/1.1
Host: vendasta.grsm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.turtlewill.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 25 Oct 2022 11:40:50 GMT
content-type: text/html; charset=utf-8
location: https://lp.vendasta.com/ps-ref-signup?gspk=c2ltb25iYWtlcjM5OTY&gsxid=3nSWBu0l5PeO&utm_source=country
cache-control: no-cache, no-store, must-revalidate
expires: 0
p3p: CP="This is not a P3P policy! See our docs for more info."
pragma: no-cache
set-cookie: _gsxidkyfMI5rUbSh8=3nSWBu0l5PeO; Path=/; Domain=grsm.io; Expires=Mon, 23 Jan 2023 11:40:50 GMT; HttpOnly; Secure; SameSite=None
_grsmpkkyfMI5rU=simonbaker3996; Path=/; Domain=grsm.io; Expires=Mon, 23 Jan 2023 11:40:50 GMT; HttpOnly; Secure; SameSite=None
x-envoy-upstream-service-time: 18
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75faadfe1da1b50c-OSL
X-Firefox-Spdy: h2
lp.vendasta.com/ps-ref-signup/?gspk=c2ltb25iYWtlcjM5OTY&gsxid=3nSWBu0l5PeO&utm_source=country
3.69.136.55200 OK 12 kB URL HTTP/1.1 lp.vendasta.com/ps-ref-signup/?gspk=c2ltb25iYWtlcjM5OTY&gsxid=3nSWBu0l5PeO&utm_source=country
IP 3.69.136.55:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22056), with CRLF, LF line terminators
Hash f9152b5ff98c572b03e29f7aaa2d7a0d
f7d15a7e590b450093057cc114c7291f8a052b4f
e1e4694bb182e0dda2ac3522ba770c3386461b022eee25c26e313abf69e39a88
GET /ps-ref-signup/?gspk=c2ltb25iYWtlcjM5OTY&gsxid=3nSWBu0l5PeO&utm_source=country HTTP/1.1
Host: lp.vendasta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.turtlewill.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Tue, 25 Oct 2022 11:40:51 GMT
content-type: text/html; charset=utf-8
content-length: 12130
set-cookie: ubvs=e39fc5dc-4f0c-49cb-8c2e-5b6e56efbd8d; Max-Age=15552000; Path=/; SameSite=Lax
ubvt=e39fc5dc-4f0c-49cb-8c2e-5b6e56efbd8d; Max-Age=259200; Domain=vendasta.com; Path=/; SameSite=Lax
ubpv=g%2C5995aa8e-b15a-4332-94b5-1d1791db5edb; Max-Age=15897600; Path=/ps-ref-signup/; SameSite=Lax
content-location: https://lp.vendasta.com/ps-ref-signup/
etag: "g:e39fc5dc4f0c49cb8c2e5b6e56efbd8d"
link: <https://lp.vendasta.com/ps-ref-signup/>; rel="canonical"
x-unbounce-pageid: 5995aa8e-b15a-4332-94b5-1d1791db5edb
x-unbounce-variant: g
x-unbounce-visitorid: e39fc5dc-4f0c-49cb-8c2e-5b6e56efbd8d
content-encoding: gzip
x-proxy-backend: page-server
connection: close
builder-assets.unbounce.com/published-css/main-7b78720.z.css
54.230.111.53200 OK 2.9 kB URL HTTP/2 builder-assets.unbounce.com/published-css/main-7b78720.z.css
IP 54.230.111.53:0
File type ASCII text, with very long lines (15017)
Hash 4458a4d76a70cb207bcc34d6bc6f872f
f484b0b1737f7de59ca699e6cc3169d234e8f6a8
0825f8972704bc1b84e30170cd77f5ecde2d6a7dbf9e43be96c6809c2c5228d7
GET /published-css/main-7b78720.z.css HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 2902
date: Tue, 30 Aug 2022 02:28:13 GMT
last-modified: Mon, 04 Jul 2022 16:47:32 GMT
etag: "4458a4d76a70cb207bcc34d6bc6f872f"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: L4ZmeoxkTVchyWCkJ77TONE89Elaj8X7
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QSlm-Bae9pr32JTbSIu0cbXOa_JvwRdWQ0lY2TdURYuO7MmtXg-pWw==
age: 4871559
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.vendasta.com
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 11:40:51 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1666698051.dop213.sk1.t,1666698051.cds261.sk1.hn,1666698051.cds210.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1ae675435a8f16bc0b04ec012c41979
182f87a81464c80b0b25fb524c59592cd40b0ef4
9191ced121d8740b4ed3af75db3033e72c0c44c0b45004abd714583deaa749a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fe08d6ffc931438b886eb80f073ad2e
dae5e9eb8bd9053329d24a55b8017c8162cb21d2
49a26dbac4208540e0d361219db57bea3922a33b0fd692212fec7a61727d387c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-W5H3NM
142.250.74.168200 OK 82 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W5H3NM
IP 142.250.74.168:0
File type ASCII text, with very long lines (9792)
Hash b2c109ea73889e204cbd3e5a434c8db4
9fa093b25452c895da247c48a3df2732d6cba686
eb453b491557c7736f7eb7562fb49f38e776a140195770aaa80a465e63744f83
GET /gtm.js?id=GTM-W5H3NM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 25 Oct 2022 11:40:51 GMT
expires: Tue, 25 Oct 2022 11:40:51 GMT
cache-control: private, max-age=900
last-modified: Tue, 25 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81919
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1ae675435a8f16bc0b04ec012c41979
182f87a81464c80b0b25fb524c59592cd40b0ef4
9191ced121d8740b4ed3af75db3033e72c0c44c0b45004abd714583deaa749a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash cbf9e6860cd2f537dfa671c4d5746442
e9dca46d9515e2286521e9d6b63882731996ab77
3d3fd3107610ebb1c709c7598459862bc3f9a3fd2a7f99b8d450d7bca3a0b028
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 11:40:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 22 Oct 2022 15:43:21 GMT
Expires: Sat, 29 Oct 2022 15:43:20 GMT
Etag: "e9dca46d9515e2286521e9d6b63882731996ab77"
Cache-Control: max-age=359548,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75faae04d9f1fab8-OSL
www.youtube.com/s/player/4bbf8bdb/www-player.css
142.250.74.78200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/4bbf8bdb/www-player.css
IP 142.250.74.78:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a6bad8b64588167878f1de946dd2b911
2d3c33bba6a47f05374274cbce7bef19ecfd87b2
41e7429a90008dd5226c1d096ce72beb44fba7315f31a627e7e66983f9edd4d8
GET /s/player/4bbf8bdb/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/lrX17R94zSo?wmode=opaque
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49894
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 01:21:42 GMT
expires: Sun, 22 Oct 2023 01:21:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Oct 2022 00:16:54 GMT
content-type: text/css
age: 296349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.turtlewill.org/vendasta-zapier/
45.84.120.170200 OK 108 kB URL HTTP/2 www.turtlewill.org/vendasta-zapier/
IP 45.84.120.170:0
Size 108 kB (108079 bytes)
Hash dbbbfd6d5c2f98dfde397d1db468a2bb
cae825de4adfddc7e099ce16e5d0765d015bf0d6
f91e7d64b7891a5be9c2e24c934eb4f251e27468eb57b1e5c92723580350e9b7
Analyzer Verdict Alert quad9 Sinkholed
GET /vendasta-zapier/ HTTP/1.1
Host: www.turtlewill.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
set-cookie: PHPSESSID=52f07f00bcf781164e5701a83af6360a; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
link: <https://www.turtlewill.org/wp-json/>; rel="https://api.w.org/", <https://www.turtlewill.org/wp-json/wp/v2/posts/19528>; rel="alternate"; type="application/json", <https://www.turtlewill.org/?p=19528>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 25 Oct 2022 11:40:49 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.youtube.com/s/player/4bbf8bdb/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.78200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/4bbf8bdb/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.78:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/4bbf8bdb/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/lrX17R94zSo?wmode=opaque
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 16:00:44 GMT
expires: Fri, 20 Oct 2023 16:00:44 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Oct 2022 00:16:54 GMT
content-type: text/javascript
age: 416407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/4bbf8bdb/player_ias.vflset/en_US/base.js
142.250.74.78200 OK 586 kB URL HTTP/2 www.youtube.com/s/player/4bbf8bdb/player_ias.vflset/en_US/base.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (554)
Size 586 kB (585591 bytes)
Hash 0d28cf863deda36ffbec2b49824d38d1
125cfec74aa9df0686b7ad10db94037142213544
9b40a5dbb02a0eb8136714ffb4aa9d48e9773825f6a9b167587fa7a4a4ac4a7a
GET /s/player/4bbf8bdb/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/lrX17R94zSo?wmode=opaque
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 585591
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 02:18:31 GMT
expires: Sun, 22 Oct 2023 02:18:31 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Oct 2022 00:16:54 GMT
content-type: text/javascript
age: 292940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
meeting.is/ss/js/showu_app.js
52.213.250.237200 OK 32 kB URL HTTP/1.1 meeting.is/ss/js/showu_app.js
IP 52.213.250.237:0
File type ASCII text, with very long lines (32121)
Hash 909b2d5f4b4cdb54dc35108bcda5f1fe
7131de4014d0b8d88b6285c04c2c3111fe95be5d
da02eee2e486d728f0881f5a501123f5a7abaa8b5437be4a1fcf8c8b5cbd252a
GET /ss/js/showu_app.js HTTP/1.1
Host: meeting.is
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Oct 2022 11:40:51 GMT
Content-Type: application/javascript
Content-Length: 31636
Connection: keep-alive
accept-ranges: bytes
cache-control: public, max-age=300
content-encoding: gzip
etag: "C103DE"
vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000; includeSubDomains
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fe08d6ffc931438b886eb80f073ad2e
dae5e9eb8bd9053329d24a55b8017c8162cb21d2
49a26dbac4208540e0d361219db57bea3922a33b0fd692212fec7a61727d387c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash c59be82d1857bab9298935ef43bef1cb
8e40b96ed4bcd4179ce7ba0c955a0fc3f41a93f0
0cd1e66467c99c925f36012c5ec17bd5e36b5809b0494e1214c250bc22519162
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103589
Date: Tue, 25 Oct 2022 11:40:51 GMT
Etag: "6356a5ea-1d7"
Expires: Wed, 26 Oct 2022 16:27:20 GMT
Last-Modified: Mon, 24 Oct 2022 14:49:14 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IRt2MKrZ1S3cYEcjf5TE5ga2hqRgTYhXboAYt9skyKwxU2auLW4InA==
Age: 5886
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8550
Expires: Tue, 25 Oct 2022 14:03:21 GMT
Date: Tue, 25 Oct 2022 11:40:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8550
Expires: Tue, 25 Oct 2022 14:03:21 GMT
Date: Tue, 25 Oct 2022 11:40:51 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 00:48:31 GMT
expires: Sat, 21 Oct 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 384740
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 531f350512ac7712d932234803aa4602
2fb4599ad3d513a160c1f29fefda27b45852c381
7a4da3420f736c098806676359b8ff80578a2e1e98fc0e20e45e2d6192e1d566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: a84a2888-e0eb-40d3-8377-9c1ea2af733c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb2oH2uoAMFueA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cf7-204870ee3f63ced427033eb5;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TkdgdFp1dXipnGokyVpkamtD5qLRUC7aNYJrX_OKkEujnQsplMsgXA==
via: 1.1 1de1880e08f1cae7d1aca174a29a5c1e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 04:35:17 GMT
age: 25534
etag: "2fb4599ad3d513a160c1f29fefda27b45852c381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 12:31:58 GMT
expires: Sun, 22 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 256133
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8550
Expires: Tue, 25 Oct 2022 14:03:21 GMT
Date: Tue, 25 Oct 2022 11:40:51 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash c59be82d1857bab9298935ef43bef1cb
8e40b96ed4bcd4179ce7ba0c955a0fc3f41a93f0
0cd1e66467c99c925f36012c5ec17bd5e36b5809b0494e1214c250bc22519162
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102086
Date: Tue, 25 Oct 2022 11:40:51 GMT
Etag: "6356a5ea-1d7"
Expires: Wed, 26 Oct 2022 16:02:17 GMT
Last-Modified: Mon, 24 Oct 2022 14:49:14 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QC3FJc93GhgV8KfJWThaEJC_LTAIGSZPx-LXEfDGgvEHFdxWa5G8ww==
Age: 4383
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8502c90bf679dce29b1c2a87606bbb3e
7940c911dea3882ab8a7ff70240f4edc1b89a56d
ccc5ab3068b7f90276124148a812eb26951a95d7c146bdcf28a69a3d05f76ee2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: 51dfaabc-ee88-465f-8da7-fd6739cf7794
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aZSHjHeLIAMF8mQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635396fc-1e4ad2d647a7f07a094574be;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 07:08:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dgxcF8hXUOo_WqQwpd0yctMNPuB-IfmSRxD1_TRG7zuV3b5EbpVIig==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 07:24:03 GMT
age: 15408
etag: "7940c911dea3882ab8a7ff70240f4edc1b89a56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fee370a-a947-4a08-9ba6-18c6c792f716.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fee370a-a947-4a08-9ba6-18c6c792f716.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0215d09b407ecfd690d63aee6a30add
d2e9a4cba5fc07d90f30a5bfc7efa91eea784f94
6147a16325e6c63e7e3acfde58a4cfcd04564ddd6df61835e6e563ec6e67aa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fee370a-a947-4a08-9ba6-18c6c792f716.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5662
x-amzn-requestid: cb169868-462c-4083-af25-ca65cb2df563
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3EhH7SoAMFdeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054f-1635cae5575eed4a43607a11;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3AVj0cWeDVgo3DVqvDiofHw2sXlQVGFhijv3QOzs0vNruMXzx8pl2Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:57:04 GMT
etag: "d2e9a4cba5fc07d90f30a5bfc7efa91eea784f94"
content-type: image/jpeg
age: 49427
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F075a794f-9140-4676-afb2-493f44932cc3.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F075a794f-9140-4676-afb2-493f44932cc3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cf322f19151bcfa374c2e32b9ac986f
e8e69ac951def18bc1e03ecd4fe8a21d3b825b27
54ddfd1876f65e264b9b3209a0e805a3796013b4aacc8e9fd20b49754b4917a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F075a794f-9140-4676-afb2-493f44932cc3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4206
x-amzn-requestid: 6b02f96a-ea03-4eff-acde-c73925260102
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3E3GPQoAMFpIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63570552-77cf762d0e54f1f60efe52c3;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:18 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jcuTYNKiYp8BkDnzo34tidRVmcFlE_xDfPGGgrUKfR67IfwGjFxceA==
via: 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:42:36 GMT
age: 50295
etag: "e8e69ac951def18bc1e03ecd4fe8a21d3b825b27"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
platform.twitter.com/oct.js
93.184.220.66301 Moved Permanently 0 B URL HTTP/1.1 platform.twitter.com/oct.js
IP 93.184.220.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /oct.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Date: Tue, 25 Oct 2022 11:40:51 GMT
Location: https://static.ads-twitter.com/oct.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F708)
Server-Timing: x-cache;desc= ,x-tw-cdn;desc=,edge;dur=1
x-tw-cdn: VZ
Content-Length: 0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3efe6e3-c81b-4c68-be1b-d80b5437960a.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3efe6e3-c81b-4c68-be1b-d80b5437960a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b193f4e9431bab7a508d37fc919fadc
43bf0841e171c58eefe2d84af9aecbdf234336e4
a7f3c75aec864524ea1387c71dbbfdf4372f8cf75dbd8a9a1746c77fba931fcd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3efe6e3-c81b-4c68-be1b-d80b5437960a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7051
x-amzn-requestid: dc139436-6910-4afb-b7d8-51e9816f138c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3EsEGUoAMFUYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63570551-117c0a9f7ef4737236c9a614;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 47v-I1ceNRlQeFGaGHSpXsat4jJF8Zrslq2wXsjEfnKHUBkGOiQngA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 22:42:05 GMT
age: 46726
etag: "43bf0841e171c58eefe2d84af9aecbdf234336e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vendasta.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=1&trackerid=0vAEEh&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry
18.195.235.189200 OK 119 B URL HTTP/2 vendasta.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=1&trackerid=0vAEEh&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry
IP 18.195.235.189:0
File type ASCII text, with no line terminators
Hash d32c2cb70b3e53622ffa09007cb432b9
108d4f1900c90cd904118e0872fbed2d8db9d2fe
ff7d8f5461e463346e292e011a03fa5f7428ef2c8b17007e6fb1ebcece829086
GET /plugins/HeatmapSessionRecording/configs.php?idsite=1&trackerid=0vAEEh&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry HTTP/1.1
Host: vendasta.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 11:40:51 GMT
content-type: application/javascript
content-length: 119
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6977b5f01197ed4e914157b59ce56c2a
0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2
98ed9be1f79f4d1ff9acd3dc22aa64f7e0218d7c4854fc7cb71e70dd341dd7ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8031
x-amzn-requestid: 39e6cba4-dc3b-4fe8-9f00-f9042b3dfb3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3D7E2SoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054c-541d3ed176c9176913844804;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: j3sV_Wswao5mW-vx2uno8kuZE0qTvTaJYVB8MeVi1dolnHblN_uYwQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:45:49 GMT
etag: "0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2"
content-type: image/jpeg
age: 50102
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 992e49852cfe6b3af897f26da9642f4b
8837a245b1cb148ea7f32068ec61fcf087ee61f5
b629efdc2a92fdfbd180c00882f3f1edca459797fcbf8c658429cc6086b76782
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 25 Oct 2022 11:40:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 25 Oct 2022 06:57:52 GMT
Expires: Wed, 26 Oct 2022 06:57:52 GMT
ETag: "8837a245b1cb148ea7f32068ec61fcf087ee61f5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
vendasta.matomo.cloud/matomo.php?action_name=&idsite=1&rec=1&r=794984&h=11&m=40&s=49&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&urlref=https%3A%2F%2Fwww.turtlewill.org%2F&_id=&_idn=1&send_image=0&_rcn=country&_refts=1666698049&_ref=https%3A%2F%2Fwww.turtlewill.org%2F&cookie=1&res=1280x1024&pv_id=cWEXUP&fa_pv=1&fa_fp[0][fa_vid]=jC5lMV&fa_fp[0][fa_fv]=1&pf_net=58&pf_srv=25&pf_tfr=11&pf_dm1=150&uadata=%7B%7D
18.195.235.189204 No Content 0 B URL HTTP/2 vendasta.matomo.cloud/matomo.php?action_name=&idsite=1&rec=1&r=794984&h=11&m=40&s=49&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&urlref=https%3A%2F%2Fwww.turtlewill.org%2F&_id=&_idn=1&send_image=0&_rcn=country&_refts=1666698049&_ref=https%3A%2F%2Fwww.turtlewill.org%2F&cookie=1&res=1280x1024&pv_id=cWEXUP&fa_pv=1&fa_fp[0][fa_vid]=jC5lMV&fa_fp[0][fa_fv]=1&pf_net=58&pf_srv=25&pf_tfr=11&pf_dm1=150&uadata=%7B%7D
IP 18.195.235.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=&idsite=1&rec=1&r=794984&h=11&m=40&s=49&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&urlref=https%3A%2F%2Fwww.turtlewill.org%2F&_id=&_idn=1&send_image=0&_rcn=country&_refts=1666698049&_ref=https%3A%2F%2Fwww.turtlewill.org%2F&cookie=1&res=1280x1024&pv_id=cWEXUP&fa_pv=1&fa_fp[0][fa_vid]=jC5lMV&fa_fp[0][fa_fv]=1&pf_net=58&pf_srv=25&pf_tfr=11&pf_dm1=150&uadata=%7B%7D HTTP/1.1
Host: vendasta.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://lp.vendasta.com
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 25 Oct 2022 11:40:51 GMT
server: Apache
access-control-allow-origin: https://lp.vendasta.com
access-control-allow-credentials: true
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
X-Firefox-Spdy: h2
meeting.is/ss/images/cwicon-fe312a9ea32f97c7ec713024fbb82a6d.png?vsn=d
52.213.250.237200 OK 2.8 kB URL HTTP/1.1 meeting.is/ss/images/cwicon-fe312a9ea32f97c7ec713024fbb82a6d.png?vsn=d
IP 52.213.250.237:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash fe312a9ea32f97c7ec713024fbb82a6d
af4c6d15652a0e0c8d9913848f1f71103318d927
92563839bfa7205ef1aad13ed91094b34345cbbfd3370b9ceed81c38c8adaef0
GET /ss/images/cwicon-fe312a9ea32f97c7ec713024fbb82a6d.png?vsn=d HTTP/1.1
Host: meeting.is
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Oct 2022 11:40:51 GMT
Content-Type: image/png
Content-Length: 2844
Connection: keep-alive
accept-ranges: bytes
cache-control: public, max-age=31536000
vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000; includeSubDomains
static.ads-twitter.com/oct.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/oct.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash 1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
GET /oct.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lp.vendasta.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Tue, 25 Oct 2022 11:40:51 GMT
x-served-by: cache-iad-kiad7000030-IAD, cache-bma1677-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2
meeting.is/ss/css/showu_app-9da0a41f342b3d68b0d79b11a892e006.css?vsn=d
52.213.250.237200 OK 917 B URL HTTP/1.1 meeting.is/ss/css/showu_app-9da0a41f342b3d68b0d79b11a892e006.css?vsn=d
IP 52.213.250.237:0
File type ASCII text, with very long lines (2836)
Hash a3f769911aa61d6f2f7d91161bba9fae
6adecadc434a9455d6b929dc8a9b67ee0ab0dc7b
1428bfc18ede29b508e83b8ecd9f1b8d11e12c71d58b614cadb0ccf4cd9b07fc
GET /ss/css/showu_app-9da0a41f342b3d68b0d79b11a892e006.css?vsn=d HTTP/1.1
Host: meeting.is
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 25 Oct 2022 11:40:51 GMT
Content-Type: text/css
Content-Length: 917
Connection: keep-alive
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000; includeSubDomains
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash b5f8a0079ba37077f12d76210a0385b9
c34c4ade2be4fcdce36d24305ad2be8f154a0b75
bcc1815529512c802c2ae9744fd56ab7340983737c28523e52de5d344bf35e4b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 25 Oct 2022 11:40:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 25 Oct 2022 08:12:20 GMT
Expires: Wed, 26 Oct 2022 08:12:20 GMT
ETag: "c34c4ade2be4fcdce36d24305ad2be8f154a0b75"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 0125d5a2adf819edbcead89fbec10b8a
1a3dd609e33692e3b3412c5e1e9a9e5c9fba945f
002134726f36532f87149d8fa512adec313ca3b7d4b331f867d09f35251b3c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2735
Cache-Control: max-age=86362
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:51 GMT
Etag: "63566eee-13a"
Expires: Wed, 26 Oct 2022 11:40:13 GMT
Last-Modified: Mon, 24 Oct 2022 10:54:38 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 314
data.processwebsitedata.com/rsv1/Scripts/rsvliveasync.js
69.167.130.71200 OK 1.4 kB URL HTTP/1.1 data.processwebsitedata.com/rsv1/Scripts/rsvliveasync.js
IP 69.167.130.71:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash acaea614fad17b98581c93ef011c7d24
77a7d777f395b4246199c51a2ee5216492644886
2136d6f7cc3b489f3e1182acb2c4ee0e50518c7ad9719229dd6c55d21489cc06
GET /rsv1/Scripts/rsvliveasync.js HTTP/1.1
Host: data.processwebsitedata.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: application/javascript
Content-Encoding: gzip
Date: Tue, 25 Oct 2022 11:40:51 GMT
Accept-Ranges: bytes
ETag: "0f3389ff13d41:0"
Set-Cookie: X-Mapping-iliahmoa=03554A16AB946F350B86C67CE179B1D6; path=/
Last-Modified: Thu, 05 Jul 2018 01:28:54 GMT
Content-Length: 1368
t.co/i/adsct?bci=1&eci=1&event_id=48f959af-82a4-4303-a490-8e472c114c3c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bf453461-37ff-452d-8d88-792fda915e75&tw_document_href=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuohx&type=javascript&version=2.3.27
104.244.42.5200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=1&eci=1&event_id=48f959af-82a4-4303-a490-8e472c114c3c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bf453461-37ff-452d-8d88-792fda915e75&tw_document_href=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuohx&type=javascript&version=2.3.27
IP 104.244.42.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=1&eci=1&event_id=48f959af-82a4-4303-a490-8e472c114c3c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bf453461-37ff-452d-8d88-792fda915e75&tw_document_href=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuohx&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 11:40:51 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=129af09f-180b-44d1-9159-7aefcd79291e; Max-Age=63072000; Expires=Thu, 24 Oct 2024 11:40:52 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 372b739389034896
strict-transport-security: max-age=0
x-response-time: 102
x-connection-hash: dc8dd52dbf4b17e96b43c475486a2c7c164520d4bab51491dc8cecc8fcb3298e
X-Firefox-Spdy: h2
builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
54.230.111.53200 OK 34 kB URL HTTP/2 builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
IP 54.230.111.53:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1825a0c47b2e38b6cf30a4072987bce1
1710545a9d62ae8aaf4b1dd415ffd910df671839
0b4478d998fd8dc7dd45411ac1d80c70e89194ec993a6ef4c53676ba92ab1282
GET /published-js/main.bundle-384ff03.z.js HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 33495
date: Tue, 30 Aug 2022 01:41:30 GMT
last-modified: Mon, 04 Jul 2022 16:47:26 GMT
etag: "1825a0c47b2e38b6cf30a4072987bce1"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: 8Zp2fnRnJC.CRCK1CKEZXPX8nFkHjX8u
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NL3EpPwjEsY_6AOzwjdPavh4gJFRx7eYZkgWhAvwjcswAmRRe5CYuw==
age: 4874363
X-Firefox-Spdy: h2
d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
54.230.111.26200 OK 2.1 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
IP 54.230.111.26:0
Hash 44caec9d2d6bff158da902cd0236b62b
7730719f204bb9c4470882714036178bf8583ebf
e9720c633c737a53a2569a4e6153cfe75252720c1ecf35ec70507b5ccb673993
GET /ub.js?1618514269 HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1856
date: Mon, 29 Aug 2022 01:57:45 GMT
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
etag: "f6420c864830b5860bfaadd47a2bb21b"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H8pfQ_nTo3PJ4SaCzwpnUdkSVTaCoVpnWt6uFOC125ELZ3DixIP_fw==
age: 4959788
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/045745d9-city-background-1_1000000000000000000028.png
54.230.245.99200 OK 5.4 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/045745d9-city-background-1_1000000000000000000028.png
IP 54.230.245.99:0
File type PNG image data, 1500 x 588, 8-bit colormap, non-interlaced\012- data
Hash 78b1d45bde2513c640193116be343320
776a24a9dfbd384547afdddbeba7dab1503ef632
3b886fdc2e3b3185d7022a44ceb83e0769b08856e0affa13c4e0c9c4704a6970
GET /lp.vendasta.com/ps-ref-signup/045745d9-city-background-1_1000000000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 5398
date: Thu, 29 Sep 2022 16:29:56 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: "78b1d45bde2513c640193116be343320"
cache-control: max-age=31557600
x-amz-version-id: F0VymeO6EeNfNV_mAtmYtkoxzoLQyMU3
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yKDONZIJzz8I1d5rkYKC_BbNdyI9y_cweRnUgvR6_r-URVM0V5Txmw==
age: 2229057
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aa8ce6b6735ec18605ece6de83d613fd
9293ac3a23952dd258ae41ade725130ec41c8bd0
870a74c67bf3b01e331483fcb2240608a3113228ffe00b3161a49a0dc4701445
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db98ec19c5494519dc4c97382cbeb3bf
a826d1c4d7fb20d61e5359a76f2c5196bd8f1f10
2d73ed605caf7948fceaffe87ba8535e20f1cdc7efd603c5083fa74c6fc16a2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4149
Cache-Control: max-age=159451
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Etag: "635786ea-1d7"
Expires: Thu, 27 Oct 2022 07:58:23 GMT
Last-Modified: Tue, 25 Oct 2022 06:49:14 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=31A1DC134F34653B207DCE5B4EC16419; domain=.bing.com; expires=Sun, 19-Nov-2023 11:40:52 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 38FBCB62C1814141AC2213D07C3F6153 Ref B: OSL30EDGE0113 Ref C: 2022-10-25T11:40:52Z
date: Tue, 25 Oct 2022 11:40:51 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e49f2f99c8d903fb79104296a24bac2c
384c0cea4e0ff11584fe2e93550642d0833d40fe
2c4a6b05f686fb1db1514bc24d2c55d01cfdb9c32bccccefc1272e09d97366b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6004
Cache-Control: max-age=130664
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Etag: "63570f38-139"
Expires: Wed, 26 Oct 2022 23:58:36 GMT
Last-Modified: Mon, 24 Oct 2022 22:18:32 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 85d5182ef7e8ff58c7b91df563383f2e
53c13896a95a3aab73c32490daca0506805356ab
971d04c230f7848e8d5977b1157f9cbd7d2dbf0a9ea92f489c4e501e9b8d42f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9ed554f0d1187302352f943e39d6c91a
10e1bb8702d0d14c56b659b1662b7c857484b0e7
2e1eda67a00dcf60ade2e3332b7f8b0c18c88ea6794fbb49fa9503e7c02236e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.221.16200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (64348)
Hash 71875f848896ee82a106224e048bd060
277a624e507dff2cd9cff104aa0c5618ca76e105
a22635e404a419027fc88eee705d254910d05d481953733d5e1fda4bc6ab3c5b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: YjghN2Y5m/CjbooZkAQioE6DVCXyYuM8/dpx0FCpC9qiE5urzh4Q6DQTsdcQPCRBrOUhILPUEghKzNkuNsvY/Q==
content-length: 27027
x-fb-trip-id: 1679558926
date: Tue, 25 Oct 2022 11:40:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Oct 2022 11:28:39 GMT
expires: Tue, 25 Oct 2022 11:43:39 GMT
cache-control: public, max-age=900
age: 733
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Tue, 25 Oct 2022 11:40:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
data.processwebsitedata.com/rsv1/ProcessStats.aspx?host=https%3A//lp.vendasta.com&host_name=lp.vendasta.com&page=/ps-ref-signup/&query_string=gspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&anchor=&title=&cur_sess_id=&cur_visitor_id=&h=11&m=40&s=50&account_id=583zfmYGar&dgmt=Tue,%2025%20Oct%202022%2011:40:50%20GMT&vresol=1280x1024&ref=https%3A//www.turtlewill.org/
69.167.130.71200 OK 728 B URL HTTP/1.1 data.processwebsitedata.com/rsv1/ProcessStats.aspx?host=https%3A//lp.vendasta.com&host_name=lp.vendasta.com&page=/ps-ref-signup/&query_string=gspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&anchor=&title=&cur_sess_id=&cur_visitor_id=&h=11&m=40&s=50&account_id=583zfmYGar&dgmt=Tue,%2025%20Oct%202022%2011:40:50%20GMT&vresol=1280x1024&ref=https%3A//www.turtlewill.org/
IP 69.167.130.71:0
Hash 88ac68b71df767c2d8b37bd86d15393d
fed89812d214ad26af8de5358fb44c95a8e2a7cc
327f0648072979d7225e80005e022bdf78672a1490751bc3edfc6dff06043b2c
GET /rsv1/ProcessStats.aspx?host=https%3A//lp.vendasta.com&host_name=lp.vendasta.com&page=/ps-ref-signup/&query_string=gspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&anchor=&title=&cur_sess_id=&cur_visitor_id=&h=11&m=40&s=50&account_id=583zfmYGar&dgmt=Tue,%2025%20Oct%202022%2011:40:50%20GMT&vresol=1280x1024&ref=https%3A//www.turtlewill.org/ HTTP/1.1
Host: data.processwebsitedata.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Date: Tue, 25 Oct 2022 11:40:51 GMT
Set-Cookie: X-Mapping-iliahmoa=03554A16AB946F350B86C67CE179B1D6; path=/
Content-Length: 241
js.partnerstack.com/v1/
104.18.7.218200 OK 30 kB IP 104.18.7.218:0
File type C source, ASCII text, with very long lines (6320)
Hash 974f2e5155dde1ddae21b156e5cc2210
6459e2adbc5f82b6342b801269da0d8cd2cc96bd
9abb4257aaa29a6d82e0164dcd31def938687c9145c87d7c1da36c1f0c0b7a05
GET /v1/ HTTP/1.1
Host: js.partnerstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 11:40:51 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 14:09:46 GMT
etag: W/"6329c9aa-18b1"
cache-control: public, max-age=14400
via: 1.1 google
cf-cache-status: HIT
age: 20
expires: Tue, 25 Oct 2022 15:40:51 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 75faae03dc20b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
storage.googleapis.com/snowplow-cdn/2-16-2-snowplow.js
142.250.74.16200 OK 27 kB URL HTTP/2 storage.googleapis.com/snowplow-cdn/2-16-2-snowplow.js
IP 142.250.74.16:0
File type ASCII text, with very long lines (816)
Hash b02101486dbb88025332684030288167
e258523c7298fda3ba85b923711d3f62430f6961
7632f5f4ad39b3041c21d3b2b152709366787a3397be30edda009cd6db4372d0
GET /snowplow-cdn/2-16-2-snowplow.js HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsgdm3TKMVw66l6xAYYvA46gLIfuKrjeSvf_2oenFvWcV3Kji7jZuj6mfboXexNJYoU-bgnGa9ilCn21VPklpfZ
x-goog-generation: 1605565289980117
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 26913
x-goog-meta-:
x-goog-custom-time: 1970-01-01T00:00:00Z
content-encoding: gzip
x-goog-hash: crc32c=/SLf/Q==, md5=sCEBSG27iAJTMmhAMCiBZw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 26913
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Tue, 25 Oct 2022 11:40:52 GMT
expires: Wed, 25 Oct 2023 11:40:52 GMT
cache-control: max-age=31536000
last-modified: Mon, 16 Nov 2020 22:21:29 GMT
etag: "b02101486dbb88025332684030288167"
content-type: text/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=48f959af-82a4-4303-a490-8e472c114c3c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bf453461-37ff-452d-8d88-792fda915e75&tw_document_href=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuohx&type=javascript&version=2.3.27
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=48f959af-82a4-4303-a490-8e472c114c3c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bf453461-37ff-452d-8d88-792fda915e75&tw_document_href=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuohx&type=javascript&version=2.3.27
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=1&eci=1&event_id=48f959af-82a4-4303-a490-8e472c114c3c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bf453461-37ff-452d-8d88-792fda915e75&tw_document_href=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuohx&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 11:40:51 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_M79cZxspgojS0ZatmG5qQw=="; Max-Age=63072000; Expires=Thu, 24 Oct 2024 11:40:52 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: f8274776e54ee5c6
strict-transport-security: max-age=631138519
x-response-time: 103
x-connection-hash: 843e28a339dcf05cae1ee757ca0237424c7826a52e602043b2c87a890ebb13ca
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 85d5182ef7e8ff58c7b91df563383f2e
53c13896a95a3aab73c32490daca0506805356ab
971d04c230f7848e8d5977b1157f9cbd7d2dbf0a9ea92f489c4e501e9b8d42f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9ed554f0d1187302352f943e39d6c91a
10e1bb8702d0d14c56b659b1662b7c857484b0e7
2e1eda67a00dcf60ade2e3332b7f8b0c18c88ea6794fbb49fa9503e7c02236e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/7e10a7fc-calendarhero-logo_1000000000000000000028.png
54.230.245.99200 OK 913 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/7e10a7fc-calendarhero-logo_1000000000000000000028.png
IP 54.230.245.99:0
File type PNG image data, 86 x 98, 8-bit colormap, non-interlaced\012- data
Hash 87095ee9816aa7e6863166d46f7ffece
b77f6c820d861e4903d27d56158073c0616c55bb
db36794c3a7a291ea84f963b539f36d5a658bd05ac074aef5b40df9340eb1819
GET /lp.vendasta.com/ps-ref-signup/7e10a7fc-calendarhero-logo_1000000000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 913
date: Thu, 29 Sep 2022 16:29:55 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: "87095ee9816aa7e6863166d46f7ffece"
cache-control: max-age=31557600
x-amz-version-id: YzoCtkzUQXX.EK7Ab6T9PXtBda2TT0Ry
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t1-T7Oa4s38anOKTYSIRA0ooWt86BiLZi9zHWq1lF3XN9LTnu-peXQ==
age: 2229058
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/4246e165-vendasta-logo-1_10a301t000000000000028.png
54.230.245.99200 OK 2.8 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/4246e165-vendasta-logo-1_10a301t000000000000028.png
IP 54.230.245.99:0
File type PNG image data, 363 x 65, 8-bit colormap, non-interlaced\012- data
Hash 101a48aa9b7be3d8731e59ae1abe34c0
e78135ad9a638a83048f737b30263a7176d369b1
2bf3fcc6aba70621ea16623c91825a9263a69ce65a0239467651c16bfe655aa3
GET /lp.vendasta.com/ps-ref-signup/4246e165-vendasta-logo-1_10a301t000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2834
date: Thu, 29 Sep 2022 19:03:59 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: "101a48aa9b7be3d8731e59ae1abe34c0"
cache-control: max-age=31557600
x-amz-version-id: 0zwyesitLIWZaaKfZLxXC9CJ.m9pWUR8
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jyeZuLoA9cPCJuH6uTtj4V6JX42yMpeavxZddqZxoTuX4ZHWQODJAA==
age: 2219814
X-Firefox-Spdy: h2
d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
54.230.111.26200 OK 30 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
IP 54.230.111.26:0
File type ASCII text, with very long lines (64903)
Hash 73de733c308b8b5e44d2a6242dc4bd99
2f43a0cd155124d65ab5ce3574abc5f82b45fcf9
cf4ff4a67675a54e9a9469d967c77fba778ccf839a98119d246012447eb44ea3
GET /sp-2.14.0.js HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 30399
date: Wed, 31 Aug 2022 03:46:21 GMT
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
etag: "73de733c308b8b5e44d2a6242dc4bd99"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ycbju2wvFUupOgaaGlBKF3HlU19MsmkI7pCOd0YHGVoGrUf7mWHzsQ==
age: 4780471
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/4b110776-6_10ec0a7000000000000028.png
54.230.245.99200 OK 38 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/4b110776-6_10ec0a7000000000000028.png
IP 54.230.245.99:0
File type PNG image data, 516 x 367, 8-bit colormap, non-interlaced\012- data
Hash bcc6ab3450f2a3b1aa3485b6e242220a
c3e46e117a4ab2e05f8c1a94a61f7be7c1261a33
edd4ee0042d995f9cc12ca196f6305ff5e8047f5232edb638797cc3cbc3cffef
GET /lp.vendasta.com/ps-ref-signup/4b110776-6_10ec0a7000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 37627
date: Thu, 29 Sep 2022 19:03:59 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: "bcc6ab3450f2a3b1aa3485b6e242220a"
cache-control: max-age=31557600
x-amz-version-id: k9GikEfMQnAdIU._NtytEGEEk.YMt_Wt
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8jPjTTZmAZbIgCA-yHsMqcKVeMiCZPOd0Ta-zR9M7BLq2fVtsmrwIQ==
age: 2219814
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/817f96af-website-creation_102q02q000000000000028.png
54.230.245.99200 OK 2.0 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/817f96af-website-creation_102q02q000000000000028.png
IP 54.230.245.99:0
File type PNG image data, 98 x 98, 8-bit colormap, non-interlaced\012- data
Hash fa32367c6531d670ea1e9a11ad696da7
9514da7aa364ca80bf788241426762c29aa06b5f
9e2b72bbfb65b1bf3aa228b35c5f9dd8f4c85aabb6c22be41f33911c3ca1f82d
GET /lp.vendasta.com/ps-ref-signup/817f96af-website-creation_102q02q000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2003
date: Thu, 29 Sep 2022 19:03:59 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: "fa32367c6531d670ea1e9a11ad696da7"
cache-control: max-age=31557600
x-amz-version-id: UMwMghN14eG0_2wZAAE74Q0ZSzpnx17w
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: l_xNNqtc1-5LkvgDUqJ0eAJdCx3JnPqC5-AXZmhJw7ALeps8YfIMgg==
age: 2219814
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/e6c52302-digital-ads-logo-1_102n02o000000000000028.png
54.230.245.99200 OK 1.7 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/e6c52302-digital-ads-logo-1_102n02o000000000000028.png
IP 54.230.245.99:0
File type PNG image data, 95 x 96, 8-bit colormap, non-interlaced\012- data
Hash bc3d5c875b7c3dade0e4422154c3556e
3e10d159283eaf4fc3a3c1add328070b52620816
2e68c1b7bf3a1024b309c543752a863540e2b0158c0e2d933759b4c69335c02e
GET /lp.vendasta.com/ps-ref-signup/e6c52302-digital-ads-logo-1_102n02o000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1653
date: Thu, 29 Sep 2022 19:03:59 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: "bc3d5c875b7c3dade0e4422154c3556e"
cache-control: max-age=31557600
x-amz-version-id: m2qU1nQWiUfPkhd3l7lNO1TjqPQ_J3MR
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4pnqtkkKR0Fot-N7TpoZADtX_GuN2RxHd1vroTNIAcKEODF514kw3g==
age: 2219814
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/e600fbea-review-management_102s02q000000000000028.png
54.230.245.99200 OK 1.8 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/e600fbea-review-management_102s02q000000000000028.png
IP 54.230.245.99:0
File type PNG image data, 100 x 98, 8-bit colormap, non-interlaced\012- data
Hash fefa437b7f75e31cd739f9c27e9ddb1a
dc47d57c58a5f2e545e914fc1df0c86db4a24264
403021d1327892744e1de32f89520dae1ac70ffc772263db70fe56b55c3863ef
GET /lp.vendasta.com/ps-ref-signup/e600fbea-review-management_102s02q000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1846
date: Thu, 29 Sep 2022 19:03:59 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: "fefa437b7f75e31cd739f9c27e9ddb1a"
cache-control: max-age=31557600
x-amz-version-id: RTADuQCIAAttygh7YjIDaSBdd4oETqi4
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q5t4xiyPzszKLfftn8-rPYSy5VkdG-sPSU9WEwpMfRKhSSIL_Jdduw==
age: 2219814
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/cf0e2507-social-posting_102s02o000000000000028.png
54.230.245.99200 OK 1.6 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/cf0e2507-social-posting_102s02o000000000000028.png
IP 54.230.245.99:0
File type PNG image data, 100 x 96, 8-bit colormap, non-interlaced\012- data
Hash 4c571080a78b57715dca594ac2157224
dd61874d401a69a7377ebf2ba5db3703a674de23
19475f5278835bbcfd68a4e5119eebaa668ca910d78d439949d3e22c6678dd22
GET /lp.vendasta.com/ps-ref-signup/cf0e2507-social-posting_102s02o000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1616
date: Thu, 29 Sep 2022 19:03:59 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: "4c571080a78b57715dca594ac2157224"
cache-control: max-age=31557600
x-amz-version-id: JHHYXX98MzULOVkq9ttN.gInl5701mRa
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7ogsUe_EcQIujNBAtAzWhn4W0uxp97HN7FAXITxAlmLyd0HPKXV9ug==
age: 2219814
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/7c4b0a44-blog-post-website_102q02r000000000000028.png
54.230.245.99200 OK 2.7 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/7c4b0a44-blog-post-website_102q02r000000000000028.png
IP 54.230.245.99:0
File type PNG image data, 98 x 99, 8-bit colormap, non-interlaced\012- data
Hash 9170b361b543bada6c20cda510167659
9f36ea40644c2560e0239ea32b08b982bb04c5bb
861f28e688429d7f3267b03a51973eb75a9788761b0ab7cd46ef8ae551284692
GET /lp.vendasta.com/ps-ref-signup/7c4b0a44-blog-post-website_102q02r000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2686
date: Thu, 29 Sep 2022 19:03:59 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: "9170b361b543bada6c20cda510167659"
cache-control: max-age=31557600
x-amz-version-id: 8hdNmqp.Lv_5BLwevox7jrY.6.e4.9ty
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jB7IIcPdPeDCX9X35Rb3T9Y2BUZYoZF_6E6DQXMU6z2Agqu8ixuvOA==
age: 2219814
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/806cd91d-listing-management_102r02t000000000000028.png
54.230.245.99200 OK 1.7 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/806cd91d-listing-management_102r02t000000000000028.png
IP 54.230.245.99:0
File type PNG image data, 99 x 101, 8-bit colormap, non-interlaced\012- data
Hash 67c5cdb6facd2d5d916a2a0a7ca15cb7
661d1fc9d2e3ad91c8d7e9e0069d4701789cae7d
f0a05b3e7f5a035b1197b563bfd110df40378f80447676d0945b78dd76fdad7d
GET /lp.vendasta.com/ps-ref-signup/806cd91d-listing-management_102r02t000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1728
date: Sun, 02 Oct 2022 04:52:28 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: "67c5cdb6facd2d5d916a2a0a7ca15cb7"
cache-control: max-age=31557600
x-amz-version-id: 4N.nEuCNuBmzpjlkbyU2jR.slicHjB6k
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H8ftogPJmmhRCeuwtz5IaT_CD-Lmfawivfl4-RVkc_XCiBdmzuJo3g==
age: 2011705
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/d4391fee-platform-lrg-1_10fp0bl000000000000028.png
54.230.245.99200 OK 27 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/d4391fee-platform-lrg-1_10fp0bl000000000000028.png
IP 54.230.245.99:0
File type PNG image data, 565 x 417, 8-bit colormap, non-interlaced\012- data
Hash af41a9feb117617d4a78f384102b8687
c7167ede6265592aaf12b8a2fc037fa1d1a0e70e
19db18ec93f0185a82bc2562faf98edeb05e9f899c4460c65c929e7e75f5bb96
GET /lp.vendasta.com/ps-ref-signup/d4391fee-platform-lrg-1_10fp0bl000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 27245
date: Thu, 29 Sep 2022 19:03:59 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: "af41a9feb117617d4a78f384102b8687"
cache-control: max-age=31557600
x-amz-version-id: _l25d6lkvuSvXwaom02Ad69WwqJBDnPI
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NNCKNaT65CGdDx0lZ6Mdcnhwzhkub7QeTur3qSCLnbh8DE5mw6okwQ==
age: 2219814
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/40145fd3-capterra-grey_1081022000000000000028.png
54.230.245.99200 OK 2.9 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/40145fd3-capterra-grey_1081022000000000000028.png
IP 54.230.245.99:0
File type PNG image data, 289 x 74, 8-bit colormap, non-interlaced\012- data
Hash d51322d47cf22e8fede5288597bc9eeb
c898d29217fd45220a35d0f88b09dd9ce1b8dfb7
b8bb950bf439911731e1c920db9415db3e7007069a770ec30d3b3095c15c1aa1
GET /lp.vendasta.com/ps-ref-signup/40145fd3-capterra-grey_1081022000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2882
date: Thu, 29 Sep 2022 19:03:59 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: "d51322d47cf22e8fede5288597bc9eeb"
cache-control: max-age=31557600
x-amz-version-id: bb6LSr0qpRaOVLznTA5IzkSa62LWhqUi
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W1vWPc95PoFDd1mkwkZvefnsyjU7MnPc4DYqHr7WvnFztJBfMxAb6w==
age: 2219814
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6b183dc2bd0829ce80eb64a0a28d91e7
432f422b2723fdba3f195d9d28ab75492ad497d2
cae00bc5a9c3b9e166805e53c4175d96a0b739817d883f477102e1501a49ac57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/44bc62c2-businessapp-lrg_10f50an000000000000028.png
54.230.245.99200 OK 31 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/44bc62c2-businessapp-lrg_10f50an000000000000028.png
IP 54.230.245.99:0
File type PNG image data, 545 x 383, 8-bit colormap, non-interlaced\012- data
Hash 962870a7ba1cfc20a4e219c60dcc538c
ab640ebbdc6b081ed60bb54902c7a5b490d64330
66c9b90db3e2f8d4bd99c14ec11e036198637f83acd6b2cef40a4e216d289d8b
GET /lp.vendasta.com/ps-ref-signup/44bc62c2-businessapp-lrg_10f50an000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 30948
date: Thu, 06 Oct 2022 18:51:27 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: "962870a7ba1cfc20a4e219c60dcc538c"
cache-control: max-age=31557600
x-amz-version-id: yyJwNTXXWRLHc78ZUu9Vvt5jk5bcBd8M
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UH-jzxAGGHb2sJkzSTIokNfDkgAMgQ_BE_L7bTd-ue-Pxw52x8rhyQ==
age: 1615766
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 25 Oct 2022 11:40:52 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
script.hotjar.com/modules.5f63ca60a03298133ad8.js
143.204.55.40200 OK 66 kB URL HTTP/2 script.hotjar.com/modules.5f63ca60a03298133ad8.js
IP 143.204.55.40:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash eb4f228026ced3bcaadde65163571860
6b60d25e6ae4145acddaeab73a79b1698a1fc645
36480b075df69bd1ede20b9d23690cd5181d895899bb6cd1500afb48cd25ae25
GET /modules.5f63ca60a03298133ad8.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 66045
date: Tue, 18 Oct 2022 12:18:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "eb4f228026ced3bcaadde65163571860"
last-modified: Tue, 18 Oct 2022 12:17:20 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8JU259aMnT8nsaV1QH93xQlCNySj8pzsn5H3LackcKZhRXjiBYnIUA==
age: 602566
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash aa8ce6b6735ec18605ece6de83d613fd
9293ac3a23952dd258ae41ade725130ec41c8bd0
870a74c67bf3b01e331483fcb2240608a3113228ffe00b3161a49a0dc4701445
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.195200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.vendasta.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 21:13:13 GMT
expires: Tue, 24 Oct 2023 21:13:13 GMT
cache-control: public, max-age=31536000
age: 52059
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
216.58.207.195200 OK 49 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFq.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 48620, version 1.0\012- data
Hash 8b3f45fbebe40f151e3bdadf9062f2c6
d4b9145fb8346c6442cc946bc25da699dd035e0e
4defd36147167542db6c6ac44452d3784f51bf7f124128fe5f4581bbdb8d2ccc
GET /s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFq.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.vendasta.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Oct 2022 00:38:19 GMT
expires: Wed, 25 Oct 2023 00:38:19 GMT
cache-control: public, max-age=31536000
age: 39753
last-modified: Mon, 18 Jul 2022 19:45:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.vendasta.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 05:42:51 GMT
expires: Fri, 20 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 453481
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 559fb0a7d93992787dd1c79e9b6cd754
448f50141a2c51ac3a2b54cb380495847347fd80
8e651261efbbee72d82fbef68f6c8e32724f8730e2ebbe5b357439d2d22adb6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/KfFL9PM53H3LBGx6H7dhXPkjMyuhoEzwOuPKjeZmrP0.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/KfFL9PM53H3LBGx6H7dhXPkjMyuhoEzwOuPKjeZmrP0.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35998)
Hash bcad440620c03a65011839abfc9c5482
e22f586ab3d728c7b5c338ad01cd10ce53022e6c
3e45f14c526becead690ab9a9738a99b89f5a0884d75bd57c0d1c5bd9a19abfb
GET /js/th/KfFL9PM53H3LBGx6H7dhXPkjMyuhoEzwOuPKjeZmrP0.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Oct 2022 16:59:02 GMT
expires: Mon, 23 Oct 2023 16:59:02 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 18 Oct 2022 16:00:00 GMT
content-type: text/javascript
age: 153710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 2ff814a2a95377b8fb8421fb2022e148
343d1ddc3c0f20d513557c739be12a8e333f584c
0cffebdba7c5ddb914a0887e794d3d24a46c096c5350f8bd902a501f2b4563b1
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 25 Oct 2022 11:40:52 GMT
server: ESF
cache-control: private
content-length: 30796
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5217948-3&cid=1472621113.1666698050&jid=1086474874&gjid=7393303&_gid=2020517502.1666698050&_u=YGBAgEAjAAAAAEAAI~&z=17526094
173.194.222.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5217948-3&cid=1472621113.1666698050&jid=1086474874&gjid=7393303&_gid=2020517502.1666698050&_u=YGBAgEAjAAAAAEAAI~&z=17526094
IP 173.194.222.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5217948-3&cid=1472621113.1666698050&jid=1086474874&gjid=7393303&_gid=2020517502.1666698050&_u=YGBAgEAjAAAAAEAAI~&z=17526094 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lp.vendasta.com
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://lp.vendasta.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 25 Oct 2022 11:40:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68bd833d6e834b8d876d653751246cf8
fddb68b479878afe5f0e557fd7772b299394129a
c40f3028befadba8b9d60c18e2c9fc83016348759f3fb06817972ab71ccd27e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/lrX17R94zSo/sddefault.jpg
142.250.74.86200 OK 46 kB URL HTTP/2 i.ytimg.com/vi/lrX17R94zSo/sddefault.jpg
IP 142.250.74.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 18fdc9411c640f28c34ec42eb3bdb47e
12788f3979735072a55fef550af471b522e72efc
3178ce804554520b326a6fa8204a37c620b3e1e6ec4d862bb83f9989d18a1c07
GET /vi/lrX17R94zSo/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 45778
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Oct 2022 11:40:52 GMT
expires: Tue, 25 Oct 2022 13:40:52 GMT
cache-control: public, max-age=7200
etag: "1588866092"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu9PrZt83ToQsZNUSTdMH4DN7KBIP0nv8zfVJkiy=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.3 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9PrZt83ToQsZNUSTdMH4DN7KBIP0nv8zfVJkiy=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 988d54ed864edf2017cdb63dd1504a63
c263a12d58c2c27f1b3ad043d2013f1c2a129f86
651e2a375c60f75d467e288ceb8f35ad155a3b3dcdf78ff48a65fb9e8afced44
GET /ytc/AMLnZu9PrZt83ToQsZNUSTdMH4DN7KBIP0nv8zfVJkiy=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2333
x-xss-protection: 0
date: Tue, 25 Oct 2022 07:54:10 GMT
expires: Thu, 06 Oct 2022 12:21:44 GMT
cache-control: public, max-age=86400, no-transform
age: 13602
etag: "v46"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 559fb0a7d93992787dd1c79e9b6cd754
448f50141a2c51ac3a2b54cb380495847347fd80
8e651261efbbee72d82fbef68f6c8e32724f8730e2ebbe5b357439d2d22adb6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.vendasta.com/static/images/favicons/favicon-32x32.png
34.66.248.134200 OK 570 B URL HTTP/2 www.vendasta.com/static/images/favicons/favicon-32x32.png
IP 34.66.248.134:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 5161bebd927f673c90e89406501ded8d
13567fbad33ac1fc61436c5c40ed9e8f5376d4f6
ccaca9b0b4b45b4834e14de578a994f41f014067279b00832fb9558342c0d713
GET /static/images/favicons/favicon-32x32.png HTTP/1.1
Host: www.vendasta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Cookie: ubvt=e39fc5dc-4f0c-49cb-8c2e-5b6e56efbd8d; ps_mode=trackingV1; growSumoPartnerKey=simonbaker3996; gsxid=3nSWBu0l5PeO; ph_oet8qnSAuaVxnNAB4uOIFnxOFnkOy8qOXZTDwsafErE_posthog=%7B%22distinct_id%22%3A%221840ef1f8895d5-08805ab67dbb388-306d464a-140000-1840ef1f88a660%22%2C%22%24device_id%22%3A%221840ef1f8895d5-08805ab67dbb388-306d464a-140000-1840ef1f88a660%22%2C%22utm_source%22%3A%22country%22%2C%22%24referrer%22%3A%22https%3A%2F%2Fwww.turtlewill.org%2F%22%2C%22%24referring_domain%22%3A%22www.turtlewill.org%22%2C%22%24sesid%22%3A%5B1666698049677%2C%221840ef1f8911-05b6f5dd8cd9b4-306d464a-140000-1840ef1f892593%22%2C1666698049677%5D%2C%22%24session_recording_enabled_server_side%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%22snapshot-banner-ab%22%2C%22snapshot-banner-ab-2%22%5D%2C%22%24enabled_feature_flags%22%3A%7B%22snapshot-banner-ab%22%3A%22test_group_1%22%2C%22snapshot-banner-ab-2%22%3A%22control%22%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 11:40:52 GMT
content-type: image/png
content-length: 570
last-modified: Fri, 17 Jan 2020 23:01:58 GMT
strict-transport-security: max-age=31536000
etag: "5e223ce6-23a"
server: website-pro/8.3.16
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68bd833d6e834b8d876d653751246cf8
fddb68b479878afe5f0e557fd7772b299394129a
c40f3028befadba8b9d60c18e2c9fc83016348759f3fb06817972ab71ccd27e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/5036747.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5036747.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5036747.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
set-cookie: MUID=2AA1E29CF28E6AF630CFF0D4F37B6BF4; domain=.bing.com; expires=Sun, 19-Nov-2023 11:40:52 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ABBAEE81C9FD49D3A721663EFBCE94A5 Ref B: OSL30EDGE0113 Ref C: 2022-10-25T11:40:52Z
date: Tue, 25 Oct 2022 11:40:51 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5036747&tm=gtm002&Ver=2&mid=6c3f37a1-0b6f-43e9-9e1c-2ccc448cb9ec&sid=dff68ec0545911ed8f197717ef1821a8&vid=dff6a8a0545911ed847d078ba5190857&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&r=https%3A%2F%2Fwww.turtlewill.org%2F<=1081&evt=pageLoad&sv=1&rn=130634
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5036747&tm=gtm002&Ver=2&mid=6c3f37a1-0b6f-43e9-9e1c-2ccc448cb9ec&sid=dff68ec0545911ed8f197717ef1821a8&vid=dff6a8a0545911ed847d078ba5190857&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&r=https%3A%2F%2Fwww.turtlewill.org%2F<=1081&evt=pageLoad&sv=1&rn=130634
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5036747&tm=gtm002&Ver=2&mid=6c3f37a1-0b6f-43e9-9e1c-2ccc448cb9ec&sid=dff68ec0545911ed8f197717ef1821a8&vid=dff6a8a0545911ed847d078ba5190857&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&p=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&r=https%3A%2F%2Fwww.turtlewill.org%2F<=1081&evt=pageLoad&sv=1&rn=130634 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1D320FC2547D60B018AD1D8A55886146; domain=.bing.com; expires=Sun, 19-Nov-2023 11:40:52 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 59F94EA8C40E4235B1977D4D885A22B0 Ref B: OSL30EDGE0113 Ref C: 2022-10-25T11:40:52Z
date: Tue, 25 Oct 2022 11:40:51 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 1e79834f443fc88bcd72dac41193965a
e8d4c9d0f1fe4aa9ba0ee400a413658a61f20116
e6d1e584572d9188e3a5c2ab1151cbcfeeec98cfd76528002eb97a0da5fb9618
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97721
Date: Tue, 25 Oct 2022 11:40:52 GMT
Etag: "6356a18a-1d7"
Expires: Wed, 26 Oct 2022 14:49:33 GMT
Last-Modified: Mon, 24 Oct 2022 14:30:34 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: I0O7OZMvSQJIxXRjccbpnQ2bvI6udBbb6VvwrKurxez2ARxke9ioAw==
Age: 1139
ocsp.pki.goog/s/gts1d4/IW-ouRbGwbg
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/IW-ouRbGwbg
IP 142.250.74.3:0
Hash d52eea8f3ea0657d619de47c8520bed1
15ed293aeaba6c8acf2b4c3688c8d14aeeded717
0257f8677658eef7c2af92f5ca640aea3200007f9f29b56aae763dbc891fb1c8
POST /s/gts1d4/IW-ouRbGwbg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/IW-ouRbGwbg
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/IW-ouRbGwbg
IP 142.250.74.3:0
Hash d52eea8f3ea0657d619de47c8520bed1
15ed293aeaba6c8acf2b4c3688c8d14aeeded717
0257f8677658eef7c2af92f5ca640aea3200007f9f29b56aae763dbc891fb1c8
POST /s/gts1d4/IW-ouRbGwbg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:52 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=963805303676325&ev=PageView&dl=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&rl=https%3A%2F%2Fwww.turtlewill.org%2F&if=false&ts=1666698050631&sw=1280&sh=1024&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666698050631.501724436&it=1666698050309&coo=false&rqm=GET
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=963805303676325&ev=PageView&dl=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&rl=https%3A%2F%2Fwww.turtlewill.org%2F&if=false&ts=1666698050631&sw=1280&sh=1024&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666698050631.501724436&it=1666698050309&coo=false&rqm=GET
IP 157.240.221.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=963805303676325&ev=PageView&dl=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&rl=https%3A%2F%2Fwww.turtlewill.org%2F&if=false&ts=1666698050631&sw=1280&sh=1024&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666698050631.501724436&it=1666698050309&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 25 Oct 2022 11:40:52 GMT
X-Firefox-Spdy: h2
vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
143.204.55.118200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
IP 143.204.55.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash d2c298a660a1ee92f094a3d504e3e2e6
13fd39d202cf3e00be906a798921386b403e15c5
4aa80b9ea27a402072083d23dd118c6be178b90efb7ff0014c8b87c180655bdb
GET /box-c1417f7b48595d0dbca01c86f95d6dbb.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Tue, 18 Oct 2022 09:12:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "d2c298a660a1ee92f094a3d504e3e2e6"
last-modified: Tue, 18 Oct 2022 09:11:19 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: N8vvCyKoez6aQgK-auUhCNws1FX3IaSe5qHCpqwy7LvNMZYV-zuCRA==
age: 613727
X-Firefox-Spdy: h2
events.ub-analytics.com/i?stm=1666698050442&e=pv&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&refr=https%3A%2F%2Fwww.turtlewill.org%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=a2ddea47-693b-40c1-af28-f0e80fb135a4&dtm=1666698050440&vp=1280x939&ds=1268x2833&vid=1&sid=984909a3-8e92-42b8-8b2b-2f8f94972101&duid=27e64aae-fdf5-409e-a1fc-43d84a125eb4&uid=e39fc5dc-4f0c-49cb-8c2e-5b6e56efbd8d&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNTk5NWFhOGUtYjE1YS00MzMyLTk0YjUtMWQxNzkxZGI1ZWRiIiwidmFyaWFudElkIjoiZyIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
3.227.155.3200 OK 43 B URL HTTP/2 events.ub-analytics.com/i?stm=1666698050442&e=pv&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&refr=https%3A%2F%2Fwww.turtlewill.org%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=a2ddea47-693b-40c1-af28-f0e80fb135a4&dtm=1666698050440&vp=1280x939&ds=1268x2833&vid=1&sid=984909a3-8e92-42b8-8b2b-2f8f94972101&duid=27e64aae-fdf5-409e-a1fc-43d84a125eb4&uid=e39fc5dc-4f0c-49cb-8c2e-5b6e56efbd8d&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNTk5NWFhOGUtYjE1YS00MzMyLTk0YjUtMWQxNzkxZGI1ZWRiIiwidmFyaWFudElkIjoiZyIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
IP 3.227.155.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /i?stm=1666698050442&e=pv&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&refr=https%3A%2F%2Fwww.turtlewill.org%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=a2ddea47-693b-40c1-af28-f0e80fb135a4&dtm=1666698050440&vp=1280x939&ds=1268x2833&vid=1&sid=984909a3-8e92-42b8-8b2b-2f8f94972101&duid=27e64aae-fdf5-409e-a1fc-43d84a125eb4&uid=e39fc5dc-4f0c-49cb-8c2e-5b6e56efbd8d&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNTk5NWFhOGUtYjE1YS00MzMyLTk0YjUtMWQxNzkxZGI1ZWRiIiwidmFyaWFudElkIjoiZyIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19 HTTP/1.1
Host: events.ub-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 11:40:52 GMT
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
server: akka-http/10.0.9
X-Firefox-Spdy: h2
vc.hotjar.io/sessions/315212?s=0.25&r=0.08586745869582868
54.230.111.8204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/315212?s=0.25&r=0.08586745869582868
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/315212?s=0.25&r=0.08586745869582868 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.vendasta.com
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Tue, 25 Oct 2022 11:40:53 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Mfp3mR_PYhxhxyjA2nMpVdE0sGHuVfHJSlFmhwf7p_Ri_U_sY2PbEg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5ce788cdd348a769704a7f874b5a2474
4a4dfb44c394a90c5f56af273be8e0924535b8a5
a6ccf1a057148266591bc317c4f8225d00cd81880c559db08f824012f0c397d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5217948-3&cid=1472621113.1666698050&jid=1086474874&_u=YGBAgEAjAAAAAEAAI~&z=1960409348
142.250.74.3200 OK 28 kB URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5217948-3&cid=1472621113.1666698050&jid=1086474874&_u=YGBAgEAjAAAAAEAAI~&z=1960409348
IP 142.250.74.3:0
Hash 36052ed8cbbfe7ed317613e25bb2b800
787846448fcb1304407e515a0c33a4ec27a33e1c
91a380895b3c2012f3c95a4a0a0e572eb9e45717c820e9d93d5a1569ea59db32
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5217948-3&cid=1472621113.1666698050&jid=1086474874&_u=YGBAgEAjAAAAAEAAI~&z=1960409348 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 11:40:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5ce788cdd348a769704a7f874b5a2474
4a4dfb44c394a90c5f56af273be8e0924535b8a5
a6ccf1a057148266591bc317c4f8225d00cd81880c559db08f824012f0c397d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash ad01196f6bd23dbb3be29bcb13366bd3
ad0b17178af6a89440b38c05e48c4c452387fc0c
486d96b902059377b6616032539d053ad50acb00046d96597249c85b499a8367
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101065
Date: Tue, 25 Oct 2022 11:40:53 GMT
Etag: "6356a042-1d7"
Expires: Wed, 26 Oct 2022 15:45:18 GMT
Last-Modified: Mon, 24 Oct 2022 14:25:06 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: W8Da7YC-O06YGaiMmU1aKZZbs5U8Vaf4eDD_capWSOsOKt6s2AzzVw==
Age: 4812
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 4b36ce2e1e7ba405875f05f1eab172cf
497a0114699e05d58d023d9e777f3a4852893fd4
0082e7b7dfd13da63adac7a7e5cc47c144b97bd8ad9e8a5d71be585b772d93c9
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 25 Oct 2022 11:40:53 GMT
server: ESF
cache-control: private
content-length: 30743
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7828d8c20eae8cb84d144c981668b72e
68078ce814add1e0de712dce043e467e083f5d48
96a5829e4f8a5dfa97f97714232e94fbeecedaadf94dcba23a4d36947288d252
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5518
Cache-Control: max-age=149288
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 11:40:53 GMT
Etag: "635759df-1d7"
Expires: Thu, 27 Oct 2022 05:09:01 GMT
Last-Modified: Tue, 25 Oct 2022 03:37:03 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
pi.pardot.com/pd.js
34.237.219.119200 OK 1.9 kB IP 34.237.219.119:0
File type ASCII text, with very long lines (5297)
Hash c9f60ff021727eaffcf6d7bcce44cbc7
a62104686e86bf51494fa530bfaec55500e60a37
bd11307ac746bd34bac63885be9e4600e72c7711b370414b206533ebd076ce1b
GET /pd.js HTTP/1.1
Host: pi.pardot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 11:40:54 GMT
Content-Type: application/javascript
Content-Length: 1946
Connection: keep-alive
last-modified: Mon, 24 Oct 2022 13:44:52 GMT
etag: "1547-gzip"
accept-ranges: bytes
cache-control: max-age=63072000
expires: Thu, 24 Oct 2024 11:40:54 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=6440&account_id=39752&title=&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&referrer=https%3A%2F%2Fwww.turtlewill.org%2F&utm_source=country
34.237.219.119200 OK 89 B URL HTTP/1.1 pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=6440&account_id=39752&title=&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&referrer=https%3A%2F%2Fwww.turtlewill.org%2F&utm_source=country
IP 34.237.219.119:0
File type Unicode text, UTF-8 text, with no line terminators
Hash f3dd20293061242475d4f4a53b70a139
6dac4a3263667092d0f0e8b2d48bb8a00ed38776
6eaa9882fd8384a4a74f8cce343bf9845f97f59ddf05018184a31df317b6a746
GET /analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=6440&account_id=39752&title=&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&referrer=https%3A%2F%2Fwww.turtlewill.org%2F&utm_source=country HTTP/1.1
Host: pi.pardot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 11:40:54 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 89
Connection: keep-alive
set-cookie: pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
cache-control: max-age=63072000
expires: Thu, 24 Oct 2024 11:40:54 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
Server: PardotServer
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
vendasta.matomo.cloud/matomo.php?ma_id=cqhfWA&ma_ti=How%20Does%20Vendasta%20Work%3F&ma_pn=youtube&ma_mt=Video&ma_re=https%3A%2F%2Fwww.youtube.com%2Fembed%2FlrX17R94zSo%3Fwmode%3Dopaque&ma_st=0&ma_ps=0&ma_le=&ma_ttp=&ma_w=560&ma_h=315&ma_fs=0&ma_se=&ca=1&&idsite=1&rec=1&r=117744&h=11&m=40&s=51&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&urlref=https%3A%2F%2Fwww.turtlewill.org%2F&_id=&_idn=1&send_image=0&_rcn=country&_refts=1666698052&_ref=https%3A%2F%2Fwww.turtlewill.org%2F&cookie=1&res=1280x1024&pf_net=58&pf_srv=25&pf_tfr=11&pf_dm1=150&pf_dm2=2446&pf_onl=3&pv_id=cWEXUP&uadata=%7B%7D
18.195.235.189204 No Content 0 B URL HTTP/2 vendasta.matomo.cloud/matomo.php?ma_id=cqhfWA&ma_ti=How%20Does%20Vendasta%20Work%3F&ma_pn=youtube&ma_mt=Video&ma_re=https%3A%2F%2Fwww.youtube.com%2Fembed%2FlrX17R94zSo%3Fwmode%3Dopaque&ma_st=0&ma_ps=0&ma_le=&ma_ttp=&ma_w=560&ma_h=315&ma_fs=0&ma_se=&ca=1&&idsite=1&rec=1&r=117744&h=11&m=40&s=51&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&urlref=https%3A%2F%2Fwww.turtlewill.org%2F&_id=&_idn=1&send_image=0&_rcn=country&_refts=1666698052&_ref=https%3A%2F%2Fwww.turtlewill.org%2F&cookie=1&res=1280x1024&pf_net=58&pf_srv=25&pf_tfr=11&pf_dm1=150&pf_dm2=2446&pf_onl=3&pv_id=cWEXUP&uadata=%7B%7D
IP 18.195.235.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?ma_id=cqhfWA&ma_ti=How%20Does%20Vendasta%20Work%3F&ma_pn=youtube&ma_mt=Video&ma_re=https%3A%2F%2Fwww.youtube.com%2Fembed%2FlrX17R94zSo%3Fwmode%3Dopaque&ma_st=0&ma_ps=0&ma_le=&ma_ttp=&ma_w=560&ma_h=315&ma_fs=0&ma_se=&ca=1&&idsite=1&rec=1&r=117744&h=11&m=40&s=51&url=https%3A%2F%2Flp.vendasta.com%2Fps-ref-signup%2F%3Fgspk%3Dc2ltb25iYWtlcjM5OTY%26gsxid%3D3nSWBu0l5PeO%26utm_source%3Dcountry&urlref=https%3A%2F%2Fwww.turtlewill.org%2F&_id=&_idn=1&send_image=0&_rcn=country&_refts=1666698052&_ref=https%3A%2F%2Fwww.turtlewill.org%2F&cookie=1&res=1280x1024&pf_net=58&pf_srv=25&pf_tfr=11&pf_dm1=150&pf_dm2=2446&pf_onl=3&pv_id=cWEXUP&uadata=%7B%7D HTTP/1.1
Host: vendasta.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://lp.vendasta.com
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 25 Oct 2022 11:40:56 GMT
server: Apache
access-control-allow-origin: https://lp.vendasta.com
access-control-allow-credentials: true
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/75b8e60e-group-12218.svg
54.230.245.99200 OK 0 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/75b8e60e-group-12218.svg
IP 54.230.245.99:0
GET /lp.vendasta.com/ps-ref-signup/75b8e60e-group-12218.svg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 29 Sep 2022 16:29:55 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: W/"ab9a49ef5c0cb3d09c777a7f4fc4a6d0"
cache-control: max-age=31557600
x-amz-version-id: .lGAaK1iNXm4TdsHOqQTOoxynNvDCJil
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xAtjTHZg_zaWbILdR8eBOgkxHPOhY7P2d57q-Y_9gtRPZIl8fopZ9g==
age: 2229058
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/203f9096-group-12217.svg
54.230.245.99200 OK 0 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/203f9096-group-12217.svg
IP 54.230.245.99:0
GET /lp.vendasta.com/ps-ref-signup/203f9096-group-12217.svg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 29 Sep 2022 16:29:55 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: W/"4edc2300d4f6aab6097ed01984392652"
cache-control: max-age=31557600
x-amz-version-id: N_WtI.vCKYucdUUnXoVixqjTWl8eJpHL
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UDX3jqPfTBjW3eR7kPseUX6eXC2oTfr_pWh8_48UFVn0JK-pCReMKA==
age: 2229058
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/53882dae-google-logo-white-2015.svg
54.230.245.99200 OK 0 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/53882dae-google-logo-white-2015.svg
IP 54.230.245.99:0
GET /lp.vendasta.com/ps-ref-signup/53882dae-google-logo-white-2015.svg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 29 Sep 2022 16:29:55 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: W/"ca7323e1c160debe7a8cdf0a2e3fb66c"
cache-control: max-age=31557600
x-amz-version-id: D715jQRLcg4Dxy4iwiUOxmEfpUuObf1n
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mpY5teq3cjc2QEJVNA1unL_97Zk6z1FHIUYQkZO5Dqm1lTAmmhWJow==
age: 2229058
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/315212/visit-data?sv=5
52.30.245.126200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/315212/visit-data?sv=5
IP 52.30.245.126:0
POST /api/v2/client/sites/315212/visit-data?sv=5 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://lp.vendasta.com
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 11:40:53 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-315212.js?sv=5
143.204.55.98200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-315212.js?sv=5
IP 143.204.55.98:0
GET /c/hotjar-315212.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 11:40:52 GMT
cache-control: max-age=60
etag: W/deccf5492c7da14d65c6eca2f70ceaf6
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -e6OecSbY6rVX3V3fktZ9va_oodqFAYhVsLrnJ9onsBqGyLeS9dr_A==
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/e148d70b-group-12213.svg
54.230.245.99200 OK 0 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/lp.vendasta.com/ps-ref-signup/e148d70b-group-12213.svg
IP 54.230.245.99:0
GET /lp.vendasta.com/ps-ref-signup/e148d70b-group-12213.svg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 29 Sep 2022 16:29:55 GMT
last-modified: Thu, 29 Sep 2022 15:15:44 GMT
etag: W/"94a1c2cfc7349eaf7b8291833bab65ef"
cache-control: max-age=31557600
x-amz-version-id: XHs_914tA0bGjmRRpLvAd3AoGn3efQyt
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EiJjvtn9k2GC8WhoRVB9pRvnqY63f47aVsBOyjfx8ofnkSdpSIBcdA==
age: 2229058
X-Firefox-Spdy: h2
cdn.matomo.cloud/vendasta.matomo.cloud/matomo.js
54.230.111.91200 OK 0 B URL HTTP/2 cdn.matomo.cloud/vendasta.matomo.cloud/matomo.js
IP 54.230.111.91:0
GET /vendasta.matomo.cloud/matomo.js HTTP/1.1
Host: cdn.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.vendasta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 25 Oct 2022 08:29:12 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 19 Oct 2022 23:18:49 GMT
etag: W/"cc482f629721d8ea8561c44e10cf669b"
x-amz-server-side-encryption: AES256
cache-control: max-age=691200
x-amz-version-id: 2vUIBFB9ds.zxR1U2_h3zZaoi4Zi1Rgw
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AT4M--gvVGHiffwuzz_a8C2r-2PTL4-3ISPJG2RnFNLixE7RgpSCKg==
age: 11500
X-Firefox-Spdy: h2