www.rescuehair911.com/vsl/med/index.php?utm_source=1356&utm_medium=PME&utm_campaign=RH911_1356&utm_term=&utm_content=&oid=170&ustid=b06208690ea6444e9fa0d7be92e7f62a
77.235.58.167200 OK 8.0 kB URL HTTP/1.1 www.rescuehair911.com/vsl/med/index.php?utm_source=1356&utm_medium=PME&utm_campaign=RH911_1356&utm_term=&utm_content=&oid=170&ustid=b06208690ea6444e9fa0d7be92e7f62a
IP 77.235.58.167:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (509)
Hash 0e6c671988105755b791936d78c74c7a
4f618503340737c8f5f5e61ec49830fbdc8d5d02
5722320fd96e5b1527d2f6b8218ee91c483236b9698b754d586e9e863b681ab6
GET /vsl/med/index.php?utm_source=1356&utm_medium=PME&utm_campaign=RH911_1356&utm_term=&utm_content=&oid=170&ustid=b06208690ea6444e9fa0d7be92e7f62a HTTP/1.1
Host: www.rescuehair911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:27:23 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=9bdr1o12ajtponormq4pi4i6c5; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 11:41:44 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZukLd6jr_rQ9NFy6kzEH83uW1K1SxFYufD-40beM6TZCtRHnMTx0QA==
Age: 2739
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9430
Expires: Fri, 02 Sep 2022 15:04:33 GMT
Date: Fri, 02 Sep 2022 12:27:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gZKBp00xzP6VvHWz39ZqYKgB6SDRVSwqHMJdwIU49rwFfvzAeuoZCw==
age: 40326
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 12:27:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.rescuehair911.com/vsl/med/css/app_new.css?v=4.05
77.235.58.167200 OK 43 kB URL HTTP/1.1 www.rescuehair911.com/vsl/med/css/app_new.css?v=4.05
IP 77.235.58.167:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 91c399023656414b8ca57e0cd34e639f
e924d11554f6020f9b029d1c387fb34dc96bc2de
8ba301816e5c0b1ee0fe8b326f6b2cf76727d068ed993d612416b8bf7fea8aec
Analyzer Verdict Alert fortinet Phishing
GET /vsl/med/css/app_new.css?v=4.05 HTTP/1.1
Host: www.rescuehair911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rescuehair911.com/vsl/med/index.php?utm_source=1356&utm_medium=PME&utm_campaign=RH911_1356&utm_term=&utm_content=&oid=170&ustid=b06208690ea6444e9fa0d7be92e7f62a
Cookie: PHPSESSID=9bdr1o12ajtponormq4pi4i6c5
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:27:24 GMT
Server: Apache
Last-Modified: Thu, 29 Jul 2021 15:10:58 GMT
Accept-Ranges: bytes
Content-Length: 42883
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 12:27:24 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 70155
expires: Wed, 23 Aug 2023 12:27:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdezYgW%2FDv86GIlbxLyDw2kaDMMeUp4%2Btvv69UxtjkwM%2FURrxTaEbnRFndV6s5%2BqUEQ%2F%2FMsZc96oi%2FE3d7bap80NngIUVX024q%2FOtBUwsGUKEtuPtPavNqL3QuyceS9V2cN2cm6Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74463d540f8a1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/E-v1.js
151.101.86.110200 OK 116 kB URL HTTP/2 fast.wistia.com/assets/external/E-v1.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 116 kB (115864 bytes)
Hash 47b60104fbf00db8839866b8aa738183
c99dd5ade5e0df77fab36d4d44e147701c766c09
716c009cec25ed9737624c17556ec94374dfa88d03ee1b57edd2a00481bf9b6f
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "630fd5bf-1c498"
last-modified: Wed, 31 Aug 2022 21:42:23 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Sep 2022 12:27:24 GMT
age: 2031
x-served-by: cache-iad-kcgs7200062-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
x-cache-hits: 104, 150
x-timer: S1662121644.199306,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 115864
X-Firefox-Spdy: h2
d2ieqaiwehnqqp.cloudfront.net/td38c8aed344364811190ba39629368e4.js
54.230.245.207200 OK 24 kB URL HTTP/2 d2ieqaiwehnqqp.cloudfront.net/td38c8aed344364811190ba39629368e4.js
IP 54.230.245.207:0
Hash e908d4ac7672c9dce96be86c0f3a1e64
2e574130a70b81ec785623b673f5ad89c237a052
b38a7bb03b7972c2dbb24b4f6de7fe3e0e1dc98ff652e065008d23294c31b696
GET /td38c8aed344364811190ba39629368e4.js HTTP/1.1
Host: d2ieqaiwehnqqp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Tue, 23 Aug 2022 17:17:42 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 01 Sep 2022 23:50:15 GMT
etag: W/"346818dfa0bf961b9380f56aa57d8ab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3UsW7HpK57B6MnZk-ny24gXPBIA54eR4CyJQNqv5Xl4k7CWFOjsx-w==
age: 45430
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.42200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 13:30:59 GMT
expires: Fri, 01 Sep 2023 13:30:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 82585
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 12:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mgmtrack1.com/app/matomo/matomo.js
209.59.155.42200 OK 28 kB URL HTTP/1.1 mgmtrack1.com/app/matomo/matomo.js
IP 209.59.155.42:0
File type ASCII text, with very long lines (1892)
Hash bc02851feb67a19f79c22fb71e5db45a
ac9e09d751b49254350c3c85ad23fbf03c32a0ac
9e9c0f7abdfaa62355e4cdaad3f8d6b9b687355304cd4f543c7482f3f56353dc
GET /app/matomo/matomo.js HTTP/1.1
Host: mgmtrack1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:27:24 GMT
Server: Apache
Last-Modified: Sat, 28 Mar 2020 14:50:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 27468
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: application/javascript
www.rescuehair911.com/vsl/med/images/t2.jpg
77.235.58.167200 OK 10 kB URL HTTP/1.1 www.rescuehair911.com/vsl/med/images/t2.jpg
IP 77.235.58.167:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, progressive, precision 8, 280x280, components 3\012- data
Hash ac31d96e4fbb92edbc5852033dd48aa9
fb3e96d78e15561e2fa17f026e00e04dccc1be0f
33772259520ab3019bf2e4f984424b86c21bc0fde548e57268a94c16d27fa980
GET /vsl/med/images/t2.jpg HTTP/1.1
Host: www.rescuehair911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rescuehair911.com/vsl/med/index.php?utm_source=1356&utm_medium=PME&utm_campaign=RH911_1356&utm_term=&utm_content=&oid=170&ustid=b06208690ea6444e9fa0d7be92e7f62a
Cookie: PHPSESSID=9bdr1o12ajtponormq4pi4i6c5
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:27:24 GMT
Server: Apache
Last-Modified: Thu, 29 Jul 2021 15:11:02 GMT
Accept-Ranges: bytes
Content-Length: 10085
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
www.rescuehair911.com/vsl/med/images/t1-1.jpg
77.235.58.167200 OK 9.8 kB URL HTTP/1.1 www.rescuehair911.com/vsl/med/images/t1-1.jpg
IP 77.235.58.167:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, progressive, precision 8, 280x280, components 3\012- data
Hash 7ae8b63bdafcea9b234cc971816307de
a8022066d87fa8267e22f8a13bdb14081f431643
4c68fc0edc2d0f8b5b20bb7cda12a7202df12a6ce70e8b4350b4e999645b6d53
GET /vsl/med/images/t1-1.jpg HTTP/1.1
Host: www.rescuehair911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rescuehair911.com/vsl/med/index.php?utm_source=1356&utm_medium=PME&utm_campaign=RH911_1356&utm_term=&utm_content=&oid=170&ustid=b06208690ea6444e9fa0d7be92e7f62a
Cookie: PHPSESSID=9bdr1o12ajtponormq4pi4i6c5
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:27:24 GMT
Server: Apache
Last-Modified: Thu, 29 Jul 2021 15:11:11 GMT
Accept-Ranges: bytes
Content-Length: 9792
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
www.rescuehair911.com/vsl/med/images/atc.jpg
77.235.58.167200 OK 35 kB URL HTTP/1.1 www.rescuehair911.com/vsl/med/images/atc.jpg
IP 77.235.58.167:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 448x244, components 3\012- data
Hash c6f6111e3cd8539a902e7d359edf1dc5
232bf2def2119e307810a6031d67a7acb3b86fa0
ecc8dd95882ba20272bdd5a4fc9a1401e3d43502a0d9ec49e763b07ae09d624a
GET /vsl/med/images/atc.jpg HTTP/1.1
Host: www.rescuehair911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rescuehair911.com/vsl/med/index.php?utm_source=1356&utm_medium=PME&utm_campaign=RH911_1356&utm_term=&utm_content=&oid=170&ustid=b06208690ea6444e9fa0d7be92e7f62a
Cookie: PHPSESSID=9bdr1o12ajtponormq4pi4i6c5
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:27:24 GMT
Server: Apache
Last-Modified: Thu, 29 Jul 2021 15:11:11 GMT
Accept-Ranges: bytes
Content-Length: 35271
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
www.rescuehair911.com/vsl/med/images/t3.jpg
77.235.58.167200 OK 16 kB URL HTTP/1.1 www.rescuehair911.com/vsl/med/images/t3.jpg
IP 77.235.58.167:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, progressive, precision 8, 280x280, components 3\012- data
Hash c8ac8aa3e288f4b06abacf0c48f0a10e
9212dfa8ca37ee5e99190683b57f3664b9eec644
a61481609f54cb04cce2197bae9234546e5c43c58005bece9f9c8fd2d22d46a0
GET /vsl/med/images/t3.jpg HTTP/1.1
Host: www.rescuehair911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rescuehair911.com/vsl/med/index.php?utm_source=1356&utm_medium=PME&utm_campaign=RH911_1356&utm_term=&utm_content=&oid=170&ustid=b06208690ea6444e9fa0d7be92e7f62a
Cookie: PHPSESSID=9bdr1o12ajtponormq4pi4i6c5
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:27:24 GMT
Server: Apache
Last-Modified: Thu, 29 Jul 2021 15:11:04 GMT
Accept-Ranges: bytes
Content-Length: 15537
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 02 Sep 2022 11:38:16 GMT
Expires: Fri, 02 Sep 2022 12:20:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _cbK9f-sobY_ic90_Pho8NE7Lk8U-YIpbZIGAwYYEKx5slDjA-APBw==
Age: 2948
www.rescuehair911.com/vsl/med/images/PDF_RH911_Label.jpg
77.235.58.167200 OK 228 kB URL HTTP/1.1 www.rescuehair911.com/vsl/med/images/PDF_RH911_Label.jpg
IP 77.235.58.167:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1913x713, components 3\012- data
Size 228 kB (227675 bytes)
Hash c46b61ddb182c80cfe67683393db87fb
9c12a051d04c67b26014ca689df2dfd94319f606
bf5877a798083017e558b6121bc153e039ff1265eb75ae77be11a25cdd92cc92
GET /vsl/med/images/PDF_RH911_Label.jpg HTTP/1.1
Host: www.rescuehair911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rescuehair911.com/vsl/med/index.php?utm_source=1356&utm_medium=PME&utm_campaign=RH911_1356&utm_term=&utm_content=&oid=170&ustid=b06208690ea6444e9fa0d7be92e7f62a
Cookie: PHPSESSID=9bdr1o12ajtponormq4pi4i6c5
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:27:24 GMT
Server: Apache
Last-Modified: Thu, 29 Jul 2021 15:11:04 GMT
Accept-Ranges: bytes
Content-Length: 227675
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
www.rescuehair911.com/vsl/med/images/sound.svg
77.235.58.167200 OK 16 kB URL HTTP/1.1 www.rescuehair911.com/vsl/med/images/sound.svg
IP 77.235.58.167:0
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (2361)
Hash 9ff1ce7aee30346dc851134b7a009341
db110aca3c6a5d719e59a8983dedcb77dcea2fd2
2bda28fabbbfd515bb98613d0dcb4c62bf51869060bd49d11e2cad4f53ea7a70
Analyzer Verdict Alert fortinet Phishing
GET /vsl/med/images/sound.svg HTTP/1.1
Host: www.rescuehair911.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rescuehair911.com/vsl/med/css/app_new.css?v=4.05
Cookie: PHPSESSID=9bdr1o12ajtponormq4pi4i6c5; iTracker360=sou%3D1356%7Cmed%3DPME%7Cter%3D-%7Ccon%3D-%7Ccam%3DRH911_1356%7Cref%3Dhttp%253A//www.rescuehair911.com/vsl/med/index.php%253Futm_source%253D1356%2526utm_medium%253DPME%2526utm_campaign%253DRH911_1356%2526utm_term%253D%2526utm_content%253D%2526oid%253D170%2526ustid%253Db06208690ea6444e9fa0d7be92e7f62a%7Cfirstlpurl%3Dhttp%253A//www.rescuehair911.com/vsl/med/index.php%253Futm_source%253D1356%2526utm_medium%253DPME%2526utm_campaign%253DRH911_1356%2526utm_term%253D%2526utm_content%253D%2526oid%253D170%2526ustid%253Db06208690ea6444e9fa0d7be92e7f62a%7Cgcl%3D%7Cmcl%3D%7Cfcl%3D%7Cgaclientid%3D%7Cfbp%3D%7Cfbc%3D%7Cleadsource%3D1356-pme-rh911_1356%7Cip%3D%7Ccustomfield1%3D-%7Ccustomfield2%3D-%7Ccustomfield3%3D-%7Ccustomfield4%3D-; _pk_ref.19.24e6=%5B%22RH911_1356%22%2C%22%22%2C1662121643%2C%22%22%5D
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:27:24 GMT
Server: Apache
Last-Modified: Thu, 29 Jul 2021 15:11:03 GMT
Accept-Ranges: bytes
Content-Length: 15816
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 12:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.rescuehair911.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:32:09 GMT
expires: Thu, 31 Aug 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 147315
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 12:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fast.wistia.com/assets/external/wistia-mux.js
151.101.86.110200 OK 32 kB URL HTTP/2 fast.wistia.com/assets/external/wistia-mux.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 04e7eaa61e1b3b0de8da42b73b0e0b8c
1a150815c6932bf0a53a1dd2a13bcfc56497912e
9593d633f379885a9aad607d2d86d8ca7bdcc59a3046c9486dfc8d47b383317f
GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "630fd5bf-7e97"
last-modified: Wed, 31 Aug 2022 21:42:23 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Sep 2022 12:27:25 GMT
age: 2031
x-served-by: cache-iad-kiad7000115-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 82
x-timer: S1662121645.054233,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 32407
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rescuehair911.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20006
Date: Fri, 02 Sep 2022 12:20:37 GMT
Expires: Fri, 02 Sep 2022 14:20:37 GMT
Cache-Control: public, max-age=7200
Age: 408
Last-Modified: Wed, 13 Apr 2022 21:02:38 GMT
Content-Type: text/javascript
fast.wistia.com/embed/medias/ha0fliz7r8.json?callback=wistiajson1
151.101.86.110200 OK 1.8 kB URL HTTP/1.1 fast.wistia.com/embed/medias/ha0fliz7r8.json?callback=wistiajson1
IP 151.101.86.110:0
File type ASCII text, with very long lines (5430), with no line terminators
Hash ce051cd65f26d4abfc03b06bd5ab6f74
2c7c14765798bdb9eb42a43a5ac47fd153aaec06
75911379999ecd1b4b8b6ecf59a18f1469c117b9c0ba2806758c528b550895d5
GET /embed/medias/ha0fliz7r8.json?callback=wistiajson1 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rescuehair911.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, no-cache
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
ETag: W/"019214d0fc02634fc5a8fa6999785f94"
P3P: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
Referrer-Policy: strict-origin-when-cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: df1437e5ef7b2bed93318698dbc40438
X-Runtime: 0.057123
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1773
Accept-Ranges: bytes
Date: Fri, 02 Sep 2022 12:27:25 GMT
Age: 0
Connection: keep-alive
X-Served-By: cache-iad-kcgs7200134-IAD, cache-bma1636-BMA
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1662121645.061692,VS0,VE157
Vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
ip.itracker360.com/
172.217.21.179200 OK 32 B IP 172.217.21.179:0
File type ASCII text, with no line terminators
Hash e1202a1e126cc3dbdef5e9ee56e3154d
6a6607724f0bf01b571695902fb304aabd0448ad
fb545cfda0b8bba1fab58a18f6e98555313102050bdc7c54ccf4396401dc8619
GET / HTTP/1.1
Host: ip.itracker360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.rescuehair911.com
Connection: keep-alive
Referer: http://www.rescuehair911.com/
HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: text/plain
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cloud-Trace-Context: f5d6571c137babdbeec1a085ed64d089
Vary: Accept-Encoding
Date: Fri, 02 Sep 2022 12:27:25 GMT
Server: Google Frontend
Content-Length: 32
fast.wistia.com/assets/external/engines/hls_video.js
151.101.86.110200 OK 114 kB URL HTTP/2 fast.wistia.com/assets/external/engines/hls_video.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65469)
Size 114 kB (113966 bytes)
Hash f3b60ce2f94d29010f6e7ffe26c3a97f
029501fec4213ec60548381d10ee0fee6adbb942
1d3e352fd944ec8a0ee9394f27a6cce3204479035e1abcae21f1039396a1e0e0
GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "630fd5bf-1bd2e"
last-modified: Wed, 31 Aug 2022 21:42:23 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Sep 2022 12:27:25 GMT
age: 2032
x-served-by: cache-iad-kcgs7200085-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 64
x-timer: S1662121645.320893,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 113966
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1943
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 12:27:25 GMT
Last-Modified: Fri, 02 Sep 2022 11:55:02 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7040539fecb815b0cc84c15e3e2e99df
761de2d6da86cb1df6bb1fdd85ad71f75a825bb4
b1edf3547f6db4798d46a116924942acc48ad56da1fd61f9951acf93053a6578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 12:27:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fast.wistia.com/assets/images/blank.gif
151.101.86.110200 OK 1.2 kB URL HTTP/2 fast.wistia.com/assets/images/blank.gif
IP 151.101.86.110:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "63111b68-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 01 Sep 2022 20:51:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Sep 2022 12:27:25 GMT
age: 56032
x-served-by: cache-iad-kiad7000162-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 907
x-timer: S1662121645.486998,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 1214
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j96&a=453980992&t=pageview&_s=1&dl=http%3A%2F%2Fwww.rescuehair911.com%2Fvsl%2Fmed%2Findex.php%3Futm_source%3D1356%26utm_medium%3DPME%26utm_campaign%3DRH911_1356%26utm_term%3D%26utm_content%3D%26oid%3D170%26ustid%3Db06208690ea6444e9fa0d7be92e7f62a&ul=en-us&de=UTF-8&dt=(1)%20Discover%20The%20Link%20Between%20Geography%20And%20Baldness&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=930401722&gjid=1003296621&cid=981707163.1662121644&tid=UA-71193211-1&_gid=182092758.1662121644&_r=1&_slc=1&z=1682688106
142.250.74.174200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=453980992&t=pageview&_s=1&dl=http%3A%2F%2Fwww.rescuehair911.com%2Fvsl%2Fmed%2Findex.php%3Futm_source%3D1356%26utm_medium%3DPME%26utm_campaign%3DRH911_1356%26utm_term%3D%26utm_content%3D%26oid%3D170%26ustid%3Db06208690ea6444e9fa0d7be92e7f62a&ul=en-us&de=UTF-8&dt=(1)%20Discover%20The%20Link%20Between%20Geography%20And%20Baldness&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=930401722&gjid=1003296621&cid=981707163.1662121644&tid=UA-71193211-1&_gid=182092758.1662121644&_r=1&_slc=1&z=1682688106
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j96&a=453980992&t=pageview&_s=1&dl=http%3A%2F%2Fwww.rescuehair911.com%2Fvsl%2Fmed%2Findex.php%3Futm_source%3D1356%26utm_medium%3DPME%26utm_campaign%3DRH911_1356%26utm_term%3D%26utm_content%3D%26oid%3D170%26ustid%3Db06208690ea6444e9fa0d7be92e7f62a&ul=en-us&de=UTF-8&dt=(1)%20Discover%20The%20Link%20Between%20Geography%20And%20Baldness&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=930401722&gjid=1003296621&cid=981707163.1662121644&tid=UA-71193211-1&_gid=182092758.1662121644&_r=1&_slc=1&z=1682688106 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.rescuehair911.com
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.rescuehair911.com
date: Fri, 02 Sep 2022 12:27:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7040539fecb815b0cc84c15e3e2e99df
761de2d6da86cb1df6bb1fdd85ad71f75a825bb4
b1edf3547f6db4798d46a116924942acc48ad56da1fd61f9951acf93053a6578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 12:27:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fast.wistia.com/embed/medias/ha0fliz7r8.m3u8
151.101.86.110200 OK 915 B URL HTTP/2 fast.wistia.com/embed/medias/ha0fliz7r8.m3u8
IP 151.101.86.110:0
Hash 846c439e4ab5ea25f084b0a95b98cbcf
80d6097b49cd8720014a14da1845b04888cd3192
c20e2af886ad3b24d03e09bdc617a2aae44df4a84750c259a9d5037bba68ce82
GET /embed/medias/ha0fliz7r8.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.rescuehair911.com
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-type: application/x-mpegURL
etag: W/"c20e2af886ad3b24d03e09bdc617a2aa"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 3988fc79376fb462c0f197f31a61eea0
x-runtime: 0.029091
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Sep 2022 12:27:25 GMT
age: 0
x-served-by: cache-iad-kiad7000132-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662121645.478589,VS0,VE99
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 915
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/5977caa6ff10471a73db540f7f33737e945a3c40.m3u8
151.101.86.133200 OK 1.4 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/5977caa6ff10471a73db540f7f33737e945a3c40.m3u8
IP 151.101.86.133:0
Hash aef18ea93471b887e7cbc386e5309369
2cba4441d46a5a7a1ad43a47b708d78360b88ca4
6a46da01075cd7b8907a4390a7ea00d85247d2525bf0ad285320d2846b1d3c21
GET /deliveries/5977caa6ff10471a73db540f7f33737e945a3c40.m3u8 HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.rescuehair911.com
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
expires: Thu, 20 Jul 2023 15:17:43 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 5977caa6ff10471a73db540f7f33737e945a3c40-hls-segment c1d36fe2eb718afd7f9f3c4d0d1b2737bed19a9d
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Sep 2022 12:27:25 GMT
age: 3791382
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kjyo7100060-IAD, cache-bma1657-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662121646.647045,VS0,VE1
vary: Accept-Encoding
content-length: 1368
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/5977caa6ff10471a73db540f7f33737e945a3c40.m3u8/seg-1-v1-a1.ts
151.101.86.133200 OK 864 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/5977caa6ff10471a73db540f7f33737e945a3c40.m3u8/seg-1-v1-a1.ts
IP 151.101.86.133:0
File type MPEG transport stream data\012- data
Size 864 kB (863672 bytes)
Hash 7adca22915c81e08259cec8985a7f3a7
cb1003a044c3e463c9fb0a837c43081edb5f1dcf
14b29aef8bed8057980ff54b79812652e1dc0956a71284a0ff69c079cb1eb554
GET /deliveries/5977caa6ff10471a73db540f7f33737e945a3c40.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.rescuehair911.com
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
expires: Tue, 22 Aug 2023 11:33:27 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 5977caa6ff10471a73db540f7f33737e945a3c40-hls-segment 1b358123d34e9ad17dff447d5b79a62f6063cc13
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Sep 2022 12:27:25 GMT
age: 953638
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kcgs7200157-IAD, cache-bma1657-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662121646.670245,VS0,VE1
content-length: 863672
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/0bfaa4a4cda5a0e56506b5ef51d40e0d49553e5a.m3u8
151.101.86.133200 OK 1.4 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/0bfaa4a4cda5a0e56506b5ef51d40e0d49553e5a.m3u8
IP 151.101.86.133:0
Hash 46f67da903de36fb7cf98d631f617f21
e6ce0e1a6c3cebd300b653226aa41f49760d73b3
86c9fe9edf67789cc12aeb0bca75fe771e497bd17a49cacfdfb4ca10a5f1356f
GET /deliveries/0bfaa4a4cda5a0e56506b5ef51d40e0d49553e5a.m3u8 HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.rescuehair911.com
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
expires: Fri, 18 Aug 2023 05:59:08 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 0bfaa4a4cda5a0e56506b5ef51d40e0d49553e5a-hls-segment e9330b34855d22aaa7add39099ec6feaf8996b71
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Sep 2022 12:27:25 GMT
age: 1319297
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kiad7000093-IAD, cache-bma1657-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662121646.838187,VS0,VE2
vary: Accept-Encoding
content-length: 1362
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.228.106.27101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.106.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qu/CF0VNQXcQz/W3lVTXJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hJiGCzzPvvs24C6qAAY5WIGUufQ=
embed-fastly.wistia.com/deliveries/0bfaa4a4cda5a0e56506b5ef51d40e0d49553e5a.m3u8/seg-1-v1-a1.ts
151.101.86.133200 OK 322 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/0bfaa4a4cda5a0e56506b5ef51d40e0d49553e5a.m3u8/seg-1-v1-a1.ts
IP 151.101.86.133:0
File type MPEG transport stream data\012- data
Size 322 kB (322232 bytes)
Hash 8e6e52979ede9db64d33323c1b879d26
393c81a76d382288c24b8049931d6ca84d4236e1
c07df6f8061777553394cb7a074ef63f179d2bf5c5d510661d3a531ab7543c52
GET /deliveries/0bfaa4a4cda5a0e56506b5ef51d40e0d49553e5a.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.rescuehair911.com
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
expires: Wed, 30 Aug 2023 13:41:11 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 0bfaa4a4cda5a0e56506b5ef51d40e0d49553e5a-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Sep 2022 12:27:25 GMT
age: 254774
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kcgs7200076-IAD, cache-bma1657-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662121646.868154,VS0,VE3
content-length: 322232
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash d11880eaa564c29833918a4155deec18
6ce41595331aac7e8feb8d4b3a1552136886a5c9
33f46b21e19af9d0df98146c1290efa35ca096f0bd72aaa60f88787e40ca174e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 12:27:25 GMT
Last-Modified: Fri, 02 Sep 2022 12:13:05 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bE2ptXt7_TtMtkUf2hpzxs-75QXiOv13MJRh2w7ephFmiS7VNO4Cmg==
Age: 860
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash d11880eaa564c29833918a4155deec18
6ce41595331aac7e8feb8d4b3a1552136886a5c9
33f46b21e19af9d0df98146c1290efa35ca096f0bd72aaa60f88787e40ca174e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 12:27:25 GMT
Last-Modified: Fri, 02 Sep 2022 11:21:42 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3cvfKSv04fw71suKcvCBobKzPD3e8bEYPWpymt__JCgpZ4As_RlO_Q==
Age: 3943
fg8vvsvnieiv3ej16jby.litix.io/
34.230.191.203200 OK 0 B URL HTTP/1.1 fg8vvsvnieiv3ej16jby.litix.io/
IP 34.230.191.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: fg8vvsvnieiv3ej16jby.litix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.rescuehair911.com/
Origin: http://www.rescuehair911.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Date: Fri, 02 Sep 2022 12:27:25 GMT
Content-Length: 0
Connection: keep-alive
embed-ssl.wistia.com/deliveries/18688aeb88fae31de1b787309582b574.webp?image_crop_resized=1280x720
151.101.86.133200 OK 43 kB URL HTTP/2 embed-ssl.wistia.com/deliveries/18688aeb88fae31de1b787309582b574.webp?image_crop_resized=1280x720
IP 151.101.86.133:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4b75c90e764ac0221e73bf2a0e7d4acb
2fc1989a937905bb8a70151e94d7fa21407463c5
f26aa9d6983976da7b70430523d8871273a87ff1f971ab2aff64b60897a64b14
GET /deliveries/18688aeb88fae31de1b787309582b574.webp?image_crop_resized=1280x720 HTTP/1.1
Host: embed-ssl.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: max-age=31536000
content-disposition: inline
edge-cache-tag: 18688aeb88fae31de1b787309582b574
last-modified: Wed, 25 Aug 2021 18:59:44 UTC
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Sep 2022 12:27:25 GMT
age: 2080687
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kjyo7100167-IAD, cache-bma1653-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1662121646.891479,VS0,VE101
content-length: 43076
X-Firefox-Spdy: h2
fg8vvsvnieiv3ej16jby.litix.io/
34.230.191.203200 OK 0 B URL HTTP/1.1 fg8vvsvnieiv3ej16jby.litix.io/
IP 34.230.191.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: fg8vvsvnieiv3ej16jby.litix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2563
Origin: http://www.rescuehair911.com
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Date: Fri, 02 Sep 2022 12:27:26 GMT
Content-Length: 0
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3067
Expires: Fri, 02 Sep 2022 13:18:33 GMT
Date: Fri, 02 Sep 2022 12:27:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3067
Expires: Fri, 02 Sep 2022 13:18:33 GMT
Date: Fri, 02 Sep 2022 12:27:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3067
Expires: Fri, 02 Sep 2022 13:18:33 GMT
Date: Fri, 02 Sep 2022 12:27:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cfd0462-8823-4971-b883-caf554e900df.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cfd0462-8823-4971-b883-caf554e900df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62010c86472d14f87499b41dc46c12e4
d15de8ceb6fef98b46a87aec2e071c909efd2973
0fd93286e0381c85fa0db6cca62c4736b7a3837efcd035d25f7a4d948d9a0af0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cfd0462-8823-4971-b883-caf554e900df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8381
x-amzn-requestid: fcfbb9fb-66bd-40db-9088-d7c6110675bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjbGLToAMF6Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-75d4a2991a1bbf266e81c2e2;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _HYMbSu2Xdv2-CWi2SPHdhsGCkJbarEhaO0l3jmBjNaKYuaoZAUgyA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
age: 53400
etag: "d15de8ceb6fef98b46a87aec2e071c909efd2973"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3067
Expires: Fri, 02 Sep 2022 13:18:33 GMT
Date: Fri, 02 Sep 2022 12:27:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3067
Expires: Fri, 02 Sep 2022 13:18:33 GMT
Date: Fri, 02 Sep 2022 12:27:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e05660322f0368dd2bf8067d7e4554d
ec65cb47d86488f734c945a210d5f636a40fea2c
98875230ec45766102191bdc4180742fa3b8f3ad5ad1a128d12437105f86247e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6196
x-amzn-requestid: a7d6ce70-06d7-498c-8024-80185a3fc3e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyLFmVIAMFkcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112674-3fad622927177e9236d7c50a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wLezqM4_yKqtOR7D43beBqm8TAD5y8eQ7xHOxjDJdHchCpyusuzMuQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:55:46 GMT
etag: "ec65cb47d86488f734c945a210d5f636a40fea2c"
content-type: image/jpeg
age: 52300
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
age: 53400
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ba50b2fd1814c5ffc95aef40c69ce8c
cbb4546228115cccc122b16209e70171bef5c1f2
de822c8549508b28a07d29b203ae3ef356470df906cba727fc765f1bd14bb866
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9252
x-amzn-requestid: 7feebba8-f6b9-4b79-9726-5a7534da277e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyVG5DoAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112675-3123158f3dcfbd476537ca3c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BOa5zGQyJS9q9bHmtKzlNtyS9ToGPZJkDFo2uY2lzz8Lnd3cZLQEaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:01:10 GMT
age: 51976
etag: "cbb4546228115cccc122b16209e70171bef5c1f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd29a2d-3498-41a7-af26-6104f50c81c8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd29a2d-3498-41a7-af26-6104f50c81c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25983224daee47c629690b65e7db685b
6f144e4e28ba6dfb56860b187a224cfbc23b50bb
2ada67937844f22cf524d39cf034ae5e49dd892c4b2e70af31cec62c747e3762
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd29a2d-3498-41a7-af26-6104f50c81c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10015
x-amzn-requestid: 28b44607-90c3-42b0-9a47-5ffd4f670347
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLlfGBqIAMFWqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112622-38788fd737d1b6a35acc1fee;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zMXXwsarlTt3JoospInef1pe4wZKTV_YmnM_ZXD79XLq1f9aZzSl1w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:38:30 GMT
age: 53336
etag: "6f144e4e28ba6dfb56860b187a224cfbc23b50bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: fa921878-2054-453b-b313-681cdd9c9068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj-Z_HUNIAMFltg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b110c-053ce81943fea70c2de7daa0;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 06:54:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 69fDjN-ZeYA8RVO_WGTY1KQHZ1t3PNdWIwq3ax1e1wKmuPODyGCMcQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 14:46:29 GMT
age: 78057
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 003e8a2cb35bb65683fccbf8bf7a9797
b26fbc7607825162686c7e164d51956addeb1a6c
a71ec1144878270f76c09c51967a1d24b7d82dd700e83216be1e814a74796403
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 12:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-71193211-1&cid=981707163.1662121644&jid=930401722&gjid=1003296621&_gid=182092758.1662121644&_u=IEBAAEAAAAAAAC~&z=662571705
64.233.163.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-71193211-1&cid=981707163.1662121644&jid=930401722&gjid=1003296621&_gid=182092758.1662121644&_u=IEBAAEAAAAAAAC~&z=662571705
IP 64.233.163.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-71193211-1&cid=981707163.1662121644&jid=930401722&gjid=1003296621&_gid=182092758.1662121644&_u=IEBAAEAAAAAAAC~&z=662571705 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.rescuehair911.com
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.rescuehair911.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Sep 2022 12:27:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 003e8a2cb35bb65683fccbf8bf7a9797
b26fbc7607825162686c7e164d51956addeb1a6c
a71ec1144878270f76c09c51967a1d24b7d82dd700e83216be1e814a74796403
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 12:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 77dcbad667fa753223ab404f9e5efc2e
8aa7da6ed9b77d478e9205e41c8b6fe0a973ae70
0a59d091c042b60cb2193e33754db4e8c2fd7c8e4abd5150a72db06cdc661a94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 12:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 67921e2bd7c620bdd4db5ed1e73d3146
1deaa030ab490c63f94bde4c7ada5e2f849fb506
7fcee2496cdc63c9779941621d9e61acd006910947ccb6c7e98f383b0bf4574c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 12:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71193211-1&cid=981707163.1662121644&jid=930401722&_u=IEBAAEAAAAAAAC~&z=1712178154
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71193211-1&cid=981707163.1662121644&jid=930401722&_u=IEBAAEAAAAAAAC~&z=1712178154
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71193211-1&cid=981707163.1662121644&jid=930401722&_u=IEBAAEAAAAAAAC~&z=1712178154 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 12:27:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71193211-1&cid=981707163.1662121644&jid=930401722&_u=IEBAAEAAAAAAAC~&z=1712178154
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71193211-1&cid=981707163.1662121644&jid=930401722&_u=IEBAAEAAAAAAAC~&z=1712178154
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71193211-1&cid=981707163.1662121644&jid=930401722&_u=IEBAAEAAAAAAAC~&z=1712178154 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 12:27:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 77dcbad667fa753223ab404f9e5efc2e
8aa7da6ed9b77d478e9205e41c8b6fe0a973ae70
0a59d091c042b60cb2193e33754db4e8c2fd7c8e4abd5150a72db06cdc661a94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 12:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dc076b754adaddcb000f3f987b6c5df2
01e9b40591692b8b2a6a94729e9481c7e600d248
9dbf2e71e1cbad91a71154b729e8ef496eda7544828a8bfd4f64e6dd70c4f64d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 12:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mgmtrack1.com/app/matomo/matomo.php?action_name=(1)%20Discover%20The%20Link%20Between%20Geography%20And%20Baldness&idsite=19&rec=1&r=487377&h=12&m=27&s=23&url=http%3A%2F%2Fwww.rescuehair911.com%2Fvsl%2Fmed%2Findex.php%3Futm_source%3D1356%26utm_medium%3DPME%26utm_campaign%3DRH911_1356%26utm_term%3D%26utm_content%3D%26oid%3D170%26ustid%3Db06208690ea6444e9fa0d7be92e7f62a&_id=04996876a015d4ac&_idts=1662121643&_idvc=1&_idn=1&_rcn=RH911_1356&_refts=1662121643&_viewts=1662121643&send_image=1&cookie=1&res=1280x1024>_ms=27&pv_id=zUsZIz
209.59.155.42200 OK 43 B URL HTTP/1.1 mgmtrack1.com/app/matomo/matomo.php?action_name=(1)%20Discover%20The%20Link%20Between%20Geography%20And%20Baldness&idsite=19&rec=1&r=487377&h=12&m=27&s=23&url=http%3A%2F%2Fwww.rescuehair911.com%2Fvsl%2Fmed%2Findex.php%3Futm_source%3D1356%26utm_medium%3DPME%26utm_campaign%3DRH911_1356%26utm_term%3D%26utm_content%3D%26oid%3D170%26ustid%3Db06208690ea6444e9fa0d7be92e7f62a&_id=04996876a015d4ac&_idts=1662121643&_idvc=1&_idn=1&_rcn=RH911_1356&_refts=1662121643&_viewts=1662121643&send_image=1&cookie=1&res=1280x1024>_ms=27&pv_id=zUsZIz
IP 209.59.155.42:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /app/matomo/matomo.php?action_name=(1)%20Discover%20The%20Link%20Between%20Geography%20And%20Baldness&idsite=19&rec=1&r=487377&h=12&m=27&s=23&url=http%3A%2F%2Fwww.rescuehair911.com%2Fvsl%2Fmed%2Findex.php%3Futm_source%3D1356%26utm_medium%3DPME%26utm_campaign%3DRH911_1356%26utm_term%3D%26utm_content%3D%26oid%3D170%26ustid%3Db06208690ea6444e9fa0d7be92e7f62a&_id=04996876a015d4ac&_idts=1662121643&_idvc=1&_idn=1&_rcn=RH911_1356&_refts=1662121643&_viewts=1662121643&send_image=1&cookie=1&res=1280x1024>_ms=27&pv_id=zUsZIz HTTP/1.1
Host: mgmtrack1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:27:24 GMT
Server: Apache
Cache-Control: no-store
Vary: User-Agent
Keep-Alive: timeout=5, max=199
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/gif
fast.wistia.com/assets/external/playPauseLoadingControl.js
151.101.86.110200 OK 16 kB URL HTTP/2 fast.wistia.com/assets/external/playPauseLoadingControl.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (59769), with no line terminators
Hash ea61e98bf998a0a296586f81f1b050ec
38b7e2de1cba5187d25daf795ef3512a4ea3d041
744443622985a23105124674f13a51e8310b3d3accd736824ea211e3923a4dbf
GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "630fd5bf-3e13"
last-modified: Wed, 31 Aug 2022 21:42:23 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Sep 2022 12:27:29 GMT
age: 2036
x-served-by: cache-iad-kiad7000178-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 86
x-timer: S1662121649.035427,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 15891
X-Firefox-Spdy: h2
pipedream.wistia.com/mput?topic=metrics
52.44.213.33200 OK 2 B URL HTTP/1.1 pipedream.wistia.com/mput?topic=metrics
IP 52.44.213.33:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/x-www-form-urlencoded
Content-Length: 7124
Origin: http://www.rescuehair911.com
Connection: keep-alive
Referer: http://www.rescuehair911.com/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 12:27:29 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 2570abfa026e4e1d722a51253eb1e314
bdb2f2996f2b4f9da48d5625dddd0184b39a33f8
086bff53aca7cea934d5bd323695694d2a073d573de900670c1464d1af8fe2a9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 12:27:29 GMT
Last-Modified: Fri, 02 Sep 2022 11:22:06 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F61N52IaNr2QDUHm5q3rzgZa3kVKXXm--FIPJc5EalDES_gCjja2vg==
Age: 3923
distillery.wistia.com/x
18.205.143.103204 No Content 0 B IP 18.205.143.103:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1640
Origin: http://www.rescuehair911.com
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 02 Sep 2022 12:27:29 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/allIntegrations.js
151.101.86.110200 OK 5.6 kB URL HTTP/2 fast.wistia.com/assets/external/allIntegrations.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (21488), with no line terminators
Hash 6ad85d84726e1fd100a0143a0b26cc5f
33a30fb1ac9fb4442f98022f4b2550caf7b538a3
f563f097322b46c634b999c930a2cfb102db995369937a89f22bf88f01f4a8b5
GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "630fd5bf-15e1"
last-modified: Wed, 31 Aug 2022 21:42:23 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 02 Sep 2022 12:27:30 GMT
age: 2037
x-served-by: cache-iad-kjyo7100088-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 48
x-timer: S1662121650.042310,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 5601
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@400&display=swap
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@400&display=swap
IP 216.58.211.10:0
GET /css2?family=Poppins:wght@400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 12:27:24 GMT
date: Fri, 02 Sep 2022 12:27:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@300&display=swap
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@300&display=swap
IP 216.58.211.10:0
GET /css2?family=Poppins:wght@300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rescuehair911.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 12:27:24 GMT
date: Fri, 02 Sep 2022 12:27:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2