go.vshred.team Open in urlscan Pro
34.68.234.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trk.vshred.com/ls/click?upn=7GIWNUzDNuwf4ZJhYMVbPiP-2Bnk8KAlR9C4R5cbfPWUDLmfsQqJE4yjF0Zp4uXyLBfiHY1DCv2W304K5Vh...
Effective URL:
https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=C...
Submission: On July 25 via manual (July 25th 2023, 8:36:50 pm UTC) from US — Scanned from DE

Summary HTTP 130 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 25 domains to perform 130 HTTP transactions. The main IP is 34.68.234.4, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is go.vshred.team.
TLS certificate: Issued by R3 on May 28th 2023. Valid for: 3 months.

This is the only time go.vshred.team was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.56 167.89.115.56	11377 (SENDGRID) (SENDGRID)
1	34.68.234.4 34.68.234.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	35.244.153.18 35.244.153.18	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	99.84.88.58 99.84.88.58	16509 (AMAZON-02) (AMAZON-02)
5	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:237... 2600:9000:237d:d000:10:6a77:5f80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.120.211.235 34.120.211.235	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.111.216.78 34.111.216.78	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	100.24.225.193 100.24.225.193	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2600:9000:225... 2600:9000:225b:0:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
16	35.241.23.233 35.241.23.233	15169 (GOOGLE) (GOOGLE)
1	3.12.168.105 3.12.168.105	16509 (AMAZON-02) (AMAZON-02)
5	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::44 2620:1ec:bdf::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.202.31.6 35.202.31.6	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:5e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::626	54113 (FASTLY) (FASTLY)
3	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2606:4700:10:... 2606:4700:10::6816:4951	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
130	32

1 167.89.115.56 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x56.outbound-mail.sendgrid.net

trk.vshred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.234.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.234.68.34.bc.googleusercontent.com

go.vshred.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 35.244.153.18 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 18.153.244.35.bc.googleusercontent.com

stcdn.leadconnectorhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.88.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-58.muc50.r.cloudfront.net

widget.wickedreports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:d000:10:6a77:5f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.provesrc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

utt.impactcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.120.211.235 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 235.211.120.34.bc.googleusercontent.com

services.leadconnectorhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.216.78 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.216.111.34.bc.googleusercontent.com

images.leadconnectorhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 100.24.225.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-225-193.compute-1.amazonaws.com

client-api.provesrc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225b:0:1:a3fa:7cc0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 35.241.23.233 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 233.23.241.35.bc.googleusercontent.com

1callclosers.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.12.168.105 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-168-105.us-east-2.compute.amazonaws.com

track.wickedreports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.202.31.6 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.31.202.35.bc.googleusercontent.com

app-widgets.jotform.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:5e1 (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.jotform.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)

assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:4951 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

cdn-provesrc.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	leadconnectorhq.com stcdn.leadconnectorhq.com — Cisco Umbrella Rank: 45988 services.leadconnectorhq.com — Cisco Umbrella Rank: 41962 images.leadconnectorhq.com — Cisco Umbrella Rank: 111306	239 KB
16	jotform.com 1callclosers.jotform.com Failed	879 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 955 o.clarity.ms — Cisco Umbrella Rank: 8696 c.clarity.ms — Cisco Umbrella Rank: 1556	28 KB
7	provesrc.com cdn.provesrc.com — Cisco Umbrella Rank: 104691 client-api.provesrc.com — Cisco Umbrella Rank: 85741	58 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	295 B
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 166	525 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2709	460 B
5	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4630	68 KB
4	jotfor.ms cdn.jotfor.ms — Cisco Umbrella Rank: 19894	196 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 382 c.bing.com — Cisco Umbrella Rank: 221	15 KB
4	gstatic.com fonts.gstatic.com	124 KB
3	jotform.io app-widgets.jotform.io — Cisco Umbrella Rank: 87790 widgets.jotform.io — Cisco Umbrella Rank: 55711	3 KB
3	wickedreports.com widget.wickedreports.com — Cisco Umbrella Rank: 43440 track.wickedreports.com — Cisco Umbrella Rank: 65870	10 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1190	2 KB
2	jwplayer.com 1 redirects cdn.jwplayer.com — Cisco Umbrella Rank: 2937	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 261	19 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	133 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82	2 KB
1	digitaloceanspaces.com cdn-provesrc.nyc3.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 301370	4 KB
1	jwpsrv.com assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3996	192 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5791	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 120	244 B
1	impactcdn.com utt.impactcdn.com — Cisco Umbrella Rank: 5162	14 KB
1	vshred.team go.vshred.team	33 KB
1	vshred.com 1 redirects trk.vshred.com	455 B
130	25

	Domain	Requested by
37	stcdn.leadconnectorhq.com	go.vshred.team stcdn.leadconnectorhq.com
16	1callclosers.jotform.com	stcdn.leadconnectorhq.com go.vshred.team 1callclosers.jotform.com
6	www.facebook.com	go.vshred.team
6	client-api.provesrc.com	cdn.provesrc.com
6	connect.facebook.net	go.vshred.team connect.facebook.net app-widgets.jotform.io
5	region1.analytics.google.com	www.googletagmanager.com
5	dev.visualwebsiteoptimizer.com	go.vshred.team dev.visualwebsiteoptimizer.com
4	cdn.jotfor.ms	1callclosers.jotform.com cdn.jotfor.ms
4	services.leadconnectorhq.com	stcdn.leadconnectorhq.com
4	fonts.gstatic.com	fonts.googleapis.com
3	o.clarity.ms	www.clarity.ms
3	images.leadconnectorhq.com	go.vshred.team
3	bat.bing.com	go.vshred.team bat.bing.com
3	use.fontawesome.com	go.vshred.team
2	c.clarity.ms	1 redirects
2	widgets.jotform.io	1callclosers.jotform.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	cdn.jwplayer.com	1 redirects go.vshred.team
2	cdnjs.cloudflare.com	stcdn.leadconnectorhq.com 1callclosers.jotform.com
2	www.googletagmanager.com	go.vshred.team www.googletagmanager.com
2	widget.wickedreports.com	stcdn.leadconnectorhq.com widget.wickedreports.com
2	fonts.googleapis.com	go.vshred.team cdn.provesrc.com
1	c.bing.com	1 redirects
1	cdn-provesrc.nyc3.cdn.digitaloceanspaces.com	go.vshred.team
1	assets-jpcust.jwpsrv.com	go.vshred.team
1	app-widgets.jotform.io	1callclosers.jotform.com
1	www.google.de	go.vshred.team
1	stats.g.doubleclick.net	www.googletagmanager.com
1	track.wickedreports.com	widget.wickedreports.com
1	utt.impactcdn.com	go.vshred.team
1	cdn.provesrc.com	go.vshred.team
1	go.vshred.team
1	trk.vshred.com	1 redirects
130	33

This site contains links to these domains. Also see Links.

Domain
vshred.com

Subject Issuer	Validity	Valid
go.vshred.team R3	`2023-05-28` - `2023-08-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
stcdn.leadconnectorhq.com GTS CA 1D4	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
widget.wickedreports.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-29`	6 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-04` - `2023-08-02`	3 months	crt.sh
*.provesrc.com Amazon RSA 2048 M01	`2023-02-28` - `2023-12-10`	9 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
utt.impactcdn.com GTS CA 1D4	`2023-07-17` - `2023-10-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
services.leadconnectorhq.com GTS CA 1D4	`2023-06-19` - `2023-09-17`	3 months	crt.sh
images.leadconnectorhq.com GTS CA 1D4	`2023-06-16` - `2023-09-14`	3 months	crt.sh
jwplayer.com Amazon RSA 2048 M02	`2023-03-01` - `2023-12-25`	10 months	crt.sh
jotform.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-20` - `2023-10-20`	a year	crt.sh
track.wickedreports.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Frame ID: 120E787BBFF1F0E2A27C8A3629542A16
Requests: 99 HTTP requests in this frame

Frame: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Frame ID: 6F54CEDF724681481A797E9CE385BB90
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

vShred | Strategy Session

Page URL History Show full URLs

http://trk.vshred.com/ls/click?upn=7GIWNUzDNuwf4ZJhYMVbPiP-2Bnk8KAlR9C4R5cbfPWUDLmfsQqJE4yjF0Zp4uX... HTTP 302
https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keywor... Page URL

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

130
Requests

97 %
HTTPS

53 %
IPv6

25
Domains

33
Subdomains

32
IPs

4
Countries

2547 kB
Transfer

6159 kB
Size

31
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://vshred.com/terms-and-conditions
Title: TERMS & CONDITIONS

Search URL Search Domain Scan URL

URL: https://vshred.com/privacy-policy
Title: PRIVACY POLICY

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trk.vshred.com/ls/click?upn=7GIWNUzDNuwf4ZJhYMVbPiP-2Bnk8KAlR9C4R5cbfPWUDLmfsQqJE4yjF0Zp4uXyLBfiHY1DCv2W304K5Vh6jhVqAlMCuePU8RdnsovzU8lcc6Fyr-2F1-2F4up6r5IVjoEWRqZtOw-2F9eY8DJOJNDY7otYpstXAVVt8uTJ1tWXF9M4BQVZlGpMLSVGVhOee0gVpnMWYnE1QN7ssarLy1qvIsDIOR-2FY9U5Fpru3qwkCSJKHf0U01BnzpNb-2BDWgoxxZ-2Bam-2FjTi1LoCA3xHB4wMGQ6NUauBy7oeyiw0yX5WDjO8nj-2F9SOmUZivCwoSSagJhviVyy244qcjGy2JKy1GPrpbY-2FzuDPVXRvdTYAYqEhsIdClYlE-3DQyBG_rljAO1Zg2Bjge2vHsUOCbRjNLgBRkSJdmp0fQE89Mwiw3AbUve-2BPcChA1EXctwcuVoZJuxtmkUpj6wStns4snRYtjNFrr3tdtX7svP8oNUtc-2FKhubB2DUSdCP7vqfwN6vdj-2F60LdN6T5c6yQirH2sAdfV6SA-2BJ6cqTXDwdEa3pH1ryUnCgPYrdj3CTuw30HaOgExYT3sRHni9XGdzi7qLVYw4hFuOo85PPCNnw8tHgHvUQdE5rg0BbKU18-2BknmAkZEfJ9t-2FKICvI25zfuPEIIrzXu7tePptfO5NdT9BTERUTCLHfxOvdOD9GvBBB3zNnZXmuvh0vGJ5xU6L-2BnJxrmFXYzs0JXv9FrMHVdyZqiYuVY1304xkJARw-2Bnan6DlzIP-2FgvYkQAq6AUTiUD9fNzKdU4qdT-2BewPihgnOVOv538GS5Tgl8giS2Nk8-2BTQLNav8NDaK7KuTnJYcoslmmN-2BtSg-3D-3D HTTP 302
https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105

https://cdn.jwplayer.com/v2/media/A5YeSWLU/poster.mp4?width=640 HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/qypav9fz-640.mp4

Request Chain 131

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4BA1D837977D4BE6BDF9B21035D12CA8&RedC=c.clarity.ms&MXFR=2BF36D17412361C131D17E4E45236F23 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4BA1D837977D4BE6BDF9B21035D12CA8&MUID=22B2EA5C689C6F2601EFF90569306E6B

130 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request vs-quiz Show response
go.vshred.team/
Redirect Chain

http://trk.vshred.com/ls/click?upn=7GIWNUzDNuwf4ZJhYMVbPiP-2Bnk8KAlR9C4R5cbfPWUDLmfsQqJE4yjF0Zp4uXyLBfiHY1DCv2W304K5Vh6jhVqAlMCuePU8RdnsovzU8lcc6Fyr-2F1-2F4up6r5IVjoEWRqZtOw-2F9eY8DJOJNDY7otYpstXAV...
https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx...

141 KB
33 KB

592ms
262ms

Document
text/html

34.68.234.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.68.234.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.234.68.34.bc.googleusercontent.com
Software: openresty / Express
Resource Hash: 3e13bb74ec4b5da1db8db64e2a3ba8c56fb41ce1168ef6bb82f5e88f0e3ca5fa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60, s-maxage=120
content-encoding: gzip
content-length: 34028
content-type: text/html; charset=utf-8
date: Tue, 25 Jul 2023 20:36:44 GMT
etag: W/"84ec-Iw549HJyTaJqBuUQPXJktxeQl/c"
server: openresty
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

Connection: keep-alive
Content-Length: 306
Content-Type: text/html; charset=utf-8
Date: Tue, 25 Jul 2023 20:36:43 GMT
Location: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 86ms
34ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,700%7COpen%20Sans:400,700%7CRaleway:400,700%7CMontserrat:400,700%7CContent%20Font:400,700&display=swap

Requested by

Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd2ab997b1d25dafd7989fef4b5209bf2d3d435c6096b6e66f68b1d6a6b7a2e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 20:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 20:36:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 20:36:44 GMT

GET
H2 200 regular.css
use.fontawesome.com/releases/v5.15.4/css/ 677 B
699 B 94ms
40ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/regular.css
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ffbd97e0bd6d33be9ea8ccc0f497377055e61c00c8b412f696eaab4a929978e

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KNQ7Z1XHNBTM49JM
age: 1686064
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wR3kgTk/RBfUudY7KxOkdAmj02HOVriDVBrxDhYZj1S83wVEzLYc8CkFkEqBuz1sEqAD9AOqThk=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"49c10bd7921f287bbd5b1180cb008e10"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQVg0KxMweXpBSIKKYaTNberZ28ABI8SiOeWVyJyq2XvF1mJAxAipjMItK93ePVD4CF3V5h1BDLAL%2BEe8O2Sf%2BnMKRKzCZ17d9tc9VaiOZq%2BhvnJctPOhQVwl5sXwoLNUoW0PK6yzdrYIlV3NLBSiRjI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7ec73262aa7018ff-FRA

GET
H2 200 solid.css
use.fontawesome.com/releases/v5.15.4/css/ 669 B
1017 B 84ms
30ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/solid.css
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 882e58c671a484d0daa97a2807060e1a1ad16e73a87753f494a0a8f24412164b

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KNQA69F1RBMKA7HE
age: 1686064
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xe5QyPdHbdqxspEcCojwNRSmlkOfToixc09Up250JlJkkZUCKAL7I9xEJLYSsNBzCo3hU7SNG1w=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"685a6b10be9f3db25acf78c5e7ba7379"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fztIaFJSHIo6qvbhQ41wrOh1T%2FoHFAphAIIkRu5RwBpJGyyIpQsnLxlDh8Hsmh6KS12oGDwD2BMOc3S110jaYoTZQbCR3KSdjphPWbcld%2FVS54VB97hEFxfafHaQG0MkM%2Fg64KP7y1rtE9UEI3uJKypr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7ec73262aa7318ff-FRA

GET
H2 200 brands.css
use.fontawesome.com/releases/v5.15.4/css/ 675 B
700 B 84ms
30ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/brands.css
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71d8dae725ec4dd82504e24d40cf6e5678b0e02d28888a68f6b8488a87d424dd

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KNQ0PB86D1KZQ72A
age: 1686064
alt-svc: h3=":443"; ma=86400
x-amz-id-2: zJb1q+PQxjVXfCaHyb7+VWMj6yIHl27uHWaeuEKKDKt9XEFwQ1gWRfy70K4RCSqLpkx3g3mFx0U=
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
server: cloudflare
etag: W/"2c213c9e855a714f04273ad8ddfec94a"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoPWH5wTxcVPYRAhRhERYu%2FijCvLxCJiP0cLKeCYoww8j6ap487sIkVM574csi8Y0JEkraKYnuZvKk0M5jta61%2BWmNd%2FGdWfcTW4YBl65uMBoFsWLDkKby%2FwjszAYTu4GLhD1Xo8EztGyOoh%2BpnTKaBE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7ec73262aa7618ff-FRA

GET
H2 200 entry.2a40aece.js Show response
stcdn.leadconnectorhq.com/_preview/ 238 KB
76 KB 121ms
51ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/entry.2a40aece.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f8daf1c517e08a86e91ead80d732f34b0714099f97c51c38aa01141eba18fca7

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:53 GMT
content-encoding: gzip
age: 45351
x-guploader-uploadid: ADPycdtTjBAZHF1grDDWAu2VMRPa5UNjqGzCvuGJGhcNqVVHHHlxkCBPo5-HLxCmY3u6gkbUA1P5qnR1BPFFOL4m3R6ZEHG71Cjr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77973
last-modified: Tue, 25 Jul 2023 07:57:49 GMT
server: UploadServer
etag: "d5c5196b97d2df926666b08d767fadc7"
x-goog-generation: 1690271868972488
x-goog-hash: crc32c=MFMlrw==, md5=1cUZa5fS35JmZrCNdn+txw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 77973
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:53 GMT

GET
H2 200 entry.78ab65b1.css
stcdn.leadconnectorhq.com/_preview/ 986 B
803 B 99ms
29ms Stylesheet
text/css 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/entry.78ab65b1.css
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 78ab65b14bb96dd57096b2d74c77cf65c35fa89c09167a9fd1e72a3025e9860a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 05:21:12 GMT
content-encoding: gzip
age: 2560532
x-guploader-uploadid: ADPycdtRi4Bb-E1zaZy14UgnKjbnKlRUnca4zPIYruB3bHe5w6Nh0VhqqwChSPiwvgPIqth7omoFjLWlc1i6VibQ_Qki4bcF8ZOI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 516
last-modified: Mon, 26 Jun 2023 05:18:58 GMT
server: UploadServer
etag: "e75aeeead427289bb5efce03dc39f546"
x-goog-generation: 1687756738848272
x-goog-hash: crc32c=OBqOlQ==, md5=51ru6tQnKJu1784D3Dn1Rg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 516
accept-ranges: bytes
content-type: text/css
expires: Tue, 25 Jun 2024 05:21:12 GMT

GET
H2 200 default.de8421bc.js Show response
stcdn.leadconnectorhq.com/_preview/ 1 KB
911 B 135ms
65ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/default.de8421bc.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b4d5a9ca451dde7b8b1f697a44df94f368a548f0f415159a90760d373efcf9a9

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:19 GMT
content-encoding: gzip
age: 45385
x-guploader-uploadid: ADPycdurwbybvMjiDPEnZUxWJc3GIPhWCVgldE1iiSuZ379w1unHNsBvs0xZ2rUdowLQWBpJQj-XG9rElU6Ir8MyzmBpvdl41V7I
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 677
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "61716f8c5a94cf5ee442ef0cb40e5b9f"
x-goog-generation: 1690271868720524
x-goog-hash: crc32c=rnErAA==, md5=YXFvjFqUz17kQu8MtA5bnw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 677
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:19 GMT

GET
H2 200 components.6a2c61d6.js Show response
stcdn.leadconnectorhq.com/_preview/ 3 KB
2 KB 95ms
25ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/components.6a2c61d6.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4e9dbda27563b02ef82c41113f3519b8634e83705c0e9114cdb53b7fa3384894

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:19 GMT
content-encoding: gzip
age: 45385
x-guploader-uploadid: ADPycdsicP7tfQmkGsy-Qt3K70J0iQIz9yq6L6K-RAZ89R6Z4mdsSBLU4Gs50YuGK4OvsOg2pczL8Bm6Dq8Cp08utrBXa1z3C-sk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 978
last-modified: Tue, 25 Jul 2023 07:57:49 GMT
server: UploadServer
etag: "72782aac6d9295a3407410e247f91d4f"
x-goog-generation: 1690271868972249
x-goog-hash: crc32c=QB+2XQ==, md5=cngqrG2SlaNAdBDiR/kdTw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 978
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:19 GMT

GET
H2 200 composables.cf970929.js Show response
stcdn.leadconnectorhq.com/_preview/ 97 B
404 B 95ms
25ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/composables.cf970929.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a7e4e4698a75dc0d1cff20b5199bd634bdb52691ad512a913e1aa564a2005c6c

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:53 GMT
content-encoding: gzip
age: 45351
x-guploader-uploadid: ADPycdtJ1j4aPkrI8ldJkhMCMLYWaXKpMuu85SQqNPBZsO12yk5cD6MgS9xYMGFTLF0Ba-ZwejkvjHblmgqqecS6DMR2KS-gdf0v
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "432fbb3d23aeab00cea0bd02e0b9fd90"
x-goog-generation: 1690271868514848
x-goog-hash: crc32c=y84WGw==, md5=Qy+7PSOuqwDOoL0C4Ln9kA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 119
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:53 GMT

GET
H2 200 index.11c5dd1e.js Show response
stcdn.leadconnectorhq.com/_preview/ 853 B
722 B 134ms
64ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/index.11c5dd1e.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3db93831d6ccc5d1338ea33e71a0d47cbe35a32d4f0cefa1892d36056b48bad3

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:53 GMT
content-encoding: gzip
age: 45351
x-guploader-uploadid: ADPycdu6pb1EGNFdcHCJmabSykUEKLfu__1l1ApWd4ku7A4nNYOgwaB_qoew5zEKRAn-OL4fajBm2woYZ91LIpKbIp3S9LOD0zlo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
last-modified: Tue, 25 Jul 2023 07:57:49 GMT
server: UploadServer
etag: "6874a18f654590c05e859382aa02033d"
x-goog-generation: 1690271869003468
x-goog-hash: crc32c=nvYhjg==, md5=aHShj2VFkMBehZOCqgIDPQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 489
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:53 GMT

GET
H2 200 helpers.ba6f9b77.js Show response
stcdn.leadconnectorhq.com/_preview/ 116 KB
36 KB 99ms
30ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/helpers.ba6f9b77.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6c17baadae15c6263d1814621c648189322da15a1efd4d6815c46a2b4173a875

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:53 GMT
content-encoding: gzip
age: 45351
x-guploader-uploadid: ADPycduQoy-i6i77VKAK7XFOxk5T0wRQUBWLtCKge_mya4OC0RZy2z9rdYiJnSeEQ25Z036HeT6NRAT4OuBzIhisHbjnYueQ5vrZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36897
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "9d97a6598ff8564de53d3d5b2caaa493"
x-goog-generation: 1690271868433527
x-goog-hash: crc32c=VIeebg==, md5=nZemWY/4Vk3lPT1bLKqkkw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 36897
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:53 GMT

GET
H2 200 v4.cfa3eac5.js Show response
stcdn.leadconnectorhq.com/_preview/ 5 KB
2 KB 154ms
84ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/v4.cfa3eac5.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1c2213cbadef8f569fe556650e0c49aef3b6d77f04af25f14b95a3e0e50c890d

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:53 GMT
content-encoding: gzip
age: 45351
x-guploader-uploadid: ADPycdtG57nOD_p5oH-RRFy7_UmClrc6mXt54yJNPyDy3362m5EqRK7vuUaGoIWivmZLDGrv2yLsCtOn_7Twryndb4B8Lcfm8JWN
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2235
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "e181434a096c4c9612d68ed6c26a83cd"
x-goog-generation: 1690271868456635
x-goog-hash: crc32c=lV28DQ==, md5=4YFDSglsTJYS1o7WwmqDzQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 2235
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:53 GMT

GET
H2 200 HLConst.6f34af32.js Show response
stcdn.leadconnectorhq.com/_preview/ 816 B
844 B 153ms
84ms Script
text/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/HLConst.6f34af32.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: bc4ce13262e89384968f748517e4b3f6f67951a2bb6bdb550ec87b05265b103c

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 06:58:59 GMT
content-encoding: gzip
age: 567465
x-guploader-uploadid: ADPycdv8NJcGCVCJJP10wAZN9HzneFYrgaCL7oBTWArMOd_EIjUoWpO0rW6MLeDSizk37FQWvugQAD0TQ8Dww91eWuqOjDCDxtZ1
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 545
last-modified: Wed, 19 Jul 2023 06:55:39 GMT
server: UploadServer
etag: "a7253beda7e580c00f0f59db2e65b1e9"
x-goog-generation: 1689749739567991
x-goog-hash: crc32c=zW6+hg==, md5=pyU77aflgMAPD1nbLmWx6Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 545
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 18 Jul 2024 06:58:59 GMT

GET
H2 200 Button.d4aa0573.js Show response
stcdn.leadconnectorhq.com/_preview/ 15 KB
6 KB 156ms
87ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/Button.d4aa0573.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dd8c4d2df80795d2316ac565aea8e3de606f9970212dc192c0043bc7babdc4c2

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:53 GMT
content-encoding: gzip
age: 45351
x-guploader-uploadid: ADPycdt5bMXU9s7I036piN89dThMNKCShsCGRrfWAvQLVIJIeiO_8e_b-3hWpo_w78ikH4zgNWG-B41d_HsI_FY5piBDPxFPn_cu
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5504
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "59f98fdcd89ceb274c51f41007575831"
x-goog-generation: 1690271868639219
x-goog-hash: crc32c=UeGE1w==, md5=WfmP3Nic6ydMUfQQB1dYMQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 5504
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:53 GMT

GET
H2 200 MoonLoader.vue_vue_type_style_index_0_lang.402754df.js Show response
stcdn.leadconnectorhq.com/_preview/ 947 B
789 B 134ms
65ms Script
text/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/MoonLoader.vue_vue_type_style_index_0_lang.402754df.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fee81f2f521e5990e7a2360d88dd698b1d136143209d4031134e6f603f3936af

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:10:30 GMT
content-encoding: gzip
age: 1574
x-guploader-uploadid: ADPycdtXAjx2bbthSgfro7pXjTTW4hum69zuk-nJRVQo8t1rhGxYEaf9LGsuCW4kUJdNsH6YPWYu9hRczDbO5ejpTFvbGfH4z2oy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 495
last-modified: Tue, 25 Jul 2023 08:01:36 GMT
server: UploadServer
etag: "f51ee7cf5db27cdd202e1ae53507efbf"
x-goog-generation: 1690272096483613
x-goog-hash: crc32c=oUY19Q==, md5=9R7nz12yfN0gLhrlNQfvvw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 495
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 24 Jul 2024 20:10:30 GMT

GET
H2 200 MoonLoader.96f1220d.css
stcdn.leadconnectorhq.com/_preview/ 298 B
485 B 98ms
29ms Stylesheet
text/css 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/MoonLoader.96f1220d.css
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 96f1220d06f6cf9908f2f6b0f81c5cf3e8de5cd1e1361cac9bb062062cf015c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:32:30 GMT
content-encoding: gzip
age: 1649054
x-guploader-uploadid: ADPycdtRSYgYoPxeuBGcBJfwzJRDg6_jmAet-gdnQ-TLR6Jdc0K0olI_zT8fEfm5C7O6ONLOixmTxYOzkf2MJeFhz2l3r8Ngfgjg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 195
last-modified: Fri, 30 Jun 2023 13:34:40 GMT
server: UploadServer
etag: "8d2afe2185f2f171911b369b71b30d8c"
x-goog-generation: 1688132080273873
x-goog-hash: crc32c=P8O5Og==, md5=jSr+IYXy8XGRGzabcbMNjA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 195
accept-ranges: bytes
content-type: text/css
expires: Fri, 05 Jul 2024 18:32:30 GMT

GET
H2 200 index.e8e95415.js Show response
stcdn.leadconnectorhq.com/_preview/ 70 KB
21 KB 135ms
66ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/index.e8e95415.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 79ecfa3105d8dd75f7bd18a01c0a8d22068d7bfd13fe61ba88cd19edc36543f1

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:19 GMT
content-encoding: gzip
age: 45385
x-guploader-uploadid: ADPycdulgll26k9YO3OgAkjsX722apxMTpfADwqIwbgZv3uaWb6vJbuv22NmeN9s47vZmzobGn3-rL8KOc58D1NlJZ1LY5c055bc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21495
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "973569ce7d4213c24cf2022476c86c5c"
x-goog-generation: 1690271868882852
x-goog-hash: crc32c=0p0RqA==, md5=lzVpzn1CE8JM8gIkdshsXA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 21495
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:19 GMT

GET
H2 200 index.300c6e54.css
stcdn.leadconnectorhq.com/_preview/ 20 KB
5 KB 96ms
27ms Stylesheet
text/css 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/index.300c6e54.css
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 300c6e542addfe25ff751573bc1d19abee61341374d654a7bee5e96921b8a453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 07:44:47 GMT
content-encoding: gzip
age: 1083117
x-guploader-uploadid: ADPycdtBKiCT7faxHH6OXOQXFFnKgFWfdg1cf-vT84bHPKYoV96bkpJRCJQ78BI13Qhpw7HiaoCxyixIFNVFk3skSIIaMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4556
last-modified: Fri, 30 Jun 2023 13:34:48 GMT
server: UploadServer
etag: "05180c5d95ab44906590ba0603802a89"
x-goog-generation: 1688132088699059
x-goog-hash: crc32c=c3bhxA==, md5=BRgMXZWrRJBlkLoGA4AqiQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 4556
accept-ranges: bytes
content-type: text/css
expires: Fri, 12 Jul 2024 07:44:47 GMT

GET
H2 200 FunnelServices.7bab5fad.js Show response
stcdn.leadconnectorhq.com/_preview/ 4 KB
2 KB 155ms
87ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/FunnelServices.7bab5fad.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9ff5e115abcc8ab34ca60351e92551c9854b2787e6012f00952737cf04aae059

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:53 GMT
content-encoding: gzip
age: 45351
x-guploader-uploadid: ADPycdsi0AKp4FijDBhhGSo1yg25D4BHnyN3mpxRGE_OJG0LHuWf1AtpGEFVIkZMt_P-e6wg3Jj05g8thHhzBk68qd1yjrz8LJNS
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1820
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "f716de2cf78b79e3a47cadc1d1a5477b"
x-goog-generation: 1690271868639131
x-goog-hash: crc32c=sSJgzQ==, md5=9xbeLPeLeeOkfK3B0aVHew==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 1820
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:53 GMT

GET
H2 200 FunnelServices.ac84ef2d.css
stcdn.leadconnectorhq.com/_preview/ 104 B
391 B 97ms
28ms Stylesheet
text/css 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/FunnelServices.ac84ef2d.css
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ac84ef2d0f1bfd70b1627b0102400114cdb83b95f50b9ea6ed0025378e43e4b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:34:54 GMT
content-encoding: gzip
age: 1648910
x-guploader-uploadid: ADPycdtUeHuc40ICsX2XEEWYpoUCtuoY6TJ2t2PfTK1RIG2S0cV6lmMNSyF0U7e5eigBeUVI4ivQz_hHltAhsrDdpblN
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
last-modified: Fri, 30 Jun 2023 13:34:45 GMT
server: UploadServer
etag: "ccbd679160abdddd2b4c865ba5d720d6"
x-goog-generation: 1688132085896769
x-goog-hash: crc32c=dicamw==, md5=zL1nkWCr3d0rTIZbpdcg1g==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 110
accept-ranges: bytes
content-type: text/css
expires: Fri, 05 Jul 2024 18:34:54 GMT

GET
H2 200 Attributions.8fe8f7c8.js Show response
stcdn.leadconnectorhq.com/_preview/ 895 B
654 B 153ms
85ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/Attributions.8fe8f7c8.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 437dfcfb78258e921c03cc1c1fad732efa0b11f0f88ccd8c662595ae3d51e970

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:53 GMT
content-encoding: gzip
age: 45351
x-guploader-uploadid: ADPycduen7a3trYO6SpXPZixOPZAyt3iVxDfRBbvUIvsTHuQul_KHG1U7XoyVXOxvxsRa6HcApkr7cmMnRRNy_UdaYK6DbiHtqMj
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 407
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "8357b6f15055ef10efafda0b944e22ea"
x-goog-generation: 1690271868410236
x-goog-hash: crc32c=oC04Aw==, md5=g1e28VBV7xDvr9oLlE4i6g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 407
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:53 GMT

GET
H2 200 index.31f09b81.js Show response
stcdn.leadconnectorhq.com/_preview/ 7 KB
3 KB 154ms
86ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/index.31f09b81.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9585d1de16038d85e0bdb798a4caba92080b7411107685c93ba9e76aecf4e936

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:53 GMT
content-encoding: gzip
age: 45351
x-guploader-uploadid: ADPycdu2cMALPjS9Khgtcnp5rh5x9BnnCD9qsPk-MfKaM6h1akKDOkPIh94pa7eefhbJFjZ9_bMFPW-E9bzNVTYOpqZcoXGn8cb5
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3012
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "00dc270d8a7e639c35c823c6119c5ee6"
x-goog-generation: 1690271868656338
x-goog-hash: crc32c=2lV0nA==, md5=ANwnDYp+Y5w1yCPGEZxe5g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 3012
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:53 GMT

GET
H2 200 funnel_event_helper.bd666bbb.js Show response
stcdn.leadconnectorhq.com/_preview/ 294 B
501 B 151ms
83ms Script
text/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/funnel_event_helper.bd666bbb.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e8af11c10978d5f542e59be9b1a638b17b74b6d7094150f98bf0c42be5d81ac4

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:36:21 GMT
content-encoding: gzip
age: 1648823
x-guploader-uploadid: ADPycds5p9RILb6qExkri-FkIoQaIMato9GxCAL2i2u7oCWi0XWEBUC0IN6RNQZGUkDYOp2z4Dq_BSjWWgxOyGVKCqSCeA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209
last-modified: Fri, 30 Jun 2023 13:34:54 GMT
server: UploadServer
etag: "d8bd90a592fa108b7208e75428b23e16"
x-goog-generation: 1688132094338375
x-goog-hash: crc32c=qUUl0Q==, md5=2L2QpZL6EItyCOdUKLI+Fg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 209
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 05 Jul 2024 18:36:21 GMT

GET
H2 200 orderform_helpers.da596ab4.js Show response
stcdn.leadconnectorhq.com/_preview/ 3 KB
2 KB 153ms
85ms Script
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/orderform_helpers.da596ab4.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6503c1d5632807d06d6ceb0f05947f5f920ce117546ce1a85ce2916ceccd2348

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:53 GMT
content-encoding: gzip
age: 45351
x-guploader-uploadid: ADPycdu1RHNTPHOi7nEjha0V7HkuedPxZIIVUeq8Q8Q72F877aMaFjvNm7OKfHaeuFG3Q9ve2Saa6I5FUAwUROiZ5uxnqhUmWg5j
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1304
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "6659bb5035d2f6c8ad8aa33ea9a476b6"
x-goog-generation: 1690271868639499
x-goog-hash: crc32c=bOmH0w==, md5=Zlm7UDXS9sitiqM+qaR2tg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 1304
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:53 GMT

GET
H2 200 route.e4334c44.js
stcdn.leadconnectorhq.com/_preview/ 0
394 B 73ms
72ms Other
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/route.e4334c44.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:19 GMT
content-encoding: gzip
age: 45385
x-guploader-uploadid: ADPycdtgf5cgGRFD1widyF-0LJ_gEmwFWWuHsh3N1jiWCS4Ef17M2E0LpoG3GOPf2CQLdO9eRZFXIlY4nNQoSRJGcdbOHlAwjlFX
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "ab7f75a931a09d6f10872b14e3a610cc"
x-goog-generation: 1690271868656234
x-goog-hash: crc32c=vCVm1w==, md5=q391qTGgnW8QhysU46YQzA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 146
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:19 GMT

GET
H2 200 calendar.a6de78a4.js
stcdn.leadconnectorhq.com/_preview/ 0
657 B 76ms
75ms Other
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/calendar.a6de78a4.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:19 GMT
content-encoding: gzip
age: 45385
x-guploader-uploadid: ADPycduRtlf_vg5woO8isAZzWzVsZbUgioVu62gB-HPak96XE11QcVSZ3IXZ0lxEzdvE9JsnYLBiPyx3xEYxcHyd4onpMgqQ38iA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 370
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "b11f863f55332f77fa308540dd19e241"
x-goog-generation: 1690271868641032
x-goog-hash: crc32c=nxDqHg==, md5=sR+GP1UzL3f6MIVA3RniQQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 370
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:19 GMT

GET
H2 200 form.2431a50a.js
stcdn.leadconnectorhq.com/_preview/ 0
551 B 76ms
75ms Other
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/form.2431a50a.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:53 GMT
content-encoding: gzip
age: 45351
x-guploader-uploadid: ADPycdupRmaDcodeAHJWXLID3qWQgN9YozTo-4tbom99Gm9ejnh0SLZsT-lz7xtFBDY4ySjvYs3D_1taUFPVsUHfC_XuJMmzNXur
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "1942fe686f2889e6f54ee72263b4614c"
x-goog-generation: 1690271868641297
x-goog-hash: crc32c=y3hZUw==, md5=GUL+aG8oieb1TuciY7RhTA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 291
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:53 GMT

GET
H2 200 error-component.757137eb.js
stcdn.leadconnectorhq.com/_preview/ 0
703 B 74ms
73ms Other
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/error-component.757137eb.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:19 GMT
content-encoding: gzip
age: 45385
x-guploader-uploadid: ADPycdu99V4thXNCEED0oeoM18KgA3GGQTHV9pjddfcygkO2vMyjjueEb0fMv9-t4l5PAO5jMQ_y3VZm0vZJ0MWvWPpx8oIyUqOp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 454
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "0d53ed51543d97fe61a0451cfdd8cf1d"
x-goog-generation: 1690271868464875
x-goog-hash: crc32c=WbnDTA==, md5=DVPtUVQ9l/5hoEUc/djPHQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 454
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:19 GMT

GET
H2 200 error-component.8822984d.css
stcdn.leadconnectorhq.com/_preview/ 0
974 B 25ms
24ms Other
text/css 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/error-component.8822984d.css
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:32:39 GMT
content-encoding: gzip
age: 1645445
x-guploader-uploadid: ADPycdud-UVLjiJC2i3vkLkU_8KfyMkCJ8ztSoM32KfSnfTFiumpgx-8b-J5SNpyUbdldSFjbkPydC29Dd9fmyxoklfIxSoGAVj4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 682
last-modified: Fri, 30 Jun 2023 13:34:35 GMT
server: UploadServer
etag: "4bb8040dc61991204382a779dc26a9eb"
x-goog-generation: 1688132075359018
x-goog-hash: crc32c=R/7OwA==, md5=S7gEDcYZkSBDgqd53Cap6w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 682
accept-ranges: bytes
content-type: text/css
expires: Fri, 05 Jul 2024 19:32:39 GMT

GET
H2 200 close.b8a88b02.svg
stcdn.leadconnectorhq.com/_preview/ 0
502 B 24ms
24ms Other
image/svg+xml 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/close.b8a88b02.svg
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:31:03 GMT
content-encoding: gzip
age: 1645541
x-guploader-uploadid: ADPycdvocNjGh1PW1qlZugRAFpGYKWqbqtggfyZH9LqCneZMVjDeFUxGoJx0jFUEoPmWoKVN-cdF1Gb0Ci0XH_gaIKjVpzYtOi9r
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201
last-modified: Fri, 30 Jun 2023 13:34:49 GMT
server: UploadServer
etag: "cb57c2b292731a32fe77f4331370f2ae"
x-goog-generation: 1688132089096575
x-goog-hash: crc32c=FnHC8g==, md5=y1fCspJzGjL+d/QzE3Dyrg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 201
accept-ranges: bytes
content-type: image/svg+xml
expires: Fri, 05 Jul 2024 19:31:03 GMT

GET
H2 200 search-icon.25586533.svg
stcdn.leadconnectorhq.com/_preview/ 0
550 B 25ms
25ms Other
image/svg+xml 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/search-icon.25586533.svg
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:34:59 GMT
content-encoding: gzip
age: 1648905
x-guploader-uploadid: ADPycdvqTm4RQSZY-fuw1fySys3jMgT5E8hwDhix_W2e3H-mmVGl70MozxI5WsSbcOVstpOAqYgFGbZ7cas5eXor2k3Zwk6H7p9y
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
last-modified: Fri, 30 Jun 2023 13:34:33 GMT
server: UploadServer
etag: "604cd779d691757a357b9d23e86ea5c0"
x-goog-generation: 1688132073847865
x-goog-hash: crc32c=wamMNA==, md5=YEzXedaRdXo1e50j6G6lwA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 251
accept-ranges: bytes
content-type: image/svg+xml
expires: Fri, 05 Jul 2024 18:34:59 GMT

GET
H2 200 NewPaypalSmartBtnSubscription.000c5ae4.js
stcdn.leadconnectorhq.com/_preview/ 0
2 KB 75ms
74ms Other
application/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/NewPaypalSmartBtnSubscription.000c5ae4.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:53 GMT
content-encoding: gzip
age: 45351
x-guploader-uploadid: ADPycdub00cnD75_j5rnUD1eaBuwf7vAMdusr33CC2FR51g81heSNDbNotKR4ite7o-tzrgpcAOczq06ZpQ2X7V47cP5V6xFUvBJ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1072
last-modified: Tue, 25 Jul 2023 07:57:48 GMT
server: UploadServer
etag: "7c55301e706331f3ea8a3e02f6c003c1"
x-goog-generation: 1690271868539501
x-goog-hash: crc32c=d+QE+g==, md5=fFUwHnBjMfPqij4C9sADwQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 1072
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jul 2024 08:00:53 GMT

GET
H2 200 paypal-js.67e0b930.js
stcdn.leadconnectorhq.com/_preview/ 0
2 KB 75ms
74ms Other
text/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/paypal-js.67e0b930.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 19:00:22 GMT
content-encoding: gzip
age: 1647382
x-guploader-uploadid: ADPycdt61eTBlElhM-5g3uci04sKeGRSgWNC9yEcuH9Iga9Qei5W38fvr4YBPcd0BI7xgtr90dH0jL2CwzgtRdw_Vf89Qw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1674
last-modified: Fri, 30 Jun 2023 13:34:38 GMT
server: UploadServer
etag: "b0c94eef3637b41211da3f072ef15bf2"
x-goog-generation: 1688132078500563
x-goog-hash: crc32c=G/NayQ==, md5=sMlO7zY3tBIR2j8HLvFb8g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 1674
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 05 Jul 2024 19:00:22 GMT

GET
H2 200 NewPaypalSmartBtnOrder.6989cab8.js
stcdn.leadconnectorhq.com/_preview/ 0
1 KB 74ms
73ms Other
text/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/NewPaypalSmartBtnOrder.6989cab8.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:18:10 GMT
content-encoding: gzip
age: 1114
x-guploader-uploadid: ADPycdsYTu1CF939zCkf7U8CHQ6QnZpOiMgL2Dqyrlbr0a3ssL8x89Z-w5DjOoRub6uKK0Ikoa_6TKZ3Ac-Q94F3F8HWaA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1074
last-modified: Tue, 25 Jul 2023 08:01:36 GMT
server: UploadServer
etag: "f1d84f9bd87017e47510ff46138b2a3b"
x-goog-generation: 1690272096294275
x-goog-hash: crc32c=h/N/cg==, md5=8dhPm9hwF+R1EP9GE4sqOw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 1074
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 24 Jul 2024 20:18:10 GMT

GET
DATA 200
OK truncated
/ 788 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2bcaa68f0a7810ee95b5a352a707a941602cec2a5f1fde91e6cd1e8ee5326f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 77ms
21ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,700%7COpen%20Sans:400,700%7CRaleway:400,700%7CMontserrat:400,700%7CContent%20Font:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 11:44:08 GMT
x-content-type-options: nosniff
age: 31956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jul 2024 11:44:08 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 100ms
44ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 332100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 00:21:44 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 118ms
63ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 276899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 15:41:45 GMT

GET
H2 200 wr-1ffad45a30aaa84579ea094609ee96df.js Show response
widget.wickedreports.com/v2/4481/ 453 B
830 B 116ms
28ms Script
text/javascript 99.84.88.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/v2/4481/wr-1ffad45a30aaa84579ea094609ee96df.js
Requested by: Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/index.e8e95415.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-58.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8312ab004a8881ed94238346e58d10a6f733bf09a22877b141fc307c5a92e282

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 17:14:24 GMT
via: 1.1 48c20cb247b267a59a8191c4d3bd787c.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jul 2023 19:26:05 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 13388
x-amz-server-side-encryption: AES256
etag: "5ab68de9b6acb32180f6fd3fae9371ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 453
x-amz-cf-id: yflk97neJu6k0G9R04qmWxqr2m_GcCQcBbjpvc-u7XJqKVOP6sOm5Q==

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 13 KB
5 KB 82ms
30ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=681143&u=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D%26lastname%3D%26email%3Dbpawlowski%40gklaw.com%26mobile%3D%26utm_keyword%3D%2C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU&f=1&vn=1.4
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 58d3594026b2a9778fb6067181ad5987d2492403f769ebeed92aba977a2a1cbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:43 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1690291694_EA"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 123 KB
46 KB 90ms
39ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WWLDCZL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31042c2805821f5ec05c28334d253ca31a422c82ef4bbd0e78741ae1d79d3e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47070
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 19:12:46 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jul 2023 20:36:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 65ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

308100ff6c64af6ac2edf80a069273cee122cb63d7a5025dcb501f5dbddbbd05

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jul 2023 20:36:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46993
x-xss-protection: 0
pragma: public
x-fb-debug: 8lR1Ft/72U8Pu5EFDt0DxfbFWB7NF18CFSp8tEBKo0FnXqpVbEVeaFUWHa430kODXQ2kVgUfCRkiRPk1ukRIbA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 provesrc.js Show response
cdn.provesrc.com/ 224 KB
55 KB 108ms
31ms Script
application/javascript 2600:9000:237d:d000:10:6a77:5f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.provesrc.com/provesrc.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:d000:10:6a77:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e00e5d35ea05a8f817c092e7fe02092bbf964193aad91a697b20b2edc560087

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 22:31:18 GMT
content-encoding: gzip
via: 1.1 75964e4626dd702b8dac2690031df25a.cloudfront.net (CloudFront)
last-modified: Tue, 30 May 2023 07:52:33 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 79566
x-amz-server-side-encryption: AES256
etag: "1e728436b3a1c14abed2ca090834a68d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 55631
x-amz-cf-id: ipJbXvY0RgL-Q8iLBHUh9GUeh0rS8ZpYueRR0kvlCZp8R0owjBylNQ==

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 104ms
46ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

62ed4d49c5a79b0aff17f47c74efc7958d70987d9350e746c0342755587dd3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 25 Jul 2023 20:36:44 GMT
last-modified: Mon, 17 Jul 2023 22:20:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 82992761995343A0BA89F5F49C1F7C7E Ref B: FRA31EDGE0707 Ref C: 2023-07-25T20:36:44Z
etag: "060e2effcb8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12438

GET
H2 200 A4139717-c721-4829-b36d-698df627611c1.js Show response
utt.impactcdn.com/ 44 KB
14 KB 606ms
433ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://utt.impactcdn.com/A4139717-c721-4829-b36d-698df627611c1.js
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 96d59d7c128e4f43d1d955ed18003e5e82cd665c271e2631edffa66714a7dccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvhgV7OwBKQhQmliOgcqIq2jrVkpGKkiwhWqOYLACxNdnWamRqyexyvwO8K42_Ze7FUgFChXXt5k65BKDZSMsMNXe9zrRtd
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14164
last-modified: Mon, 10 Jul 2023 19:58:53 GMT
server: UploadServer
etag: "8fdad84de1ad47c8173856d5bb19051d"
vary: Accept-Encoding
x-goog-generation: 1689019133490990
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=AakYxQ==, md5=j9rYTeGtR8gXOFbVuxkFHQ==
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 14164
accept-ranges: bytes
expires: Tue, 25 Jul 2023 20:41:45 GMT

GET
H2 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 47 KB
14 KB 83ms
35ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

Requested by

Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/index.e8e95415.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5538649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13972
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61182885-3694"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZ%2Fqz5QYQjV%2BVkU7F%2B88xGCc18p4XULp%2BtbXAe%2FQePk%2Bj7jUjlaVFo1231GDl0Yo8hU1vikDvX7D%2Fl80gt5WOUTV2gQh8uk1aHlvGasa3B0V5nRtQo8yj%2F9IrHn%2FLn4fRN3aTstG6259P8cW9A0fw22C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ec73263ec36048b-FRA
expires: Sun, 14 Jul 2024 20:36:44 GMT

GET
H2 200 Button.d043acb2.css
stcdn.leadconnectorhq.com/_preview/ 423 B
548 B 23ms
23ms Stylesheet
text/css 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/Button.d043acb2.css
Requested by: Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.2a40aece.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d043acb23e3b6035abfa6be9b546663f9f9dac0522f26b1b1aca5732f24e9cb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:00:20 GMT
content-encoding: gzip
age: 45384
x-guploader-uploadid: ADPycdtoM0R-n3Fqw1LLxwZ3KDggBRqCjbX-5Ck5ABK8J1yE5ntLQR5Ht2Eln6bv66N-HLnmo-cthjYGDgQyuc3d5TCExKq8QHae
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
last-modified: Tue, 25 Jul 2023 07:57:43 GMT
server: UploadServer
etag: "861f55ddfbd2c60b062a2b0073fb1aba"
x-goog-generation: 1690271863081096
x-goog-hash: crc32c=GC+yXg==, md5=hh9V3fvSxgsGKisAc/saug==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 247
accept-ranges: bytes
content-type: text/css
expires: Wed, 24 Jul 2024 08:00:20 GMT

OPTIONS
H2 204 event
services.leadconnectorhq.com/stats/ Frame 0
0 197ms
136ms Preflight 34.120.211.235
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.leadconnectorhq.com/stats/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.211.235 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 235.211.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: channel,content-type,source,version
Access-Control-Request-Method: POST
Origin: https://go.vshred.team
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: channel,content-type,source,version
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 25 Jul 2023 20:36:44 GMT
vary: Access-Control-Request-Headers
via: 1.1 google
x-powered-by: Express

GET
H2 200 postscribe.2751c5b2.js Show response
stcdn.leadconnectorhq.com/_preview/ 18 KB
6 KB 23ms
23ms Script
text/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/postscribe.2751c5b2.js
Requested by: Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.2a40aece.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e6325cfca205ded1e796f367b77da8284a69fb7ff343aa3e16efdff88bc6fc5a

Request headers

Referer
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:33:55 GMT
content-encoding: gzip
age: 169
x-guploader-uploadid: ADPycdsnhJk-I-uLqO_Z31A418QTddJMhwrR7HCsD2E3TNzBDMg4WdMmxj280VUDpCbWZ81_zanGDGHjWREGqia_gMZ2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6342
last-modified: Tue, 25 Jul 2023 08:01:21 GMT
server: UploadServer
etag: "a3fdcbda1cca04970556b1c7fa898236"
x-goog-generation: 1690272080950387
x-goog-hash: crc32c=utOfAw==, md5=o/3L2hzKBJcFVrHH+omCNg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 6342
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 24 Jul 2024 20:33:55 GMT

GET
H2 200 Countdown.59c519d1.js Show response
stcdn.leadconnectorhq.com/_preview/ 1 KB
963 B 24ms
24ms Script
text/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/Countdown.59c519d1.js
Requested by: Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.2a40aece.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 89e5885611f8949c6c233a1f2fd6d97047afcf04d471eb85008d2aa8bbf5ecc0

Request headers

Referer
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:38:57 GMT
content-encoding: gzip
age: 43067
x-guploader-uploadid: ADPycdtPZt8F3YiKUCx5DbELOAHtsndYw76RNVgevuo13NkAZe2EEjAf0UOpq1d1AagCsjA8sH88hr9kU7O0eGgzjR8a4Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 677
last-modified: Tue, 25 Jul 2023 08:01:25 GMT
server: UploadServer
etag: "1277aa907d27bd4e1b5b2bee8248c26c"
x-goog-generation: 1690272085153919
x-goog-hash: crc32c=ASuuKQ==, md5=EneqkH0nvU4bWyvugkjCbA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 677
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 24 Jul 2024 08:38:57 GMT

GET
H2 200 Timer.vue_vue_type_script_setup_true_lang.1b9686ad.js Show response
stcdn.leadconnectorhq.com/_preview/ 6 KB
3 KB 24ms
23ms Script
text/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/Timer.vue_vue_type_script_setup_true_lang.1b9686ad.js
Requested by: Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.2a40aece.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 79da2843ff226e1d22a8750a10d36621b2d3684b899bc362523e257366265abf

Request headers

Referer
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:04:38 GMT
content-encoding: gzip
age: 45126
x-guploader-uploadid: ADPycdtG6vJfAzML7YyaQC12Xy6bj9HJXdorone8jR3DqOIPinmGEWDLPXMHtLJaufrzUwXvoom1DDV3FB0jtNnLxeZKGg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2454
last-modified: Tue, 25 Jul 2023 08:01:28 GMT
server: UploadServer
etag: "9cca94097f1921602620994461942de7"
x-goog-generation: 1690272088067487
x-goog-hash: crc32c=NVX6FA==, md5=nMqUCX8ZIWAmIJlEYZQt5w==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 2454
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 24 Jul 2024 08:04:38 GMT

GET
H2 200 timezone.a2d2ae46.js Show response
stcdn.leadconnectorhq.com/_preview/ 4 KB
2 KB 25ms
24ms Script
text/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/timezone.a2d2ae46.js
Requested by: Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.2a40aece.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a32b7dab5557157094b55e3543a7adc032a39a423f116028b757684a278fb92a

Request headers

Referer
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:06:39 GMT
content-encoding: gzip
age: 45005
x-guploader-uploadid: ADPycdvHL166In6-_ADx5llpuBU-mSscwqRRVw7jqgxJfNxA6T0TKSakOCm12jhoTJJqjxqNCn3fSIz-etsoE1vy0wN3IDlqLM7p
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1786
last-modified: Tue, 25 Jul 2023 08:01:15 GMT
server: UploadServer
etag: "76f34df4dada8dd57f2c28b68e6b53a2"
x-goog-generation: 1690272075600681
x-goog-hash: crc32c=PvVNYg==, md5=dvNN9NrajdV/LCi2jmtTog==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 1786
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 24 Jul 2024 08:06:39 GMT

GET
H2 200 CustomCodeRenderer.299104ad.js Show response
stcdn.leadconnectorhq.com/_preview/ 825 B
845 B 24ms
24ms Script
text/javascript 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/CustomCodeRenderer.299104ad.js
Requested by: Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.2a40aece.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4aebb89bf8791a505393c25a15913107624d70a789e08f6a3677c7636550b3a3

Request headers

Referer
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:30:43 GMT
content-encoding: gzip
age: 361
x-guploader-uploadid: ADPycdvWVMv2OV94oipViBbQNp2xqR8vYxpUqTsyDcCt4Iq4fILZ3GbShdNNlglO-p1SZ6EYIUxXvFx-a8sKuP1IpKGVUg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
last-modified: Tue, 25 Jul 2023 08:01:26 GMT
server: UploadServer
etag: "71367e5c88bfda64e16564e15c3da99b"
x-goog-generation: 1690272086149388
x-goog-hash: crc32c=/aGuPQ==, md5=cTZ+XIi/2mThZWThXD2pmw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, Content-Type, Date, Range, Server, Transfer-Encoding, X-From-Cache, X-GUploader-UploadID, X-Google-Trace
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 555
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 24 Jul 2024 20:30:43 GMT

GET
H2 200 CustomCodeRenderer.72cd08b9.css
stcdn.leadconnectorhq.com/_preview/ 71 B
375 B 25ms
25ms Stylesheet
text/css 35.244.153.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stcdn.leadconnectorhq.com/_preview/CustomCodeRenderer.72cd08b9.css
Requested by: Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/entry.2a40aece.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 18.153.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 72cd08b97748fc603ddd88de5f105077e8d5ecd1d7be0276d0ebc64f1c1ee985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 21:02:23 GMT
content-encoding: gzip
age: 1640061
x-guploader-uploadid: ADPycdtRZSPW0VAsPb8NNBviA7UaHws-_ckdHs10jluv0G6QLOcBeh_8DBxpuMJz6QI4dz9r_DSlS3E66ISpJpv6NT-XawdRyJ6_
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98
last-modified: Fri, 30 Jun 2023 13:34:40 GMT
server: UploadServer
etag: "10c438e1a33ba295de30594e193b98d8"
x-goog-generation: 1688132080837056
x-goog-hash: crc32c=4krNdw==, md5=EMQ44aM7opXeMFlOGTuY2A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
cache-control: public, no-transform, immutable, max-age=31536000
x-goog-stored-content-length: 98
accept-ranges: bytes
content-type: text/css
expires: Fri, 05 Jul 2024 21:02:23 GMT

POST
H2 201 event Show response
services.leadconnectorhq.com/stats/ 109 B
231 B 143ms
142ms Fetch
application/json 34.120.211.235
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.leadconnectorhq.com/stats/event
Requested by: Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/helpers.ba6f9b77.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.211.235 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 235.211.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 8c291f028c947150c539c72e2322873bdbf78ad78927fd71a2978e0905f83a3e

Request headers

accept-language: de-DE,de;q=0.9
source: WEB_USER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://go.vshred.team/
channel: APP
version: 2021-04-15

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"6d-CNx6IICcldD37M4LiIc0mVUEnMw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109

GET
H2 200 6296188851a4f46b811bd9ea.png
images.leadconnectorhq.com/image/f_webp/q_80/r_1120/u_https://assets.cdn.filesafe.space/BtIkPrk5D8so2p6vTB6x/media/ 17 KB
17 KB 88ms
23ms Image
image/png 34.111.216.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.leadconnectorhq.com/image/f_webp/q_80/r_1120/u_https://assets.cdn.filesafe.space/BtIkPrk5D8so2p6vTB6x/media/6296188851a4f46b811bd9ea.png
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.216.78 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 78.216.111.34.bc.googleusercontent.com
Software: Werkzeug/2.3.4 Python/3.9.16 /
Resource Hash: ad3ab8bb2b3c4ce26b436947d921359c02afdec841b42c69bb7ac44d73878c01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 10:03:12 GMT
via: 1.1 google
last-modified: Mon, 24 Jul 2023 10:03:12 GMT
server: Werkzeug/2.3.4 Python/3.9.16
age: 124412
etag: "1690192992.57191-17454-4176548098"
content-type: image/png
cache-control: public,max-age=2592000
content-disposition: inline; filename=0bcfecbab6553cf20d83b2935183ec8b_1120.png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17454

GET
H2 200 8bd68fa6-2a40-46c7-9bb2-f28ae627afbe.jpeg
images.leadconnectorhq.com/image/f_webp/q_80/r_1120/u_https://assets.cdn.filesafe.space/BtIkPrk5D8so2p6vTB6x/media/ 7 KB
7 KB 93ms
28ms Image
image/webp 34.111.216.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.leadconnectorhq.com/image/f_webp/q_80/r_1120/u_https://assets.cdn.filesafe.space/BtIkPrk5D8so2p6vTB6x/media/8bd68fa6-2a40-46c7-9bb2-f28ae627afbe.jpeg
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.216.78 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 78.216.111.34.bc.googleusercontent.com
Software: Werkzeug/2.3.4 Python/3.9.16 /
Resource Hash: fafefbdcea134d82a4dde7f3d943406715bfe1042f1a80f83bdad950814ea6c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 11:07:30 GMT
via: 1.1 google
last-modified: Mon, 24 Jul 2023 11:07:29 GMT
server: Werkzeug/2.3.4 Python/3.9.16
age: 120554
etag: "1690196849.7782133-6814-549916963"
content-type: image/webp
cache-control: public,max-age=2592000
content-disposition: inline; filename=3d177116c8714927429deb4da5935672_1120_80.webp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6814

GET
H2 200 63613c1af7a1254ad91caa52.png
images.leadconnectorhq.com/image/f_webp/q_80/r_1140/u_https://assets.cdn.filesafe.space/BtIkPrk5D8so2p6vTB6x/media/ 30 KB
30 KB 107ms
43ms Image
image/webp 34.111.216.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.leadconnectorhq.com/image/f_webp/q_80/r_1140/u_https://assets.cdn.filesafe.space/BtIkPrk5D8so2p6vTB6x/media/63613c1af7a1254ad91caa52.png
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.216.78 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 78.216.111.34.bc.googleusercontent.com
Software: Werkzeug/2.3.4 Python/3.9.16 /
Resource Hash: 9b19114404905bb36a0755e9d0a4b31d836bd984a44c7ddda9ec8422f5e62181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:48:39 GMT
via: 1.1 google
last-modified: Mon, 24 Jul 2023 08:48:39 GMT
server: Werkzeug/2.3.4 Python/3.9.16
age: 128885
etag: "1690188519.627887-30792-1424167654"
content-type: image/webp
cache-control: public,max-age=2592000
content-disposition: inline; filename=0cacb54c47188cbebc00cd48a3edc54d_1140_80.webp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30792

GET
H3 200 va_gq-7a1f9d3c4ad6e57d9173ffccf06bb9c4.js Show response
dev.visualwebsiteoptimizer.com/edrv/ 229 KB
60 KB 49ms
24ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-7a1f9d3c4ad6e57d9173ffccf06bb9c4.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=681143&u=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D%26lastname%3D%26email%3Dbpawlowski%40gklaw.com%26mobile%3D%26utm_keyword%3D%2C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU&f=1&vn=1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 7b2e42374825696fba08f7ae7c23a9425b0a8ca4db54485fddbc3afc708aa7af

Request headers

Referer: https://go.vshred.team/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:44 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 25 Jul 2023 13:27:50 GMT
server: gfra1
etag: "64bfcdd6-f041"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61505

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
339 B 111ms
110ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=681143&d=go.vshred.team&u=DC5A3DD3E41A0EB4C8519B612CB362700&h=be9c1ea1602dd6d00df2a6c5966118ea&t=false&r=0.8964667172967564

Requested by

Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:36:44 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
BLOB 200
OK 8a46d9ee-77ea-4e5e-8c37-b4a094676992
https://go.vshred.team/ 1 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://go.vshred.team/8a46d9ee-77ea-4e5e-8c37-b4a094676992
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 307a9e3d2d77d8083d93ef1364958b365fc2da9388ec5e3f96f82ddcd24c114a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Length: 1070
Content-Type: application/javascript

GET 231402695884968
1callclosers.jotform.com/ Frame 6F54 0
0

GET
H2 200 2717984665012177 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 87ms
86ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2717984665012177?v=2.9.117&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e4bf2f3e07ffcddd633e771f6e3d11c423980b110a1b990b5a10c1f795a54bcf

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jul 2023 20:36:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: afVEI/NzG5WCHNBMLhSWLMBCoQUO5LO3ciEq3Xic2D6qS8Roe3uCCFPvGv744wM6c0DD+YPJKttLAIa4BGykgw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 create_session Show response
services.leadconnectorhq.com/attribution_service/user_session_v3/ 105 B
121 B 158ms
158ms Fetch
application/json 34.120.211.235
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.leadconnectorhq.com/attribution_service/user_session_v3/create_session
Requested by: Host: stcdn.leadconnectorhq.com
URL: https://stcdn.leadconnectorhq.com/_preview/index.31f09b81.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.211.235 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 235.211.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 93d88da3930dcc66b17d279c4f3cc32391b3b14daf213898b44d387ce902d853

Request headers

Referer: https://go.vshred.team/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"69-3VgIWyql/yENImIo8dyiPg1oEpY"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105

OPTIONS
H2 200 create_session
services.leadconnectorhq.com/attribution_service/user_session_v3/ Frame 0
0 135ms
134ms Preflight 34.120.211.235
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://services.leadconnectorhq.com/attribution_service/user_session_v3/create_session
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.211.235 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 235.211.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://go.vshred.team
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 25 Jul 2023 20:36:44 GMT
vary: Access-Control-Request-Headers
via: 1.1 google
x-powered-by: Express

GET
H2 200 343023307.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 143ms
143ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343023307.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2843b812d2ebc77d395452c2bc8482e264d646b468553cec015d7794f6715060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 25 Jul 2023 20:36:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1767CB56FAF24CBEBC1FE8B468120621 Ref B: FRA31EDGE0707 Ref C: 2023-07-25T20:36:44Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
288 B 48ms
48ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343023307&Ver=2&mid=903565e6-e80e-4ad8-a2c9-8de7d8338c51&sid=f84a32402b2a11eeb7b669c36405c0db&vid=f84a42102b2a11ee8c1115bcccc18927&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=vShred%20%7C%20Strategy%20Session&p=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D%26lastname%3D%26email%3Dbpawlowski%40gklaw.com%26mobile%3D%26utm_keyword%3D%2C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU&r=&lt=1076&evt=pageLoad&sv=1&rn=759706

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jul 2023 20:36:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 31F6A3ECE0C7476DA1CBDA95910AD6E7 Ref B: FRA31EDGE0707 Ref C: 2023-07-25T20:36:44Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 configuration
client-api.provesrc.com/account/ Frame 0
0 384ms
123ms Preflight 100.24.225.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/account/configuration?url=aHR0cHM6Ly9nby52c2hyZWQudGVhbS92cy1xdWl6P2ZpcnN0bmFtZT0mbGFzdG5hbWU9JmVtYWlsPWJwYXdsb3dza2lAZ2tsYXcuY29tJm1vYmlsZT0mdXRtX2tleXdvcmQ9LCZ1dG1fa2V5d29yZDE9Q2VkYXIrRmFsbHMmdXRtX2tleXdvcmQyPVR1ZXNkYXkmdXRtX2NvbnRlbnQ9VlNMaXN0LTA3MjUyM2FtLU1ldGFib2xpYy1UQiZfa3g9c2F4NkFSWGdwNFoyWU5RcEJvUWtRSmpCZ1NTeFRfQ3hWeE56SWduTmlXOD0uVDRwVkhV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.225.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-225-193.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-ps-uid,x-ps-url,x-ps-version
Access-Control-Request-Method: GET
Origin: https://go.vshred.team
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-ps-uid,x-ps-url,x-ps-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://go.vshred.team
access-control-expose-headers: x-ps-first
access-control-max-age: 7200
date: Tue, 25 Jul 2023 20:36:45 GMT
x-ps-host: ip-172-31-33-180
x-request-id: c4e70ee9-da92-4876-a22a-d269d91db556

GET
H2 200 configuration Show response
client-api.provesrc.com/account/ 434 B
1 KB 377ms
132ms Fetch
application/json 100.24.225.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/account/configuration?url=aHR0cHM6Ly9nby52c2hyZWQudGVhbS92cy1xdWl6P2ZpcnN0bmFtZT0mbGFzdG5hbWU9JmVtYWlsPWJwYXdsb3dza2lAZ2tsYXcuY29tJm1vYmlsZT0mdXRtX2tleXdvcmQ9LCZ1dG1fa2V5d29yZDE9Q2VkYXIrRmFsbHMmdXRtX2tleXdvcmQyPVR1ZXNkYXkmdXRtX2NvbnRlbnQ9VlNMaXN0LTA3MjUyM2FtLU1ldGFib2xpYy1UQiZfa3g9c2F4NkFSWGdwNFoyWU5RcEJvUWtRSmpCZ1NTeFRfQ3hWeE56SWduTmlXOD0uVDRwVkhV
Requested by: Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.225.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-225-193.compute-1.amazonaws.com
Software: /
Resource Hash: 6f4ef86c39e654a4aad986e5846f100e53d67d73aff5aeb86718d52a3db249e9

Request headers

accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50SWQiOiI2MzAzZGViZjM5Mjc0NjJhZGE2OTAxZmQiLCJpYXQiOjE2NjExOTgwMTV9.kN9XLkj-NG6T8Gh4g6EC7dxi-qmRv2QWmqvCnnack_c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/json
Accept: application/json
x-ps-url: aHR0cHM6Ly9nby52c2hyZWQudGVhbS92cy1xdWl6P2ZpcnN0bmFtZT0mbGFzdG5hbWU9JmVtYWlsPWJwYXdsb3dza2lAZ2tsYXcuY29tJm1vYmlsZT0mdXRtX2tleXdvcmQ9LCZ1dG1fa2V5d29yZDE9Q2VkYXIrRmFsbHMmdXRtX2tleXdvcmQyPVR1ZXNkYXkmdXRtX2NvbnRlbnQ9VlNMaXN0LTA3MjUyM2FtLU1ldGFib2xpYy1UQiZfa3g9c2F4NkFSWGdwNFoyWU5RcEJvUWtRSmpCZ1NTeFRfQ3hWeE56SWduTmlXOD0uVDRwVkhV
Referer: https://go.vshred.team/
x-ps-uid: 44b48977-e593-49e8-b995-4905ddbb61c4
x-ps-version: 4.5.87

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
content-encoding: gzip
etag: W/"1b2-BsNBUhZFq9ya1hWhq1QPh5iW61c"
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.vshred.team
x-ps-host: ip-172-31-60-16
access-control-expose-headers: x-ps-first
x-ps-first: psuid=f0de3c13-7f95-4b71-92c3-1696dedc9453; expires=Tue, 01 Jan 2030 00:00:00 GMT; maxAge=15552000$ps6303debf3927462ada6901fd=true|1687737600000; maxAge=86400000; expires=Wed, 26 Jul 2023 00:00:00 GMT
access-control-allow-credentials: true
vary: Accept-Encoding
x-request-id: a563f084-b451-4c05-a0ac-c94588467e95

GET
H2 200 widget.js Show response
widget.wickedreports.com/ 25 KB
8 KB 29ms
29ms Script
application/javascript 99.84.88.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/widget.js
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/v2/4481/wr-1ffad45a30aaa84579ea094609ee96df.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-58.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6cfc684930661357e2134380e05e4299a4f85a68ee512a39d7dd6d0467de380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 12:37:13 GMT
content-encoding: gzip
via: 1.1 48c20cb247b267a59a8191c4d3bd787c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Jul 2023 12:37:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 28772
x-amz-server-side-encryption: AES256
etag: W/"1d83ff58e2915dcf2731d7a013f9303d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: UVWPhFwIV9vQYwrhqFk26V5uvsgj0Xckcr-vLSWcm_HgWKZW2DqDMA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 257 KB
86 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JJ58L5G81R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WWLDCZL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48520d3e6c0dae7fdb184b237bab79caa40cf0fe2749e8042af2ce32e27746e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88191
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Jul 2023 20:36:44 GMT

GET
H2 200 A5YeSWLU Show response
cdn.jwplayer.com/v2/media/ 2 KB
1 KB 264ms
177ms Fetch
application/json 2600:9000:225b:0:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/media/A5YeSWLU?format=json
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski%40gklaw.com&mobile=&utm_keyword=%2C&utm_keyword1=Cedar%20Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:0:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: a9b21771827443239a0a44b13d608879575e33dc7447a79446ebd1ccc8f0209c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
content-encoding: gzip
via: 1.1 a4a80ac7ffee78c042728f52e3f729e0.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-robots-tag: noindex, indexifembedded
content-length: 672
x-amz-cf-id: ZerbhfZcpE_EWEHGkPkN5RC24QH2LezLSbsAHAZSVrXfjCfXk6M9Mg==
expires: Tue, 25 Jul 2023 20:39:45

GET
H2 200 231402695884968 Show response
1callclosers.jotform.com/ Frame 6F54 138 KB
17 KB 239ms
239ms Document
text/html 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

233.23.241.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

c7e4b7c3e1c34e5f0ed040a9f1683319afbc3e64ee47f15ac65b08dbb2e6488b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://go.vshred.team/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-encoding: gzip
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
content-type: text/html; charset=UTF-8
date: Tue, 25 Jul 2023 20:36:45 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
global-router: true
last-modified: Tue, 25 Jul 2023 20:36:45 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
via: 1.1 google
x-form-cache: MISS-APP

GET
H2 200 index.php Show response
track.wickedreports.com/ 118 B
342 B 390ms
136ms XHR
text/html 3.12.168.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.wickedreports.com/index.php?WickedClientID=4481&WickedEmail=bpawlowski%40gklaw.com&WickedTrackingDate=1690317404996&WickedURL=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D%26lastname%3D%26email%3Dbpawlowski%40gklaw.com%26mobile%3D%26utm_keyword%3D%2C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU&WickedReferrerURL=
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.168.105 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-168-105.us-east-2.compute.amazonaws.com
Software: nginx / PHP/7.3.27
Resource Hash: 9aa77afc3de292a284e0aa3f153239e7e6aae6083a5aee4e86b6d689798fa9c1

Request headers

Referer: https://go.vshred.team/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
server: nginx
x-powered-by: PHP/7.3.27
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 111ms
111ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=681143&u=D9260CCE8212A2D147F275282676E770D&s=1690317403&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22en-us%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1690317405013%2C%22tO%22%3A0%2C%22tz%22%3A%22Etc%2FUnknown%22%7D&cu=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D%26lastname%3D%26email%3Dbpawlowski%40gklaw.com%26mobile%3D%26utm_keyword%3D%2C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1690317404014&v=3850ecd0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:36:44 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 7 KB
3 KB 29ms
29ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=681143&settings_type=1&vn=&eventArch=1&uuid=
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-7a1f9d3c4ad6e57d9173ffccf06bb9c4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 37831084c90e89b0d1da5f5fe1d120c8362e849491d55b65902149f650c17564

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:44 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1690291694_EA"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 collect
region1.analytics.google.com/g/ 0
244 B 79ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JJ58L5G81R&gtm=45je37o0&_p=565199434&_gaz=1&cid=2037495363.1690317405&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1690317405&sct=1&seg=0&dl=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D%26lastname%3D%26email%3Dbpawlowski%40gklaw.com%26mobile%3D%26utm_keyword%3D%2C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU&dt=vShred%20%7C%20Strategy%20Session&en=page_view&_fv=1&_nsi=1&_ss=1&up.userID=0725202320364464304
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJ58L5G81R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:36:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.vshred.team
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 90ms
30ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JJ58L5G81R&cid=2037495363.1690317405&gtm=45je37o0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJ58L5G81R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:36:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.vshred.team
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 77ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JJ58L5G81R&gtm=45je37o0&_p=565199434&cid=2037495363.1690317405&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1690317405&sct=1&seg=0&dl=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D%26lastname%3D%26email%3Dbpawlowski%40gklaw.com%26mobile%3D%26utm_keyword%3D%2C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU&dt=vShred%20%7C%20Strategy%20Session&en=quiz_submitted&_c=1&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJ58L5G81R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:36:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.vshred.team
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 66ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JJ58L5G81R&gtm=45je37o0&_p=565199434&cid=2037495363.1690317405&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=3&sid=1690317405&sct=1&seg=0&dl=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D%26lastname%3D%26email%3Dbpawlowski%40gklaw.com%26mobile%3D%26utm_keyword%3D%2C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU&dt=vShred%20%7C%20Strategy%20Session&en=firstVisit&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJ58L5G81R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:36:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.vshred.team
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 63ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JJ58L5G81R&gtm=45je37o0&_p=565199434&cid=2037495363.1690317405&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=4&sid=1690317405&sct=1&seg=0&dl=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D%26lastname%3D%26email%3Dbpawlowski%40gklaw.com%26mobile%3D%26utm_keyword%3D%2C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU&dt=vShred%20%7C%20Strategy%20Session&en=firstVisit&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJ58L5G81R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:36:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.vshred.team
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 63ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JJ58L5G81R&gtm=45je37o0&_p=565199434&cid=2037495363.1690317405&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=5&sid=1690317405&sct=1&seg=0&dl=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D%26lastname%3D%26email%3Dbpawlowski%40gklaw.com%26mobile%3D%26utm_keyword%3D%2C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU&dt=vShred%20%7C%20Strategy%20Session&en=quiz_submitted&_c=1&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJ58L5G81R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:36:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.vshred.team
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 97ms
47ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JJ58L5G81R&cid=2037495363.1690317405&gtm=45je37o0&aip=1&z=832307154

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:36:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1140110382743358 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 24ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1140110382743358?v=2.9.117&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b10e8536a8dffb8fc9b866adad618a5898d3e8d1de12e2336a2f0c3681855d71

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jul 2023 20:36:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110191
x-xss-protection: 0
pragma: public
x-fb-debug: DQ194XHKNrafFTYtunNL6P1lRS9B3Qz7LSaLieeyFhqVr3FcDeAG/7o1WKWg4bmnRzDUnmhQydjEiwEkxYYhFQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 93ms
23ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2717984665012177&ev=PageView&dl=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D_removed_%26lastname%3D_removed_%26email%3Dbpawlowski%2540gklaw.com%26mobile%3D_removed_%26utm_keyword%3D%252C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%253D.T4pVHU%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522mobile%2522%252C%2522lastname%2522%252C%2522firstname%2522%255D%252C%2522restrictedParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1690317405102&sw=1600&sh=1200&v=2.9.117&r=stable&ec=0&o=30&fbp=fb.1.1690317405100.749947257&cs_est=true&it=1690317404916&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Jul 2023 20:36:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 343023307 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 196ms
124ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/343023307
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/343023307.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 198e7c7e269f0d48ea42e7c45f82a5d53b4126f3fa35663f73fb8931cc75b5b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: -1
date: Tue, 25 Jul 2023 20:36:45 GMT
x-azure-ref: 20230725T203645Z-fwagxbdrrh5f58f21cqg448f7000000005u000000001sfff
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1546
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 2161397854073847 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 88ms
87ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2161397854073847?v=2.9.117&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

79d08f1eb01d56f9f9c638d0ffab730ae9835c5ab28f8fcbfb9f290b9d0b84e7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jul 2023 20:36:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: GVXzl1LV1xt/cKJZrj72rB+kr+zEgYXVoOxCiV5lPgLYfFolnewge7BUcq/hjzO9DqhIR0qejtNeYeSRZ4yMPA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 23ms
23ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1140110382743358&ev=PageView&dl=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D_removed_%26lastname%3D_removed_%26email%3Dbpawlowski%2540gklaw.com%26mobile%3D_removed_%26utm_keyword%3D%252C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%253D.T4pVHU%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522lastname%2522%252C%2522mobile%2522%252C%2522firstname%2522%255D%252C%2522restrictedParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1690317405175&sw=1600&sh=1200&v=2.9.117&r=stable&ec=0&o=30&fbp=fb.1.1690317405100.749947257&cs_est=true&it=1690317404916&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Jul 2023 20:36:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 default.css
1callclosers.jotform.com/stylebuilder/ Frame 6F54 294 KB
55 KB 224ms
222ms Stylesheet
text/css 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1callclosers.jotform.com/stylebuilder/default.css?c227512

Requested by

Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

233.23.241.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

610df475981fbcdb24a6b5a1f0a5b38e96d194af40a38cffb7e9db7847bd8ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
via: 1.1 google
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
last-modified: Tue, 25 Jul 2023 20:36:45 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
x-form-cache: MISS-APP
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 style.css
1callclosers.jotform.com/stylebuilder/231402695884968/ Frame 6F54 42 KB
9 KB 1001ms
999ms Stylesheet
text/css 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1callclosers.jotform.com/stylebuilder/231402695884968/style.css?themeID=5966322fcf3bfe329d776651&smartEmbed=1&v=3d87d0ca8065c3e2847a9280bf7df4ff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

233.23.241.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

9d2a58445f4209d5dd5718eb4b394f65a2ee320c57386cc5563216fb7a492a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:46 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
via: 1.1 google
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
last-modified: Tue, 25 Jul 2023 20:36:45 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
x-form-cache: MISS-APP
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 prototype.forms.js Show response
1callclosers.jotform.com/static/ Frame 6F54 126 KB
33 KB 185ms
183ms Script
application/x-javascript 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1callclosers.jotform.com/static/prototype.forms.js?3.3.43710
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.23.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 25 Jul 2023 04:40:52 GMT
server: nginx
etag: W/"64bf5254-1f932"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 jotform.forms.js Show response
1callclosers.jotform.com/static/ Frame 6F54 571 KB
150 KB 188ms
186ms Script
application/x-javascript 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1callclosers.jotform.com/static/jotform.forms.js?3.3.43710
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.23.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 84f682b6cce2b4f74de8408e9b4be3146c4927652240c30cb05152848b14b8d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 25 Jul 2023 14:47:54 GMT
server: nginx
etag: W/"64bfe09a-8ec4e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 punycode.js Show response
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ Frame 6F54 14 KB
4 KB 28ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/punycode.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 11922868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4177
last-modified: Mon, 04 May 2020 16:15:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fac-394e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIcNyGf7Z8Vsut4gVs3FV%2BL3NDZzHck5jK86O%2FBUUvk59gOltQ4z%2FpWXhi8XtJaU4KRUMTGbM8DB9wa2OkFoE%2BtM7EVp8fgXh3tMSSzdqq0pU34uhWyHcD4CxYWNjI7qzvmJRd29wmZR7OmPcyN0WbVU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ec732695c5d048b-FRA
expires: Sun, 14 Jul 2024 20:36:45 GMT

GET
H2 200 jquery-1.8.0.min.js Show response
1callclosers.jotform.com/js/vendor/ Frame 6F54 90 KB
32 KB 183ms
182ms Script
application/x-javascript 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1callclosers.jotform.com/js/vendor/jquery-1.8.0.min.js?v=3.3.43710
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.23.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7f52a67efde6061b08523ce2243e232ce337d094b30bb5bfe6c3aeff3df81b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: nginx
etag: W/"644a9d8a-16633"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 maskedinput.min.js Show response
1callclosers.jotform.com/js/vendor/ Frame 6F54 92 KB
27 KB 180ms
179ms Script
application/x-javascript 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1callclosers.jotform.com/js/vendor/maskedinput.min.js?v=3.3.43710
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.23.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e12e95176d4efb550a002ba411794aae00c31d552761c984e8d3ec33d597dbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: nginx
etag: W/"644a9d8a-16e80"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 jquery.maskedinput.min.js Show response
1callclosers.jotform.com/js/vendor/ Frame 6F54 4 KB
2 KB 178ms
177ms Script
application/x-javascript 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1callclosers.jotform.com/js/vendor/jquery.maskedinput.min.js?v=3.3.43710
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.23.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f3e4a06f8518d0b05c817c35ab157d8f171674c4c96144db765d15fd2870900a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:46 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: nginx
etag: W/"644a9d8a-1124"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 validategateways.js Show response
1callclosers.jotform.com/js/payments/ Frame 6F54 710 B
855 B 178ms
177ms Script
application/x-javascript 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1callclosers.jotform.com/js/payments/validategateways.js?v=3.3.43710
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.23.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: aba48469286a91d672f75c23affd49b26cbc09a696eece7af576abb279214585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
via: 1.1 google
last-modified: Tue, 25 Jul 2023 11:18:42 GMT
server: nginx
etag: "64bfaf92-2c6"
content-type: application/x-javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 710
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 for-widgets-server.js Show response
1callclosers.jotform.com/s/umd/c89d62d1ade/ Frame 6F54 29 KB
30 KB 28ms
27ms Script
text/javascript 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1callclosers.jotform.com/s/umd/c89d62d1ade/for-widgets-server.js?v=3.3.43710
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.23.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ff221808688aa5fa205eb3ae3d475e661d6c2a875d0dc205015a7e8ac476f7b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:04:00 GMT
x-store: enterprise-gcs
age: 1965
x-guploader-uploadid: ADPycdsYZw8epg59VFW4anlaUbwTuggRX0pPmCiJLiQZLJYlg65uovYkJqXUoGX_XJkGZJKQxjFCUwnl32zxjLJGRcpRwe2JrNCN
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29777
last-modified: Tue, 25 Jul 2023 17:51:11 GMT
server: UploadServer
etag: "4725704ccf16e0cb3fc8e8c97b55ae6e"
x-goog-generation: 1690307471220396
x-goog-hash: crc32c=eTX6ew==, md5=RyVwTM8W4Ms/yOjJe1Wubg==
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=3600
x-goog-stored-content-length: 29777
accept-ranges: bytes

GET
H2 200 math-processor.js Show response
1callclosers.jotform.com/js/vendor/ Frame 6F54 4 KB
1 KB 187ms
186ms Script
application/x-javascript 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1callclosers.jotform.com/js/vendor/math-processor.js?v=3.3.43710
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.23.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 65ef65684de3e75a6c4ff9b3eb494774f51def93fa0920ebd7840c450160836e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: nginx
etag: W/"644a9d8a-e5f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 for-sanitize.js Show response
1callclosers.jotform.com/s/umd/c89d62d1ade/ Frame 6F54 64 KB
64 KB 41ms
40ms Script
text/javascript 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1callclosers.jotform.com/s/umd/c89d62d1ade/for-sanitize.js?v=3.3.43710
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.23.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 99c5d5dec15736816109c26a3e12f733bb316d4faa54215d2a135a8aadbb74a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:04:00 GMT
x-store: enterprise-gcs
age: 1965
x-guploader-uploadid: ADPycdtYz_z0nYyDxpfpau3JBo5Vig1fHI-1fNUZ2iryhKiefZ6_af47RJcT5GRUxObKubzfUutLlpbKRqSWK-vZXZTLuKjYr77q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65368
last-modified: Tue, 25 Jul 2023 17:51:11 GMT
server: UploadServer
etag: "334d1947206fd392a65752c2766f4cae"
x-goog-generation: 1690307471155500
x-goog-hash: crc32c=+FAGLg==, md5=M00ZRyBv05KmV1LCdm9Mrg==
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=3600
x-goog-stored-content-length: 65368
accept-ranges: bytes

GET
H/1.1 200
OK scripts.min.js Show response
app-widgets.jotform.io/fbPixel/min/ Frame 6F54 3 KB
1 KB 426ms
132ms Script
application/x-javascript 35.202.31.6
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://app-widgets.jotform.io/fbPixel/min/scripts.min.js
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.202.31.6 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 6.31.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9ea081ab81f598748bd8c229bc8feb6a467fb562f5234c286a98f146d2b4ac1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 20:36:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jul 2023 13:59:01 GMT
Server: nginx
ETag: W/"64a57725-c5f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: close

GET
H2 200 main.js Show response
widgets.jotform.io/getUserAgent/ Frame 6F54 466 B
792 B 212ms
144ms Script
application/x-javascript 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/getUserAgent/main.js
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df6444f424e7a94fcc888c51e44e920b6f99e738523fc879625be11714cc869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Tue, 25 Jul 2023 20:36:45 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 13 Jul 2023 09:36:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64afc58a-1d2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nr7nhfxU2Q3SPAFIwxVqBzpC85e1mRB%2FglJozOFOhkpWYx3u88%2B2nQR%2Fi%2B9G%2B6e%2Bw2kZmvZkNExDfu1jpcHyMxQA9c%2FKxfj8kUuI%2Fb5lLPySZ%2B%2B0TExeE4dX2rsxRWrvqlbgKfZcPUy0AyK1kVwvTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 7ec7326718e11994-FRA
x-static: 1

GET
H2 200 scripts.min.js Show response
widgets.jotform.io/getParentUrl/min/ Frame 6F54 1 KB
906 B 213ms
145ms Script
application/x-javascript 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/getParentUrl/min/scripts.min.js
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb06133bba79a84f6dd09551c7e938c34e22452433ef71ca6a57c93c3a8fc6f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Tue, 25 Jul 2023 20:36:45 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 13 Jul 2023 09:36:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64afc58a-497"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXfdTpxkNTuWPd0AtvW9vAja0XM9HxzRZ6uMMNBZxKZ%2BbJ5nJJlAtg7A7OmrV2f6NpQOP9pStCjJoHgQigrKjNQruaqBpBGbbisntcs3FNTZvtq%2BOtC5ZVUsJgH4iuBCDb6ivE5BlRT%2BShJV0ekfsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 7ec7326728e21994-FRA
x-static: 1

GET
H2 200 for-cardform-js.js Show response
1callclosers.jotform.com/s/umd/c89d62d1ade/ Frame 6F54 448 KB
449 KB 64ms
64ms Script
text/javascript 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1callclosers.jotform.com/s/umd/c89d62d1ade/for-cardform-js.js?4.5
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.23.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: abfb1eca2be565b4848c95373a133e19cc31a7d25ea8f225be68ac911e6ddf4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 18:43:16 GMT
x-store: enterprise-gcs
age: 6809
x-guploader-uploadid: ADPycdtY6Z6RIlGYkKAee63AtUQQ-9FQ2ugyVeVQg50k0t7yNy6V4UYuJV-4uNCrsptylZzG010Sn1ZcMmN9vZ8Axq-JxR7UIm0P
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 459049
last-modified: Tue, 25 Jul 2023 17:51:11 GMT
server: UploadServer
etag: "2c3aafc76cceba006a08d7f31278c786"
x-goog-generation: 1690307471028257
x-goog-hash: crc32c=l3iXGQ==, md5=LDqvx2zOugBqCNfzEnjHhg==
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=3600
x-goog-stored-content-length: 459049
accept-ranges: bytes

GET
H3 200 ownerView.php Show response
1callclosers.jotform.com/ Frame 6F54 0
37 B 179ms
178ms Script
text/html 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1callclosers.jotform.com/ownerView.php?id=231402695884968
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.23.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:46 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-form-cache: MISS-APP
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

206

qypav9fz-640.mp4
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/A5YeSWLU/poster.mp4?width=640
https://assets-jpcust.jwpsrv.com/thumbnails/qypav9fz-640.mp4

191 KB
192 KB

160ms
113ms

Media
video/mp4

2a04:4e42:400::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/qypav9fz-640.mp4
Requested by: Host: go.vshred.team
URL: https://go.vshred.team/vs-quiz?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU
Protocol: H2
Server: 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e3988f9af062979b4d1b3557d7066b63d9a12e61493a6c8fdcc6d5131e5891a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 180
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
Content-Range: bytes 0-195975/195976
Content-Length: 195976
x-served-by: cache-iad-kjyo7100085-IAD, cache-fra-eddf8230071-FRA
last-modified: Thu, 21 Apr 2022 20:29:57 GMT
server: nginx
x-timer: S1690317405.488804,VS0,VE90
etag: "09c043a41a9b5906a7e21735ddd95e4c"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits: 200, 0

Redirect headers

date: Tue, 25 Jul 2023 20:36:45 GMT
via: 1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: MUC50-P1
access-control-allow-methods: GET
content-type: video/mp4
location: https://assets-jpcust.jwpsrv.com/thumbnails/qypav9fz-640.mp4
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-cache: Miss from cloudfront
x-robots-tag: noindex, indexifembedded
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
content-length: 0
x-amz-cf-id: F-fwXPA1jybw68tm8LwZXoqO8VRKxopAvNYDGtz0dQEriFxEsmhQTA==

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 23ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2161397854073847&ev=PageView&dl=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D_removed_%26lastname%3D_removed_%26email%3Dbpawlowski%2540gklaw.com%26mobile%3D_removed_%26utm_keyword%3D%252C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%253D.T4pVHU%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522lastname%2522%252C%2522mobile%2522%252C%2522firstname%2522%255D%252C%2522restrictedParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1690317405279&sw=1600&sh=1200&v=2.9.117&r=stable&ec=0&o=30&fbp=fb.1.1690317405100.749947257&cs_est=true&it=1690317404916&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Jul 2023 20:36:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
24 KB 45ms
44ms Script
application/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/343023307
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
content-encoding: br
last-modified: Sun, 16 Jul 2023 16:46:04 GMT
etag: W/"0x8DB861C253E234D"
vary: Accept-Encoding
x-azure-ref: 20230725T203645Z-fwagxbdrrh5f58f21cqg448f7000000005u000000001sfg7
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 46f23ebd-e01e-005e-6f85-b9c53b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
294 B 493ms
238ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://go.vshred.team/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://go.vshred.team
Date: Tue, 25 Jul 2023 20:36:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 /
cdn.jotfor.ms/fonts/ Frame 6F54 3 KB
708 B 98ms
32ms Stylesheet
text/css 2606:4700:10::6816:4951
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/stylebuilder/default.css?c227512
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c375043f418d3bd18eccfa0388d8ceddd30d471d7df5aac81e8232a4fa39ce15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:45 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 13
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
last-modified: Tue, 25 Jul 2023 20:36:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7ec73268dfbe9bc4-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 21ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2717984665012177&ev=Microdata&dl=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D%26lastname%3D%26email%3Dbpawlowski%40gklaw.com%26mobile%3D%26utm_keyword%3D%2C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU&rl=&if=false&ts=1690317405604&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22vShred%20%7C%20Strategy%20Session%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22vShred%20%7C%20Strategy%20Session%22%2C%22og%3Aauthor%22%3A%22Your%20Name%22%2C%22og%3Atype%22%3A%22website%22%2C%22twitter%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.117&r=stable&ec=1&o=30&fbp=fb.1.1690317405100.749947257&it=1690317404916&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Jul 2023 20:36:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 22ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1140110382743358&ev=Microdata&dl=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D%26lastname%3D%26email%3Dbpawlowski%40gklaw.com%26mobile%3D%26utm_keyword%3D%2C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU&rl=&if=false&ts=1690317405676&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22vShred%20%7C%20Strategy%20Session%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22vShred%20%7C%20Strategy%20Session%22%2C%22og%3Aauthor%22%3A%22Your%20Name%22%2C%22og%3Atype%22%3A%22website%22%2C%22twitter%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.117&r=stable&ec=1&o=30&fbp=fb.1.1690317405100.749947257&it=1690317404916&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Jul 2023 20:36:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 css
fonts.googleapis.com/ 2 KB
521 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900

Requested by

Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b2f518b16af2ea31caddc3a440ec626ea710ba6f59485d227e7963fa8c2449d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 20:36:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 18:48:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 20:36:45 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 21ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2161397854073847&ev=Microdata&dl=https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D%26lastname%3D%26email%3Dbpawlowski%40gklaw.com%26mobile%3D%26utm_keyword%3D%2C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU&rl=&if=false&ts=1690317405780&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22vShred%20%7C%20Strategy%20Session%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22vShred%20%7C%20Strategy%20Session%22%2C%22og%3Aauthor%22%3A%22Your%20Name%22%2C%22og%3Atype%22%3A%22website%22%2C%22twitter%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.117&r=stable&ec=1&o=30&fbp=fb.1.1690317405100.749947257&it=1690317404916&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Jul 2023 20:36:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H2 200 get
client-api.provesrc.com/notifications/ Frame 0
0 124ms
124ms Preflight 100.24.225.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/notifications/get
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.225.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-225-193.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-ps-first,x-ps-uid,x-ps-url,x-ps-version
Access-Control-Request-Method: POST
Origin: https://go.vshred.team
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-ps-first,x-ps-uid,x-ps-url,x-ps-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://go.vshred.team
access-control-expose-headers: x-ps-first
access-control-max-age: 7200
date: Tue, 25 Jul 2023 20:36:45 GMT
x-ps-host: ip-172-31-60-16
x-request-id: 01a825f1-f57d-44f8-afc9-555a31e25296

POST
H2 200 get Show response
client-api.provesrc.com/notifications/ 10 KB
2 KB 149ms
147ms Fetch
application/json 100.24.225.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/notifications/get
Requested by: Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.225.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-225-193.compute-1.amazonaws.com
Software: /
Resource Hash: 1af93188efd7ad8c02f79de13aa9926a52fc74d95080b44525336bfe5b7f51a5

Request headers

accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50SWQiOiI2MzAzZGViZjM5Mjc0NjJhZGE2OTAxZmQiLCJpYXQiOjE2NjExOTgwMTV9.kN9XLkj-NG6T8Gh4g6EC7dxi-qmRv2QWmqvCnnack_c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/json
x-ps-first: psuid=f0de3c13-7f95-4b71-92c3-1696dedc9453;ps6303debf3927462ada6901fd=true|1687737600000
Accept: application/json
x-ps-url: aHR0cHM6Ly9nby52c2hyZWQudGVhbS92cy1xdWl6P2ZpcnN0bmFtZT0mbGFzdG5hbWU9JmVtYWlsPWJwYXdsb3dza2lAZ2tsYXcuY29tJm1vYmlsZT0mdXRtX2tleXdvcmQ9LCZ1dG1fa2V5d29yZDE9Q2VkYXIrRmFsbHMmdXRtX2tleXdvcmQyPVR1ZXNkYXkmdXRtX2NvbnRlbnQ9VlNMaXN0LTA3MjUyM2FtLU1ldGFib2xpYy1UQiZfa3g9c2F4NkFSWGdwNFoyWU5RcEJvUWtRSmpCZ1NTeFRfQ3hWeE56SWduTmlXOD0uVDRwVkhV
Referer: https://go.vshred.team/
x-ps-uid: 44b48977-e593-49e8-b995-4905ddbb61c4
x-ps-version: 4.5.87

Response headers

date: Tue, 25 Jul 2023 20:36:46 GMT
content-encoding: gzip
etag: W/"275b-PzZlVoW3d44oqVVq1JLKUVpn/O0"
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.vshred.team
x-ps-host: ip-172-31-60-16
access-control-expose-headers: x-ps-first
vary: Accept-Encoding
access-control-allow-credentials: true
x-request-id: fa4788e5-b982-4148-9f66-6cbeef78d1d1

OPTIONS
H2 200 analytics
client-api.provesrc.com/notifications/ Frame 0
0 123ms
122ms Preflight 100.24.225.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/notifications/analytics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.225.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-225-193.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-ps-first,x-ps-uid,x-ps-url,x-ps-version
Access-Control-Request-Method: POST
Origin: https://go.vshred.team
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-ps-first,x-ps-uid,x-ps-url,x-ps-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://go.vshred.team
access-control-expose-headers: x-ps-first
access-control-max-age: 7200
date: Tue, 25 Jul 2023 20:36:46 GMT
x-ps-host: ip-172-31-29-194
x-request-id: 8385a1de-f64d-4e1d-9fef-e764271da8b3

POST
H2 200 analytics Show response
client-api.provesrc.com/notifications/ 24 B
391 B 129ms
129ms Fetch
application/json 100.24.225.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/notifications/analytics
Requested by: Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.225.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-225-193.compute-1.amazonaws.com
Software: /
Resource Hash: 8a36c989fe0efaa93eb0f4062fa976a326264fbc971214d8e5e8a08a92066a4a

Request headers

accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50SWQiOiI2MzAzZGViZjM5Mjc0NjJhZGE2OTAxZmQiLCJpYXQiOjE2NjExOTgwMTV9.kN9XLkj-NG6T8Gh4g6EC7dxi-qmRv2QWmqvCnnack_c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/json
x-ps-first: psuid=f0de3c13-7f95-4b71-92c3-1696dedc9453;ps6303debf3927462ada6901fd=true|1687737600000
Accept: application/json
x-ps-url: aHR0cHM6Ly9nby52c2hyZWQudGVhbS92cy1xdWl6P2ZpcnN0bmFtZT0mbGFzdG5hbWU9JmVtYWlsPWJwYXdsb3dza2lAZ2tsYXcuY29tJm1vYmlsZT0mdXRtX2tleXdvcmQ9LCZ1dG1fa2V5d29yZDE9Q2VkYXIrRmFsbHMmdXRtX2tleXdvcmQyPVR1ZXNkYXkmdXRtX2NvbnRlbnQ9VlNMaXN0LTA3MjUyM2FtLU1ldGFib2xpYy1UQiZfa3g9c2F4NkFSWGdwNFoyWU5RcEJvUWtRSmpCZ1NTeFRfQ3hWeE56SWduTmlXOD0uVDRwVkhV
Referer: https://go.vshred.team/
x-ps-uid: 44b48977-e593-49e8-b995-4905ddbb61c4
x-ps-version: 4.5.87

Response headers

date: Tue, 25 Jul 2023 20:36:46 GMT
etag: W/"18-yFpqYVDJmM5e4YghNEYBgNuXov8"
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.vshred.team
x-ps-host: ip-172-31-33-180
access-control-expose-headers: x-ps-first
vary: Accept-Encoding
access-control-allow-credentials: true
content-length: 24
x-request-id: 75d4418c-418d-4301-ad05-847c484a7bd2

GET
H2 200 abf4ca366bcdb6ff7d6d560e72d35220-united%20states,kansas,north%20newton.png
cdn-provesrc.nyc3.cdn.digitaloceanspaces.com/maps/ 3 KB
4 KB 102ms
26ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-provesrc.nyc3.cdn.digitaloceanspaces.com/maps/abf4ca366bcdb6ff7d6d560e72d35220-united%20states,kansas,north%20newton.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

f8ca96f5581708d9df6e182728e177d56eb4df179dcb32f3704f791310339bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 09 Oct 2019 23:45:58 GMT
x-amz-meta-s3cmd-attrs: atime:1552905988/ctime:1552905852/gid:20/gname:staff/md5:9d11ac64ddbc4a64b3ce37d47435b3de/mode:33188/mtime:1552832181/uid:501/uname:natanavra
x-amz-request-id: tx0000000000000102be4a3-0064c031da-4c5dc96a-nyc3b
etag: "9d11ac64ddbc4a64b3ce37d47435b3de"
x-envoy-upstream-healthchecked-cluster
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1690317406.dop263.fr8.t,1690317406.cds338.fr8.hn,1690317406.cds322.fr8.c
content-type: image/png
cache-control: max-age=3468
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 3395

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 24ms
22ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go.vshred.team
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:31:10 GMT
x-content-type-options: nosniff
age: 284736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 13:31:10 GMT

GET
DATA 200
OK truncated
/ Frame 6F54 698 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81363bf5e80b032d76dedae26638666c661b12ea0d3571158b510d2d46ff959e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6F54 288 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2b356c88e725e6c7a91b07746509a69a313bc1ba5dfeed9b4b6da6172cd1e50

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 6F54 305 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34adf6d89c4b8802f035c53ab8b9d1401d37e8a8db2a940605690a40055a0c61

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 Roboto-Medium.woff2
cdn.jotfor.ms/fonts/Roboto/fonts/ Frame 6F54 65 KB
66 KB 227ms
179ms Font
text/html 2606:4700:10::6816:4951
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/Roboto/fonts/Roboto-Medium.woff2
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8047d9d95b509cbfed6fb40b429d64aaed51c9e8622b2e6cc089efda58fc868

Request headers

Referer: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Origin: https://1callclosers.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:46 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 01 Jul 2023 06:31:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7ec7326e29c139e0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Roboto-Regular.woff2
cdn.jotfor.ms/fonts/Roboto/fonts/ Frame 6F54 65 KB
65 KB 226ms
179ms Font
text/html 2606:4700:10::6816:4951
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/Roboto/fonts/Roboto-Regular.woff2
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e178027b9be4361a7f955246e7b9ed30629c3c1c672ab9eea76c85fefc7a03a

Request headers

Referer: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Origin: https://1callclosers.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:46 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 01 Jul 2023 06:31:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7ec7326e29c539e0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Roboto-Bold.woff2
cdn.jotfor.ms/fonts/Roboto/fonts/ Frame 6F54 65 KB
65 KB 200ms
154ms Font
text/html 2606:4700:10::6816:4951
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/Roboto/fonts/Roboto-Bold.woff2
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a8a3b8f3d3e9d5ac3011157ffd538fa50c021bbe4400e8b06f562706e333308

Request headers

Referer: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Origin: https://1callclosers.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:46 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 01 Jul 2023 06:31:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7ec7326e29c239e0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 67c1300fa69898dff762344de8a953a0.css
1callclosers.jotform.com/stylebuilder/231402695884968/style/ Frame 6F54 42 KB
9 KB 1334ms
1333ms Stylesheet
text/css 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1callclosers.jotform.com/stylebuilder/231402695884968/style/67c1300fa69898dff762344de8a953a0.css?themeID=5966322fcf3bfe329d776651&smartEmbed=1&v=3d87d0ca8065c3e2847a9280bf7df4ff&embedUrl=https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1

Requested by

Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/static/jotform.forms.js?3.3.43710

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

233.23.241.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

9d2a58445f4209d5dd5718eb4b394f65a2ee320c57386cc5563216fb7a492a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:36:47 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
via: 1.1 google
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
last-modified: Tue, 25 Jul 2023 20:36:46 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
x-form-cache: MISS-APP
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 6F54 171 KB
46 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: app-widgets.jotform.io
URL: https://app-widgets.jotform.io/fbPixel/min/scripts.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

308100ff6c64af6ac2edf80a069273cee122cb63d7a5025dcb501f5dbddbbd05

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jul 2023 20:36:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46993
x-xss-protection: 0
pragma: public
x-fb-debug: 8lR1Ft/72U8Pu5EFDt0DxfbFWB7NF18CFSp8tEBKo0FnXqpVbEVeaFUWHa430kODXQ2kVgUfCRkiRPk1ukRIbA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 204 /
1callclosers.jotform.com/events/form/231402695884968/ Frame 6F54 0
15 B 190ms
190ms Image
text/html 35.241.23.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1callclosers.jotform.com/events/form/231402695884968/?ref=https%253A%252F%252Fgo.vshred.team%252F&res=1600x1200&eventID=1690317406528_231402695884968_lAfhgGM&loc=undefined
Requested by: Host: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.23.233 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.23.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/231402695884968?firstname=&lastname=&email=bpawlowski@gklaw.com&mobile=&utm_keyword=,&utm_keyword1=Cedar+Falls&utm_keyword2=Tuesday&utm_content=VSList-072523am-Metabolic-TB&_kx=sax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8=.T4pVHU&isIframeEmbed=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:36:46 GMT
via: 1.1 google
server: nginx
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-form-cache: MISS-APP
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 2717984665012177 Show response
connect.facebook.net/signals/config/ Frame 6F54 378 KB
108 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2717984665012177?v=2.9.117&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e4bf2f3e07ffcddd633e771f6e3d11c423980b110a1b990b5a10c1f795a54bcf

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1callclosers.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jul 2023 20:36:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110436
x-xss-protection: 0
pragma: public
x-fb-debug: afVEI/NzG5WCHNBMLhSWLMBCoQUO5LO3ciEq3Xic2D6qS8Roe3uCCFPvGv744wM6c0DD+YPJKttLAIa4BGykgw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
294 B 113ms
113ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://go.vshred.team/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://go.vshred.team
Date: Tue, 25 Jul 2023 20:36:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4BA1D837977D4BE6BDF9B21035D12CA8&RedC=c.clarity.ms&MXFR=2BF36D17412361C131D17E4E45236F23
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4BA1D837977D4BE6BDF9B21035D12CA8&MUID=22B2EA5C689C6F2601EFF90569306E6B

42 B
443 B

47ms
47ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4BA1D837977D4BE6BDF9B21035D12CA8&MUID=22B2EA5C689C6F2601EFF90569306E6B
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.vshred.team/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:36:47 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:36:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A2580138E6040449DA1DE6D3B947E34 Ref B: FRA31EDGE0707 Ref C: 2023-07-25T20:36:47Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4BA1D837977D4BE6BDF9B21035D12CA8&MUID=22B2EA5C689C6F2601EFF90569306E6B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
294 B 112ms
112ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://go.vshred.team/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://go.vshred.team
Date: Tue, 25 Jul 2023 20:36:48 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 1callclosers.jotform.com
URL: https://1callclosers.jotform.com/231402695884968

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go.vshred.team/	1970-01-20 22:17:33	Name: msgsndr_id Value: d0668b54-8704-46e8-8685-201118317ae4
dev.visualwebsiteoptimizer.com/	1970-01-20 15:55:57	Name: uuid Value: D4165084BDAB1A6B52DD267D50B52C1EB
.go.vshred.team/	1970-01-20 22:18:59	Name: _vwo_uuid_v2 Value: DC5A3DD3E41A0EB4C8519B612CB362700\|be9c1ea1602dd6d00df2a6c5966118ea
dev.visualwebsiteoptimizer.com/	1970-01-20 23:07:57	Name: _vwo_ssm Value: 1
.vshred.team/	1970-01-20 13:33:23	Name: _uetsid Value: f84a32402b2a11eeb7b669c36405c0db
.vshred.team/	1970-01-20 22:53:33	Name: _uetvid Value: f84a42102b2a11ee8c1115bcccc18927
.bing.com/	1970-01-20 22:53:33	Name: MUID Value: 22B2EA5C689C6F2601EFF90569306E6B
.vshred.team/	1970-01-20 23:07:57	Name: _vwo_uuid Value: D9260CCE8212A2D147F275282676E770D
.vshred.team/	1970-01-20 15:41:33	Name: _vwo_ds Value: 3%241690317403%3A69.19614582%3A%3A
.vshred.team/	1970-01-20 13:33:23	Name: wickedfu Value: %7B%22url%22%3A%22https%3A%2F%2Fgo.vshred.team%2Fvs-quiz%3Ffirstname%3D%26lastname%3D%26email%3Dbpawlowski%40gklaw.com%26mobile%3D%26utm_keyword%3D%2C%26utm_keyword1%3DCedar%2BFalls%26utm_keyword2%3DTuesday%26utm_content%3DVSList-072523am-Metabolic-TB%26_kx%3Dsax6ARXgp4Z2YNQpBoQkQJjBgSSxT_CxVxNzIgnNiW8%3D.T4pVHU%22%2C%22time%22%3A1690317404995%2C%22c%22%3A4481%7D
.vshred.team/	1970-01-20 13:31:58	Name: wickedEmails1198946329 Value: bpawlowski%40gklaw.com
.vshred.team/	1970-01-20 15:55:57	Name: _vis_opt_s Value: 1%7C
.vshred.team/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.vshred.team/	1970-01-20 13:31:59	Name: _vwo_sn Value: 0%3A1%3A%3A%3A1
.vshred.team/	1970-01-20 23:07:57	Name: _ga Value: GA1.1.2037495363.1690317405
.vshred.team/	1970-01-20 23:07:57	Name: _ga_JJ58L5G81R Value: GS1.1.1690317405.1.0.1690317405.60.0.0
.vshred.team/	1970-01-20 15:41:33	Name: _fbp Value: fb.1.1690317405100.749947257
www.clarity.ms/	1970-01-20 22:17:33	Name: CLID Value: 36aad5e45c5246cb9c79ba4ae2126bd8.20230725.20240724
.vshred.team/	1970-01-20 22:17:33	Name: _clck Value: 1vfauux\|2\|fdl\|0\|1301
.provesrc.com/	1970-01-20 13:32:12	Name: psuid Value: s%3Af0de3c13-7f95-4b71-92c3-1696dedc9453.e4REDzjrqKaWIqBEC54C9VAWIvOnKRZIE2LTLj3NcpE
.provesrc.com/	1970-01-20 13:33:23	Name: ps6303debf3927462ada6901fd Value: true%7C1687737600000
.vshred.team/	1970-01-20 23:07:57	Name: psuid Value: f0de3c13-7f95-4b71-92c3-1696dedc9453
.vshred.team/	1970-01-20 13:32:09	Name: ps6303debf3927462ada6901fd Value: true\|1687737600000
.vshred.team/	1970-01-20 13:33:23	Name: _clsk Value: 1fw5fr9\|1690317405961\|1\|1\|o.clarity.ms/collect
.vshred.team/	1969-12-31 23:59:59	Name: ps-goals Value: %7B%226320632ec7454e0638461adf%22%3A%7B%22expires%22%3A1690922206095%2C%22view%22%3Atrue%2C%22click%22%3Afalse%2C%22hover%22%3Afalse%7D%7D
.c.bing.com/	1970-01-20 13:42:02	Name: MR Value: 0
.c.bing.com/	1970-01-20 22:53:33	Name: SRM_B Value: 22B2EA5C689C6F2601EFF90569306E6B
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 22:53:33	Name: MUID Value: 22B2EA5C689C6F2601EFF90569306E6B
.c.clarity.ms/	1970-01-20 13:42:02	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 13:31:58	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://1callclosers.jotform.com/static/jotform.forms.js?3.3.43710(Line 114) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1callclosers.jotform.com
app-widgets.jotform.io
assets-jpcust.jwpsrv.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn-provesrc.nyc3.cdn.digitaloceanspaces.com
cdn.jotfor.ms
cdn.jwplayer.com
cdn.provesrc.com
cdnjs.cloudflare.com
client-api.provesrc.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
go.vshred.team
images.leadconnectorhq.com
o.clarity.ms
region1.analytics.google.com
services.leadconnectorhq.com
stats.g.doubleclick.net
stcdn.leadconnectorhq.com
track.wickedreports.com
trk.vshred.com
use.fontawesome.com
utt.impactcdn.com
widget.wickedreports.com
widgets.jotform.io
www.clarity.ms
www.facebook.com
www.google.de
www.googletagmanager.com
1callclosers.jotform.com
100.24.225.193
167.89.115.56
2001:4860:4802:32::36
205.185.216.10
2600:9000:225b:0:1:a3fa:7cc0:93a1
2600:9000:237d:d000:10:6a77:5f80:93a1
2606:4700:10::6816:4951
2606:4700:20::681a:5e1
2606:4700::6811:180e
2606:4700:e2::ac40:840f
2620:1ec:bdf::44
2620:1ec:c11::200
2a00:1450:4001:808::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2003
2a00:1450:4001:827::2003
2a00:1450:400c:c07::9a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::626
3.12.168.105
34.111.216.78
34.120.211.235
34.68.234.4
34.96.102.137
35.186.249.72
35.202.31.6
35.241.23.233
35.244.153.18
52.152.143.207
68.219.88.97
99.84.88.58
198e7c7e269f0d48ea42e7c45f82a5d53b4126f3fa35663f73fb8931cc75b5b6
1af93188efd7ad8c02f79de13aa9926a52fc74d95080b44525336bfe5b7f51a5
1c2213cbadef8f569fe556650e0c49aef3b6d77f04af25f14b95a3e0e50c890d
2843b812d2ebc77d395452c2bc8482e264d646b468553cec015d7794f6715060
300c6e542addfe25ff751573bc1d19abee61341374d654a7bee5e96921b8a453
307a9e3d2d77d8083d93ef1364958b365fc2da9388ec5e3f96f82ddcd24c114a
308100ff6c64af6ac2edf80a069273cee122cb63d7a5025dcb501f5dbddbbd05
31042c2805821f5ec05c28334d253ca31a422c82ef4bbd0e78741ae1d79d3e05
34adf6d89c4b8802f035c53ab8b9d1401d37e8a8db2a940605690a40055a0c61
37831084c90e89b0d1da5f5fe1d120c8362e849491d55b65902149f650c17564
3a8a3b8f3d3e9d5ac3011157ffd538fa50c021bbe4400e8b06f562706e333308
3db93831d6ccc5d1338ea33e71a0d47cbe35a32d4f0cefa1892d36056b48bad3
3e13bb74ec4b5da1db8db64e2a3ba8c56fb41ce1168ef6bb82f5e88f0e3ca5fa
437dfcfb78258e921c03cc1c1fad732efa0b11f0f88ccd8c662595ae3d51e970
48520d3e6c0dae7fdb184b237bab79caa40cf0fe2749e8042af2ce32e27746e2
48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982
4aebb89bf8791a505393c25a15913107624d70a789e08f6a3677c7636550b3a3
4e9dbda27563b02ef82c41113f3519b8634e83705c0e9114cdb53b7fa3384894
58d3594026b2a9778fb6067181ad5987d2492403f769ebeed92aba977a2a1cbf
5b2f518b16af2ea31caddc3a440ec626ea710ba6f59485d227e7963fa8c2449d
5e00e5d35ea05a8f817c092e7fe02092bbf964193aad91a697b20b2edc560087
610df475981fbcdb24a6b5a1f0a5b38e96d194af40a38cffb7e9db7847bd8ae5
62ed4d49c5a79b0aff17f47c74efc7958d70987d9350e746c0342755587dd3df
6503c1d5632807d06d6ceb0f05947f5f920ce117546ce1a85ce2916ceccd2348
65ef65684de3e75a6c4ff9b3eb494774f51def93fa0920ebd7840c450160836e
6c17baadae15c6263d1814621c648189322da15a1efd4d6815c46a2b4173a875
6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176
6f4ef86c39e654a4aad986e5846f100e53d67d73aff5aeb86718d52a3db249e9
71d8dae725ec4dd82504e24d40cf6e5678b0e02d28888a68f6b8488a87d424dd
72cd08b97748fc603ddd88de5f105077e8d5ecd1d7be0276d0ebc64f1c1ee985
78ab65b14bb96dd57096b2d74c77cf65c35fa89c09167a9fd1e72a3025e9860a
79d08f1eb01d56f9f9c638d0ffab730ae9835c5ab28f8fcbfb9f290b9d0b84e7
79da2843ff226e1d22a8750a10d36621b2d3684b899bc362523e257366265abf
79ecfa3105d8dd75f7bd18a01c0a8d22068d7bfd13fe61ba88cd19edc36543f1
7b2e42374825696fba08f7ae7c23a9425b0a8ca4db54485fddbc3afc708aa7af
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7df6444f424e7a94fcc888c51e44e920b6f99e738523fc879625be11714cc869
7e178027b9be4361a7f955246e7b9ed30629c3c1c672ab9eea76c85fefc7a03a
7f52a67efde6061b08523ce2243e232ce337d094b30bb5bfe6c3aeff3df81b6d
81363bf5e80b032d76dedae26638666c661b12ea0d3571158b510d2d46ff959e
8312ab004a8881ed94238346e58d10a6f733bf09a22877b141fc307c5a92e282
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f682b6cce2b4f74de8408e9b4be3146c4927652240c30cb05152848b14b8d6
882e58c671a484d0daa97a2807060e1a1ad16e73a87753f494a0a8f24412164b
89e5885611f8949c6c233a1f2fd6d97047afcf04d471eb85008d2aa8bbf5ecc0
8a36c989fe0efaa93eb0f4062fa976a326264fbc971214d8e5e8a08a92066a4a
8c291f028c947150c539c72e2322873bdbf78ad78927fd71a2978e0905f83a3e
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
8ffbd97e0bd6d33be9ea8ccc0f497377055e61c00c8b412f696eaab4a929978e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93d88da3930dcc66b17d279c4f3cc32391b3b14daf213898b44d387ce902d853
9585d1de16038d85e0bdb798a4caba92080b7411107685c93ba9e76aecf4e936
96d59d7c128e4f43d1d955ed18003e5e82cd665c271e2631edffa66714a7dccc
96f1220d06f6cf9908f2f6b0f81c5cf3e8de5cd1e1361cac9bb062062cf015c6
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c5d5dec15736816109c26a3e12f733bb316d4faa54215d2a135a8aadbb74a7
9aa77afc3de292a284e0aa3f153239e7e6aae6083a5aee4e86b6d689798fa9c1
9b19114404905bb36a0755e9d0a4b31d836bd984a44c7ddda9ec8422f5e62181
9d2a58445f4209d5dd5718eb4b394f65a2ee320c57386cc5563216fb7a492a79
9e3988f9af062979b4d1b3557d7066b63d9a12e61493a6c8fdcc6d5131e5891a
9ea081ab81f598748bd8c229bc8feb6a467fb562f5234c286a98f146d2b4ac1e
9ff5e115abcc8ab34ca60351e92551c9854b2787e6012f00952737cf04aae059
a32b7dab5557157094b55e3543a7adc032a39a423f116028b757684a278fb92a
a7e4e4698a75dc0d1cff20b5199bd634bdb52691ad512a913e1aa564a2005c6c
a9b21771827443239a0a44b13d608879575e33dc7447a79446ebd1ccc8f0209c
aba48469286a91d672f75c23affd49b26cbc09a696eece7af576abb279214585
abfb1eca2be565b4848c95373a133e19cc31a7d25ea8f225be68ac911e6ddf4f
ac84ef2d0f1bfd70b1627b0102400114cdb83b95f50b9ea6ed0025378e43e4b6
ad3ab8bb2b3c4ce26b436947d921359c02afdec841b42c69bb7ac44d73878c01
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b10e8536a8dffb8fc9b866adad618a5898d3e8d1de12e2336a2f0c3681855d71
b2b356c88e725e6c7a91b07746509a69a313bc1ba5dfeed9b4b6da6172cd1e50
b4d5a9ca451dde7b8b1f697a44df94f368a548f0f415159a90760d373efcf9a9
b6cfc684930661357e2134380e05e4299a4f85a68ee512a39d7dd6d0467de380
b8047d9d95b509cbfed6fb40b429d64aaed51c9e8622b2e6cc089efda58fc868
bb06133bba79a84f6dd09551c7e938c34e22452433ef71ca6a57c93c3a8fc6f0
bc4ce13262e89384968f748517e4b3f6f67951a2bb6bdb550ec87b05265b103c
c375043f418d3bd18eccfa0388d8ceddd30d471d7df5aac81e8232a4fa39ce15
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7e4b7c3e1c34e5f0ed040a9f1683319afbc3e64ee47f15ac65b08dbb2e6488b
d043acb23e3b6035abfa6be9b546663f9f9dac0522f26b1b1aca5732f24e9cb0
dd8c4d2df80795d2316ac565aea8e3de606f9970212dc192c0043bc7babdc4c2
e12e95176d4efb550a002ba411794aae00c31d552761c984e8d3ec33d597dbb1
e2bcaa68f0a7810ee95b5a352a707a941602cec2a5f1fde91e6cd1e8ee5326f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bf2f3e07ffcddd633e771f6e3d11c423980b110a1b990b5a10c1f795a54bcf
e6325cfca205ded1e796f367b77da8284a69fb7ff343aa3e16efdff88bc6fc5a
e8af11c10978d5f542e59be9b1a638b17b74b6d7094150f98bf0c42be5d81ac4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3e4a06f8518d0b05c817c35ab157d8f171674c4c96144db765d15fd2870900a
f8ca96f5581708d9df6e182728e177d56eb4df179dcb32f3704f791310339bc4
f8daf1c517e08a86e91ead80d732f34b0714099f97c51c38aa01141eba18fca7
fafefbdcea134d82a4dde7f3d943406715bfe1042f1a80f83bdad950814ea6c2
fd2ab997b1d25dafd7989fef4b5209bf2d3d435c6096b6e66f68b1d6a6b7a2e2
fee81f2f521e5990e7a2360d88dd698b1d136143209d4031134e6f603f3936af
ff221808688aa5fa205eb3ae3d475e661d6c2a875d0dc205015a7e8ac476f7b7

go.vshred.team Open in urlscan Pro 34.68.234.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

97 %HTTPS

53 %IPv6

25 Domains

33 Subdomains

32 IPs

4 Countries

2547 kBTransfer

6159 kBSize

31 Cookies

2 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.vshred.team Open in urlscan Pro
34.68.234.4 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

97 %
HTTPS

53 %
IPv6

25
Domains

33
Subdomains

32
IPs

4
Countries

2547 kB
Transfer

6159 kB
Size

31
Cookies

130 HTTP transactions
4 data transactions