r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16478
Expires: Sat, 03 Dec 2022 00:39:05 GMT
Date: Fri, 02 Dec 2022 20:04:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4953
Cache-Control: max-age=143362
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:27 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 11:53:49 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2210
Expires: Fri, 02 Dec 2022 20:41:17 GMT
Date: Fri, 02 Dec 2022 20:04:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HEn/pyXRJlKTFS24g2wG1IoFlW3AOaoxDLOCvdq4oBebyOl8QjMe/7ubzl8Pojg2UETB/zYofx4=
x-amz-request-id: XZJ8GPZH8PZ0JCCZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 19:46:49 GMT
age: 1058
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 19:19:57 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2670
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 20:04:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
barbaramarketer.com/
172.67.222.101301 Moved Permanently 236 B IP 172.67.222.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5ca28d431eacd89fec83edecf6a0434e
7e5dd1d3103e6446489d39c65b447628bfa19de9
b13e4f173823430a1e00e8a08bcd59ca86c6ce6c089223473c9e7a89431ea903
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: barbaramarketer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 20:04:27 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Security-Policy: upgrade-insecure-requests
Location: https://barbaramarketer.com/
Cache-Control: max-age=7200
Expires: Fri, 02 Dec 2022 22:04:27 GMT
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7736abf5986cb521-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 19:08:57 GMT
cache-control: public,max-age=3600
age: 3330
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b83be8a9f2ab277b04716b9cbaf12209
1efbed233487345af3d3ea80a2b16d2a7c00cbfb
6abe8a89f405a9260df3587003fe859738fc595d23f6b49bb8ea80a3848e4557
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6ABE8A89F405A9260DF3587003FE859738FC595D23F6B49BB8EA80A3848E4557"
Last-Modified: Thu, 01 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 03 Dec 2022 02:04:27 GMT
Date: Fri, 02 Dec 2022 20:04:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4946
Cache-Control: max-age=138293
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:27 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:29:20 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.238.3.246101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.3.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /loqBLWK0z25k/HfFpjMnA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ju+1rydibw6rkCFjJTl8UyuJLQY=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e0fed01ae124d939ab21988a80a5fdad
0509ce7c7d87d4f2bb6a2dee257e3cf1b9dd046d
4177ab8d4b86604491eab6fce6b00e4221dddd0f8efad5884c683e3a7bd93975
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5393
Cache-Control: max-age=144841
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:29 GMT
Etag: "6389d805-116"
Expires: Sun, 04 Dec 2022 12:18:30 GMT
Last-Modified: Fri, 02 Dec 2022 10:48:37 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e0fed01ae124d939ab21988a80a5fdad
0509ce7c7d87d4f2bb6a2dee257e3cf1b9dd046d
4177ab8d4b86604491eab6fce6b00e4221dddd0f8efad5884c683e3a7bd93975
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5393
Cache-Control: max-age=144841
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:29 GMT
Etag: "6389d805-116"
Expires: Sun, 04 Dec 2022 12:18:30 GMT
Last-Modified: Fri, 02 Dec 2022 10:48:37 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
www.googletagmanager.com/gtag/js?id=UA-228679960-2
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-228679960-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 92d4d1c14ef67681b811dd61675cc02d
833aa038a6cffa40c4f48993bbbcb32a662f423a
597ce29be5c07831e49521436cee0031e7bbda0859ad2093318e099addaa1ebc
GET /gtag/js?id=UA-228679960-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 20:04:29 GMT
expires: Fri, 02 Dec 2022 20:04:29 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43579
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e0fed01ae124d939ab21988a80a5fdad
0509ce7c7d87d4f2bb6a2dee257e3cf1b9dd046d
4177ab8d4b86604491eab6fce6b00e4221dddd0f8efad5884c683e3a7bd93975
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5393
Cache-Control: max-age=144841
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:29 GMT
Etag: "6389d805-116"
Expires: Sun, 04 Dec 2022 12:18:30 GMT
Last-Modified: Fri, 02 Dec 2022 10:48:37 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e0fed01ae124d939ab21988a80a5fdad
0509ce7c7d87d4f2bb6a2dee257e3cf1b9dd046d
4177ab8d4b86604491eab6fce6b00e4221dddd0f8efad5884c683e3a7bd93975
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4085
Cache-Control: max-age=143533
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:29 GMT
Etag: "6389d805-116"
Expires: Sun, 04 Dec 2022 11:56:42 GMT
Last-Modified: Fri, 02 Dec 2022 10:48:37 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ce9bb4656de0fb3edc54136d631bf5e1
95680f8722fba6e609b77df13566cf572de0183d
9a770b0fe4765e62e69c85565ccd057952fb54d078fb9ddb7732d2199f241bb6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4794
Cache-Control: max-age=129484
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:29 GMT
Etag: "63899e60-117"
Expires: Sun, 04 Dec 2022 08:02:33 GMT
Last-Modified: Fri, 02 Dec 2022 06:42:40 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 19a09dc440c5dff064eb9410b47caa48
7140f506d82dc1a62ae02a2b135485ce3f51ed4b
420957a48c24036f62864447c5e72096d3151f392e8cebbc2310e9a7cdbd1998
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4797
Cache-Control: max-age=148941
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:29 GMT
Etag: "6389ea5d-117"
Expires: Sun, 04 Dec 2022 13:26:50 GMT
Last-Modified: Fri, 02 Dec 2022 12:06:53 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11280
Expires: Fri, 02 Dec 2022 23:12:29 GMT
Date: Fri, 02 Dec 2022 20:04:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 19a09dc440c5dff064eb9410b47caa48
7140f506d82dc1a62ae02a2b135485ce3f51ed4b
420957a48c24036f62864447c5e72096d3151f392e8cebbc2310e9a7cdbd1998
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4797
Cache-Control: max-age=148941
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:29 GMT
Etag: "6389ea5d-117"
Expires: Sun, 04 Dec 2022 13:26:50 GMT
Last-Modified: Fri, 02 Dec 2022 12:06:53 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 02EF3QEVKmEB2ikbGk9gzQq7_VMi00ufHUNRFTL8MpwJKaXQwdT8HA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 03:42:27 GMT
age: 58922
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11280
Expires: Fri, 02 Dec 2022 23:12:29 GMT
Date: Fri, 02 Dec 2022 20:04:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 50621
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 291127b670135b42b6e9687aa2a13237
99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1
49b082a738bcd15a0bb4e9f96a180797ffcfa368977ac1927df882a0343664d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10437
x-amzn-requestid: 2a8183c4-47ec-42bb-8e67-3e742dc3750c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YpEeooAMFfvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-2014fd4d49dcd4087bf1db4d;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wQc8gdA6brp46QVd0ee9cBtnmA9q1j3nUO2ou9MDIhecNINtmphq0Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:54 GMT
age: 80015
etag: "99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11280
Expires: Fri, 02 Dec 2022 23:12:29 GMT
Date: Fri, 02 Dec 2022 20:04:29 GMT
Connection: keep-alive
app.clickfunnels.com/mailcheck.min.js
104.16.13.194200 OK 1.6 kB URL HTTP/2 app.clickfunnels.com/mailcheck.min.js
IP 104.16.13.194:0
File type C source, ASCII text, with very long lines (525)
Hash f70d9f0a50b79f7bdbb28a9e4db10f9e
2b4b4a49b7ef256c5267a825a535757e0a7358e2
90b4bc5e09fc217377897218e6a3c71fb4ac48927ec04a0126eabfac1c5091d8
GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:29 GMT
content-type: application/x-javascript
cf-ray: 7736ac049a2c1bfa-OSL
access-control-allow-origin: *
age: 3637
etag: W/"637bf173-a8d"
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=yTJc0Z6wzHB2C7b6iODy9Q0NllBqgIfqpP9x1P9n9.M-1670011469-0-Afr5x1/S3H1XbuvGGr/Hdg4rhNvO3uvhrX6mT+2zAJ0KokLOWheps56yb9QzlBklCN02bEy2Rpk1ZI3a4WWtVGzUzTimLYURSUeYsP2Tb0CM; path=/; expires=Fri, 02-Dec-22 20:34:29 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 53054
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 10:51:17 GMT
age: 33192
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 80058
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 19a09dc440c5dff064eb9410b47caa48
7140f506d82dc1a62ae02a2b135485ce3f51ed4b
420957a48c24036f62864447c5e72096d3151f392e8cebbc2310e9a7cdbd1998
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4797
Cache-Control: max-age=148941
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:29 GMT
Etag: "6389ea5d-117"
Expires: Sun, 04 Dec 2022 13:26:50 GMT
Last-Modified: Fri, 02 Dec 2022 12:06:53 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b280b735a88c3fe502030608ebab5083
f91aae4e088cf17651dd8c41a9da5295001b204d
ed56e851bae0ff1d0d39ed2162ade9586a71100012370d333535e681f5d10fdd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 20:04:30 GMT
Etag: "6389853c-118"
Server: ECS (amb/6B92)
Content-Length: 280
app.clickfunnels.com/userevents/?funnel_id=ZlVoZmZUN1RnL05XeVFkOGhwbmNNZz09LS0xZUlqbGJUbHZMT2hqbUdQbEc4clRnPT0%3D--236775323ce7c73844685312382ee9dd8c8e885a&page_id=bnRteDBiUkVTZWx2ZkZYTUVzMjV3UT09LS1aTEhlUU1icFFQZDUyUFZhQUZwdjZRPT0%3D--2b5182bac5c410a19d8129daa3a0a4c4eb46ec6f&funnel_step_id=V1NhSWZrdDJRTnphL1N2V0RwamVIQT09LS1Sd0FobmdtRjBqTnpvNFByVmFQVFR3PT0%3D--a3125b4321e45eda4e881f1304369ad636c16ac4&user_id=aDFyVlE5eHI4RFdpSGhNUHpRRzdKdz09LS1PNzJkMVFWZUYxdmdMbUZSVnJML053PT0%3D--dacc95d4664261f0b6d87b96a73053e1f42d3813&account_id=R2xqSndJbmRPYi9RajF1RDErRnpSQT09LS1MSnVwR01RUW1NWG9FV0ZOUThUNVlnPT0%3D--5f86fb348f06092e001d2cceec987e1041961881&page_code=NTM5Njg3NjA%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::PageviewsCreatedSummary&nonce=c596fa2e-0253-4fdb-91e2-b7be99b51625&url=https%3A%2F%2Fbarbaramarketer.com%2F
104.16.13.194202 Accepted 20 kB URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=ZlVoZmZUN1RnL05XeVFkOGhwbmNNZz09LS0xZUlqbGJUbHZMT2hqbUdQbEc4clRnPT0%3D--236775323ce7c73844685312382ee9dd8c8e885a&page_id=bnRteDBiUkVTZWx2ZkZYTUVzMjV3UT09LS1aTEhlUU1icFFQZDUyUFZhQUZwdjZRPT0%3D--2b5182bac5c410a19d8129daa3a0a4c4eb46ec6f&funnel_step_id=V1NhSWZrdDJRTnphL1N2V0RwamVIQT09LS1Sd0FobmdtRjBqTnpvNFByVmFQVFR3PT0%3D--a3125b4321e45eda4e881f1304369ad636c16ac4&user_id=aDFyVlE5eHI4RFdpSGhNUHpRRzdKdz09LS1PNzJkMVFWZUYxdmdMbUZSVnJML053PT0%3D--dacc95d4664261f0b6d87b96a73053e1f42d3813&account_id=R2xqSndJbmRPYi9RajF1RDErRnpSQT09LS1MSnVwR01RUW1NWG9FV0ZOUThUNVlnPT0%3D--5f86fb348f06092e001d2cceec987e1041961881&page_code=NTM5Njg3NjA%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::PageviewsCreatedSummary&nonce=c596fa2e-0253-4fdb-91e2-b7be99b51625&url=https%3A%2F%2Fbarbaramarketer.com%2F
IP 104.16.13.194:0
File type gzip compressed data, max compression\012- data
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /userevents/?funnel_id=ZlVoZmZUN1RnL05XeVFkOGhwbmNNZz09LS0xZUlqbGJUbHZMT2hqbUdQbEc4clRnPT0%3D--236775323ce7c73844685312382ee9dd8c8e885a&page_id=bnRteDBiUkVTZWx2ZkZYTUVzMjV3UT09LS1aTEhlUU1icFFQZDUyUFZhQUZwdjZRPT0%3D--2b5182bac5c410a19d8129daa3a0a4c4eb46ec6f&funnel_step_id=V1NhSWZrdDJRTnphL1N2V0RwamVIQT09LS1Sd0FobmdtRjBqTnpvNFByVmFQVFR3PT0%3D--a3125b4321e45eda4e881f1304369ad636c16ac4&user_id=aDFyVlE5eHI4RFdpSGhNUHpRRzdKdz09LS1PNzJkMVFWZUYxdmdMbUZSVnJML053PT0%3D--dacc95d4664261f0b6d87b96a73053e1f42d3813&account_id=R2xqSndJbmRPYi9RajF1RDErRnpSQT09LS1MSnVwR01RUW1NWG9FV0ZOUThUNVlnPT0%3D--5f86fb348f06092e001d2cceec987e1041961881&page_code=NTM5Njg3NjA%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::PageviewsCreatedSummary&nonce=c596fa2e-0253-4fdb-91e2-b7be99b51625&url=https%3A%2F%2Fbarbaramarketer.com%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://barbaramarketer.com
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Fri, 02 Dec 2022 20:04:30 GMT
content-type: text/html
cf-ray: 7736ac095f0d1bfa-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 681e99bb438207994272b556d5f658d7
x-runtime: 0.027582
set-cookie: __cf_bm=RNK.H5tP1HjZWmLC.pup6DELiQAqqs12tFUF8fkTOFE-1670011470-0-AU8BE66tCENtNY9FrUWaQw+g+O82Ep8Y4IUfZ+0ncbFmX1dXrU56DC55PxXat6qHcsKpD2/wjvK6bnt7pZxdVIan/FdGBNYxZ9bmQYqIle0t; path=/; expires=Fri, 02-Dec-22 20:34:30 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
app.clickfunnels.com/cf.js
104.16.13.194301 Moved Permanently 6.0 kB URL HTTP/2 app.clickfunnels.com/cf.js
IP 104.16.13.194:0
Hash 41d7594862ca9653575196e55c8d1759
049b5f95971e46d6e0fcc9e20ed7583b5386ec5c
c9081615c3c9a76454ddc1c40f9c10947ed8788b1b1125343c60c7c60a2a3eda
GET /cf.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Cookie: __cf_bm=zFvenGNSo0oKWJZX1SBWG7JDlymw9HKE0uYaD.iCyEU-1670011469-0-AQK+Z/k6AJGNLKoFfRudNSLFFJiF1JCP4tQ03ElVQn4FtaU9LaS+hX/yjGQ9UXrlvNYDmQ7pzDbcxQx5asIKMKAQXq371ZXE4ZdW8kQMOs8R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 02 Dec 2022 20:04:30 GMT
content-type: text/html
location: https://www.clickfunnels.com/cf.js
cf-ray: 7736ac092ef21bfa-OSL
access-control-allow-origin: *
age: 1110
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
X-Firefox-Spdy: h2
assets.clickfunnels.com/images/closemodal.png
104.16.13.194200 OK 672 B URL HTTP/2 assets.clickfunnels.com/images/closemodal.png
IP 104.16.13.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 19754ed4d508cf576c80cf36e0db8c50
f459beac714e5be68aa75349fa806a5642af456a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
GET /images/closemodal.png HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Cookie: __cf_bm=zFvenGNSo0oKWJZX1SBWG7JDlymw9HKE0uYaD.iCyEU-1670011469-0-AQK+Z/k6AJGNLKoFfRudNSLFFJiF1JCP4tQ03ElVQn4FtaU9LaS+hX/yjGQ9UXrlvNYDmQ7pzDbcxQx5asIKMKAQXq371ZXE4ZdW8kQMOs8R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:30 GMT
content-type: image/webp
content-length: 672
cf-ray: 7736ac0bfac91bfa-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 49843
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "637bf173-314"
expires: Mon, 02 Jan 2023 20:04:30 GMT
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
server: cloudflare
X-Firefox-Spdy: h2
js-agent.newrelic.com/552.2d6a2503-1220.js
151.101.130.137200 OK 5.9 kB URL HTTP/2 js-agent.newrelic.com/552.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (21423)
Hash 097ef34c5f5d635a147bca3721bd605b
3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2
3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914
GET /552.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PnZFPtaQ6Oa8SvsR598yLCynwQMleyjLyE8+/6kXxv1ZfRit6gnSEEKUHnQ2vqYi8syHn+Nxcq4=
x-amz-request-id: XM6WHM0J4M8X38WQ
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 20:04:30 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 1578
x-timer: S1670011471.753085,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2
images.clickfunnels.com/cdn-cgi/image/fit=scale-down,width=1150,quality=75/https://images.clickfunnels.com/10/5c6682c1ac48689d734c9d43790c92/steps123.png
104.16.13.194200 OK 8.1 kB URL HTTP/2 images.clickfunnels.com/cdn-cgi/image/fit=scale-down,width=1150,quality=75/https://images.clickfunnels.com/10/5c6682c1ac48689d734c9d43790c92/steps123.png
IP 104.16.13.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 633x96, components 3\012- data
Hash 4382c50b983b0ebb2da1d1ef3e7fb270
db83bbc5e62b7702cb64ec28598abe1f54591466
dc488b1e29ef1814e0f2246de38268a742f8be636cc1374d8754d1f0ade4d019
GET /cdn-cgi/image/fit=scale-down,width=1150,quality=75/https://images.clickfunnels.com/10/5c6682c1ac48689d734c9d43790c92/steps123.png HTTP/1.1
Host: images.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Cookie: __cf_bm=zFvenGNSo0oKWJZX1SBWG7JDlymw9HKE0uYaD.iCyEU-1670011469-0-AQK+Z/k6AJGNLKoFfRudNSLFFJiF1JCP4tQ03ElVQn4FtaU9LaS+hX/yjGQ9UXrlvNYDmQ7pzDbcxQx5asIKMKAQXq371ZXE4ZdW8kQMOs8R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:30 GMT
content-type: image/jpeg
content-length: 8105
cf-ray: 7736ac0bfac81bfa-OSL
accept-ranges: bytes
cache-control: max-age=2073600
etag: "cfi48pJagVShss7VJusotVVKg9jsT79EnOD-VoEO8ABQ:239a337af79a2433e2a49189c2ec6e7a"
last-modified: Fri, 14 Aug 2020 00:45:22 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:75,h2pri
cf-resized: internal=ok/h q=0 n=31 c=0+16 v=2022.11.7 l=8105
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
js-agent.newrelic.com/290.2d6a2503-1220.js
151.101.130.137200 OK 3.4 kB URL HTTP/2 js-agent.newrelic.com/290.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (8544)
Hash b9baa2cb6a3b1a3d0fda03cd7db51631
42d37467e05182e3cab2fcb54577dc462adcf50b
31a8b4d47298cae24c66e37256a51474ae88a745fdfec79f99b2d43608e6d822
GET /290.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: w13KyJHc6nZxbdEwslB41w8/Eu8hqTxWFthe9Ce9ktH5t1CQfPDcADzeIbbM0XmVboDReCBCqwPazqB/yCHcHQ==
x-amz-request-id: ENM21W9CJ64N9SCW
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 20:04:31 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 1155
x-timer: S1670011471.029289,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3424
X-Firefox-Spdy: h2
barbaramarketer.com/cdn-cgi/rum?
104.21.86.169200 OK 2.2 kB URL HTTP/2 barbaramarketer.com/cdn-cgi/rum?
IP 104.21.86.169:0
File type gzip compressed data, from Unix\012- data
Hash 98a96a3306b7723c0b8c4bff074cdd9f
e9070da7daa34fa2d8ac2e4ec00e3c499ea37516
a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/rum? HTTP/1.1
Host: barbaramarketer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 8006
Origin: https://barbaramarketer.com
Connection: keep-alive
Referer: https://barbaramarketer.com/
Cookie: PHPSESSID=e83cbf41326e900bbf85f1a7513ca75b; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTM5Njg3NjA=:visited=true; cf:visitor_id=e705642f-f1ee-4d93-abbc-4005b7c67a1c; addevent_track_cookie=a3a04f9a-edce-4dec-1688-825dec320ffd; _ga=GA1.2.1864133196.1670011469; _gid=GA1.2.536896648.1670011469; _gat_gtag_UA_228679960_2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:30 GMT
server: cloudflare
cf-ray: 7736ac0c98580b49-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
app.clickfunnels.com/v1/track?_unique=0.006009652926774467&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//barbaramarketer.com/&_title=ClickFunnels%20Landing%20Page&_key=vuheyfgf&_page_key=fl3xglw4htdjzuie&_fid=11988961&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://barbaramarketer.com/&_referrer=
104.16.13.194200 OK 1.5 kB URL HTTP/2 app.clickfunnels.com/v1/track?_unique=0.006009652926774467&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//barbaramarketer.com/&_title=ClickFunnels%20Landing%20Page&_key=vuheyfgf&_page_key=fl3xglw4htdjzuie&_fid=11988961&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://barbaramarketer.com/&_referrer=
IP 104.16.13.194:0
File type ASCII text, with no line terminators
Hash e478731d9c4708ddf162d39b1b1d9162
01967a32c94cb90cf1d3aa83f6dc2f270dcb9a85
8b9b0d3e636935fb75e606b006c1d96297278f609a51c17d7ce385ba677a6907
GET /v1/track?_unique=0.006009652926774467&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//barbaramarketer.com/&_title=ClickFunnels%20Landing%20Page&_key=vuheyfgf&_page_key=fl3xglw4htdjzuie&_fid=11988961&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://barbaramarketer.com/&_referrer= HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://barbaramarketer.com
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:30 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 7736ac0bdaaa1bfa-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 8490bdb625b8d47f6745b0854c2769cb
x-runtime: 0.022329
set-cookie: __cf_bm=titji.9t_aVR8MM3YMc4AbsrN1TYg80fOLamrVh6uwQ-1670011470-0-AcHymaCGDkjcfgkmt3T0onMlooZibP8SywuoxuplABetmqW1Tj6sR1YxmIN3CLxhoCc36q+YHfluFkDNqzUoG8S1B0H1iP5Eu/M4zO6lQZxs; path=/; expires=Fri, 02-Dec-22 20:34:30 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
js-agent.newrelic.com/775.2d6a2503-1220.js
151.101.130.137200 OK 632 B URL HTTP/2 js-agent.newrelic.com/775.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (1169)
Hash 661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7LFMHtjJh1S3I7Y2nadjyW3qD5GSEUAPkhvRiGWUqI2yNIsj2jxS1WztietgESJCTo8b+MSjBS8=
x-amz-request-id: XM6WXR7ZNKJZ7WDR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 20:04:31 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 430
x-timer: S1670011471.029942,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3988&ck=0&s=5f8d4105a67593d7&ref=https://barbaramarketer.com/&ap=411&be=2335&fe=1283&dc=881&perf=%7B%22timing%22:%7B%22of%22:1670011465222,%22n%22:0,%22f%22:620,%22dn%22:621,%22dne%22:621,%22c%22:621,%22s%22:624,%22ce%22:816,%22rq%22:816,%22rp%22:2304,%22rpe%22:2305,%22dl%22:2318,%22di%22:3201,%22ds%22:3215,%22de%22:3297,%22dc%22:3617,%22l%22:3617,%22le%22:3730%7D,%22navigation%22:%7B%7D%7D&fcp=2717&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3988&ck=0&s=5f8d4105a67593d7&ref=https://barbaramarketer.com/&ap=411&be=2335&fe=1283&dc=881&perf=%7B%22timing%22:%7B%22of%22:1670011465222,%22n%22:0,%22f%22:620,%22dn%22:621,%22dne%22:621,%22c%22:621,%22s%22:624,%22ce%22:816,%22rq%22:816,%22rp%22:2304,%22rpe%22:2305,%22dl%22:2318,%22di%22:3201,%22ds%22:3215,%22de%22:3297,%22dc%22:3617,%22l%22:3617,%22le%22:3730%7D,%22navigation%22:%7B%7D%7D&fcp=2717&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3988&ck=0&s=5f8d4105a67593d7&ref=https://barbaramarketer.com/&ap=411&be=2335&fe=1283&dc=881&perf=%7B%22timing%22:%7B%22of%22:1670011465222,%22n%22:0,%22f%22:620,%22dn%22:621,%22dne%22:621,%22c%22:621,%22s%22:624,%22ce%22:816,%22rq%22:816,%22rp%22:2304,%22rpe%22:2305,%22dl%22:2318,%22di%22:3201,%22ds%22:3215,%22de%22:3297,%22dc%22:3617,%22l%22:3617,%22le%22:3730%7D,%22navigation%22:%7B%7D%7D&fcp=2717&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 20:04:31 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7736ac0ece620b41-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
www.barbaramarketer.com/wp-includes/images/w-logo-blue-white-bg.png
104.21.86.169200 OK 4.1 kB URL HTTP/2 www.barbaramarketer.com/wp-includes/images/w-logo-blue-white-bg.png
IP 104.21.86.169:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.barbaramarketer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://barbaramarketer.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1864133196.1670011469; _gid=GA1.2.536896648.1670011469; _gat_gtag_UA_228679960_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:32 GMT
content-type: image/png
content-length: 4119
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 14 Mar 2022 14:28:02 GMT
cache-control: max-age=31536000
expires: Sat, 02 Dec 2023 20:04:32 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7736ac10accf0b49-OSL
X-Firefox-Spdy: h2
app.clickfunnels.com/images/email2.png
104.16.13.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/images/email2.png
IP 104.16.13.194:0
GET /images/email2.png HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.clickfunnels.com/assets/lander.css
Cookie: __cf_bm=zFvenGNSo0oKWJZX1SBWG7JDlymw9HKE0uYaD.iCyEU-1670011469-0-AQK+Z/k6AJGNLKoFfRudNSLFFJiF1JCP4tQ03ElVQn4FtaU9LaS+hX/yjGQ9UXrlvNYDmQ7pzDbcxQx5asIKMKAQXq371ZXE4ZdW8kQMOs8R
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:29 GMT
content-type: image/webp
cf-ray: 7736ac05fba71bfa-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 696858
cache-control: public, max-age=2678400
content-disposition: inline; filename="email2.webp"
etag: "637bf173-c80"
expires: Mon, 02 Jan 2023 20:04:29 GMT
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3200
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=oV71ESTlQYRz9R1pki9mbx_pwJrfWzHCdxzZtPrZJ_o-1670011469-0-ASQHkk6p1IjONCPnMlirCgv27xds2lM1UdKQJSpFiWHl_Sy01GDnsCjlZ_C3DA8f_nAWVbdQCrWh4r4Mb58Onl_QXZh4TKFngw9Lh-vnxZ42"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=oV71ESTlQYRz9R1pki9mbx_pwJrfWzHCdxzZtPrZJ_o-1670011469-0-ASQHkk6p1IjONCPnMlirCgv27xds2lM1UdKQJSpFiWHl_Sy01GDnsCjlZ_C3DA8f_nAWVbdQCrWh4r4Mb58Onl_QXZh4TKFngw9Lh-vnxZ42; report-to cf-csp-endpoint
server: cloudflare
X-Firefox-Spdy: h2
classic.clickfunnels.com/cf.js
104.16.13.194200 OK 0 B URL HTTP/2 classic.clickfunnels.com/cf.js
IP 104.16.13.194:0
GET /cf.js HTTP/1.1
Host: classic.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://barbaramarketer.com/
Connection: keep-alive
Cookie: __cf_bm=zFvenGNSo0oKWJZX1SBWG7JDlymw9HKE0uYaD.iCyEU-1670011469-0-AQK+Z/k6AJGNLKoFfRudNSLFFJiF1JCP4tQ03ElVQn4FtaU9LaS+hX/yjGQ9UXrlvNYDmQ7pzDbcxQx5asIKMKAQXq371ZXE4ZdW8kQMOs8R
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:30 GMT
content-type: application/x-javascript
cf-ray: 7736ac0b9a5b1bfa-OSL
access-control-allow-origin: *
age: 6951
etag: W/"637bf173-476a"
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP 142.250.74.106:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 20:04:29 GMT
date: Fri, 02 Dec 2022 20:04:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/lander.css
104.16.13.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/assets/lander.css
IP 104.16.13.194:0
GET /assets/lander.css HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:29 GMT
content-type: text/css
cf-ray: 7736ac050a9c1bfa-OSL
access-control-allow-origin: *
age: 30
cache-control: public, max-age=1200
etag: W/"637bf173-6a514"
expires: Fri, 02 Dec 2022 20:24:29 GMT
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=sGh60t7OhNeZ5EWrA69NdH5W3I18VwZFlOULqiQ5plk-1670011469-0-AUSQsaolxceCGlB0P1edtsx58lI27ArbyXj0n2JPDV/dRc5ka7pfSDfzSBe5c3wbualEPdRm32shkA2c/iupKMY2wJda2r98I2JwHIpIrLlD; path=/; expires=Fri, 02-Dec-22 20:34:29 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
barbaramarketer.com/
104.21.86.169200 OK 0 B IP 104.21.86.169:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: barbaramarketer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:29 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-security-policy: upgrade-insecure-requests
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
last-modified: Fri, 02 Dec 2022 20:04:29 GMT
set-cookie: PHPSESSID=e83cbf41326e900bbf85f1a7513ca75b; path=/
__cf_bm=Z8eGINbWeCib8s47_1VpcT7RYMK7beHORlM_cp2ZXvM-1670011469-0-AdMkOKezrZm1Tlxg1baooUgh2O/FK+bSpgxxqswiuHHkFLsqzRjhU631HX2CafPoPWRzO5CdAnhBk/bH8Mn+jG/5q66kfP4P/7nnEMNob1oz; path=/; expires=Fri, 02-Dec-22 20:34:29 GMT; domain=.clickfunnels.com; HttpOnly; Secure
cf-cache-status: MISS
server: cloudflare
cf-ray: 7736abfa4da60b49-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/all.css
IP 172.64.132.15:0
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:29 GMT
content-type: text/css
x-amz-id-2: vC8KBN503iyWKZzHxfJc5rs99Ocw4DSTaifdaL1SsWTbuhhIHZc4Cm+BPlh6dJ7ueugjQrc5cWE=
x-amz-request-id: F0PHW7H6699FG8TW
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 543163
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZJP2xKfBmw7coHrYkplPFt%2FBHHeuYfc%2FwrtYSEuVUFl%2Bnl5PgY6Rxff9gmKczKewLCaS%2B4ymd6KemxPN9dIpalTFatJVAh94KiLtWBWo5FFH%2F1ZJCDYfgCS9m%2FE4PLrLzZcHJIw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7736ac056daf719e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/pushcrew.js
104.16.13.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/assets/pushcrew.js
IP 104.16.13.194:0
GET /assets/pushcrew.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:29 GMT
content-type: application/x-javascript
cf-ray: 7736ac04ca681bfa-OSL
access-control-allow-origin: *
age: 363
cache-control: public, max-age=1200
etag: W/"637bf172-27d"
expires: Fri, 02 Dec 2022 20:24:29 GMT
last-modified: Mon, 21 Nov 2022 21:45:22 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=jjDFX4oSXGXVxUW1lSN9KZVA_V5AqvqLxzT8hzLUlg4-1670011469-0-AbR/uxpI8W8vNJXZQxIVEN+HeM8yMF9dnJEU1bohbZ1bcvH34VQTttdiWKH5atpSq1FiqavKkyHn0lAa/lTppTJ0VdD4uLFXSdAD5lyHAUPP; path=/; expires=Fri, 02-Dec-22 20:34:29 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/userevents/application.js
104.16.13.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/assets/userevents/application.js
IP 104.16.13.194:0
GET /assets/userevents/application.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:29 GMT
content-type: application/x-javascript
cf-ray: 7736ac051aab1bfa-OSL
access-control-allow-origin: *
age: 314
cache-control: public, max-age=1200
etag: W/"637bf173-147c"
expires: Fri, 02 Dec 2022 20:24:29 GMT
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=pvowIkAhkeA8KEI4j89v8UMuuVbBTTNjohslo3SfoBE-1670011469-0-AThoYE+fKYZWu/4oJWXXhaf1Lwu3C5tcgZtmL850YC8lDB5x64PJYKmlYBACYEHhFlyYvWVspEXPnrPexlLPhq6MmW19XZRyxQq2pFQt2YmC; path=/; expires=Fri, 02-Dec-22 20:34:29 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/lander.js
104.16.13.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/assets/lander.js
IP 104.16.13.194:0
GET /assets/lander.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:29 GMT
content-type: application/x-javascript
cf-ray: 7736ac052abb1bfa-OSL
access-control-allow-origin: *
age: 364
cache-control: public, max-age=1200
etag: W/"637bf1b5-2391a3"
expires: Fri, 02 Dec 2022 20:24:29 GMT
last-modified: Mon, 21 Nov 2022 21:46:29 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=zFvenGNSo0oKWJZX1SBWG7JDlymw9HKE0uYaD.iCyEU-1670011469-0-AQK+Z/k6AJGNLKoFfRudNSLFFJiF1JCP4tQ03ElVQn4FtaU9LaS+hX/yjGQ9UXrlvNYDmQ7pzDbcxQx5asIKMKAQXq371ZXE4ZdW8kQMOs8R; path=/; expires=Fri, 02-Dec-22 20:34:29 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP 172.64.132.15:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:29 GMT
content-type: text/css
x-amz-id-2: HpuDfuJOnoRBIn1oGWh6kpnFISyPAhBcUuSh2sgaSOixf+diILYpFUsoF1uDkiR93wgKGECAn7k=
x-amz-request-id: F0PPGVAN5CXAHSGM
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 543162
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASOzisvEoHJpRhm%2Fieu16fNIhfmgzlP5IZvyhWwGowGEErMoGYyphqoDurZvYYlC37lP2an3VwyBWSo%2FUZ70379yJ%2FR49AD9GzHN3L%2Fm6RTQJBftWIXheT%2F15DCpAY4lZynC3yYo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7736ac059e30719e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.barbaramarketer.com/funnels/paused-account/cf-logo.png
104.21.86.169404 Not Found 0 B URL HTTP/2 www.barbaramarketer.com/funnels/paused-account/cf-logo.png
IP 104.21.86.169:0
GET /funnels/paused-account/cf-logo.png HTTP/1.1
Host: www.barbaramarketer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://barbaramarketer.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1864133196.1670011469; _gid=GA1.2.536896648.1670011469; _gat_gtag_UA_228679960_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 404 Not Found
date: Fri, 02 Dec 2022 20:04:32 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.barbaramarketer.com/wp-json/>; rel="https://api.w.org/"
content-security-policy: upgrade-insecure-requests
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cf-cache-status: MISS
server: cloudflare
cf-ray: 7736ac10fd030b49-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
barbaramarketer.com/cdn-cgi/rum?
104.21.86.169200 OK 0 B URL HTTP/2 barbaramarketer.com/cdn-cgi/rum?
IP 104.21.86.169:0
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/rum? HTTP/1.1
Host: barbaramarketer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 539
Origin: https://barbaramarketer.com
Connection: keep-alive
Referer: https://barbaramarketer.com/
Cookie: PHPSESSID=e83cbf41326e900bbf85f1a7513ca75b; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTM5Njg3NjA=:visited=true; cf:visitor_id=e705642f-f1ee-4d93-abbc-4005b7c67a1c; addevent_track_cookie=a3a04f9a-edce-4dec-1688-825dec320ffd; _ga=GA1.2.1864133196.1670011469; _gid=GA1.2.536896648.1670011469; _gat_gtag_UA_228679960_2=1; is_eu=false; fl3xglw4htdjzuie=true; 11988961_viewed_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:36 GMT
server: cloudflare
cf-ray: 7736ac2e38a90b49-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.57.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.57.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://barbaramarketer.com
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 20:04:29 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7736ac05383fb4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=ZlVoZmZUN1RnL05XeVFkOGhwbmNNZz09LS0xZUlqbGJUbHZMT2hqbUdQbEc4clRnPT0%3D--236775323ce7c73844685312382ee9dd8c8e885a&page_id=bnRteDBiUkVTZWx2ZkZYTUVzMjV3UT09LS1aTEhlUU1icFFQZDUyUFZhQUZwdjZRPT0%3D--2b5182bac5c410a19d8129daa3a0a4c4eb46ec6f&funnel_step_id=V1NhSWZrdDJRTnphL1N2V0RwamVIQT09LS1Sd0FobmdtRjBqTnpvNFByVmFQVFR3PT0%3D--a3125b4321e45eda4e881f1304369ad636c16ac4&user_id=aDFyVlE5eHI4RFdpSGhNUHpRRzdKdz09LS1PNzJkMVFWZUYxdmdMbUZSVnJML053PT0%3D--dacc95d4664261f0b6d87b96a73053e1f42d3813&account_id=R2xqSndJbmRPYi9RajF1RDErRnpSQT09LS1MSnVwR01RUW1NWG9FV0ZOUThUNVlnPT0%3D--5f86fb348f06092e001d2cceec987e1041961881&page_code=NTM5Njg3NjA%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=ec374b16-bcee-4077-a620-3fa8efe9ab85&url=https%3A%2F%2Fbarbaramarketer.com%2F
104.16.13.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=ZlVoZmZUN1RnL05XeVFkOGhwbmNNZz09LS0xZUlqbGJUbHZMT2hqbUdQbEc4clRnPT0%3D--236775323ce7c73844685312382ee9dd8c8e885a&page_id=bnRteDBiUkVTZWx2ZkZYTUVzMjV3UT09LS1aTEhlUU1icFFQZDUyUFZhQUZwdjZRPT0%3D--2b5182bac5c410a19d8129daa3a0a4c4eb46ec6f&funnel_step_id=V1NhSWZrdDJRTnphL1N2V0RwamVIQT09LS1Sd0FobmdtRjBqTnpvNFByVmFQVFR3PT0%3D--a3125b4321e45eda4e881f1304369ad636c16ac4&user_id=aDFyVlE5eHI4RFdpSGhNUHpRRzdKdz09LS1PNzJkMVFWZUYxdmdMbUZSVnJML053PT0%3D--dacc95d4664261f0b6d87b96a73053e1f42d3813&account_id=R2xqSndJbmRPYi9RajF1RDErRnpSQT09LS1MSnVwR01RUW1NWG9FV0ZOUThUNVlnPT0%3D--5f86fb348f06092e001d2cceec987e1041961881&page_code=NTM5Njg3NjA%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=ec374b16-bcee-4077-a620-3fa8efe9ab85&url=https%3A%2F%2Fbarbaramarketer.com%2F
IP 104.16.13.194:0
GET /userevents/?funnel_id=ZlVoZmZUN1RnL05XeVFkOGhwbmNNZz09LS0xZUlqbGJUbHZMT2hqbUdQbEc4clRnPT0%3D--236775323ce7c73844685312382ee9dd8c8e885a&page_id=bnRteDBiUkVTZWx2ZkZYTUVzMjV3UT09LS1aTEhlUU1icFFQZDUyUFZhQUZwdjZRPT0%3D--2b5182bac5c410a19d8129daa3a0a4c4eb46ec6f&funnel_step_id=V1NhSWZrdDJRTnphL1N2V0RwamVIQT09LS1Sd0FobmdtRjBqTnpvNFByVmFQVFR3PT0%3D--a3125b4321e45eda4e881f1304369ad636c16ac4&user_id=aDFyVlE5eHI4RFdpSGhNUHpRRzdKdz09LS1PNzJkMVFWZUYxdmdMbUZSVnJML053PT0%3D--dacc95d4664261f0b6d87b96a73053e1f42d3813&account_id=R2xqSndJbmRPYi9RajF1RDErRnpSQT09LS1MSnVwR01RUW1NWG9FV0ZOUThUNVlnPT0%3D--5f86fb348f06092e001d2cceec987e1041961881&page_code=NTM5Njg3NjA%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=ec374b16-bcee-4077-a620-3fa8efe9ab85&url=https%3A%2F%2Fbarbaramarketer.com%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://barbaramarketer.com
Connection: keep-alive
Referer: https://barbaramarketer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Fri, 02 Dec 2022 20:04:30 GMT
content-type: text/html
cf-ray: 7736ac095f101bfa-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 012d2a39cbd15efe675e47fc44cc1e64
x-runtime: 0.034906
set-cookie: __cf_bm=I8dNlFPlWPEjSRbsv2DqGNdzCI01DDVrVHVAshS8T78-1670011470-0-ARx9ntLkbwpIAwr9cdy4RG6ppiWuwX5CqJls5mzYBRfzXkwD6zQGQHAShu5nXZz0huMmOSh3bna8SEEgtNk6V1c6pln5rmSK8bOS68DmpKKT; path=/; expires=Fri, 02-Dec-22 20:34:30 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2