ocsp.pki.goog/gts1c3
471 B IP
Hash d735b1a27e58cd481576811ab9000475
af00a48b9ddc55f9dbebdd4a5c943c69dae5fecf
bf3291c99ab97cbeaef40f8491a0f3bd4c0c72626ff10e33a45f6477d69dad2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Jul 2023 01:51:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/alphasslcasha256g4
1.4 kB URL ocsp.globalsign.com/alphasslcasha256g4
IP
Hash b4fcb8c0ba1a7e62e21260572b487d3f
672831a0b9d5ee0963d6ea1c69260f84920eca44
f8e69d9a3c03ed369cabac81d55e7f8deeb71836f6e0cb23ee2518e6b0e574c1
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Jul 2023 01:51:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Sat, 22 Jul 2023 01:41:47 GMT
ETag: "672831a0b9d5ee0963d6ea1c69260f84920eca44"
Last-Modified: Tue, 18 Jul 2023 01:41:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7e8713e9a9061c02-OSL
adleadrperformance.com/?a=10&c=1900&s2=1108443920
302 Found 257 B URL User Request GET HTTP/1.1 adleadrperformance.com/?a=10&c=1900&s2=1108443920
IP
Certificate IssuerGlobalSign nv-sa
Subject*.adleadrperformance.com
Fingerprint47:97:B3:E4:4E:E7:B2:53:48:C5:87:09:B5:A5:E3:24:AC:C4:3A:D6
ValidityFri, 24 Feb 2023 05:04:48 GMT - Wed, 27 Mar 2024 05:04:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash e25f14a253dfbd6324afdb32f4ae4736
88b5bff9b0fb588c896c70f89b4c7f3f15921ca4
6f2247a160975900190566fe33e6e3bf54cdc5d1506811cad7edc04d4008a801
GET /?a=10&c=1900&s2=1108443920 HTTP/1.1
Host: adleadrperformance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b2ccoupons.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 257
Content-Type: text/html; charset=utf-8
Date: Tue, 18 Jul 2023 01:51:08 GMT
Location: https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=SzEVdGDgWDWzgTkAyw27YNnU+3wzDeunlGCA6hLStPYPf7rkrQ9ddQ==; domain=.adleadrperformance.com; path=/; SameSite=None; secure; HttpOnly
trk=dbO4J7f1fmpO4+CI38EtGdnU+3wzDeunlGCA6hLStPYPf7rkrQ9ddQ==; domain=.adleadrperformance.com; expires=Fri, 18-Jul-2025 01:51:08 GMT; path=/; SameSite=None; secure; HttpOnly
c356=SzEVdGDgWDVgSD8fl6lgTvYFSqLA/JAhaIwUg6V07Ic=; domain=.adleadrperformance.com; expires=Thu, 17-Aug-2023 01:51:07 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close
offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
200 OK 10 kB URL User Request GET HTTP/1.1 offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
IP
Certificate IssuerLet's Encrypt
Subjectoffers.propertyleadr.net
Fingerprint05:F4:14:BE:14:BE:14:DB:BF:23:86:FF:26:10:B8:56:FC:E6:F3:0C
ValidityThu, 06 Jul 2023 19:01:39 GMT - Wed, 04 Oct 2023 19:01:38 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11275)
Hash 1a00e38d0478b9e001e88b6db5afad0e
fea6dd196c3789ceead906c533ddcbba0d0cd17e
e084af674141b450736a0e7574dbecaa7d8f5b105851312be36f2b52e0385ad0
GET /opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO HTTP/1.1
Host: offers.propertyleadr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b2ccoupons.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 18 Jul 2023 01:51:08 GMT
content-type: text/html; charset=utf-8
content-length: 10309
set-cookie: ubvs=313eea7e-bd7a-46f6-b902-4492c6d539d0; Max-Age=15552000; Path=/; SameSite=Lax
ubvt=v2%7C313eea7e-bd7a-46f6-b902-4492c6d539d0%7C66a505f1-6d17-4f68-be87-839a5ca6d78d%3Aa%3Asingle; Max-Age=259200; Domain=propertyleadr.net; Path=/; SameSite=Lax
ubpv=a%2C66a505f1-6d17-4f68-be87-839a5ca6d78d; Max-Age=15897600; Path=/opulent-investments-the-glassworks/; SameSite=Lax
content-location: https://offers.propertyleadr.net/opulent-investments-the-glassworks/
etag: "a:313eea7ebd7a46f6b9024492c6d539d0"
link: <https://offers.propertyleadr.net/opulent-investments-the-glassworks/>; rel="canonical"
x-unbounce-pageid: 66a505f1-6d17-4f68-be87-839a5ca6d78d
x-unbounce-variant: a
x-unbounce-visitorid: 313eea7e-bd7a-46f6-b902-4492c6d539d0
content-encoding: gzip
x-proxy-backend: page-server
builder-assets.unbounce.com/published-css/main-7b78720.z.css
200 OK 2.9 kB URL GET HTTP/2 builder-assets.unbounce.com/published-css/main-7b78720.z.css
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subject*.unbounce.com
FingerprintE5:D6:5A:AB:8C:1B:70:75:D3:63:1E:35:7A:F5:A4:02:53:7F:60:A2
ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (15017)
Hash cd2292597f3290f1644e4575eb2f106f
aaf356b422538222cab2790e7bdb5975dbf63d3c
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
GET /published-css/main-7b78720.z.css HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-length: 2902
date: Sun, 18 Jun 2023 04:23:10 GMT
last-modified: Fri, 09 Jun 2023 20:13:54 GMT
etag: "1da7670281e151216991875a8a95b8e8"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: v7RHSjIEXjAcFjtPYXyCBMnxkUsZ1xP8
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fzB6NzEKUCuK9C2dA6lKnOLY9Oj1H75SuiEnesAFKyCk6rFQ_3p25Q==
age: 2582879
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/intlTelInput.css
200 OK 2.0 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/intlTelInput.css
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Hash a69aa970266649e0b08c2cb4bc166568
d9314a52085a2bb6d284421bb18a4c546ecb73d4
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
GET /ajax/libs/intl-tel-input/17.0.17/css/intlTelInput.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Jul 2023 01:51:08 GMT
content-type: text/css; charset=utf-8
content-length: 1970
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62956a21-7b2"
last-modified: Tue, 31 May 2022 01:06:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2174904
expires: Sun, 07 Jul 2024 01:51:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FXfMG0HVZMI2qoCW054y%2FTcyZYSvXhnAScsK9VUdMuTIZfKDWkX%2FYhsnG3qtE1CdP%2FGl48lKRdozXwfnw8IEO0TCcjRAoZCc7MvJws626wq6OCtRfXwMT3AGysN3WMmdj2MVkwq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7e8713ef9d72069b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/intlTelInput.min.js
200 OK 8.9 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/intlTelInput.min.js
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (26993)
Hash cf65dd0fd49650f9caea320ace13b9aa
70913ffa87c76bed2323b90c0484b49f5b3cb62d
6e1c3be98af0f5091cbe3e28e515bab230453f9d7c0b8e9d0282af12fd0bb5e1
GET /ajax/libs/intl-tel-input/17.0.17/js/intlTelInput.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Jul 2023 01:51:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 8923
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62956a21-22db"
last-modified: Tue, 31 May 2022 01:06:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3038731
expires: Sun, 07 Jul 2024 01:51:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1n8kOizwgN9%2Fr7LkUlzVEYpppSezH7VwtshHdbamGIrxavB9JS6YzzXhGLHhD0YzQJoxN0MsW9KJcrHvkkqHTCKoGmh33BTVWbPpv5ka%2F%2FccGHqw9l8sSwOhW6ClOcQTIizSSBrS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7e8713efad75069b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 36da66eeb343837199fb94616179fe38
9357b9e1ce14b27c75dbd5d8d843086b16b67666
1c40d5a7496db099434106afe85f027ca5c4ece974540fdf2a2eed64b23441e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Jul 2023 01:51:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
200 OK 31 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint00:46:38:24:3D:8A:B6:01:D5:90:72:EA:CB:F1:16:89:CD:E5:BB:09
ValidityMon, 19 Jun 2023 08:20:47 GMT - Mon, 11 Sep 2023 08:20:46 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 16 Jul 2023 16:41:39 GMT
expires: Mon, 15 Jul 2024 16:41:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 119369
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 36da66eeb343837199fb94616179fe38
9357b9e1ce14b27c75dbd5d8d843086b16b67666
1c40d5a7496db099434106afe85f027ca5c4ece974540fdf2a2eed64b23441e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Jul 2023 01:51:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/img/flags.png
68 kB URL GET cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/img/flags.png
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 3f2a61090de3cfa8a7547876234c9b77
ed2a4500b497eaeceb12ca9fb8183bce2dd19ebe
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
GET /ajax/libs/intl-tel-input/17.0.17/img/flags.png HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/intlTelInput.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 18 Jul 2023 01:51:08 GMT
content-type: image/png; charset=utf-8
content-length: 67650
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62956a21-10842"
last-modified: Tue, 31 May 2022 01:06:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3335977
expires: Sun, 07 Jul 2024 01:51:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cejZWdvS%2FHpJcxnr3vb4HS7A7%2BvIMsbX0auh%2BzeqdLjhWgFuep2JVoBvYzqT7VBya%2BMXaHNzwUxk4qsKSeU%2F6EaMf2OZ7%2Fk15Bs6Xfb18eE3x1HKFriPx2pwdJF0lq3QD9Dhv5Qk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7e8713f1286cb4fd-OSL
alt-svc: h3=":443"; ma=86400
ocsp.r2m01.amazontrust.com/
471 B URL ocsp.r2m01.amazontrust.com/
IP
Hash edcbe9962d62aa7486205baafed02244
2a3b005d88d8599314dcfde430c7b7c991b7599a
02d12f47a172f0f16b7532dcbd91272e7e8b07dd3a7e9b8362c16fd78f423495
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 18 Jul 2023 01:51:08 GMT
Last-Modified: Tue, 18 Jul 2023 00:08:29 GMT
Server: ECAcc (nya/7993)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ed9fvSw9jisYaWQzp4HyKqZoigV8bK6j8r7xf-HUtG8Lgh7TAE1g3w==
Age: 6160
ipinfo.io/?token=6d3626439c7bd0&callback=jQuery36006706878216228518_1689645060891&_=1689645060892
200 OK 796 B URL GET HTTP/2 ipinfo.io/?token=6d3626439c7bd0&callback=jQuery36006706878216228518_1689645060891&_=1689645060892
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerLet's Encrypt
Subjectipinfo.io
Fingerprint03:2C:03:08:0F:00:0D:18:39:9E:E1:CE:36:F7:E7:33:9C:F7:AC:D8
ValiditySun, 25 Jun 2023 09:10:26 GMT - Sat, 23 Sep 2023 09:10:25 GMT
File type gzip compressed data, from Unix\012- data
Hash 444832bfad615038b6c7ce11a63fe36e
5367e9948c3bf2f4dc298eec13a79d8bed2cab28
3826e75ca451dac26c4395dd8fb95b6cba0b242ba9384698d48f37421f02ab13
GET /?token=6d3626439c7bd0&callback=jQuery36006706878216228518_1689645060891&_=1689645060892 HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: text/javascript; charset=utf-8
date: Tue, 18 Jul 2023 01:51:09 GMT
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
200 OK 34 kB URL GET HTTP/2 builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subject*.unbounce.com
FingerprintE5:D6:5A:AB:8C:1B:70:75:D3:63:1E:35:7A:F5:A4:02:53:7F:60:A2
ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1fc134009855f7cff4f7a651d7590c0b
85244b16361e7ce32e85c445f711ad2f78492405
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
GET /published-js/main.bundle-85a7477.z.js HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 33747
date: Wed, 05 Jul 2023 03:30:19 GMT
last-modified: Fri, 30 Jun 2023 15:56:36 GMT
etag: "3daee324b2b17f6342299decfad7dcb7"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: Nn7DFpz6CxvAESvNdTmfuZVUJWFa4iHU
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O81_YystgXulx3Raptz6yEpnBREe4kUy5NxcZYx2yP1PlPy_bMHOjg==
age: 1117251
X-Firefox-Spdy: h2
d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799037
200 OK 1.9 kB URL GET HTTP/2 d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799037
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
Hash b130aaa89fc46a9fb78e6a001f037b91
509210e237cf57fa3856e4849613287ed0825ad8
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15
GET /ub.js?1687799037 HTTP/1.1
Host: d1wbjksx0xxdn3.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 1864
date: Mon, 26 Jun 2023 17:24:21 GMT
last-modified: Mon, 26 Jun 2023 16:59:10 GMT
etag: "118cee1e64f6b283233c55aee7da10da"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: DrDbRvFA9mO1umKMKkGWhgl31YCzXh7a
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jcRio7yu5SERHQgLCZaU9RuC8jxMlGJnZ7NJcZHL1pxnGhcZHsmYkA==
age: 1844809
X-Firefox-Spdy: h2
offers.propertyleadr.net/favicon.ico
404 Not Found 47 B URL GET HTTP/1.1 offers.propertyleadr.net/favicon.ico
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerLet's Encrypt
Subjectoffers.propertyleadr.net
Fingerprint05:F4:14:BE:14:BE:14:DB:BF:23:86:FF:26:10:B8:56:FC:E6:F3:0C
ValidityThu, 06 Jul 2023 19:01:39 GMT - Wed, 04 Oct 2023 19:01:38 GMT
File type ASCII text, with no line terminators
Hash f9ae9006943e3a67b95ca4c6c733b6d4
9f9e7a7e2602d29e4df8c38df6277ab37fb1b079
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457
GET /favicon.ico HTTP/1.1
Host: offers.propertyleadr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Cookie: ubvs=313eea7e-bd7a-46f6-b902-4492c6d539d0; ubvt=v2%7C313eea7e-bd7a-46f6-b902-4492c6d539d0%7C66a505f1-6d17-4f68-be87-839a5ca6d78d%3Aa%3Asingle
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
content-length: 47
content-type: text/plain; charset=utf-8
x-proxy-backend: content-gateway
d1wbjksx0xxdn3.cloudfront.net/sp-2.14.0.js
200 OK 30 kB URL GET HTTP/2 d1wbjksx0xxdn3.cloudfront.net/sp-2.14.0.js
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (64903)
Hash 576d9639026167dbd06e782da275395f
80fe249778e307981557c0fa707cb8f4c5cb20e3
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
GET /sp-2.14.0.js HTTP/1.1
Host: d1wbjksx0xxdn3.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 30399
date: Mon, 26 Jun 2023 17:20:26 GMT
last-modified: Mon, 26 Jun 2023 16:59:50 GMT
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: 0Jz2Bo4sfVFEftEdSoFX9n5OCEdIO6kj
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZXONup0X3RYXKTBdHst6dn6l7wS1uQC76O4bcg6DlbzZGu71sroiHg==
age: 1845044
X-Firefox-Spdy: h2
fonts.ub-assets.com/css?family=Roboto:regular,300,500,italic%7CLato:regular
200 OK 807 B URL GET HTTP/2 fonts.ub-assets.com/css?family=Roboto:regular,300,500,italic%7CLato:regular
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subjectfonts.ub-assets.com
FingerprintDA:B0:56:6C:D1:26:7A:FA:DF:C5:44:C6:5F:F3:C1:C4:69:F8:5B:B8
ValidityThu, 01 Jun 2023 00:00:00 GMT - Sat, 29 Jun 2024 23:59:59 GMT
Hash 26faa419adccf685e4a305c2ec67c72b
68bb0ee2a22afc71c42cc6d1beedee9e65550a42
58f1bfc08b36ae4e09259be7468d2767676a0c99871c769c8a3143481d5f34d0
GET /css?family=Roboto:regular,300,500,italic%7CLato:regular HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 807
date: Tue, 18 Jul 2023 01:51:09 GMT
x-amzn-requestid: cb22b2b2-fcbd-4d5e-aab7-9e2234d1f70a
x-xss-protection: 0
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-amz-apigw-id: IPJyLFHQIAMF5kA=
cache-control: private, max-age=86400
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-64b5f00d-64b05d7a1e1a4e67690da7bd
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: auo8uof3WzqErkbZL8Wu_L_L1vo0n1bl_H6V7aQvggqQgWWhO198Xg==
X-Firefox-Spdy: h2
fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subjectfonts.ub-assets.com
FingerprintDA:B0:56:6C:D1:26:7A:FA:DF:C5:44:C6:5F:F3:C1:C4:69:F8:5B:B8
ValidityThu, 01 Jun 2023 00:00:00 GMT - Sat, 29 Jun 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://offers.propertyleadr.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.ub-assets.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff2
content-length: 15740
date: Thu, 24 Nov 2022 09:03:12 GMT
x-amzn-requestid: eb32f326-3950-41dd-8488-d844929cbbba
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-xss-protection: 0
access-control-allow-origin: *
x-amzn-remapped-content-length: 15740
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: cGT0qFNKIAMFvMQ=
cache-control: public, max-age=31536000
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-637f3350-2d35c3414d8fb1bf5440d7b8
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gSKcmIR139Nfl7xf8k6ayAdgvLa3Af9_bVK9UMJrB4BH35osji63FA==
age: 20364476
X-Firefox-Spdy: h2
fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subjectfonts.ub-assets.com
FingerprintDA:B0:56:6C:D1:26:7A:FA:DF:C5:44:C6:5F:F3:C1:C4:69:F8:5B:B8
ValidityThu, 01 Jun 2023 00:00:00 GMT - Sat, 29 Jun 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /fonts/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://offers.propertyleadr.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.ub-assets.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff2
content-length: 15920
date: Thu, 24 Nov 2022 09:03:12 GMT
x-amzn-requestid: 7122c95e-5cb3-469f-bd22-75d9e84db194
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-xss-protection: 0
access-control-allow-origin: *
x-amzn-remapped-content-length: 15920
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: cGT0rGRVIAMFWkA=
cache-control: public, max-age=31536000
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-637f3350-5bc4e75e0c749a0b43996567
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jc-Q64nEuBrJGKUrOwQlAEIC_dwDenosjl27sG166XDzS4V9DQPN1g==
age: 20364476
X-Firefox-Spdy: h2
fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subjectfonts.ub-assets.com
FingerprintDA:B0:56:6C:D1:26:7A:FA:DF:C5:44:C6:5F:F3:C1:C4:69:F8:5B:B8
ValidityThu, 01 Jun 2023 00:00:00 GMT - Sat, 29 Jun 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://offers.propertyleadr.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.ub-assets.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff2
content-length: 15744
date: Thu, 09 Feb 2023 21:22:28 GMT
x-amzn-requestid: 8925fb09-f12c-41c4-b894-90863074e52d
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-xss-protection: 0
access-control-allow-origin: *
x-amzn-remapped-content-length: 15744
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: AFyTLFb-oAMF_og=
cache-control: public, max-age=31536000
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-63e56414-21d7d0aa0baae5446cdbee01
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WEl2OFaMssWFXGWf7VjauFefSgCFexcYN1ZdHWy7vOVboLmkWJmKXg==
age: 13667321
X-Firefox-Spdy: h2
fonts.ub-assets.com/fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL GET HTTP/2 fonts.ub-assets.com/fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subjectfonts.ub-assets.com
FingerprintDA:B0:56:6C:D1:26:7A:FA:DF:C5:44:C6:5F:F3:C1:C4:69:F8:5B:B8
ValidityThu, 01 Jun 2023 00:00:00 GMT - Sat, 29 Jun 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://offers.propertyleadr.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.ub-assets.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff2
content-length: 23580
date: Thu, 01 Jun 2023 00:54:26 GMT
x-amzn-requestid: 36e1a989-b82e-4959-b79f-11bdec3e302a
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-xss-protection: 0
access-control-allow-origin: *
x-amzn-remapped-content-length: 23580
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: F0HacFtBIAMFXAA=
cache-control: public, max-age=31536000
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6477ec42-239baf683fdfb9fe04866afa
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uWnVnKdfrh9d_0q4kPW91sbg9jxSHp4CkvCkQtk_RiC54CNlUFOJyQ==
age: 4064203
X-Firefox-Spdy: h2
fonts.ub-assets.com/fonts/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
200 OK 17 kB URL GET HTTP/2 fonts.ub-assets.com/fonts/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subjectfonts.ub-assets.com
FingerprintDA:B0:56:6C:D1:26:7A:FA:DF:C5:44:C6:5F:F3:C1:C4:69:F8:5B:B8
ValidityThu, 01 Jun 2023 00:00:00 GMT - Sat, 29 Jun 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /fonts/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://offers.propertyleadr.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.ub-assets.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff2
content-length: 17368
date: Tue, 04 Apr 2023 04:39:10 GMT
x-amzn-requestid: 74148eba-ed7e-4942-9105-78f2b2c741b9
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-xss-protection: 0
access-control-allow-origin: *
x-amzn-remapped-content-length: 17368
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: C1d9XGHIoAMFyDA=
cache-control: public, max-age=31536000
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-642ba9ee-07bf6d211b8a30184b32cba9
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k2lb6f8AGcXlWE0UeY-88l9WzP2eW9udfMwnK3TwC4r7g6_ybdmCsA==
age: 9061919
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
471 B URL ocsp.r2m01.amazontrust.com/
IP
Hash b8958f61bda7cbc0a38c8bf4b98396ce
ce89a9467144e6f86fb8a705569f33b1899bbeeb
d652fc6f3880d571cddceadd176f9d64491d9461fc9afb0fc0cbd7c2e4e173cf
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 18 Jul 2023 01:51:09 GMT
Last-Modified: Tue, 18 Jul 2023 01:31:06 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: srTrvAyNSv8WcKXuxiolUJb7WQ3WdgMSdvJdZ85x47NPZX38miMLKw==
Age: 1203
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/opulent-investments-the-glassworks/6e15abc9-opulent-investments-logo-2_1000000000000000000028.png
200 OK 2.1 kB URL GET HTTP/2 d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/opulent-investments-the-glassworks/6e15abc9-opulent-investments-logo-2_1000000000000000000028.png
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type PNG image data, 209 x 86, 8-bit colormap, non-interlaced\012- data
Hash 571a094adc0f08c3ce12faab6abe8b42
ef5e7d1776873b5487650290cbe19cc0a0a8c3d5
33d81dc1a3a2d31dd2b9de90b6b795352afcbc4977988b0def38c53823a35b96
GET /offers.propertyleadr.net/opulent-investments-the-glassworks/6e15abc9-opulent-investments-logo-2_1000000000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2137
date: Tue, 18 Jul 2023 01:51:10 GMT
last-modified: Wed, 31 May 2023 14:38:03 GMT
etag: "571a094adc0f08c3ce12faab6abe8b42"
x-amz-server-side-encryption: AES256
cache-control: max-age=31557600
x-amz-version-id: yi9pHIDO.fVYsZw_0svIAJfiya47YlKn
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zrvHDHYJHqTs9bZHF0oLSdDGzS86o_U9RBtVE8YVU5BVgZjbTpcx1w==
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/opulent-investments-the-glassworks/548cb746-opulent-investments-the-glassworks-mortgages_103c03c000000000000028.png
200 OK 3.7 kB URL GET HTTP/2 d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/opulent-investments-the-glassworks/548cb746-opulent-investments-the-glassworks-mortgages_103c03c000000000000028.png
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 527127612c2e41127a8ea3dd7dcb540a
b3f50823fca6685b47ab4c571914b191c9bd3bea
b6ce90a1346a44b081a38559ec1462c1163e269f1ea54beb98de65aefc75a881
GET /offers.propertyleadr.net/opulent-investments-the-glassworks/548cb746-opulent-investments-the-glassworks-mortgages_103c03c000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3693
date: Tue, 18 Jul 2023 01:51:10 GMT
last-modified: Wed, 31 May 2023 14:38:03 GMT
etag: "527127612c2e41127a8ea3dd7dcb540a"
x-amz-server-side-encryption: AES256
cache-control: max-age=31557600
x-amz-version-id: nF_pGUTO4fKsMpy3aQVpqxW0l6YxUloe
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kAEgbBt3F5vJM03aEGiWQKJxUfrImZm_uoRhtU08TeVrkkoF4tIfbw==
X-Firefox-Spdy: h2
events.ub-analytics.com/i?stm=1689645061548&e=pv&url=https%3A%2F%2Foffers.propertyleadr.net%2Fopulent-investments-the-glassworks%2F%3Faffiliate_id%3D10%26sub_id%3D%26ckm_request_id%3D124478902%26country%3DNO&refr=https%3A%2F%2Fb2ccoupons.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1280x1024&cd=24&eid=c42aa001-734d-43ea-b21e-bb978a07c8ff&dtm=1689645061546&vp=1280x1024&ds=1280x1323&vid=1&sid=12f75118-ca51-48e1-a927-2591a88df188&duid=8c042b2c-75d9-4059-92bd-0e45800d9456&uid=313eea7e-bd7a-46f6-b902-4492c6d539d0&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNjZhNTA1ZjEtNmQxNy00ZjY4LWJlODctODM5YTVjYTZkNzhkIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
200 OK 43 B URL GET HTTP/2 events.ub-analytics.com/i?stm=1689645061548&e=pv&url=https%3A%2F%2Foffers.propertyleadr.net%2Fopulent-investments-the-glassworks%2F%3Faffiliate_id%3D10%26sub_id%3D%26ckm_request_id%3D124478902%26country%3DNO&refr=https%3A%2F%2Fb2ccoupons.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1280x1024&cd=24&eid=c42aa001-734d-43ea-b21e-bb978a07c8ff&dtm=1689645061546&vp=1280x1024&ds=1280x1323&vid=1&sid=12f75118-ca51-48e1-a927-2591a88df188&duid=8c042b2c-75d9-4059-92bd-0e45800d9456&uid=313eea7e-bd7a-46f6-b902-4492c6d539d0&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNjZhNTA1ZjEtNmQxNy00ZjY4LWJlODctODM5YTVjYTZkNzhkIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subject*.ub-analytics.com
Fingerprint96:6D:96:00:51:EE:2C:8B:1E:81:F1:41:D7:96:5F:50:46:50:94:67
ValiditySat, 11 Mar 2023 00:00:00 GMT - Mon, 08 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /i?stm=1689645061548&e=pv&url=https%3A%2F%2Foffers.propertyleadr.net%2Fopulent-investments-the-glassworks%2F%3Faffiliate_id%3D10%26sub_id%3D%26ckm_request_id%3D124478902%26country%3DNO&refr=https%3A%2F%2Fb2ccoupons.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1280x1024&cd=24&eid=c42aa001-734d-43ea-b21e-bb978a07c8ff&dtm=1689645061546&vp=1280x1024&ds=1280x1323&vid=1&sid=12f75118-ca51-48e1-a927-2591a88df188&duid=8c042b2c-75d9-4059-92bd-0e45800d9456&uid=313eea7e-bd7a-46f6-b902-4492c6d539d0&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNjZhNTA1ZjEtNmQxNy00ZjY4LWJlODctODM5YTVjYTZkNzhkIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19 HTTP/1.1
Host: events.ub-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Jul 2023 01:51:10 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
server: akka-http/10.2.9
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/opulent-investments-the-glassworks/a8491af4-opulent-investments-the-glassworks-completing_103c03c000000000000028.png
200 OK 3.6 kB URL GET HTTP/2 d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/opulent-investments-the-glassworks/a8491af4-opulent-investments-the-glassworks-completing_103c03c000000000000028.png
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 365d64e3e1306772817dcb5a84320855
a8e91b266c19dc2ab3b7e4a7b158286f130330c0
04d3e76647f04979c67b600f23a51f7673c3b56e3859e59d270bebd486bbf2d0
GET /offers.propertyleadr.net/opulent-investments-the-glassworks/a8491af4-opulent-investments-the-glassworks-completing_103c03c000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3600
date: Tue, 18 Jul 2023 01:51:10 GMT
last-modified: Wed, 31 May 2023 14:38:03 GMT
etag: "365d64e3e1306772817dcb5a84320855"
x-amz-server-side-encryption: AES256
cache-control: max-age=31557600
x-amz-version-id: LkSUzuUVlLtZuhy.KwcQ98Hlz0hvnMid
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KFqz2dMnE44Yx_103rAKgnf79KgCl04XqUbv3_3c24Mfu2FFf8-Ctg==
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/opulent-investments-the-glassworks/b9bfdd36-opulent-investments-the-glassworks-7-percent_103c03c000000000000028.png
200 OK 3.4 kB URL GET HTTP/2 d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/opulent-investments-the-glassworks/b9bfdd36-opulent-investments-the-glassworks-7-percent_103c03c000000000000028.png
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash fbf8ececc1cc5d046807f8030a6e444e
cb5f5083d6c1a6cc5b2a7d3267933002579276f9
2ce247f52d31740f98b8fe591e98521ea745e7ab8188c0bb541153d304aa511c
GET /offers.propertyleadr.net/opulent-investments-the-glassworks/b9bfdd36-opulent-investments-the-glassworks-7-percent_103c03c000000000000028.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3361
date: Tue, 18 Jul 2023 01:51:10 GMT
last-modified: Wed, 31 May 2023 14:38:03 GMT
etag: "fbf8ececc1cc5d046807f8030a6e444e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31557600
x-amz-version-id: PU9ridTbXvF.h8qKBcfV1idQHiJKVqlp
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2yjT_-hSx_xca4wF6YhK7PUq2yApIDfSkr5OrzFSpLv0b465Y0T7OA==
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/opulent-investments-the-glassworks/01068ff7-opulent-investments-the-glassworks-exterior_10h60bf00000000000001o.jpeg
200 OK 44 kB URL GET HTTP/2 d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/opulent-investments-the-glassworks/01068ff7-opulent-investments-the-glassworks-exterior_10h60bf00000000000001o.jpeg
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 618x411, components 3\012- data
Hash 6277db205f70d77885b8ab2f9f1bee6a
bec8e8826568f09d099e47f8b6dc3ca37c2efea7
8ac6ea6202b9db9cee5dcea59f3d633ea30ffabe20703d8d12729c5ff6275cec
GET /offers.propertyleadr.net/opulent-investments-the-glassworks/01068ff7-opulent-investments-the-glassworks-exterior_10h60bf00000000000001o.jpeg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 43799
date: Tue, 18 Jul 2023 01:51:10 GMT
last-modified: Wed, 31 May 2023 14:38:03 GMT
etag: "6277db205f70d77885b8ab2f9f1bee6a"
x-amz-server-side-encryption: AES256
cache-control: max-age=31557600
x-amz-version-id: qsOzW.jKQY7CZX_RMpGs0InBNXiaN2Wy
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 89K9P8QD8MaZf5YLVvaiZ8RZNnexx8zZmYzjEIlxwvzgEFHSV64LnA==
X-Firefox-Spdy: h2
script.anura.io/request.js?instance=3552465468&source=10-&campaign=356&callback=anuraCallbackFunction&562756835718
200 OK 66 kB URL GET HTTP/2 script.anura.io/request.js?instance=3552465468&source=10-&campaign=356&callback=anuraCallbackFunction&562756835718
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subjectscript.anura.io
Fingerprint00:49:D0:33:40:DB:54:FC:F3:AC:1E:42:4F:49:8F:4B:46:5A:A8:66
ValidityMon, 12 Jun 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 17fc3f846d16ef50a3ba2245916278a3
8b01703ff416407a043e581e04dc5a39d82f8b2c
4ef1cdfd199d2363990f2faa60ebbb52021f64558c35c93bf6eb3d1f50344539
GET /request.js?instance=3552465468&source=10-&campaign=356&callback=anuraCallbackFunction&562756835718 HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Jul 2023 01:51:09 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ads.anura.io/showads.js?683219231828
200 OK 0 B URL GET HTTP/2 ads.anura.io/showads.js?683219231828
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subjectads.anura.io
Fingerprint69:66:FA:26:E2:E4:89:00:9A:F7:DE:2C:F6:5A:C2:B9:58:04:5D:E6
ValidityTue, 30 May 2023 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /showads.js?683219231828 HTTP/1.1
Host: ads.anura.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://offers.propertyleadr.net
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 17 Jul 2023 19:23:12 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sEGx4zVuqJJg8dFaRT3rcLUoQyqWg37AfaOHBh3zR7QEYb76ZtpoIA==
age: 23278
X-Firefox-Spdy: h2
script.anura.io/response.json
200 OK 52 B URL POST HTTP/2 script.anura.io/response.json
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subjectscript.anura.io
Fingerprint00:49:D0:33:40:DB:54:FC:F3:AC:1E:42:4F:49:8F:4B:46:5A:A8:66
ValidityMon, 12 Jun 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 50800040a88154b7d4c26bacb3114a8d
758f729240f3c6507bcd8db7b145eab63e536e95
df210774bed298d0249c22ece0c5ad3e9c9c7bf3d4c9c5e2bdced419a8c675d1
POST /response.json HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4965
Origin: https://offers.propertyleadr.net
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Jul 2023 01:51:10 GMT
content-type: application/json; charset=utf-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/utils.min.js?1638200991544
200 OK 248 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/utils.min.js?1638200991544
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Size 248 kB (248420 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ajax/libs/intl-tel-input/17.0.17/js/utils.min.js?1638200991544 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 18 Jul 2023 01:51:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 45533
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62956a21-b1dd"
last-modified: Tue, 31 May 2022 01:06:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4859107
expires: Sun, 07 Jul 2024 01:51:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZ4ENcfsCrwJF6aJuti96nI3jKrWNT69V4hcgfIyJGyb53L8PR5UMh803ZsZT%2FHCAX977t5hRzhrMTsbnDLcAAQU2LfP6%2B%2Bg9zoV7AcgfcVReLptzXUw6trZCifLUUPa%2Fiop%2FyrB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7e8713f8ef8ab4fd-OSL
alt-svc: h3=":443"; ma=86400
script.anura.io/result.json
200 OK 41 B URL POST HTTP/2 script.anura.io/result.json
IP
Requested by https://offers.propertyleadr.net/opulent-investments-the-glassworks/?affiliate_id=10&sub_id=&ckm_request_id=124478902&country=NO
Certificate IssuerAmazon
Subjectscript.anura.io
Fingerprint00:49:D0:33:40:DB:54:FC:F3:AC:1E:42:4F:49:8F:4B:46:5A:A8:66
ValidityMon, 12 Jun 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 2f767f31b2150618192cf6b596a12960
0eae31ac26023373a8042db0a649e7445f607813
f4e22b830612399a72a190d9a2acd795b82d638602cc2d65eec79c08e9d4abd3
POST /result.json HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 66
Origin: https://offers.propertyleadr.net
DNT: 1
Connection: keep-alive
Referer: https://offers.propertyleadr.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 18 Jul 2023 01:51:10 GMT
content-type: application/json; charset=utf-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
172.67.130.70
104.17.24.14
3.11.26.20
54.229.43.107
3.69.136.55