safe.secretfindertoday.com/campaigns/lj544c8mcx357/track-url/dy806lsj7q32c/c6ed556b92f54f1ff08a6a0f70e88d4e7ec80b7e
65.21.197.40301 Moved Permanently 0 B URL HTTP/1.1 safe.secretfindertoday.com/campaigns/lj544c8mcx357/track-url/dy806lsj7q32c/c6ed556b92f54f1ff08a6a0f70e88d4e7ec80b7e
IP 65.21.197.40:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /campaigns/lj544c8mcx357/track-url/dy806lsj7q32c/c6ed556b92f54f1ff08a6a0f70e88d4e7ec80b7e HTTP/1.1
Host: safe.secretfindertoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 21 Sep 2022 04:40:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Wed, 21 Sep 2022 04:40:13 GMT
Location: https://link.rapidpockets.com/go/trump
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 04:13:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5oL-e1hLxFQ2rmbHFWpj2p0shVup4BN6RDOE4Qrw4_B8Xwg0nTAtvw==
Age: 1601
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10733
Expires: Wed, 21 Sep 2022 07:39:06 GMT
Date: Wed, 21 Sep 2022 04:40:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SOpvG6Ch2EVpcHdFI6xUEan3kpnq6PU4SfBvPQC9jpBzlLmOrD88uA==
age: 300
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 04:40:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.comodoca.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 661174530d3ae76d600edaf720fdf04c
8c265fe543ded05eb268acd25d894fa17e9b9588
ef383cc84eec2a8ec30e419b88b92da8c42bc6e2d3fbee887463a00a905f5ad2
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:40:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 22:18:24 GMT
Expires: Tue, 27 Sep 2022 22:18:23 GMT
Etag: "8c265fe543ded05eb268acd25d894fa17e9b9588"
Cache-Control: max-age=581289,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e01f1d5fe9b50f-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 04:03:22 GMT
Expires: Wed, 21 Sep 2022 04:37:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cHXLsrJpnPIC-Vo9sjYX7DnNIbFGGGKx3f2FoB8iPkm146u-MCohaw==
Age: 2211
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4641
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:40:13 GMT
Last-Modified: Wed, 21 Sep 2022 03:22:52 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
link.rapidpockets.com/go/trump
144.208.71.125301 Moved Permanently 249 B URL HTTP/2 link.rapidpockets.com/go/trump
IP 144.208.71.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 16192d92a06c96afab57369202f44cae
eae3a5c7e0eb0168858fbe6dbc4bea04196c09a7
814a50aedd1f8cf138b353c192437d7dbb2ed77d1f934b08c9f22314be5a1b85
GET /go/trump HTTP/1.1
Host: link.rapidpockets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx/1.21.6
date: Wed, 21 Sep 2022 04:40:13 GMT
content-type: text/html; charset=iso-8859-1
content-length: 249
location: https://click.socialuplifted.com/go/trump
x-proxy-cache: DISABLED
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1q/YPw66rleKgJMaWqfgFA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WrGrXabDLScqbtxyHqXnGSa7Q7Q=
ocsp.comodoca.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ba36a9928b1acc2c22890eb7fe403ca3
549b7e6afd57065c6c6aed42975099d6dea02643
0643a55cdbc8acfb27f4ca87ab84f785c183e9fa13cf68f107d723d34b9691b4
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:40:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 20:22:05 GMT
Expires: Tue, 27 Sep 2022 20:22:04 GMT
Etag: "549b7e6afd57065c6c6aed42975099d6dea02643"
Cache-Control: max-age=574309,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e01f21fb5eb50f-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13483
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 04:40:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13483
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 04:40:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13483
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 04:40:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92f202bddcfee6efac41bcc25be5745
9d297544318ff34f839678d8b358290ab6bd62a8
f471aaff7c08c60905cff5b1c9d4b669a3179574493d23d27e681110688af6b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: 69e8f4d4-2360-4124-a9e9-9cce3dd43da7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0NWEgmIAMFusQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a33ee-0f4861c226117d70664b8612;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kj4FQUvvo13Yrwu_bKqee64IMn6X0UXlOJQ3fh40qejOi-3dtCrEYg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:55:57 GMT
age: 24258
etag: "9d297544318ff34f839678d8b358290ab6bd62a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:21:54 GMT
age: 22701
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hDCOWNm2vFa9h7BffUJwcwZ6i27jM2qBuSTasH9q_wsQ9oNWhVpQCg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:47:24 GMT
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
age: 24771
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febae4a05-492e-4ab9-a79b-7e3f27cfc01e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febae4a05-492e-4ab9-a79b-7e3f27cfc01e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cb692de2fcf108bf060af0b9599869f
443706b089783f7a16d4b001948a141a83ace053
06bedf63121d961420176535071c3a98d39e1d4586acb734d00ad80ce2b291ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febae4a05-492e-4ab9-a79b-7e3f27cfc01e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6904
x-amzn-requestid: 1c4e2685-d06f-45fc-ab93-8678905f3804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwcI5HuLoAMFoRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329a705-099ce127249e148456270c11;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 11:41:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sRlJblY5obOlucutG9WQ_WPl5QGdA-0XsxIkHGkShaHvezNeqwGrkw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:37:39 GMT
age: 25356
etag: "443706b089783f7a16d4b001948a141a83ace053"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1002d7b2-c264-4e0d-a7db-a4c5299eda73.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1002d7b2-c264-4e0d-a7db-a4c5299eda73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c523ffabe9e2288c7e6951ba0bc4c5d1
0d93de1e5f6a5c64116accbd61d003c349664483
b509944b3e30e23d3983a52e30ce228c29a0d821720794555863f97286d8c70c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1002d7b2-c264-4e0d-a7db-a4c5299eda73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4296
x-amzn-requestid: c85bf15a-42ec-48d0-a8c6-72be1c66f0af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7VTGWMoAMF3fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257288-0396631418a153b5719363f6;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:08:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GpNFRpRcL5wLzPbd0GwW7BWYBDH9q-tEuECtoxDAD4RJmphpia8S5g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:41:42 GMT
age: 21513
etag: "0d93de1e5f6a5c64116accbd61d003c349664483"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273857c4-a36e-4755-b3c4-1ff5fcd3d260.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273857c4-a36e-4755-b3c4-1ff5fcd3d260.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4a275a6a20ad8a21f49b3ed73098126
5dfdf9835782ef3825a45bfcc7f38dfe3a754df0
933a6d502e92d7320ad9f3204c768b0d7d757f136d4c9c130e418e74a36dde06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273857c4-a36e-4755-b3c4-1ff5fcd3d260.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11440
x-amzn-requestid: eda42fc3-bfca-4c15-856f-fae709e79c4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvZ5EcDIAMF9lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c3f-3ae1bd425e29e23c2ee71933;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Y5QhJH7dOsTpV4mdGHuK_xaJJRUvV8JzDgcmBoqtvnTiLlTp38Nbug==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:47:34 GMT
age: 24761
etag: "5dfdf9835782ef3825a45bfcc7f38dfe3a754df0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
click.socialuplifted.com/go/trump
144.208.71.125307 Temporary Redirect 0 B URL HTTP/2 click.socialuplifted.com/go/trump
IP 144.208.71.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/trump HTTP/1.1
Host: click.socialuplifted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
server: nginx/1.21.6
date: Wed, 21 Sep 2022 04:40:15 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-robots-tag: noindex, nofollow, sponsored
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro Developer 3.2.4 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_136=go%2Ftrump; expires=Fri, 21-Oct-2022 04:40:15 GMT; Max-Age=2592000; path=/
prli_visitor=632a95af127b1; expires=Thu, 21-Sep-2023 04:40:15 GMT; Max-Age=31536000; path=/
location: https://5dea0ub1cz3u1m1bjfqyjcqu6o.hop.clickbank.net
x-proxy-cache: MISS
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash eb2c0c851c15e08f5c159afb95fbb0cb
5efa7e6ed1700e387acbfaa120ada3e245f5e40f
d3911691644207f957bf5e1e883f16aa76bc6d62b1921a3771a3a855b5058fcd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 04:40:16 GMT
Last-Modified: Wed, 21 Sep 2022 04:03:13 GMT
Server: ECS (dcb/7F37)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bXdL3qliF_yf7sXgrXOQ-RcIAvnnmvDQ0qWCo-Vvlj9C-8k_VDbc5g==
Age: 2223
5dea0ub1cz3u1m1bjfqyjcqu6o.hop.clickbank.net/
44.240.181.170307 Temporary Redirect 0 B URL HTTP/2 5dea0ub1cz3u1m1bjfqyjcqu6o.hop.clickbank.net/
IP 44.240.181.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 5dea0ub1cz3u1m1bjfqyjcqu6o.hop.clickbank.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
date: Wed, 21 Sep 2022 04:40:16 GMT
content-length: 0
location: https://www.vipgoldenbucks.com/home?hop=73787
set-cookie: q=01.6FEEB976B526EC689B12B4734D8FC0831D671641B2460F5F7E161E4358D5127F125652A93DCC7CB73ED85573FCCC40A4DAF40293; Path=/; Domain=.clickbank.net; Max-Age=15552000; Expires=Mon, 20 Mar 2023 04:40:16 GMT
p=RJLfC6B4B47KD1L3r5AcVC1i0N9vEgBoQBsN_IquDxTEDbM5xgtl2sUThQnhsvdjKd_AFRroDENn4Ekqx3i2dM9wGiWLQlhpD2miXAE0OHTiKObKTbC4koxFqZAK6XWxlIUgG0NAujmaF-6ij9H-oxEnwPs-m-NgUzbay_KDhDRuNCiFFR0jkXttwpzU3uRDP7xONg%3D%3D; Path=/; Domain=.clickbank.net; Max-Age=15552000; Expires=Mon, 20 Mar 2023 04:40:16 GMT
server-timing: traceparent;desc="00-5b6efc016d212916e649c6c7c4d11aa3-2a7d9320dc998662-01"
access-control-expose-headers: Server-Timing
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:40:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:40:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
172.64.132.15200 OK 4.7 kB URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (26440)
Hash 517b469a361ec48d1d008ee765b49511
b60acba39ed8d8d9f8ca834a405b71cb48426125
69c5db51b9e57a9144ef9732acf0f67aa140a6707354938ade70856d95ec0cba
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:16 GMT
content-type: text/css
x-amz-id-2: lj0FvMnfC9mptRM/Gd0lw9lT7Zj4wo+oaxaEYLcDnZaRJXq3Oc/kbTmcEwen2MxXaG9FhyIrGnI=
x-amz-request-id: 9D38DJ2PTJVFVSCR
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28473472
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhHrIHW%2FIGBZBe4oMGV3mK0sltKRvSGArWZUx7GJFnPCyLb%2BhDnMA9yQ7DZLXJn5geWs4yXRWKYz80QhHR%2BPNrsvu4HlrHFaEG3PLUoJS1INLedRwEUZgYU%2B%2BTOW11kXRS4WTYPp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e01f30fc047765-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/hosted/images/b7/4825986a3a4807a0ba0710c0873000/bill-transparent.png
104.16.12.194200 OK 768 kB URL HTTP/2 www.vipgoldenbucks.com/hosted/images/b7/4825986a3a4807a0ba0710c0873000/bill-transparent.png
IP 104.16.12.194:0
File type PNG image data, 1819 x 768, 8-bit colormap, non-interlaced\012- data
Size 768 kB (768120 bytes)
Hash 7ab292c8dde0bf79a8427e78ea492c05
20f5526a140e4c32952f7404d40dc9f4c194e086
b4872b95f922915db5ba5e33c738b5cc34c26f40a0ed771dca80f872c7767b73
GET /hosted/images/b7/4825986a3a4807a0ba0710c0873000/bill-transparent.png HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:16 GMT
content-type: image/png
content-length: 768120
cf-ray: 74e01f307d240af6-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "7ab292c8dde0bf79a8427e78ea492c05"
last-modified: Mon, 25 Jul 2022 14:00:05 GMT
cf-cache-status: MISS
x-amz-cf-pop: SOF50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 7b1ad04fdc0d3fa645b757828da49c94
4f56c9cffd481b5bf6a949cb3be75d25d15527a1
6e125c80fcbc4b7774d66d4f014e417c5619ef3b2b31b0b6b2816d12118396cb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 04:40:17 GMT
Last-Modified: Wed, 21 Sep 2022 03:00:41 GMT
Server: ECS (dcb/7F3B)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8zIKhv9jljBazYZ-kaB7j_UWjPdGdCfbfwvmcaRQNxH8d3ijYGUS7A==
Age: 5976
cbtb.clickbank.net/?vendor=magabill
52.33.226.99200 OK 938 B URL HTTP/2 cbtb.clickbank.net/?vendor=magabill
IP 52.33.226.99:0
File type ASCII text, with very long lines (938), with no line terminators
Hash a512b3bf536e5feec7dd291fbd6d95b3
21ebc681f6abde8fff6c2cdd1b058af6ac7b9f76
3cc3ba395cb263c958b41891816fd2326420ba9266123c1777ae661f38b8665a
GET /?vendor=magabill HTTP/1.1
Host: cbtb.clickbank.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:17 GMT
content-type: text/javascript;charset=UTF-8
content-length: 938
set-cookie: AWSALB=xCqbaEAUQudluvDML7wYTV/MkIRIapfRr7ktt3r/f1ETqvmpb7XFJQYE50dGp5g+a8YmccmBjfn/WrecYQ7vICIATbW+yRnpfsEKbCg4sK5MLRGmNGMupw9XhyDL; Expires=Wed, 28 Sep 2022 04:40:17 GMT; Path=/
AWSALBCORS=xCqbaEAUQudluvDML7wYTV/MkIRIapfRr7ktt3r/f1ETqvmpb7XFJQYE50dGp5g+a8YmccmBjfn/WrecYQ7vICIATbW+yRnpfsEKbCg4sK5MLRGmNGMupw9XhyDL; Expires=Wed, 28 Sep 2022 04:40:17 GMT; Path=/; SameSite=None; Secure
server: Apache
cache-control: max-age=900
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/fredokaone/v13/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/fredokaone/v13/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15596, version 1.0\012- data
Hash 72bb194f7e275c92ecf5536060952844
a7419d2e8b92cbc5f89c3c03771f45c4f632964c
e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769
GET /s/fredokaone/v13/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vipgoldenbucks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 21:54:46 GMT
expires: Fri, 15 Sep 2023 21:54:46 GMT
cache-control: public, max-age=31536000
age: 456331
last-modified: Thu, 21 Apr 2022 16:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vipgoldenbucks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 551169
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vipgoldenbucks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 551169
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vipgoldenbucks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:32:09 GMT
expires: Thu, 14 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 551288
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/hosted/images/1a/ba0eaa4ffe4351be97bb5201545ee9/bg.png
104.16.12.194200 OK 654 kB URL HTTP/2 www.vipgoldenbucks.com/hosted/images/1a/ba0eaa4ffe4351be97bb5201545ee9/bg.png
IP 104.16.12.194:0
File type PNG image data, 1200 x 1200, 8-bit colormap, non-interlaced\012- data
Size 654 kB (653605 bytes)
Hash 85594fdc68eb1fb3003ce9b958a2400f
26d388ce206c3fe833ca7cd1ce15ce313e8fd1c7
80ec63d0fdbc9560caaaaf25cc81ae2c46450ba4f352a0300be8bbac63baa952
GET /hosted/images/1a/ba0eaa4ffe4351be97bb5201545ee9/bg.png HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:17 GMT
content-type: image/png
content-length: 653605
cf-ray: 74e01f351f710af6-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "85594fdc68eb1fb3003ce9b958a2400f"
last-modified: Tue, 26 Jul 2022 11:36:09 GMT
cf-cache-status: MISS
x-amz-cf-pop: SOF50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2saw6je89goi1.cloudfront.net/uploads/digital_asset/file/1043103/vip-bucks-icon.png
143.204.42.23200 OK 69 kB URL HTTP/2 d2saw6je89goi1.cloudfront.net/uploads/digital_asset/file/1043103/vip-bucks-icon.png
IP 143.204.42.23:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash cd8f50c6763377be558d1c5fc17f5b0b
1f2a3442000a487385819ee29d8bb2d66255e4a7
b944880556047cc70556bdfc34d89a695efb7dad2ed1e978ad3e096c2776d2a0
GET /uploads/digital_asset/file/1043103/vip-bucks-icon.png HTTP/1.1
Host: d2saw6je89goi1.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 69175
date: Sun, 28 Aug 2022 03:39:51 GMT
last-modified: Mon, 25 Jul 2022 15:30:16 GMT
etag: "cd8f50c6763377be558d1c5fc17f5b0b"
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M8VyHTG-ZkbOOUWiAppnWwpKf3R3pBO4pgnp3iqn0-QrQ992XNdwpA==
age: 2077228
X-Firefox-Spdy: h2
assets.clickfunnels.com/images/closemodal.png
104.16.13.194200 OK 672 B URL HTTP/2 assets.clickfunnels.com/images/closemodal.png
IP 104.16.13.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 19754ed4d508cf576c80cf36e0db8c50
f459beac714e5be68aa75349fa806a5642af456a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
GET /images/closemodal.png HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:18 GMT
content-type: image/webp
content-length: 672
cf-ray: 74e01f3919fcb512-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 544260
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "630e9cfc-314"
expires: Sat, 22 Oct 2022 04:40:18 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=EMlVE.EbIwuO7LhWFWvVSl03ewe0HX5L.4rgFYt67zQ-1663735218-0-AfyeHZsCaUTqDFqfbqnzC8AHzxhm1ZWmyyklsibdUzVIQe1wyD9EKfcLGuZZXxMEtNJaBvTvMxCbgwRYbccd8PjgD+7HpyiprrrvfdEvFwRX; path=/; expires=Wed, 21-Sep-22 05:10:18 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/hosted/images/39/0bb22faca144b1808f25103024eb37/2.png
104.16.12.194200 OK 260 kB URL HTTP/2 www.vipgoldenbucks.com/hosted/images/39/0bb22faca144b1808f25103024eb37/2.png
IP 104.16.12.194:0
File type PNG image data, 2048 x 649, 8-bit colormap, non-interlaced\012- data
Size 260 kB (260104 bytes)
Hash 856d0093b74854ad39ac7d1b02c736c8
c8d9b5ac3cfe3dadef77ff78226d44a764562550
db99a1e27ec8c5eed866b08f3248bcab361e83c77b80ed3de3ee8800412af894
GET /hosted/images/39/0bb22faca144b1808f25103024eb37/2.png HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTU1NjUyNzI=:visited=true; cf:visitor_id=6d921952-a6cc-48fc-aac6-e645cae2c334; hop=73787; addevent_track_cookie=ce68a6d7-e9a3-4370-5acc-d2aeb0853466
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:18 GMT
content-type: image/png
content-length: 260104
cf-ray: 74e01f38d9a50af6-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "856d0093b74854ad39ac7d1b02c736c8"
last-modified: Mon, 25 Jul 2022 22:14:29 GMT
cf-cache-status: MISS
x-amz-cf-pop: SOF50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/hosted/images/93/b48ba1e75b44e59e09e529cac9e10f/1.png
104.16.12.194200 OK 181 kB URL HTTP/2 www.vipgoldenbucks.com/hosted/images/93/b48ba1e75b44e59e09e529cac9e10f/1.png
IP 104.16.12.194:0
File type PNG image data, 2048 x 649, 8-bit colormap, non-interlaced\012- data
Size 181 kB (181323 bytes)
Hash a92e796220f6259bd0d2a6654daf1f20
cdbdc8b550cbe1739beccc065f223997384dbc6f
eb337ae6e6e6ed091d20a3db9b38d22f8933ec5f190995f1f304e6e9373fbfc4
GET /hosted/images/93/b48ba1e75b44e59e09e529cac9e10f/1.png HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTU1NjUyNzI=:visited=true; cf:visitor_id=6d921952-a6cc-48fc-aac6-e645cae2c334; hop=73787; addevent_track_cookie=ce68a6d7-e9a3-4370-5acc-d2aeb0853466
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:18 GMT
content-type: image/png
content-length: 181323
cf-ray: 74e01f38e9ae0af6-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "a92e796220f6259bd0d2a6654daf1f20"
last-modified: Tue, 26 Jul 2022 16:36:27 GMT
cf-cache-status: MISS
x-amz-cf-pop: SOF50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/hosted/images/e3/ff2b265fc94bfba15ff00e9e2b3de8/1.png
104.16.12.194200 OK 271 kB URL HTTP/2 www.vipgoldenbucks.com/hosted/images/e3/ff2b265fc94bfba15ff00e9e2b3de8/1.png
IP 104.16.12.194:0
File type PNG image data, 2048 x 649, 8-bit colormap, non-interlaced\012- data
Size 271 kB (270999 bytes)
Hash 8e970ef2d7101f6651d5c069c193a299
51cc890ecf9ddb0c705226f335fb81ef5e8d3fcc
c53b93ffc3965b651f6e7f3c6b2475a27012d697ea57a56584c04329214beb65
GET /hosted/images/e3/ff2b265fc94bfba15ff00e9e2b3de8/1.png HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTU1NjUyNzI=:visited=true; cf:visitor_id=6d921952-a6cc-48fc-aac6-e645cae2c334; hop=73787; addevent_track_cookie=ce68a6d7-e9a3-4370-5acc-d2aeb0853466
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:18 GMT
content-type: image/png
content-length: 270999
cf-ray: 74e01f38d9a30af6-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "8e970ef2d7101f6651d5c069c193a299"
last-modified: Mon, 25 Jul 2022 22:14:04 GMT
cf-cache-status: MISS
x-amz-cf-pop: SOF50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/hosted/images/b8/40c028036f477aa8a0591639becada/trump-selected-resize.png
104.16.12.194200 OK 214 kB URL HTTP/2 www.vipgoldenbucks.com/hosted/images/b8/40c028036f477aa8a0591639becada/trump-selected-resize.png
IP 104.16.12.194:0
File type PNG image data, 720 x 754, 8-bit colormap, non-interlaced\012- data
Size 214 kB (213853 bytes)
Hash 82c65b0d3dfe18806887ab2d18c40daf
1d3cf17326010bde2807639fee58f2b6c97ebcf7
2a4e4b93f83380bd6763950716c979fd465ac3f621fd0730ffb14ed7c953ff44
GET /hosted/images/b8/40c028036f477aa8a0591639becada/trump-selected-resize.png HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTU1NjUyNzI=:visited=true; cf:visitor_id=6d921952-a6cc-48fc-aac6-e645cae2c334; hop=73787; addevent_track_cookie=ce68a6d7-e9a3-4370-5acc-d2aeb0853466
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:18 GMT
content-type: image/png
content-length: 213853
cf-ray: 74e01f38f9bf0af6-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "82c65b0d3dfe18806887ab2d18c40daf"
last-modified: Sun, 24 Jul 2022 12:54:02 GMT
cf-cache-status: MISS
x-amz-cf-pop: SOF50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/hosted/images/78/12d49037cc4b479ed56e4d3d488d8a/4th-button.png
104.16.12.194200 OK 242 kB URL HTTP/2 www.vipgoldenbucks.com/hosted/images/78/12d49037cc4b479ed56e4d3d488d8a/4th-button.png
IP 104.16.12.194:0
File type PNG image data, 2048 x 649, 8-bit colormap, non-interlaced\012- data
Size 242 kB (242025 bytes)
Hash 40f9b11a5beff71ab942911563853d52
08db75d6f837d55a081858567dd39f37b1c05a38
a435a0fbe36ab1dfa066e0ca77d023bfc34e45ae6d3e5e37094bdbc0d7f9606a
GET /hosted/images/78/12d49037cc4b479ed56e4d3d488d8a/4th-button.png HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTU1NjUyNzI=:visited=true; cf:visitor_id=6d921952-a6cc-48fc-aac6-e645cae2c334; hop=73787; addevent_track_cookie=ce68a6d7-e9a3-4370-5acc-d2aeb0853466
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:18 GMT
content-type: image/png
content-length: 242025
cf-ray: 74e01f38f9ba0af6-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "40f9b11a5beff71ab942911563853d52"
last-modified: Tue, 26 Jul 2022 16:39:08 GMT
cf-cache-status: MISS
x-amz-cf-pop: SOF50-C1
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=mxM72zo33jIdm5I8z6zEpiNSQZvb1X80g7tsHom3hYc-1663735218-0-AWOK2yLnlffnJcujK_SwoOj4eJ8u6m5Jci7fvKsEbJZc1GXOAxRWaqd0ffbIst1-CtkydoEDl0Qr3fZEBiy-l8ub3zz1V_OiOAZq0G9hqaez"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=mxM72zo33jIdm5I8z6zEpiNSQZvb1X80g7tsHom3hYc-1663735218-0-AWOK2yLnlffnJcujK_SwoOj4eJ8u6m5Jci7fvKsEbJZc1GXOAxRWaqd0ffbIst1-CtkydoEDl0Qr3fZEBiy-l8ub3zz1V_OiOAZq0G9hqaez; report-to cf-csp-endpoint
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/hosted/images/23/03555d779f47729204aeba34555a8e/4.png
104.16.12.194200 OK 239 kB URL HTTP/2 www.vipgoldenbucks.com/hosted/images/23/03555d779f47729204aeba34555a8e/4.png
IP 104.16.12.194:0
File type PNG image data, 2048 x 649, 8-bit colormap, non-interlaced\012- data
Size 239 kB (238847 bytes)
Hash 4196b3278b0f3fc135635aa6ea419f89
804f08069c3c9be9e2a9635917dadac670823104
459611f66117fe6650fa2023782c99e18f245943844e1fb3c9baa122258b527f
GET /hosted/images/23/03555d779f47729204aeba34555a8e/4.png HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTU1NjUyNzI=:visited=true; cf:visitor_id=6d921952-a6cc-48fc-aac6-e645cae2c334; hop=73787; addevent_track_cookie=ce68a6d7-e9a3-4370-5acc-d2aeb0853466
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:18 GMT
content-type: image/png
content-length: 238847
cf-ray: 74e01f38d9a80af6-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "4196b3278b0f3fc135635aa6ea419f89"
last-modified: Mon, 25 Jul 2022 22:15:48 GMT
cf-cache-status: MISS
x-amz-cf-pop: SOF50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/hosted/images/2a/8112c669ed4eeea2a55909ace3478f/626c31b1c9511_banner-1.png
104.16.12.194200 OK 6.1 kB URL HTTP/2 www.vipgoldenbucks.com/hosted/images/2a/8112c669ed4eeea2a55909ace3478f/626c31b1c9511_banner-1.png
IP 104.16.12.194:0
File type PNG image data, 600 x 67, 8-bit colormap, non-interlaced\012- data
Hash 196af1468598fd5033ed90ab30cde94b
058c40ece93af1da7b05c2f3ed9a48949c550eb5
a66c5c7fc2bff83019eceaf37b816dbf9241add55471e9f1d0db77013af9e127
GET /hosted/images/2a/8112c669ed4eeea2a55909ace3478f/626c31b1c9511_banner-1.png HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTU1NjUyNzI=:visited=true; cf:visitor_id=6d921952-a6cc-48fc-aac6-e645cae2c334; hop=73787; addevent_track_cookie=ce68a6d7-e9a3-4370-5acc-d2aeb0853466
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:18 GMT
content-type: image/png
content-length: 6106
cf-ray: 74e01f38f9bb0af6-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "196af1468598fd5033ed90ab30cde94b"
last-modified: Wed, 06 Jul 2022 15:45:52 GMT
cf-cache-status: MISS
x-amz-cf-pop: SOF50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/images/background.png?_unique=0.8306555679145597&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.vipgoldenbucks.com/home%3Fhop%3D73787&_title=VIP%20Golden%20Trump%20Bucks&_key=bathj3jp&_page_key=citza05gkajncymq&_fid=12237165&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.vipgoldenbucks.com/home?hop=73787&_referrer=
104.16.12.194200 OK 4.6 kB URL HTTP/2 www.vipgoldenbucks.com/images/background.png?_unique=0.8306555679145597&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.vipgoldenbucks.com/home%3Fhop%3D73787&_title=VIP%20Golden%20Trump%20Bucks&_key=bathj3jp&_page_key=citza05gkajncymq&_fid=12237165&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.vipgoldenbucks.com/home?hop=73787&_referrer=
IP 104.16.12.194:0
File type ASCII text, with no line terminators
Hash 706747e90c5ea32a872a0a72fff10d7a
ee9567c57fbe628c9ef390ea36715ab4b5b4755b
d2992cffd5c7a28f292e6402f7d5ba69496aebc3f71d857fdfc33fdb36d77c2a
GET /images/background.png?_unique=0.8306555679145597&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.vipgoldenbucks.com/home%3Fhop%3D73787&_title=VIP%20Golden%20Trump%20Bucks&_key=bathj3jp&_page_key=citza05gkajncymq&_fid=12237165&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.vipgoldenbucks.com/home?hop=73787&_referrer= HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTU1NjUyNzI=:visited=true; cf:visitor_id=6d921952-a6cc-48fc-aac6-e645cae2c334; hop=73787; addevent_track_cookie=ce68a6d7-e9a3-4370-5acc-d2aeb0853466
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:18 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 74e01f38f9c00af6-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: bac278421803f6e2256e9ec4ab5e25b2
x-runtime: 0.033547
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/hosted/images/10/1dd3c655c844bb84b64ae6a16b00e0/3.png
104.16.12.194200 OK 242 kB URL HTTP/2 www.vipgoldenbucks.com/hosted/images/10/1dd3c655c844bb84b64ae6a16b00e0/3.png
IP 104.16.12.194:0
File type PNG image data, 2048 x 649, 8-bit colormap, non-interlaced\012- data
Size 242 kB (241483 bytes)
Hash f13861893279d05f5998f0e72e6bbd20
1857dcca724db11a2b41238974d4931489c30e5b
755d8ca55380250cd7d689ca2ab3f1227f601428bc114f00875d360c689d1231
GET /hosted/images/10/1dd3c655c844bb84b64ae6a16b00e0/3.png HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTU1NjUyNzI=:visited=true; cf:visitor_id=6d921952-a6cc-48fc-aac6-e645cae2c334; hop=73787; addevent_track_cookie=ce68a6d7-e9a3-4370-5acc-d2aeb0853466
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:18 GMT
content-type: image/png
content-length: 241483
cf-ray: 74e01f38d9a70af6-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "f13861893279d05f5998f0e72e6bbd20"
last-modified: Mon, 25 Jul 2022 22:15:27 GMT
cf-cache-status: MISS
x-amz-cf-pop: SOF50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/hosted/images/ab/d4d0b23a6c434f8e3db47285c45b41/2.png
104.16.12.194200 OK 175 kB URL HTTP/2 www.vipgoldenbucks.com/hosted/images/ab/d4d0b23a6c434f8e3db47285c45b41/2.png
IP 104.16.12.194:0
File type PNG image data, 2048 x 649, 8-bit colormap, non-interlaced\012- data
Size 175 kB (175094 bytes)
Hash 414b53abe8ad63c9edf0386677e4f44a
caa538ebf3cc99b718132a6d501fcbb861dc9a81
516007b2b5af019f266c9c62361faee68b1ab423465e4d0d59be76689bbf35da
GET /hosted/images/ab/d4d0b23a6c434f8e3db47285c45b41/2.png HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTU1NjUyNzI=:visited=true; cf:visitor_id=6d921952-a6cc-48fc-aac6-e645cae2c334; hop=73787; addevent_track_cookie=ce68a6d7-e9a3-4370-5acc-d2aeb0853466
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:18 GMT
content-type: image/png
content-length: 175094
cf-ray: 74e01f38f9b60af6-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "414b53abe8ad63c9edf0386677e4f44a"
last-modified: Tue, 26 Jul 2022 16:36:53 GMT
cf-cache-status: MISS
x-amz-cf-pop: SOF50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/hosted/images/b1/296b1874ae4ba68242c03978f05a6b/3.png
104.16.12.194200 OK 184 kB URL HTTP/2 www.vipgoldenbucks.com/hosted/images/b1/296b1874ae4ba68242c03978f05a6b/3.png
IP 104.16.12.194:0
File type PNG image data, 2048 x 649, 8-bit colormap, non-interlaced\012- data
Size 184 kB (184195 bytes)
Hash 35f9a4da06f204a1d4636f306cfdad5c
15f7b67d01ec4e5031263d3f1dcac64dbb3759af
594a160f68af23a12e44eb15761f2bcc2727fa5a390c5ae2459a9894bfd7cb10
GET /hosted/images/b1/296b1874ae4ba68242c03978f05a6b/3.png HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTU1NjUyNzI=:visited=true; cf:visitor_id=6d921952-a6cc-48fc-aac6-e645cae2c334; hop=73787; addevent_track_cookie=ce68a6d7-e9a3-4370-5acc-d2aeb0853466
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:18 GMT
content-type: image/png
content-length: 184195
cf-ray: 74e01f38f9b80af6-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "35f9a4da06f204a1d4636f306cfdad5c"
last-modified: Tue, 26 Jul 2022 16:37:19 GMT
cf-cache-status: MISS
x-amz-cf-pop: SOF50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
prod.cbstatic.net/dist/i18n/app-strings-en.json
143.204.55.53200 OK 9 B URL HTTP/2 prod.cbstatic.net/dist/i18n/app-strings-en.json
IP 143.204.55.53:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cdfca8b09e61ae7324e48f01984c9b34
874b413675711909229ca228efea613383d6a9a4
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
GET /dist/i18n/app-strings-en.json HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vipgoldenbucks.com
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 9
date: Wed, 21 Sep 2022 04:40:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
x-amz-version-id: ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
etag: "cdfca8b09e61ae7324e48f01984c9b34"
server: AmazonS3
vary: Origin
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: d6xvPgn0dijZzVPMfyjTAR4LOG6Y0ijxvptpVRqVSzxb4Ie2N2UYcg==
X-Firefox-Spdy: h2
prod.cbstatic.net/dist/assets/logo-header-grey-en.png
143.204.55.53200 OK 3.4 kB URL HTTP/2 prod.cbstatic.net/dist/assets/logo-header-grey-en.png
IP 143.204.55.53:0
File type PNG image data, 472 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash 775f725418ac88c31a677e390f465809
a98a41e9bae7569e21735d283574ae38e2d576e5
f05b4ce7119a4a661da917ddd0871980206eaafb2cf0a0758cf8d2fd63dd979d
GET /dist/assets/logo-header-grey-en.png HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3411
date: Wed, 21 Sep 2022 04:40:19 GMT
last-modified: Mon, 21 Dec 2020 21:57:34 GMT
x-amz-version-id: 71cSXUBUM9.r4kJae4cWcrwqU9syKuwh
etag: "775f725418ac88c31a677e390f465809"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5zm-rGUD4d0QaM-yL-nnht1pkjWkzdImz71JQxJIzpbL08b33TSsCg==
X-Firefox-Spdy: h2
prod.cbstatic.net/dist/assets/logo-tab-grey-en.png
143.204.55.53200 OK 4.2 kB URL HTTP/2 prod.cbstatic.net/dist/assets/logo-tab-grey-en.png
IP 143.204.55.53:0
File type PNG image data, 321 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash dc4af65db445b298e1227602a2e371f0
f04e5596ad7fd00f5cd5446d625611811676417f
cc27af050704c115cfdd6000c13cfe280912f53df2402c6a038eb34581dc17fa
GET /dist/assets/logo-tab-grey-en.png HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 4237
date: Wed, 21 Sep 2022 04:40:19 GMT
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
x-amz-version-id: BZcqTTzd9kulbp7_gvMzQqT0ukDU9T89
etag: "dc4af65db445b298e1227602a2e371f0"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EZA89HUgMeYUQCzNiKdMPIx3FSzlGzCP0pnpTm_XafNuhi83EzoWUQ==
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 21 Sep 2022 04:40:18 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 356
x-timer: S1663735219.722287,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 37b6097226b409c237ef99f1da688e60
71ab02ee2fd165ba99e9b964a1a3e5055c88224b
ab0e339aa9b34926c6fb4e1191e121febe026996f1cb0bc05ecb187a69653282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4787
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:40:18 GMT
Last-Modified: Wed, 21 Sep 2022 03:20:31 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=5849&ck=1&ref=https://www.vipgoldenbucks.com/home&ap=185&be=3742&fe=5136&dc=4882&perf=%7B%22timing%22:%7B%22of%22:1663735212915,%22n%22:0,%22f%22:3432,%22dn%22:3435,%22dne%22:3446,%22c%22:3446,%22s%22:3451,%22ce%22:3466,%22rq%22:3467,%22rp%22:3697,%22rpe%22:3698,%22dl%22:3723,%22di%22:4843,%22ds%22:4881,%22de%22:5016,%22dc%22:5136,%22l%22:5136,%22le%22:5253%7D,%22navigation%22:%7B%7D%7D&fcp=4834&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=5849&ck=1&ref=https://www.vipgoldenbucks.com/home&ap=185&be=3742&fe=5136&dc=4882&perf=%7B%22timing%22:%7B%22of%22:1663735212915,%22n%22:0,%22f%22:3432,%22dn%22:3435,%22dne%22:3446,%22c%22:3446,%22s%22:3451,%22ce%22:3466,%22rq%22:3467,%22rp%22:3697,%22rpe%22:3698,%22dl%22:3723,%22di%22:4843,%22ds%22:4881,%22de%22:5016,%22dc%22:5136,%22l%22:5136,%22le%22:5253%7D,%22navigation%22:%7B%7D%7D&fcp=4834&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=5849&ck=1&ref=https://www.vipgoldenbucks.com/home&ap=185&be=3742&fe=5136&dc=4882&perf=%7B%22timing%22:%7B%22of%22:1663735212915,%22n%22:0,%22f%22:3432,%22dn%22:3435,%22dne%22:3446,%22c%22:3446,%22s%22:3451,%22ce%22:3466,%22rq%22:3467,%22rp%22:3697,%22rpe%22:3698,%22dl%22:3723,%22di%22:4843,%22ds%22:4881,%22de%22:5016,%22dc%22:5136,%22l%22:5136,%22le%22:5253%7D,%22navigation%22:%7B%7D%7D&fcp=4834&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:40:19 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74e01f3e0961b51d-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=71013ad6b417e744; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
www.vipgoldenbucks.com/hosted/images/17/9522b3e64d4df1a6f35e48258f4bbe/trump-bucks-gif.gif
104.16.12.194200 OK 7.1 MB URL HTTP/2 www.vipgoldenbucks.com/hosted/images/17/9522b3e64d4df1a6f35e48258f4bbe/trump-bucks-gif.gif
IP 104.16.12.194:0
File type GIF image data, version 89a, 714 x 858\012- data
Size 7.1 MB (7143410 bytes)
Hash dff90ab3e45523e4a56dcd8acd25b2ad
988d4a49f147e982438ab08a278e4e7764332301
bb6e1383db4c3444ed093e16c326e0f559433865f2bde27e16561913365a2fca
GET /hosted/images/17/9522b3e64d4df1a6f35e48258f4bbe/trump-bucks-gif.gif HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTU1NjUyNzI=:visited=true; cf:visitor_id=6d921952-a6cc-48fc-aac6-e645cae2c334; hop=73787; addevent_track_cookie=ce68a6d7-e9a3-4370-5acc-d2aeb0853466
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:18 GMT
content-type: image/gif
content-length: 7143410
cf-ray: 74e01f38e9aa0af6-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "d5cbe2657ae75c40e871948438330dd2-2"
last-modified: Sun, 24 Jul 2022 12:44:44 GMT
cf-cache-status: MISS
x-amz-cf-pop: SOF50-C1
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=q_4wPlSwzCick6M1n1ydyCg5MPUNx3puLGXJR8eUks4-1663735218-0-AVBQhsjeiCuoZHnStU-ra0nBCIp2uuvlbj20pu96bEo7h1IaJcTUyGG6KdlaXGFgxNUk7o5SJCseWKXn0EqbZdcmh37ivScfDF-IIeKMRg04"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=q_4wPlSwzCick6M1n1ydyCg5MPUNx3puLGXJR8eUks4-1663735218-0-AVBQhsjeiCuoZHnStU-ra0nBCIp2uuvlbj20pu96bEo7h1IaJcTUyGG6KdlaXGFgxNUk7o5SJCseWKXn0EqbZdcmh37ivScfDF-IIeKMRg04; report-to cf-csp-endpoint
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/vendor.js
104.16.12.194200 OK 0 B URL HTTP/2 www.vipgoldenbucks.com/vendor.js
IP 104.16.12.194:0
GET /vendor.js HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:17 GMT
content-type: application/javascript
cf-ray: 74e01f36e8a10af6-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: 438b27f006af75f51d02a67923f9c9ce
x-runtime: 0.016369
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/all.css
IP 172.64.132.15:0
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:16 GMT
content-type: text/css
x-amz-id-2: eDALjXs4h5JwODL8ovr/4umLPbaCelCJI3+jx3FuubhJSoknTWWFmQo6HJaW+Q0JCvePiWa75nI=
x-amz-request-id: WT4YSGCQ9TAEW3HE
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28473473
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COrxRGqwwcWC7M4%2FBrNdJEVlIWU9xCHTYBufX0ml53jr2SkLVb8XfGwxVCL9a%2B9KLbn9u0%2FvkIfpp8I6JM57%2Fvg0LxcA4RJJOM1bqyEplTXiClH5zR8degiZqykTgvt7nXAPil0x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e01f310c087765-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
104.18.47.230200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 104.18.47.230:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vipgoldenbucks.com
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:16 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e01f30ff7bb503-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP 216.58.211.10:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 04:40:16 GMT
date: Wed, 21 Sep 2022 04:40:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=eFBWZ1VQZVM1OHRsN1ZmbC8xV0RKdz09LS1DVXhsWC8rdlJ6TlN3UlF4eDVheGVBPT0%3D--dbb2c9cfee941af14c25d44eac3c048c276a87ad&page_id=Q0FHZnZkODQ2ZGg4S3lFZld6aW5hZz09LS1ibVNLdExEK0E5NDgxMjBnWEx5R3VBPT0%3D--01bbc3e1933a747863f2b8dc1f837bdfcac73340&funnel_step_id=RXNsUiswSmR5SlhaRXRWQU93eDd5UT09LS1reUc0S2QwZVFIeSt1RnFYc2hVY1JRPT0%3D--769145ea3b4bade8f4e99d2dbb00411867e2687d&user_id=S3d6R0c0VHI2c3FJT3hpbG5wdGtsQT09LS1SbitDYlcybjBzNFVCMmhYZzNsTjJRPT0%3D--9b492d566808cc640358d8e56db9b63bd65da1a2&account_id=TVI4UTl5aVVmYXkwZ3JwL3BwV0F6UT09LS1qNC9lNGY1ckxkZDlhTENtVmNXSVl3PT0%3D--3f9115794ecd38897e98ceb181b97ca072bee9e6&page_code=NTU1NjUyNzI%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=8542f27b-bf6e-4065-b1fb-a7c310847073&url=https%3A%2F%2Fwww.vipgoldenbucks.com%2Fhome%3Fhop%3D73787
104.16.14.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=eFBWZ1VQZVM1OHRsN1ZmbC8xV0RKdz09LS1DVXhsWC8rdlJ6TlN3UlF4eDVheGVBPT0%3D--dbb2c9cfee941af14c25d44eac3c048c276a87ad&page_id=Q0FHZnZkODQ2ZGg4S3lFZld6aW5hZz09LS1ibVNLdExEK0E5NDgxMjBnWEx5R3VBPT0%3D--01bbc3e1933a747863f2b8dc1f837bdfcac73340&funnel_step_id=RXNsUiswSmR5SlhaRXRWQU93eDd5UT09LS1reUc0S2QwZVFIeSt1RnFYc2hVY1JRPT0%3D--769145ea3b4bade8f4e99d2dbb00411867e2687d&user_id=S3d6R0c0VHI2c3FJT3hpbG5wdGtsQT09LS1SbitDYlcybjBzNFVCMmhYZzNsTjJRPT0%3D--9b492d566808cc640358d8e56db9b63bd65da1a2&account_id=TVI4UTl5aVVmYXkwZ3JwL3BwV0F6UT09LS1qNC9lNGY1ckxkZDlhTENtVmNXSVl3PT0%3D--3f9115794ecd38897e98ceb181b97ca072bee9e6&page_code=NTU1NjUyNzI%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=8542f27b-bf6e-4065-b1fb-a7c310847073&url=https%3A%2F%2Fwww.vipgoldenbucks.com%2Fhome%3Fhop%3D73787
IP 104.16.14.194:0
GET /userevents/?funnel_id=eFBWZ1VQZVM1OHRsN1ZmbC8xV0RKdz09LS1DVXhsWC8rdlJ6TlN3UlF4eDVheGVBPT0%3D--dbb2c9cfee941af14c25d44eac3c048c276a87ad&page_id=Q0FHZnZkODQ2ZGg4S3lFZld6aW5hZz09LS1ibVNLdExEK0E5NDgxMjBnWEx5R3VBPT0%3D--01bbc3e1933a747863f2b8dc1f837bdfcac73340&funnel_step_id=RXNsUiswSmR5SlhaRXRWQU93eDd5UT09LS1reUc0S2QwZVFIeSt1RnFYc2hVY1JRPT0%3D--769145ea3b4bade8f4e99d2dbb00411867e2687d&user_id=S3d6R0c0VHI2c3FJT3hpbG5wdGtsQT09LS1SbitDYlcybjBzNFVCMmhYZzNsTjJRPT0%3D--9b492d566808cc640358d8e56db9b63bd65da1a2&account_id=TVI4UTl5aVVmYXkwZ3JwL3BwV0F6UT09LS1qNC9lNGY1ckxkZDlhTENtVmNXSVl3PT0%3D--3f9115794ecd38897e98ceb181b97ca072bee9e6&page_code=NTU1NjUyNzI%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=8542f27b-bf6e-4065-b1fb-a7c310847073&url=https%3A%2F%2Fwww.vipgoldenbucks.com%2Fhome%3Fhop%3D73787 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vipgoldenbucks.com
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Wed, 21 Sep 2022 04:40:17 GMT
content-type: text/html
cf-ray: 74e01f377a9c1c06-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: efd4c8abc3facf269f1277acbbb25e7a
x-runtime: 0.030304
set-cookie: __cf_bm=1MJEJwMoMqhn14zbzn44zqUwfW5g68lqbfKYvYUxj4E-1663735217-0-AayUcbepmuaPBMdMCjRflNs2+4SDHJySk/GOyYl/SbNzI+xlP0IBFSE90A1MnkZAFA6kfiKnZkDO89pqkkYo4nQOePxIg4DawkujqfD5V4gH; path=/; expires=Wed, 21-Sep-22 05:10:17 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/home?hop=73787
104.16.12.194200 OK 0 B URL HTTP/2 www.vipgoldenbucks.com/home?hop=73787
IP 104.16.12.194:0
GET /home?hop=73787 HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:16 GMT
content-type: text/html; charset=utf-8
cf-ray: 74e01f2e4c1f0af6-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Thu, 28 Jul 2022 17:34:24 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 9e3b0f21d35b5bfbddb0d604d23147468f25ac7d
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: 28ba33f02db28a05cc4092833da96272
x-runtime: 0.178332
set-cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC; path=/; expires=Wed, 21-Sep-22 05:10:16 GMT; domain=.www.vipgoldenbucks.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/assets/lander.css
104.16.12.194200 OK 0 B URL HTTP/2 www.vipgoldenbucks.com/assets/lander.css
IP 104.16.12.194:0
GET /assets/lander.css HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:16 GMT
content-type: text/css
cf-ray: 74e01f306d1b0af6-OSL
access-control-allow-origin: *
age: 148
cache-control: public, max-age=1200
etag: W/"632a4cc7-6a514"
expires: Wed, 21 Sep 2022 05:00:16 GMT
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Fredoka+One%7CRoboto%7CFredoka+One%7CRoboto%7CFredoka+One%7CRoboto%7CFredoka+One%7CRoboto%7CFredoka+One%7CPoppins%7CFredoka+One%7C
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Fredoka+One%7CRoboto%7CFredoka+One%7CRoboto%7CFredoka+One%7CRoboto%7CFredoka+One%7CRoboto%7CFredoka+One%7CPoppins%7CFredoka+One%7C
IP 216.58.211.10:0
GET /css?family=Fredoka+One%7CRoboto%7CFredoka+One%7CRoboto%7CFredoka+One%7CRoboto%7CFredoka+One%7CRoboto%7CFredoka+One%7CPoppins%7CFredoka+One%7C HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 04:40:16 GMT
date: Wed, 21 Sep 2022 04:40:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=eFBWZ1VQZVM1OHRsN1ZmbC8xV0RKdz09LS1DVXhsWC8rdlJ6TlN3UlF4eDVheGVBPT0%3D--dbb2c9cfee941af14c25d44eac3c048c276a87ad&page_id=Q0FHZnZkODQ2ZGg4S3lFZld6aW5hZz09LS1ibVNLdExEK0E5NDgxMjBnWEx5R3VBPT0%3D--01bbc3e1933a747863f2b8dc1f837bdfcac73340&funnel_step_id=RXNsUiswSmR5SlhaRXRWQU93eDd5UT09LS1reUc0S2QwZVFIeSt1RnFYc2hVY1JRPT0%3D--769145ea3b4bade8f4e99d2dbb00411867e2687d&user_id=S3d6R0c0VHI2c3FJT3hpbG5wdGtsQT09LS1SbitDYlcybjBzNFVCMmhYZzNsTjJRPT0%3D--9b492d566808cc640358d8e56db9b63bd65da1a2&account_id=TVI4UTl5aVVmYXkwZ3JwL3BwV0F6UT09LS1qNC9lNGY1ckxkZDlhTENtVmNXSVl3PT0%3D--3f9115794ecd38897e98ceb181b97ca072bee9e6&page_code=NTU1NjUyNzI%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=694f44c8-62eb-47d4-af11-dada02f5aba5&url=https%3A%2F%2Fwww.vipgoldenbucks.com%2Fhome%3Fhop%3D73787
104.16.14.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=eFBWZ1VQZVM1OHRsN1ZmbC8xV0RKdz09LS1DVXhsWC8rdlJ6TlN3UlF4eDVheGVBPT0%3D--dbb2c9cfee941af14c25d44eac3c048c276a87ad&page_id=Q0FHZnZkODQ2ZGg4S3lFZld6aW5hZz09LS1ibVNLdExEK0E5NDgxMjBnWEx5R3VBPT0%3D--01bbc3e1933a747863f2b8dc1f837bdfcac73340&funnel_step_id=RXNsUiswSmR5SlhaRXRWQU93eDd5UT09LS1reUc0S2QwZVFIeSt1RnFYc2hVY1JRPT0%3D--769145ea3b4bade8f4e99d2dbb00411867e2687d&user_id=S3d6R0c0VHI2c3FJT3hpbG5wdGtsQT09LS1SbitDYlcybjBzNFVCMmhYZzNsTjJRPT0%3D--9b492d566808cc640358d8e56db9b63bd65da1a2&account_id=TVI4UTl5aVVmYXkwZ3JwL3BwV0F6UT09LS1qNC9lNGY1ckxkZDlhTENtVmNXSVl3PT0%3D--3f9115794ecd38897e98ceb181b97ca072bee9e6&page_code=NTU1NjUyNzI%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=694f44c8-62eb-47d4-af11-dada02f5aba5&url=https%3A%2F%2Fwww.vipgoldenbucks.com%2Fhome%3Fhop%3D73787
IP 104.16.14.194:0
GET /userevents/?funnel_id=eFBWZ1VQZVM1OHRsN1ZmbC8xV0RKdz09LS1DVXhsWC8rdlJ6TlN3UlF4eDVheGVBPT0%3D--dbb2c9cfee941af14c25d44eac3c048c276a87ad&page_id=Q0FHZnZkODQ2ZGg4S3lFZld6aW5hZz09LS1ibVNLdExEK0E5NDgxMjBnWEx5R3VBPT0%3D--01bbc3e1933a747863f2b8dc1f837bdfcac73340&funnel_step_id=RXNsUiswSmR5SlhaRXRWQU93eDd5UT09LS1reUc0S2QwZVFIeSt1RnFYc2hVY1JRPT0%3D--769145ea3b4bade8f4e99d2dbb00411867e2687d&user_id=S3d6R0c0VHI2c3FJT3hpbG5wdGtsQT09LS1SbitDYlcybjBzNFVCMmhYZzNsTjJRPT0%3D--9b492d566808cc640358d8e56db9b63bd65da1a2&account_id=TVI4UTl5aVVmYXkwZ3JwL3BwV0F6UT09LS1qNC9lNGY1ckxkZDlhTENtVmNXSVl3PT0%3D--3f9115794ecd38897e98ceb181b97ca072bee9e6&page_code=NTU1NjUyNzI%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=694f44c8-62eb-47d4-af11-dada02f5aba5&url=https%3A%2F%2Fwww.vipgoldenbucks.com%2Fhome%3Fhop%3D73787 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vipgoldenbucks.com
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Wed, 21 Sep 2022 04:40:17 GMT
content-type: text/html
cf-ray: 74e01f376a981c06-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 7794063d13545d079b4550e95c01a749
x-runtime: 0.030957
set-cookie: __cf_bm=ZRZpG1R8tPI0cSgNyYBSTDgQ3O_ob4hLWCwFR6bRTVo-1663735217-0-ATj/Xp5Tyc7J8yyRHiBRHORefMVGYOIxyjIcus5loSZXE4WIRJ5sWvkaDvw05anB5VUaFXwZyaO8LRGSolw9WlMx7XS6cFm8aG4sLEq2BKk/; path=/; expires=Wed, 21-Sep-22 05:10:17 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/assets/lander.js
104.16.12.194200 OK 0 B URL HTTP/2 www.vipgoldenbucks.com/assets/lander.js
IP 104.16.12.194:0
GET /assets/lander.js HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:16 GMT
content-type: application/x-javascript
cf-ray: 74e01f307d250af6-OSL
access-control-allow-origin: *
age: 148
cache-control: public, max-age=1200
etag: W/"632a4d03-238fd1"
expires: Wed, 21 Sep 2022 05:00:16 GMT
last-modified: Tue, 20 Sep 2022 23:30:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/assets/userevents/application.js
104.16.12.194200 OK 0 B URL HTTP/2 www.vipgoldenbucks.com/assets/userevents/application.js
IP 104.16.12.194:0
GET /assets/userevents/application.js HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:16 GMT
content-type: application/x-javascript
cf-ray: 74e01f307d220af6-OSL
access-control-allow-origin: *
age: 148
cache-control: public, max-age=1200
etag: W/"632a4cc7-1353"
expires: Wed, 21 Sep 2022 05:00:16 GMT
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/assets/pushcrew.js
104.16.12.194200 OK 0 B URL HTTP/2 www.vipgoldenbucks.com/assets/pushcrew.js
IP 104.16.12.194:0
GET /assets/pushcrew.js HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:16 GMT
content-type: application/x-javascript
cf-ray: 74e01f307d260af6-OSL
access-control-allow-origin: *
age: 148
cache-control: public, max-age=1200
etag: W/"632a4cc6-27d"
expires: Wed, 21 Sep 2022 05:00:16 GMT
last-modified: Tue, 20 Sep 2022 23:29:10 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=eFBWZ1VQZVM1OHRsN1ZmbC8xV0RKdz09LS1DVXhsWC8rdlJ6TlN3UlF4eDVheGVBPT0%3D--dbb2c9cfee941af14c25d44eac3c048c276a87ad&page_id=Q0FHZnZkODQ2ZGg4S3lFZld6aW5hZz09LS1ibVNLdExEK0E5NDgxMjBnWEx5R3VBPT0%3D--01bbc3e1933a747863f2b8dc1f837bdfcac73340&funnel_step_id=RXNsUiswSmR5SlhaRXRWQU93eDd5UT09LS1reUc0S2QwZVFIeSt1RnFYc2hVY1JRPT0%3D--769145ea3b4bade8f4e99d2dbb00411867e2687d&user_id=S3d6R0c0VHI2c3FJT3hpbG5wdGtsQT09LS1SbitDYlcybjBzNFVCMmhYZzNsTjJRPT0%3D--9b492d566808cc640358d8e56db9b63bd65da1a2&account_id=TVI4UTl5aVVmYXkwZ3JwL3BwV0F6UT09LS1qNC9lNGY1ckxkZDlhTENtVmNXSVl3PT0%3D--3f9115794ecd38897e98ceb181b97ca072bee9e6&page_code=NTU1NjUyNzI%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=b7d582a9-ed53-46d8-a2c0-c45612edf3b8&url=https%3A%2F%2Fwww.vipgoldenbucks.com%2Fhome%3Fhop%3D73787
104.16.14.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=eFBWZ1VQZVM1OHRsN1ZmbC8xV0RKdz09LS1DVXhsWC8rdlJ6TlN3UlF4eDVheGVBPT0%3D--dbb2c9cfee941af14c25d44eac3c048c276a87ad&page_id=Q0FHZnZkODQ2ZGg4S3lFZld6aW5hZz09LS1ibVNLdExEK0E5NDgxMjBnWEx5R3VBPT0%3D--01bbc3e1933a747863f2b8dc1f837bdfcac73340&funnel_step_id=RXNsUiswSmR5SlhaRXRWQU93eDd5UT09LS1reUc0S2QwZVFIeSt1RnFYc2hVY1JRPT0%3D--769145ea3b4bade8f4e99d2dbb00411867e2687d&user_id=S3d6R0c0VHI2c3FJT3hpbG5wdGtsQT09LS1SbitDYlcybjBzNFVCMmhYZzNsTjJRPT0%3D--9b492d566808cc640358d8e56db9b63bd65da1a2&account_id=TVI4UTl5aVVmYXkwZ3JwL3BwV0F6UT09LS1qNC9lNGY1ckxkZDlhTENtVmNXSVl3PT0%3D--3f9115794ecd38897e98ceb181b97ca072bee9e6&page_code=NTU1NjUyNzI%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=b7d582a9-ed53-46d8-a2c0-c45612edf3b8&url=https%3A%2F%2Fwww.vipgoldenbucks.com%2Fhome%3Fhop%3D73787
IP 104.16.14.194:0
GET /userevents/?funnel_id=eFBWZ1VQZVM1OHRsN1ZmbC8xV0RKdz09LS1DVXhsWC8rdlJ6TlN3UlF4eDVheGVBPT0%3D--dbb2c9cfee941af14c25d44eac3c048c276a87ad&page_id=Q0FHZnZkODQ2ZGg4S3lFZld6aW5hZz09LS1ibVNLdExEK0E5NDgxMjBnWEx5R3VBPT0%3D--01bbc3e1933a747863f2b8dc1f837bdfcac73340&funnel_step_id=RXNsUiswSmR5SlhaRXRWQU93eDd5UT09LS1reUc0S2QwZVFIeSt1RnFYc2hVY1JRPT0%3D--769145ea3b4bade8f4e99d2dbb00411867e2687d&user_id=S3d6R0c0VHI2c3FJT3hpbG5wdGtsQT09LS1SbitDYlcybjBzNFVCMmhYZzNsTjJRPT0%3D--9b492d566808cc640358d8e56db9b63bd65da1a2&account_id=TVI4UTl5aVVmYXkwZ3JwL3BwV0F6UT09LS1qNC9lNGY1ckxkZDlhTENtVmNXSVl3PT0%3D--3f9115794ecd38897e98ceb181b97ca072bee9e6&page_code=NTU1NjUyNzI%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=b7d582a9-ed53-46d8-a2c0-c45612edf3b8&url=https%3A%2F%2Fwww.vipgoldenbucks.com%2Fhome%3Fhop%3D73787 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vipgoldenbucks.com
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Wed, 21 Sep 2022 04:40:17 GMT
content-type: text/html
cf-ray: 74e01f377aa01c06-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 254107f6514577e10f22a17cecd18c54
x-runtime: 0.032394
set-cookie: __cf_bm=lAyPqmI1UlbW7cfQdLUthdafm5r1p9ZbiKU8ncGoSsY-1663735217-0-AXYECZqOpnTygm5lj7KqHxdBDfqZGRupPaDqB1dkFLwLLl8xZd/N4QmflPaQQdhIWyvEM2mnSMXvurwqgDhj/9dP4aECYNlu6PimNNX5n7df; path=/; expires=Wed, 21-Sep-22 05:10:17 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
www.vipgoldenbucks.com/cdn-cgi/rum?
104.16.12.194200 OK 0 B URL HTTP/2 www.vipgoldenbucks.com/cdn-cgi/rum?
IP 104.16.12.194:0
POST /cdn-cgi/rum? HTTP/1.1
Host: www.vipgoldenbucks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 7617
Origin: https://www.vipgoldenbucks.com
Connection: keep-alive
Referer: https://www.vipgoldenbucks.com/home?hop=73787
Cookie: __cf_bm=NpOQp_INsBtLZMCoYgczWz9XhcVwLFKauW9rc0JRqIk-1663735216-0-AfnguuvbVJgvgYn5EBbXz8eciwn7UZhXu2rbd9TfPUsJMaclGUPmU/ifLTKHv8QNw3O+7kHM47F+ZeaVw9sND6vi6wbUwlRWRjlvIU5sB0dC; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTU1NjUyNzI=:visited=true; cf:visitor_id=6d921952-a6cc-48fc-aac6-e645cae2c334; hop=73787; addevent_track_cookie=ce68a6d7-e9a3-4370-5acc-d2aeb0853466
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:40:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.vipgoldenbucks.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 74e01f399a0f0af6-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2