r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8275
Expires: Fri, 03 Feb 2023 13:29:19 GMT
Date: Fri, 03 Feb 2023 11:11:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2289
Expires: Fri, 03 Feb 2023 11:49:33 GMT
Date: Fri, 03 Feb 2023 11:11:24 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8686b201029f94a4f6cfba25537fa6c5
b6046c7e22fc031a58d742b957b484ba6b1560e6
0bcde1f5eb4caf3f298f8c0bde139a1578c03d9a82959b17f62f6eac22e0bbaf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4961
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:24 GMT
Last-Modified: Fri, 03 Feb 2023 09:48:43 GMT
Server: ECS (amb/6BB9)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 10:43:35 GMT
content-type: application/json
age: 1669
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4324
Expires: Fri, 03 Feb 2023 12:23:28 GMT
Date: Fri, 03 Feb 2023 11:11:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: poA7oJ3/LWEN0iDwBtFcODNCxw+VlOoQVrrumOClQ5GEVnICpY+G9MKjOY4U+nq8DOUcYjmo9UvJHeKS9CE7jg==
x-amz-request-id: HYQK3Z0TNX6VPFPG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 10:52:23 GMT
age: 1141
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 11:11:24 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 10:49:06 GMT
age: 1339
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5adf2c0a4b0cb0102bb2a801db222019
987b0d000fef5f238e256af039503019a60bb4f3
bc1467d19e8dea3983161468af524eb7c479b9e9e4f30df5f971f6816a8f4f85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3025
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:25 GMT
Last-Modified: Fri, 03 Feb 2023 10:21:00 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8812
Expires: Fri, 03 Feb 2023 13:38:17 GMT
Date: Fri, 03 Feb 2023 11:11:25 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
104.16.16.194200 OK 5.3 kB URL HTTP/2 images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
IP 104.16.16.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d99a10ef5010513b3d30f7cf51614b5f
d60c1da11f05540f39632c7357c22b76c9ee1ed7
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474
GET /3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png HTTP/1.1
Host: images.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: image/webp
content-length: 5276
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9030
content-disposition: inline; filename="ClickfunnelsTag.webp"
etag: "a633777156a5ffeb58c92d3d59fa4e34"
last-modified: Fri, 03 Jan 2020 17:41:49 GMT
vary: Accept
x-amz-id-2: Hh4NJsW1+rFnk00tFupVCmWzNvth3KadcueXQ43CVRibqS0RaBkvvUvHN5n346JiS6ZjIYRGGiM=
x-amz-request-id: 2TPBMCTCCZAYA68E
cf-cache-status: HIT
age: 2046
expires: Mon, 27 Feb 2023 11:11:25 GMT
cache-control: public, max-age=2073600
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=i1weNxwNLc8PfnY_ZYvKDK3pBSUszpRgjmpDJDFc7jQ-1675422685-0-AQzPmu7NdYisLQJ3MGkUUDu_px0WRoLAszv1vIOIxdWsbVIKX_8xXwSJ4hhhNtfG98ukVPBzg0g0YcTrDU1YbvcOvAnAkhGQi0Xk7uez-g6y"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=i1weNxwNLc8PfnY_ZYvKDK3pBSUszpRgjmpDJDFc7jQ-1675422685-0-AQzPmu7NdYisLQJ3MGkUUDu_px0WRoLAszv1vIOIxdWsbVIKX_8xXwSJ4hhhNtfG98ukVPBzg0g0YcTrDU1YbvcOvAnAkhGQi0Xk7uez-g6y; report-to cf-csp-endpoint
server: cloudflare
cf-ray: 793ab9c7dd071c02-OSL
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/pushcrew.js
104.16.16.194200 OK 818 B URL HTTP/2 app.clickfunnels.com/assets/pushcrew.js
IP 104.16.16.194:0
File type ASCII text, with very long lines (637), with no line terminators
Hash f1cb1bc2647a9695dcdb5b2141451c7e
5166dcf1a483c1feefef0ebdd4ccf354e57d5b8e
21f862a246e5c48fbfa9dd0708bb08ff87b93cd317ce9af7cad0c441b1022b77
GET /assets/pushcrew.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: application/x-javascript
cf-ray: 793ab9c6cc081c02-OSL
access-control-allow-origin: *
age: 431
cache-control: public, max-age=1200
etag: W/"63dbd64e-27d"
expires: Fri, 03 Feb 2023 11:31:25 GMT
last-modified: Thu, 02 Feb 2023 15:27:10 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.42.147.182101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.147.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wVoGm5FbtwEzZS676/8Miw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AVI8xqDDVXWwnLoEF/ksi8AWZK4=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b1bbf406e5d473071d96311ed8c8dd33
bab2d439cc487bf682273fc2efc9a50bcbc9096f
7e5341915ce1bd9cc013d1804930d4947f57aa0f926235e6e7fbd89c6eb54b3d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4565
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:25 GMT
Last-Modified: Fri, 03 Feb 2023 09:55:20 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b1bbf406e5d473071d96311ed8c8dd33
bab2d439cc487bf682273fc2efc9a50bcbc9096f
7e5341915ce1bd9cc013d1804930d4947f57aa0f926235e6e7fbd89c6eb54b3d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4566
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:26 GMT
Last-Modified: Fri, 03 Feb 2023 09:55:20 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
app.clickfunnels.com/cf.js
104.16.16.194301 Moved Permanently 14 kB URL HTTP/2 app.clickfunnels.com/cf.js
IP 104.16.16.194:0
Hash a965f9d639f4c44c2a35b76d99f58fb5
9238ef031bb01f79fa08bd46e6099003219e441b
c2c8559d5240e688552cee537aba3f7db09ab2040a50372ca15192f80619ec7f
GET /cf.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: text/html
location: https://www.clickfunnels.com/cf.js
cf-ray: 793ab9ca6fcb1c02-OSL
age: 1067
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2
frani.clickfunnels.com/cdn-cgi/rum?
104.16.16.194204 No Content 0 B URL HTTP/2 frani.clickfunnels.com/cdn-cgi/rum?
IP 104.16.16.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: frani.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 7440
Origin: https://frani.clickfunnels.com
Connection: keep-alive
Referer: https://frani.clickfunnels.com/optin1675348668626
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTgxNDc2NTU=:visited=true; cf:visitor_id=7a68e219-1f48-44ab-8011-bd629332a799; addevent_track_cookie=56def5c5-12d0-4975-aa79-dc41a934c7be
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Fri, 03 Feb 2023 11:11:26 GMT
access-control-allow-origin: https://frani.clickfunnels.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 793ab9cc79d71c02-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=Si8waTVxR1BYR0EzMjcvRTV3c3Q2QT09LS04L1VGSVNIaUtVNVl6VVBBL1ovZlJ3PT0%3D--18852a59004be87e22815faa21ae4a1a0d077d36&page_id=UHVML2R2ZjIvSDhvdk56ejNXS0U2dz09LS02Qmd4M2NnRG41NGU3akxUNE9Dck13PT0%3D--3c94f23b73d4e0f7353c63262270fdb57d733c12&funnel_step_id=Q1ljWmdTaTVFMFpXa293aFphejM0QT09LS1WS2lKM25xeWhzWFRKZlIwOS9ENFlRPT0%3D--1134c72751207ea35d560ffaca56f061de0c306c&user_id=YThQSlR4bmdNdUlHcUI3WmtDZjhPQT09LS1QUlBnRGV0VW9PQ3BYOGpIOXI1NllBPT0%3D--ec34caa1fe752e2f4310024a293aaca05919648e&account_id=QVVuMXY2ZEl6UDBLanp1VTJDNGtHZz09LS1kd3FEcmEwYTdHVTdCUFZKZllXNXpBPT0%3D--0b2f133bf6907b62dcbcf89a0e04dd7ee13c73fb&page_code=NTgxNDc2NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=0c822337-970b-43d6-9d5a-f90d6ca20eae&url=https%3A%2F%2Ffrani.clickfunnels.com%2Foptin1675348668626
104.16.16.194202 Accepted 1.2 kB URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=Si8waTVxR1BYR0EzMjcvRTV3c3Q2QT09LS04L1VGSVNIaUtVNVl6VVBBL1ovZlJ3PT0%3D--18852a59004be87e22815faa21ae4a1a0d077d36&page_id=UHVML2R2ZjIvSDhvdk56ejNXS0U2dz09LS02Qmd4M2NnRG41NGU3akxUNE9Dck13PT0%3D--3c94f23b73d4e0f7353c63262270fdb57d733c12&funnel_step_id=Q1ljWmdTaTVFMFpXa293aFphejM0QT09LS1WS2lKM25xeWhzWFRKZlIwOS9ENFlRPT0%3D--1134c72751207ea35d560ffaca56f061de0c306c&user_id=YThQSlR4bmdNdUlHcUI3WmtDZjhPQT09LS1QUlBnRGV0VW9PQ3BYOGpIOXI1NllBPT0%3D--ec34caa1fe752e2f4310024a293aaca05919648e&account_id=QVVuMXY2ZEl6UDBLanp1VTJDNGtHZz09LS1kd3FEcmEwYTdHVTdCUFZKZllXNXpBPT0%3D--0b2f133bf6907b62dcbcf89a0e04dd7ee13c73fb&page_code=NTgxNDc2NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=0c822337-970b-43d6-9d5a-f90d6ca20eae&url=https%3A%2F%2Ffrani.clickfunnels.com%2Foptin1675348668626
IP 104.16.16.194:0
Hash 943530898af28ff47cbdacc86af21486
64b7acbd72e28a5fcae49db377a1efba487aad1e
59d3ffc1c08b929dd093afaec60120111e885012ce25b31b0e55c99828f27eea
GET /userevents/?funnel_id=Si8waTVxR1BYR0EzMjcvRTV3c3Q2QT09LS04L1VGSVNIaUtVNVl6VVBBL1ovZlJ3PT0%3D--18852a59004be87e22815faa21ae4a1a0d077d36&page_id=UHVML2R2ZjIvSDhvdk56ejNXS0U2dz09LS02Qmd4M2NnRG41NGU3akxUNE9Dck13PT0%3D--3c94f23b73d4e0f7353c63262270fdb57d733c12&funnel_step_id=Q1ljWmdTaTVFMFpXa293aFphejM0QT09LS1WS2lKM25xeWhzWFRKZlIwOS9ENFlRPT0%3D--1134c72751207ea35d560ffaca56f061de0c306c&user_id=YThQSlR4bmdNdUlHcUI3WmtDZjhPQT09LS1QUlBnRGV0VW9PQ3BYOGpIOXI1NllBPT0%3D--ec34caa1fe752e2f4310024a293aaca05919648e&account_id=QVVuMXY2ZEl6UDBLanp1VTJDNGtHZz09LS1kd3FEcmEwYTdHVTdCUFZKZllXNXpBPT0%3D--0b2f133bf6907b62dcbcf89a0e04dd7ee13c73fb&page_code=NTgxNDc2NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=0c822337-970b-43d6-9d5a-f90d6ca20eae&url=https%3A%2F%2Ffrani.clickfunnels.com%2Foptin1675348668626 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://frani.clickfunnels.com
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 202 Accepted
date: Fri, 03 Feb 2023 11:11:26 GMT
content-type: text/html
cf-ray: 793ab9ca8fff1c02-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: e0226ce295b640600523d37097faa876
x-runtime: 0.023529
set-cookie: __cf_bm=HGMoCYmN0FG_aUXlAkAgjQS3eaw05EkIdtcE4BpxQI4-1675422686-0-Ab/DYWW632EQXOuTtJuD2V9tlPpY6fU91AZh1CNVoWZCn6eywDVTSdy2Y6XYWgNGTvShh7DCtxH1PLuwDpF/QVXMKZqD3y64wQYXA67Vqur1; path=/; expires=Fri, 03-Feb-23 11:41:26 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
js-agent.newrelic.com/779.215647de-1223.js
151.101.66.137200 OK 3.5 kB URL HTTP/2 js-agent.newrelic.com/779.215647de-1223.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (8307), with no line terminators
Hash 411c3ac790a3a8f8f71906adf57df690
ceef347ad1356a868f3c371ffc84c205958aed6d
59a8f0bcbad548fd487a595f4a2c3642268a19437d80096f1f0e3a67301132ac
GET /779.215647de-1223.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: oJiVqgUxxXTGlb3WHfPODQ+0hnRNaK4Wu3C5q0qzLW1Wy1zUCv3lJDvZMbOZXlmpWlVHYmT68X8=
x-amz-request-id: 29B6GFQJDW5ETZPK
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
etag: "1f9dc6167676d6db728e844d20a97ad5"
x-amz-version-id: d0hMUd3mWD9ItciiSIXCSy8OWToOTtsf
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 03 Feb 2023 11:11:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 323
x-timer: S1675422686.299380,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3516
X-Firefox-Spdy: h2
js-agent.newrelic.com/823.215647de-1223.js
151.101.66.137200 OK 1.4 kB URL HTTP/2 js-agent.newrelic.com/823.215647de-1223.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (3147), with no line terminators
Hash 87de67cddb1db12fc7ee256669fcd9ba
5c882b5cc4bff34d8f4c603d6077f424b442a0df
42e88e7da2ca5f5fbd6fb461147d562a317c22508508c937cc57ad65c04e5986
GET /823.215647de-1223.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 5Fb4P8xJczd5vSJcDjiJeEIdldSbkECuaWyErtMTeAtEHKfdyrVuRuzSrltAg1+Dqn5ZyguqAlc=
x-amz-request-id: 29B2ND18W5AQM0T8
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
etag: "ce7762cf4b6665f79c15503dbccd6c68"
x-amz-version-id: W2tA0gkaWp6JlPnYeFhc2plzNBl_myPN
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 03 Feb 2023 11:11:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 327
x-timer: S1675422686.299643,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1365
X-Firefox-Spdy: h2
js-agent.newrelic.com/325.215647de-1223.js
151.101.66.137200 OK 560 B URL HTTP/2 js-agent.newrelic.com/325.215647de-1223.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (1119), with no line terminators
Hash dbb8514b0fe73ed1c9a3bb94d6bd624b
083e321a63d3e24555e87c564d3b52588ed49ae1
10a720318922a38e6bf41921f3adc6f56bc61f215e251be7f5f37ec991d9b852
GET /325.215647de-1223.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: y2K+rpeLF3Ym/3l6sNpa29RWC/g7TNS9+AlxD2Yrljl995Eo6bNRqMUpU5PNsi1SzBJybaX6onw=
x-amz-request-id: 5D6X5R0HEXVCYE0Y
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
etag: "8bfb1318203f2143642fa7f2620e90b9"
x-amz-version-id: TZXfN40R6cv9QsF3fTfxRxppzwQ_LugL
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 03 Feb 2023 11:11:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 323
x-timer: S1675422686.299873,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 560
X-Firefox-Spdy: h2
classic.clickfunnels.com/images/closemodal.png
104.16.16.194200 OK 672 B URL HTTP/2 classic.clickfunnels.com/images/closemodal.png
IP 104.16.16.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 19754ed4d508cf576c80cf36e0db8c50
f459beac714e5be68aa75349fa806a5642af456a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
GET /images/closemodal.png HTTP/1.1
Host: classic.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://frani.clickfunnels.com/
Connection: keep-alive
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:26 GMT
content-type: image/webp
content-length: 672
cf-ray: 793ab9cdbb171c02-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 648225
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "63c939da-314"
expires: Mon, 06 Mar 2023 11:11:26 GMT
last-modified: Thu, 19 Jan 2023 12:38:50 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 282d6132e7d6e1c8aae030543ebb8ad4
3f0e12f89adeda9af0ae6065c810b216359b7581
6de5dfbdd3884f6505bebd5469c2cadc701bdee16ae542d87ea7204cf25be344
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2616
Cache-Control: max-age=131227
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:26 GMT
Etag: "63dc3f41-1d7"
Expires: Sat, 04 Feb 2023 23:38:33 GMT
Last-Modified: Thu, 02 Feb 2023 22:54:57 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1223.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=1839&ck=0&s=37d9c18e0c8eeed5&ref=https://frani.clickfunnels.com/optin1675348668626&ap=275&be=635&fe=862&dc=673&perf=%7B%22timing%22:%7B%22of%22:1675422715090,%22n%22:0,%22r%22:-6,%22re%22:432,%22f%22:432,%22dn%22:432,%22dne%22:432,%22c%22:432,%22s%22:432,%22ce%22:432,%22rq%22:439,%22rp%22:605,%22rpe%22:607,%22dl%22:617,%22di%22:1292,%22ds%22:1307,%22de%22:1387,%22dc%22:1494,%22l%22:1494,%22le%22:1607%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=973&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1223.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=1839&ck=0&s=37d9c18e0c8eeed5&ref=https://frani.clickfunnels.com/optin1675348668626&ap=275&be=635&fe=862&dc=673&perf=%7B%22timing%22:%7B%22of%22:1675422715090,%22n%22:0,%22r%22:-6,%22re%22:432,%22f%22:432,%22dn%22:432,%22dne%22:432,%22c%22:432,%22s%22:432,%22ce%22:432,%22rq%22:439,%22rp%22:605,%22rpe%22:607,%22dl%22:617,%22di%22:1292,%22ds%22:1307,%22de%22:1387,%22dc%22:1494,%22l%22:1494,%22le%22:1607%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=973&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1223.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=1839&ck=0&s=37d9c18e0c8eeed5&ref=https://frani.clickfunnels.com/optin1675348668626&ap=275&be=635&fe=862&dc=673&perf=%7B%22timing%22:%7B%22of%22:1675422715090,%22n%22:0,%22r%22:-6,%22re%22:432,%22f%22:432,%22dn%22:432,%22dne%22:432,%22c%22:432,%22s%22:432,%22ce%22:432,%22rq%22:439,%22rp%22:605,%22rpe%22:607,%22dl%22:617,%22di%22:1292,%22ds%22:1307,%22de%22:1387,%22dc%22:1494,%22l%22:1494,%22le%22:1607%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=973&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 11:11:26 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 793ab9ce5dc9b509-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2fb40e18172e1098e5754fa2501644c6
3810f7fc61314247576e9116a1d4962ff621628f
4c98ce5497be964a47e57aa78e3236039d219e502b657a9dafc9b5e2c0a45ac0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1151
Cache-Control: max-age=147066
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:26 GMT
Etag: "63dc82d9-117"
Expires: Sun, 05 Feb 2023 04:02:32 GMT
Last-Modified: Fri, 03 Feb 2023 03:43:21 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2573
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 11:11:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2573
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 11:11:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:49 GMT
age: 47618
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2573
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 11:11:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02123eef9faa8560ff66b058d4e13a28
decf26282993d7f0b14cf4112d14fa39c97fa89f
28889ff20f1b2fe0b73f8f97e6569f1d68d77fe436eeb47cc06ee4f0822ff239
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9130
x-amzn-requestid: 09ad3fbb-1e71-4455-82df-6e59f65239a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuxiYEkqIAMFVZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2fa8-1dca116e4317f9bd14f6d45a;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:48:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Bc2svrG-wX63DK9RPUyjh-n6AHVHaQe3QRmEL27L-amwCH2I_f_9g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:38 GMT
age: 47629
etag: "decf26282993d7f0b14cf4112d14fa39c97fa89f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e690e4c-e16d-49e9-ac12-24a092d6a60c.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e690e4c-e16d-49e9-ac12-24a092d6a60c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1d6fa4715c4e78250b2f72ddd2706f1
be04ac3a50aa6f1b349a2410ad386d92de3222be
d1c3c1b7016428bf2a085b71ca0d1e215a64b3d31ff15b0ef8bf5a78f11d9ae5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e690e4c-e16d-49e9-ac12-24a092d6a60c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8543
x-amzn-requestid: 3dc0960e-97db-42c8-99ac-623a44e8bb3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuv0wGJhIAMFaTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ceb-5ad3ef033a62559762db42b9;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EKWOeGruQEm9HuSlJMiEEw_gN1p37qTTIhYqaiQ6bFaCF65kUfmMtA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:20 GMT
age: 47647
etag: "be04ac3a50aa6f1b349a2410ad386d92de3222be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hSyEfSDToqgfnFIW68Krz-ANYUNQoUPWhyb-8xDUarI6mnVLXriHDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:59:54 GMT
age: 47493
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2fb40e18172e1098e5754fa2501644c6
3810f7fc61314247576e9116a1d4962ff621628f
4c98ce5497be964a47e57aa78e3236039d219e502b657a9dafc9b5e2c0a45ac0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1152
Cache-Control: max-age=147066
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:27 GMT
Etag: "63dc82d9-117"
Expires: Sun, 05 Feb 2023 04:02:33 GMT
Last-Modified: Fri, 03 Feb 2023 03:43:21 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 48206
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 070e8e907251bba55e86836eaac0a73c
2050e1babffe449d3add577c9ae024f4b2ae587f
2011018a3c392c7bbd7473f07b78208e7cbbcc9dcd3bc453aa1485e894b82248
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2011018A3C392C7BBD7473F07B78208E7CBBCC9DCD3BC453AA1485E894B82248"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Fri, 03 Feb 2023 17:11:02 GMT
Date: Fri, 03 Feb 2023 11:11:27 GMT
Connection: keep-alive
cadrfadr.studiolegaledorianapesce.it/dafe1/gardv/pasclao
185.56.218.4302 Found 254 B URL HTTP/2 cadrfadr.studiolegaledorianapesce.it/dafe1/gardv/pasclao
IP 185.56.218.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e8c638c67170b3b4213749b482e81083
0e3148761fb5ee6d798abc5e6484d32c1fcf02ac
b485a7b75bbbd598961edbdb0416ff44436aba8900bf36c6b04850a39204f3b6
Analyzer Verdict Alert fortinet Phishing
GET /dafe1/gardv/pasclao HTTP/1.1
Host: cadrfadr.studiolegaledorianapesce.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://frani.clickfunnels.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
strict-transport-security: max-age=300; includeSubDomains; preload
location: https://cadrfadr.studiolegaledorianapesce.it/cgi-sys/suspendedpage.cgi
content-length: 254
content-type: text/html; charset=iso-8859-1
date: Fri, 03 Feb 2023 11:11:26 GMT
server: Apache
X-Firefox-Spdy: h2
cadrfadr.studiolegaledorianapesce.it/cgi-sys/suspendedpage.cgi
185.56.218.4200 OK 4.1 kB URL HTTP/2 cadrfadr.studiolegaledorianapesce.it/cgi-sys/suspendedpage.cgi
IP 185.56.218.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4070)
Hash e06824c411c2049f5f9706f3cae8b5a3
8df5818519c19e71fafbde6847c57f8d9b82379b
473389886b76cefb5676737e2cfc9652c7c5cf473dbd55c86d2d7d8e0c3fea89
GET /cgi-sys/suspendedpage.cgi HTTP/1.1
Host: cadrfadr.studiolegaledorianapesce.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://frani.clickfunnels.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=300; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4137
content-type: text/html
date: Fri, 03 Feb 2023 11:11:26 GMT
server: Apache
X-Firefox-Spdy: h2
frani.clickfunnels.com/cdn-cgi/rum?
104.16.16.194204 No Content 0 B URL HTTP/2 frani.clickfunnels.com/cdn-cgi/rum?
IP 104.16.16.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: frani.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 557
Origin: https://frani.clickfunnels.com
Connection: keep-alive
Referer: https://frani.clickfunnels.com/optin1675348668626
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTgxNDc2NTU=:visited=true; cf:visitor_id=7a68e219-1f48-44ab-8011-bd629332a799; addevent_track_cookie=56def5c5-12d0-4975-aa79-dc41a934c7be; is_eu=false; dexeti8fcicgn1di=true; 12773510_viewed_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Fri, 03 Feb 2023 11:11:27 GMT
access-control-allow-origin: https://frani.clickfunnels.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 793ab9d70c071c02-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cadrfadr.studiolegaledorianapesce.it/favicon.ico
185.56.218.4302 Found 254 B URL HTTP/2 cadrfadr.studiolegaledorianapesce.it/favicon.ico
IP 185.56.218.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e8c638c67170b3b4213749b482e81083
0e3148761fb5ee6d798abc5e6484d32c1fcf02ac
b485a7b75bbbd598961edbdb0416ff44436aba8900bf36c6b04850a39204f3b6
GET /favicon.ico HTTP/1.1
Host: cadrfadr.studiolegaledorianapesce.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cadrfadr.studiolegaledorianapesce.it/cgi-sys/suspendedpage.cgi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
strict-transport-security: max-age=300; includeSubDomains; preload
location: https://cadrfadr.studiolegaledorianapesce.it/cgi-sys/suspendedpage.cgi
content-length: 254
content-type: text/html; charset=iso-8859-1
date: Fri, 03 Feb 2023 11:11:27 GMT
server: Apache
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.woff2
172.64.132.15200 OK 39 kB URL HTTP/2 use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.woff2
IP 172.64.132.15:0
File type Web Open Font Format (Version 2), TrueType, length 38784, version 1.0\012- data
Hash f9b85c9463af7103b9b24bbbf09a06ed
d28d7222bcbeb8ea701a771e85f7efe006e62fb1
62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56
GET /releases/v5.0.6/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cadrfadr.studiolegaledorianapesce.it
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:28 GMT
content-type: application/font-woff2
content-length: 38784
x-amz-id-2: Jb0BSD6DLB3ZRWC1sWzWm378adsT2ja18mKVSYDKRsX6xIxh6JXMCtV+pRG4JdfYKfE8TpH+qcI=
x-amz-request-id: J5CV3P0BA9XR5QYB
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:27:50 GMT
etag: "f9b85c9463af7103b9b24bbbf09a06ed"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxmrHyi%2Fr76tEkMxg2%2FKwVH1IibTo%2F2VuLQZ%2FAtOajyMGpALAJk6lY3EuBZaheC%2FK8Cqm8y761QUy9APOrO5v1COYghCpfnBck3K2AQDR4zsaAtlY%2FIxD%2FTWjamqE44yJnPfh1b6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793ab9d82aca75bd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bam.nr-data.net/events/1/NRJS-fc902efb332119fff33?a=367981416&v=1223.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3263&ck=0&s=37d9c18e0c8eeed5&ref=https://frani.clickfunnels.com/optin1675348668626
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-fc902efb332119fff33?a=367981416&v=1223.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3263&ck=0&s=37d9c18e0c8eeed5&ref=https://frani.clickfunnels.com/optin1675348668626
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-fc902efb332119fff33?a=367981416&v=1223.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3263&ck=0&s=37d9c18e0c8eeed5&ref=https://frani.clickfunnels.com/optin1675348668626 HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 61
Origin: https://frani.clickfunnels.com
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 11:11:28 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 793ab9da8fe1b509-OSL
Access-Control-Allow-Origin: https://frani.clickfunnels.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
use.fontawesome.com/releases/v5.0.6/css/all.css
172.64.132.15200 OK 7.7 kB URL HTTP/2 use.fontawesome.com/releases/v5.0.6/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (34556)
Hash ef2daa57f5579775ef192418d8d74979
ee609e28baca6f1f7c28b075707abb463ff7bc91
c20027e81c9df438f532da11d2ffb35012b74282c5e7b1f5180abc9aed86bce4
GET /releases/v5.0.6/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cadrfadr.studiolegaledorianapesce.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:27 GMT
content-type: text/css
x-amz-id-2: 56umF+a77quXuMRBbRGrVovXdjlppNym9DzH7SXlUXwvDx9VeiETFyCe6N3OrJYRZLocu7IVdew=
x-amz-request-id: ZZYT058DPX6EMV5N
last-modified: Wed, 30 Jun 2021 15:27:49 GMT
etag: W/"42eaa52604673b64d6b356c2fd7f87e3"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1739578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNC4rsvy2f8m8bONWr%2BkJ16SNOZy3EaJWX5m91jvq9kb1rKlNi75C7L7yrVplyNQY31nsK3Wgmkh2EXdNz0TdkCUMH8riubyQzFz8O2hdO%2BDOlF35Xp8LpWz%2BA4e6ZMJQa%2FPXj3n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793ab9d76d90776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/lander.js
104.16.16.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/assets/lander.js
IP 104.16.16.194:0
GET /assets/lander.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: application/x-javascript
cf-ray: 793ab9c6cc051c02-OSL
access-control-allow-origin: *
age: 886
cache-control: public, max-age=1200
etag: W/"63dbd6a4-239357"
expires: Fri, 03 Feb 2023 11:31:25 GMT
last-modified: Thu, 02 Feb 2023 15:28:36 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.57.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.57.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://frani.clickfunnels.com
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 793ab9c73cf1b4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP 172.64.132.15:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: text/css
x-amz-id-2: HpuDfuJOnoRBIn1oGWh6kpnFISyPAhBcUuSh2sgaSOixf+diILYpFUsoF1uDkiR93wgKGECAn7k=
x-amz-request-id: F0PPGVAN5CXAHSGM
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 597574
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYBWQxp1oWhFVoHxfhJjoy%2BuOdBEfglh%2BnyhKfOCcnTi41a64Uu3UPTLM%2BcfsnwgqFIyQTpI89gH0VOGfzOqmoGPmxs8KSpK2a8XJN51thNAWxJUb82haJeBmmdiWfozhRsz0anc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793ab9c76e797324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/all.css
IP 172.64.132.15:0
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: text/css
x-amz-id-2: vC8KBN503iyWKZzHxfJc5rs99Ocw4DSTaifdaL1SsWTbuhhIHZc4Cm+BPlh6dJ7ueugjQrc5cWE=
x-amz-request-id: F0PHW7H6699FG8TW
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 597576
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWkjlwJa1%2Fkc18KFdlfudMWtayQDVk8gjNKfBrCXVoF23wee%2BRG41xwmssCE0dqfp6D4hwFzdo1GdgFcQWlskGM5lUzQpGcRTJNHLrtPZI4YO2w0ikDR%2F%2FFq1bnuL1e69AfV1wmR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793ab9c77e7c7324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=Si8waTVxR1BYR0EzMjcvRTV3c3Q2QT09LS04L1VGSVNIaUtVNVl6VVBBL1ovZlJ3PT0%3D--18852a59004be87e22815faa21ae4a1a0d077d36&page_id=UHVML2R2ZjIvSDhvdk56ejNXS0U2dz09LS02Qmd4M2NnRG41NGU3akxUNE9Dck13PT0%3D--3c94f23b73d4e0f7353c63262270fdb57d733c12&funnel_step_id=Q1ljWmdTaTVFMFpXa293aFphejM0QT09LS1WS2lKM25xeWhzWFRKZlIwOS9ENFlRPT0%3D--1134c72751207ea35d560ffaca56f061de0c306c&user_id=YThQSlR4bmdNdUlHcUI3WmtDZjhPQT09LS1QUlBnRGV0VW9PQ3BYOGpIOXI1NllBPT0%3D--ec34caa1fe752e2f4310024a293aaca05919648e&account_id=QVVuMXY2ZEl6UDBLanp1VTJDNGtHZz09LS1kd3FEcmEwYTdHVTdCUFZKZllXNXpBPT0%3D--0b2f133bf6907b62dcbcf89a0e04dd7ee13c73fb&page_code=NTgxNDc2NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=ba028215-d04b-47aa-80fc-f5d4da41b024&url=https%3A%2F%2Ffrani.clickfunnels.com%2Foptin1675348668626
104.16.16.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=Si8waTVxR1BYR0EzMjcvRTV3c3Q2QT09LS04L1VGSVNIaUtVNVl6VVBBL1ovZlJ3PT0%3D--18852a59004be87e22815faa21ae4a1a0d077d36&page_id=UHVML2R2ZjIvSDhvdk56ejNXS0U2dz09LS02Qmd4M2NnRG41NGU3akxUNE9Dck13PT0%3D--3c94f23b73d4e0f7353c63262270fdb57d733c12&funnel_step_id=Q1ljWmdTaTVFMFpXa293aFphejM0QT09LS1WS2lKM25xeWhzWFRKZlIwOS9ENFlRPT0%3D--1134c72751207ea35d560ffaca56f061de0c306c&user_id=YThQSlR4bmdNdUlHcUI3WmtDZjhPQT09LS1QUlBnRGV0VW9PQ3BYOGpIOXI1NllBPT0%3D--ec34caa1fe752e2f4310024a293aaca05919648e&account_id=QVVuMXY2ZEl6UDBLanp1VTJDNGtHZz09LS1kd3FEcmEwYTdHVTdCUFZKZllXNXpBPT0%3D--0b2f133bf6907b62dcbcf89a0e04dd7ee13c73fb&page_code=NTgxNDc2NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=ba028215-d04b-47aa-80fc-f5d4da41b024&url=https%3A%2F%2Ffrani.clickfunnels.com%2Foptin1675348668626
IP 104.16.16.194:0
GET /userevents/?funnel_id=Si8waTVxR1BYR0EzMjcvRTV3c3Q2QT09LS04L1VGSVNIaUtVNVl6VVBBL1ovZlJ3PT0%3D--18852a59004be87e22815faa21ae4a1a0d077d36&page_id=UHVML2R2ZjIvSDhvdk56ejNXS0U2dz09LS02Qmd4M2NnRG41NGU3akxUNE9Dck13PT0%3D--3c94f23b73d4e0f7353c63262270fdb57d733c12&funnel_step_id=Q1ljWmdTaTVFMFpXa293aFphejM0QT09LS1WS2lKM25xeWhzWFRKZlIwOS9ENFlRPT0%3D--1134c72751207ea35d560ffaca56f061de0c306c&user_id=YThQSlR4bmdNdUlHcUI3WmtDZjhPQT09LS1QUlBnRGV0VW9PQ3BYOGpIOXI1NllBPT0%3D--ec34caa1fe752e2f4310024a293aaca05919648e&account_id=QVVuMXY2ZEl6UDBLanp1VTJDNGtHZz09LS1kd3FEcmEwYTdHVTdCUFZKZllXNXpBPT0%3D--0b2f133bf6907b62dcbcf89a0e04dd7ee13c73fb&page_code=NTgxNDc2NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=ba028215-d04b-47aa-80fc-f5d4da41b024&url=https%3A%2F%2Ffrani.clickfunnels.com%2Foptin1675348668626 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://frani.clickfunnels.com
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 202 Accepted
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: text/html
cf-ray: 793ab9ca88011c02-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 2e964669009f212a267f78341c83eef6
x-runtime: 0.017535
set-cookie: __cf_bm=uQHqr0043i.K3kNcGAaykHX8k9WZzZZqY1nwLOcKdUw-1675422685-0-ASntsouz68fUhzKCx6rCGS9Y6DWJtxAuglVRhcsCc/moK9Nurd+4pmOFqDRSNwBbpBhdbaTF1bV2C3j72TMGQeHJiDGoz+GoZrdIzBTTbtoz; path=/; expires=Fri, 03-Feb-23 11:41:25 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
frani.clickfunnels.com/optinq77wbgg
104.16.16.194302 Found 0 B URL HTTP/2 frani.clickfunnels.com/optinq77wbgg
IP 104.16.16.194:0
GET /optinq77wbgg HTTP/1.1
Host: frani.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Fri, 03 Feb 2023 11:11:24 GMT
content-type: text/html; charset=utf-8
location: https://frani.clickfunnels.com/optin1675348668626
cf-ray: 793ab9c3c8d71c02-OSL
access-control-allow-origin: *
cache-control: no-cache, private
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
status: 302 Found
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: f9f38013a44069c5a44c2919a05dabec
x-runtime: 0.066998
set-cookie: __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI; path=/; expires=Fri, 03-Feb-23 11:41:24 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/lander.css
104.16.16.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/assets/lander.css
IP 104.16.16.194:0
GET /assets/lander.css HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: text/css
cf-ray: 793ab9c6cc0a1c02-OSL
access-control-allow-origin: *
age: 899
cache-control: public, max-age=1200
etag: W/"63dbd64f-6a514"
expires: Fri, 03 Feb 2023 11:31:25 GMT
last-modified: Thu, 02 Feb 2023 15:27:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/userevents/application.js
104.16.16.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/assets/userevents/application.js
IP 104.16.16.194:0
GET /assets/userevents/application.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: application/x-javascript
cf-ray: 793ab9c6cc0b1c02-OSL
access-control-allow-origin: *
age: 886
cache-control: public, max-age=1200
etag: W/"63dbd64f-147c"
expires: Fri, 03 Feb 2023 11:31:25 GMT
last-modified: Thu, 02 Feb 2023 15:27:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP 142.250.74.106:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 11:11:25 GMT
date: Fri, 03 Feb 2023 11:11:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
scambinance.com/go.php?url=https://cadrfadr.studiolegaledorianapesce.it/dafe1/gardv/pasclao
188.114.96.1302 Found 0 B URL HTTP/2 scambinance.com/go.php?url=https://cadrfadr.studiolegaledorianapesce.it/dafe1/gardv/pasclao
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /go.php?url=https://cadrfadr.studiolegaledorianapesce.it/dafe1/gardv/pasclao HTTP/1.1
Host: scambinance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 03 Feb 2023 11:11:27 GMT
content-type: text/html; charset=UTF-8
location: https://cadrfadr.studiolegaledorianapesce.it/dafe1/gardv/pasclao
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyGrgRvWtNQSKuB4QbAncAbRdGQhuMozDeQ%2FAFIT3O214I8MoWA%2BQJ9092YZ2foTHgk0KsSZauPtTEhVxn1pzNAn37pA8Ydkw3xk8%2F7ClE%2FFfMHtQ9AgwwZluPVU0SYWaJo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793ab9d1889ab521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2