tracking.quickmcafunding.com/tracking/click?d=aF-bZnbo2kHabKgMZw2WIxoqCK6oPlRhusmybWauPQXekA4hyCQLwPk-pWbdy0_YXYmbEuQDh65Q-R_VUEpMlMFPAeiCul6_R1HtHZ8UFt6QwFRa4431LEEJv7j5qc0d9p4aOdQrwoSDeULQSIAInLnLm6JNV2v5U6fdk-mLQ6RCWMMzazZtv1C0Lx_msMRsyFCcLMkRqVbjmI2mICs9AXCL2wVydMEiyfzr-JZ8SNAUWaMJyYFzIp_XTGJPSwMceFh3zYo-ujBNk4TvRlR3RVjAo93E_gSLyDWpf5b720Sx4TyKrJcxUYwk_U_N1NGBp8WxJ1QW9-hWQANxLWkF-aUkpdRMH2OOvX_VFCQ6LMZKA8W0TG6cnIJwPfhJ8OBdL_UXDLeilKFsm0P5iPxSV6HhWDetEkw6G58KI1_RuYJzLjPlJ1o-M3cH4ClukonZ1niqFFx0fXbGlKuRXERh-fu-dq4FWTGKDITw-YV-aavY-NhBR4-u_BD2rru_ChMrqvI0dwHi7bDF-rQByj7oCZetvpzaM08bjTJQ4bmiVzJJ0
46.105.88.234302 Found 447 B URL HTTP/1.1 tracking.quickmcafunding.com/tracking/click?d=aF-bZnbo2kHabKgMZw2WIxoqCK6oPlRhusmybWauPQXekA4hyCQLwPk-pWbdy0_YXYmbEuQDh65Q-R_VUEpMlMFPAeiCul6_R1HtHZ8UFt6QwFRa4431LEEJv7j5qc0d9p4aOdQrwoSDeULQSIAInLnLm6JNV2v5U6fdk-mLQ6RCWMMzazZtv1C0Lx_msMRsyFCcLMkRqVbjmI2mICs9AXCL2wVydMEiyfzr-JZ8SNAUWaMJyYFzIp_XTGJPSwMceFh3zYo-ujBNk4TvRlR3RVjAo93E_gSLyDWpf5b720Sx4TyKrJcxUYwk_U_N1NGBp8WxJ1QW9-hWQANxLWkF-aUkpdRMH2OOvX_VFCQ6LMZKA8W0TG6cnIJwPfhJ8OBdL_UXDLeilKFsm0P5iPxSV6HhWDetEkw6G58KI1_RuYJzLjPlJ1o-M3cH4ClukonZ1niqFFx0fXbGlKuRXERh-fu-dq4FWTGKDITw-YV-aavY-NhBR4-u_BD2rru_ChMrqvI0dwHi7bDF-rQByj7oCZetvpzaM08bjTJQ4bmiVzJJ0
IP 46.105.88.234:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (375), with CRLF line terminators
Hash e20b26be5a1d18fd00255d96114cdbed
ee12fe9774d1a251b5e3b2aee6d7e371e5d9fb11
680d497861ef5c9fd9e82b15410890454671fd12bf2eb4e3ed373b118c39c47f
GET /tracking/click?d=aF-bZnbo2kHabKgMZw2WIxoqCK6oPlRhusmybWauPQXekA4hyCQLwPk-pWbdy0_YXYmbEuQDh65Q-R_VUEpMlMFPAeiCul6_R1HtHZ8UFt6QwFRa4431LEEJv7j5qc0d9p4aOdQrwoSDeULQSIAInLnLm6JNV2v5U6fdk-mLQ6RCWMMzazZtv1C0Lx_msMRsyFCcLMkRqVbjmI2mICs9AXCL2wVydMEiyfzr-JZ8SNAUWaMJyYFzIp_XTGJPSwMceFh3zYo-ujBNk4TvRlR3RVjAo93E_gSLyDWpf5b720Sx4TyKrJcxUYwk_U_N1NGBp8WxJ1QW9-hWQANxLWkF-aUkpdRMH2OOvX_VFCQ6LMZKA8W0TG6cnIJwPfhJ8OBdL_UXDLeilKFsm0P5iPxSV6HhWDetEkw6G58KI1_RuYJzLjPlJ1o-M3cH4ClukonZ1niqFFx0fXbGlKuRXERh-fu-dq4FWTGKDITw-YV-aavY-NhBR4-u_BD2rru_ChMrqvI0dwHi7bDF-rQByj7oCZetvpzaM08bjTJQ4bmiVzJJ0 HTTP/1.1
Host: tracking.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://link.prspctmn.com/v1/smtp_email/event/clicked/message/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXNzYWdlSWQiOiI5QkQwbTJmaGZlRlZ1Q0g3UnlNTCIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LnF1aWNrbWNhZnVuZGluZy5jb20lMkYiLCJob3N0IjoiaHR0cHM6Ly9saW5rLnByc3BjdG1uLmNvbSIsImlhdCI6MTY3NTQ3NDMxNTI5N30.DR8KlY64fu1M2mo3mI5VKSF6IzrU17OKW2tVXfHL4fU
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-ElasticEmail-ApiKey, X-ElasticEmail-BrowserToken, X-ElasticEmail-ImpersonateAs
Access-Control-Expose-Headers: X-ElasticEmail-BrowserToken, X-Total-Count, X-ElasticEmail-AccessToken
X-Robots-Tag: noindex, nofollow
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 04 Feb 2023 01:32:31 GMT
Content-Length: 447
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9459
Expires: Sat, 04 Feb 2023 04:10:11 GMT
Date: Sat, 04 Feb 2023 01:32:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8066
Expires: Sat, 04 Feb 2023 03:46:58 GMT
Date: Sat, 04 Feb 2023 01:32:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 00:43:35 GMT
content-type: application/json
age: 2937
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9972
Expires: Sat, 04 Feb 2023 04:18:44 GMT
Date: Sat, 04 Feb 2023 01:32:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: etsnBiU7UcZIUqghJqZ6xRSBpqdRbPYfI36hL+FP75JNB4vnr8QE8hUDRgkSR30y0bNkt2mO8ds=
x-amz-request-id: ZWBDSQ8GJHRDQNDZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 00:52:38 GMT
age: 2394
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:32:32 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 01:07:19 GMT
age: 1514
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3502
Expires: Sat, 04 Feb 2023 02:30:55 GMT
Date: Sat, 04 Feb 2023 01:32:33 GMT
Connection: keep-alive
link.prspctmn.com/v1/smtp_email/event/clicked/message/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXNzYWdlSWQiOiI5QkQwbTJmaGZlRlZ1Q0g3UnlNTCIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LnF1aWNrbWNhZnVuZGluZy5jb20lMkYiLCJob3N0IjoiaHR0cHM6Ly9saW5rLnByc3BjdG1uLmNvbSIsImlhdCI6MTY3NTQ3NDMxNTI5N30.DR8KlY64fu1M2mo3mI5VKSF6IzrU17OKW2tVXfHL4fU
34.70.111.192302 Found 108 B URL HTTP/2 link.prspctmn.com/v1/smtp_email/event/clicked/message/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXNzYWdlSWQiOiI5QkQwbTJmaGZlRlZ1Q0g3UnlNTCIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LnF1aWNrbWNhZnVuZGluZy5jb20lMkYiLCJob3N0IjoiaHR0cHM6Ly9saW5rLnByc3BjdG1uLmNvbSIsImlhdCI6MTY3NTQ3NDMxNTI5N30.DR8KlY64fu1M2mo3mI5VKSF6IzrU17OKW2tVXfHL4fU
IP 34.70.111.192:0
File type HTML document, ASCII text, with no line terminators
Hash 4b7e0d29304ed733ab876b484ff1d499
f12ffc5c5482306dd6cbb288223b3d26baa84138
79a7c74cc692018b287a91a9cd22135bbbc998a946948491996fbe1bbdb40168
Analyzer Verdict Alert fortinet Phishing
GET /v1/smtp_email/event/clicked/message/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtZXNzYWdlSWQiOiI5QkQwbTJmaGZlRlZ1Q0g3UnlNTCIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LnF1aWNrbWNhZnVuZGluZy5jb20lMkYiLCJob3N0IjoiaHR0cHM6Ly9saW5rLnByc3BjdG1uLmNvbSIsImlhdCI6MTY3NTQ3NDMxNTI5N30.DR8KlY64fu1M2mo3mI5VKSF6IzrU17OKW2tVXfHL4fU HTTP/1.1
Host: link.prspctmn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: openresty
date: Sat, 04 Feb 2023 01:32:33 GMT
content-type: text/html; charset=utf-8
content-length: 108
location: https://www.quickmcafunding.com/
x-powered-by: Express
access-control-allow-origin: *
vary: Accept
x-cloud-trace-context: 0b7e49dbde6a8042b080f07f8747d717
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.216.206.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.206.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5YJBrVc0WJ+LvqCFNK0oYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TyBuVeB8KRKs4/uv/2Jo1dMLWW8=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a6bac8a06ba04394c26576d52aa91476
ba7bbbda03fdaa7af99c6bf84cacca731a0f8754
1bb6aac93575a8d10f9a4ad177c03c682e7617449348f9e2a722666385afe2da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=169081
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:32:33 GMT
Etag: "63dda72a-116"
Expires: Mon, 06 Feb 2023 00:30:34 GMT
Last-Modified: Sat, 04 Feb 2023 00:30:34 GMT
Server: nginx
Content-Length: 278
www.quickmcafunding.com/hosted/images/11/0971905b7d11e68a45cf66aec20b97/5264673447870464.jpg
104.16.15.194200 OK 3.2 kB URL HTTP/2 www.quickmcafunding.com/hosted/images/11/0971905b7d11e68a45cf66aec20b97/5264673447870464.jpg
IP 104.16.15.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 126x116, components 3\012- data
Hash c25ce463cebd2c640ba8053bf28d9153
e30cdca6f6e1d39eeb4dcb3da47773e62674c4f1
b20a69440d48a9f4c9919782ffbc80922ff73edcbafb46121648ce52cd14c9cb
GET /hosted/images/11/0971905b7d11e68a45cf66aec20b97/5264673447870464.jpg HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: image/jpeg
content-length: 3187
cf-ray: 793fa73b9d5db524-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "25db82aedd0066072fe5d3cd7ced9bc4"
last-modified: Sat, 06 Aug 2016 02:25:42 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=4357
x-amz-cf-pop: OSL50-P1
server: cloudflare
X-Firefox-Spdy: h2
www.quickmcafunding.com/hosted/images/2c/049c80668611e780e5a9a98686e07f/rocket_cmp.jpg
104.16.15.194200 OK 4.5 kB URL HTTP/2 www.quickmcafunding.com/hosted/images/2c/049c80668611e780e5a9a98686e07f/rocket_cmp.jpg
IP 104.16.15.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 154x161, components 3\012- data
Hash 9ddb8626f852b7ace4e7282ab815fbda
711f7622992545716b6839ddbdcfbdabc6064654
246db88af197707049ea1ba5d9d44c6509ba4fcd6a837a1cb45e998e6d3a15ba
GET /hosted/images/2c/049c80668611e780e5a9a98686e07f/rocket_cmp.jpg HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: image/jpeg
content-length: 4529
cf-ray: 793fa73b9d60b524-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "ac70d2cc012ab7717c546621f48fc4d7"
last-modified: Tue, 11 Jul 2017 22:13:34 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=6417
x-amz-cf-pop: OSL50-P1
server: cloudflare
X-Firefox-Spdy: h2
www.quickmcafunding.com/hosted/images/e3/124761635711e7b20e776f9e77a64f/mobilehand.jpg
104.16.15.194200 OK 12 kB URL HTTP/2 www.quickmcafunding.com/hosted/images/e3/124761635711e7b20e776f9e77a64f/mobilehand.jpg
IP 104.16.15.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x263, components 3\012- data
Hash 0a7c1d6134ba76c59b11c5a7c2b9eb2c
a2bac60df66988daff7a401f46e8d1a8557ea5f4
7d7a13b3255603e719fda0821bcf4244405b14f4c234250db43b55693872e67d
GET /hosted/images/e3/124761635711e7b20e776f9e77a64f/mobilehand.jpg HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: image/jpeg
content-length: 12441
cf-ray: 793fa73b9d65b524-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "4c3156e12080f8e51a8dd82b317c7527"
last-modified: Fri, 07 Jul 2017 21:04:41 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=17223
x-amz-cf-pop: OSL50-P1
server: cloudflare
X-Firefox-Spdy: h2
www.quickmcafunding.com/hosted/images/20/b5e5105b7d11e6bdd2a14ae43ac84c/6175393479917568.jpg
104.16.15.194200 OK 6.2 kB URL HTTP/2 www.quickmcafunding.com/hosted/images/20/b5e5105b7d11e6bdd2a14ae43ac84c/6175393479917568.jpg
IP 104.16.15.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 142x133, components 3\012- data
Hash 89d7fbc92583cf35812683a367cbd863
60c1032ca1dd4f55481eff533826e5042e67ac60
0166e350f5c9b11bbe467a9d56d52a8a84c99c27934f69fa3564405bee06593b
GET /hosted/images/20/b5e5105b7d11e6bdd2a14ae43ac84c/6175393479917568.jpg HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: image/jpeg
content-length: 6156
cf-ray: 793fa73b9d5fb524-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "89d7fbc92583cf35812683a367cbd863"
last-modified: Sat, 06 Aug 2016 02:26:08 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.quickmcafunding.com/hosted/images/18/025f50635811e7b93433d7563cb211/moneybills.jpg
104.16.15.194200 OK 11 kB URL HTTP/2 www.quickmcafunding.com/hosted/images/18/025f50635811e7b93433d7563cb211/moneybills.jpg
IP 104.16.15.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 248x249, components 3\012- data
Hash 208de91af641b68ce926d211f19c567a
e8208d6540ca4b35ca9977678ba8217910830b77
8844f3ad5dd0ee5cdcc44c01df1cdb7c2925c50639ad2b5ee4b987a30f86fe43
GET /hosted/images/18/025f50635811e7b93433d7563cb211/moneybills.jpg HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: image/jpeg
content-length: 11069
cf-ray: 793fa73bad6bb524-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "9cd078ffd53d14020e8ce4f2cd66d36b"
last-modified: Fri, 07 Jul 2017 21:06:09 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=15661
x-amz-cf-pop: OSL50-C1
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5adf2c0a4b0cb0102bb2a801db222019
987b0d000fef5f238e256af039503019a60bb4f3
bc1467d19e8dea3983161468af524eb7c479b9e9e4f30df5f971f6816a8f4f85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1532
Cache-Control: max-age=106538
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:32:34 GMT
Etag: "63dcace0-117"
Expires: Sun, 05 Feb 2023 07:08:12 GMT
Last-Modified: Fri, 03 Feb 2023 06:42:40 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
www.quickmcafunding.com/hosted/images/88/923c9ab9fc4eda981e22d7d4058ce7/green-01.png
104.16.15.194200 OK 78 kB URL HTTP/2 www.quickmcafunding.com/hosted/images/88/923c9ab9fc4eda981e22d7d4058ce7/green-01.png
IP 104.16.15.194:0
File type PNG image data, 3000 x 3000, 8-bit colormap, non-interlaced\012- data
Hash 7f444e904bbcdef88bdb1163f0f3a6e9
20aca73706ff0a69c466fdb9195be9c4029fe6af
5baded022e169639f6dffc81ddc24e276e481eb5f8db0ea1ed43066e0e067cee
GET /hosted/images/88/923c9ab9fc4eda981e22d7d4058ce7/green-01.png HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: image/png
content-length: 78208
cf-ray: 793fa73b9d5cb524-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "7f444e904bbcdef88bdb1163f0f3a6e9"
last-modified: Fri, 08 Apr 2022 18:38:34 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0b8cd87caa26f8a830efa61297e828f7
51e578f1eac9f26cf1118c8f3d0f9c7938d88a6c
c58d1c1b40196c6f2728fc9bdedae7e035add02a756bf679cf98ba4d9d0e89a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5996
Cache-Control: max-age=125758
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:32:34 GMT
Etag: "63dce684-117"
Expires: Sun, 05 Feb 2023 12:28:32 GMT
Last-Modified: Fri, 03 Feb 2023 10:48:36 GMT
Server: ECS (amb/6BC3)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:32:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3549
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Sat, 04 Feb 2023 01:32:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3549
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Sat, 04 Feb 2023 01:32:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3549
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Sat, 04 Feb 2023 01:32:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3549
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Sat, 04 Feb 2023 01:32:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:20:43 GMT
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
age: 4311
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 12122
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41580a501cc07c328e6ab6b167a110dc
a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e
0fa45161e563101b3f1293f951a3edf84c88c9f3b29bed9b54f952ca325bf21d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7101
x-amzn-requestid: 479d8004-430a-45b9-99fa-11cbcc605a7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHxqoAMFaug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-25ac3c54427748bc191fd1ba;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6h25M_XSVuTCF-9FkTtwujV0X-0-M9fvw4ouOBFmSnMWeApCSHmBsA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 11944
etag: "a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f926cd4f39b1a10b152e5959b28ae29e
2b1982d21321071394e363888e007598e968fb35
a51b246a9aa5a2583cae7fd4f0a3bdf73f0b318b7838828d36ea5674a5f26753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13309
x-amzn-requestid: f6a3f0f3-d91b-4f4d-8265-0f87742ba5d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyFeBFX4oAMFfpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd82bf-5808ceec265756c702d212dc;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:55:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WWjzs8W8GmSAM0-Uc8XBTxz67RJJCIzp3fBYhkoIWZ26UrobmZV8mw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:28:17 GMT
age: 11057
etag: "2b1982d21321071394e363888e007598e968fb35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:05 GMT
age: 13469
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 12121
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:32:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.quickmcafunding.com/hosted/images/ab/5dfff0471a11e7855f5dca53cab33b/cloudstrip-hero_2x.png
104.16.15.194200 OK 73 kB URL HTTP/2 www.quickmcafunding.com/hosted/images/ab/5dfff0471a11e7855f5dca53cab33b/cloudstrip-hero_2x.png
IP 104.16.15.194:0
File type PNG image data, 2672 x 586, 8-bit colormap, non-interlaced\012- data
Hash 62d7d31d12c0dc75b6494d90bbe2eb33
3ae54eed9059d36987731dc39333ee00e7df72e9
e8fcb3e1568229af6b8ef9234c6935b2784c48251f614c66b11a4ab72b0fd870
GET /hosted/images/ab/5dfff0471a11e7855f5dca53cab33b/cloudstrip-hero_2x.png HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: image/png
content-length: 72740
cf-ray: 793fa73dae64b524-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "dbd17d87cba35875b87a1d0333e07214"
last-modified: Thu, 01 Jun 2017 22:36:04 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=72836
x-amz-cf-pop: OSL50-P1
server: cloudflare
X-Firefox-Spdy: h2
www.quickmcafunding.com/cdn-cgi/rum?
104.16.15.194204 No Content 0 B URL HTTP/2 www.quickmcafunding.com/cdn-cgi/rum?
IP 104.16.15.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 7162
Origin: https://www.quickmcafunding.com
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQwNjA2MDc=:visited=true; cf:visitor_id=70ed153e-cb86-4825-af06-225e8e6768e5; addevent_track_cookie=2c18faa4-a16a-4623-756e-a67c99e67c77
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 01:32:35 GMT
access-control-allow-origin: https://www.quickmcafunding.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 793fa741690fb524-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.quickmcafunding.com/hosted/images/23/594080360f4d49997dc086ad189875/Favicon-white-bg-01.png
104.16.15.194200 OK 915 B URL HTTP/2 www.quickmcafunding.com/hosted/images/23/594080360f4d49997dc086ad189875/Favicon-white-bg-01.png
IP 104.16.15.194:0
File type PNG image data, 67 x 67, 8-bit colormap, non-interlaced\012- data
Hash c56dfab89ab887900d53906026bec4ba
a8197a2507f89e76dc42c1e427e4a5775603a8bd
088000c029bc5183ad01a00842c5c25db168c364ccad0ef7f4c18c824d030275
GET /hosted/images/23/594080360f4d49997dc086ad189875/Favicon-white-bg-01.png HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQwNjA2MDc=:visited=true; cf:visitor_id=70ed153e-cb86-4825-af06-225e8e6768e5; addevent_track_cookie=2c18faa4-a16a-4623-756e-a67c99e67c77
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:35 GMT
content-type: image/png
content-length: 915
cf-ray: 793fa7419923b524-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "c56dfab89ab887900d53906026bec4ba"
last-modified: Fri, 08 Apr 2022 19:56:02 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
js-agent.newrelic.com/859.95d4308d-1222.js
151.101.130.137200 OK 3.0 kB URL HTTP/2 js-agent.newrelic.com/859.95d4308d-1222.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (6657), with no line terminators
Hash 364ac85aef21ab784eeec8f55116dff7
82089547d57defc88e114832b7eb9919a8876e31
255295be519de9a2d1040b1c547c25756b63310e2d7234bcf252ed41d5278c0b
GET /859.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PAOkWJ6WiOdnSUVZHZQv79Edy7uPwU81uM9fUJQx6T8UpQupKV3O9whnAR+3HGoYTBPmehtRe7k=
x-amz-request-id: WFN4FJZ1XN6DZ8EG
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "b087387593417c0b63259918da3584e3"
x-amz-version-id: GtNmis6Y3zB4SbtciuRtabFzp3T7wBIy
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 01:32:35 GMT
via: 1.1 varnish
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 549
x-timer: S1675474355.483845,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2975
X-Firefox-Spdy: h2
js-agent.newrelic.com/41.95d4308d-1222.js
151.101.130.137200 OK 439 B URL HTTP/2 js-agent.newrelic.com/41.95d4308d-1222.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (828), with no line terminators
Hash 46946da829a2257cd8bdeb75bc6f8ff9
bfb81d0ebb2c5a2c0fe666f6a9c4c09cc5a545b3
50e164f0b5274f88ecc28c833729663593b3380aed5a4ac3a06d29106332a544
GET /41.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2TG7kVMnt5x5EwbcjDgF/pAaH/jmgGXStlMFEbvOUPNYaRTe14pFRmwb0VQGFJQN7uXfEncHoqkNLs4TYWl92Q==
x-amz-request-id: MFEHG5GPGK6ZYQVP
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "29dd8aef66100e4c69e07fd60fc88b12"
x-amz-version-id: 6FOFyXAonMoqJqLGEMhx7HWIp32cv4MT
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 01:32:35 GMT
via: 1.1 varnish
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 538
x-timer: S1675474356.652948,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 439
X-Firefox-Spdy: h2
js-agent.newrelic.com/569.95d4308d-1222.js
151.101.130.137200 OK 3.2 kB URL HTTP/2 js-agent.newrelic.com/569.95d4308d-1222.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (7513), with no line terminators
Hash 8d0953404ce6fdf0926ef6bf37d7e041
8cec9d9883f8b7720721bb33bffb4afe45193b1d
83966eef1899edd421692b78cda8df58dfb9b0b2b27a7485183c5b4cb44a336d
GET /569.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: v+E2uK5EOShfz1aeDzYcwNWitGv9mKnF6hMwgfWjfoR/qfIZPK6AF+v3z+by8JUQg3fSUYcltK4=
x-amz-request-id: WFNFJ5TESSHD3FE6
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "e97726ab932639fed09971b1d682788c"
x-amz-version-id: umZj.yHws5JPiBHG1j096ELWHEKx7rh0
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 01:32:35 GMT
via: 1.1 varnish
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 539
x-timer: S1675474356.657075,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3173
X-Firefox-Spdy: h2
js-agent.newrelic.com/620.95d4308d-1222.js
151.101.130.137200 OK 1.3 kB URL HTTP/2 js-agent.newrelic.com/620.95d4308d-1222.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (2989), with no line terminators
Hash 7094c3f93699a846fe91edd766391f01
25e8c79409acc2bb73a728c0768e1eda66019255
85eb01219e8aaa7c7968aa175c2421454f99615ae66350b15c60465f4616826f
GET /620.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: QggJtv+14rx8wEd4C6ZTDmmxUSe6+8jiYhTGnWcIRu6DC5pRiaL5fPRx8/lgChduQ7GqRSlO6xY=
x-amz-request-id: WFN5FXFSJTZYM7K6
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "ca9b029ff66dd9146273984d16e20abc"
x-amz-version-id: HYguQMwVKEHCmodKuQRUzW1qxlElK9Xr
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 01:32:35 GMT
via: 1.1 varnish
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 545
x-timer: S1675474356.657375,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1342
X-Firefox-Spdy: h2
js-agent.newrelic.com/457.95d4308d-1222.js
151.101.130.137200 OK 2.0 kB URL HTTP/2 js-agent.newrelic.com/457.95d4308d-1222.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (4809), with no line terminators
Hash 09c0cca8d2a9fd69f1892a1c2d1319b9
b46f4fe3b0adc98785d22a092818b74145a91cc0
593022809e272793157f8280bae176bfa74a02f9f9a6d3269384e2dd434be046
GET /457.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 6YLQBRWWkaavoi6QR5dS+9cRhXVrpaQK5v3G9/iqQ5oKPUxxFI0Uv2tN9ar51sQUG2xwVmTWBnY=
x-amz-request-id: WFN1Z9NXJZGF8XE5
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "c16abc7fa2e34cbb7baf3e290120ad5a"
x-amz-version-id: qROfxBD9CF8WXmbywdhvCmImuu9HvRNA
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 01:32:35 GMT
via: 1.1 varnish
x-served-by: cache-bma1677-BMA
x-cache: HIT
x-cache-hits: 544
x-timer: S1675474356.657619,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1953
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 511a81ddc5300e50f0bca90cd2e438d6
28322a98c7e3e738eb5baf49ca9d0f715bab4e77
4370ace82b76df0f6d6c5e82a93fa0c99ae11feea98d95f720faf28c3f407dd0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4737
Cache-Control: max-age=168072
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:32:35 GMT
Etag: "63dd90ba-1d7"
Expires: Mon, 06 Feb 2023 00:13:47 GMT
Last-Modified: Fri, 03 Feb 2023 22:54:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1222.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3648&ck=0&s=a3eb532e44686b17&ref=https://www.quickmcafunding.com/optin1649442913231&ap=381&be=2371&fe=892&dc=755&perf=%7B%22timing%22:%7B%22of%22:1675474385401,%22n%22:0,%22f%22:2204,%22dn%22:2204,%22dne%22:2204,%22c%22:2204,%22s%22:2204,%22ce%22:2204,%22rq%22:2206,%22rp%22:2335,%22rpe%22:2338,%22dl%22:2343,%22di%22:3100,%22ds%22:3125,%22de%22:3239,%22dc%22:3262,%22l%22:3262,%22le%22:3374%7D,%22navigation%22:%7B%7D%7D&fcp=2870&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1222.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3648&ck=0&s=a3eb532e44686b17&ref=https://www.quickmcafunding.com/optin1649442913231&ap=381&be=2371&fe=892&dc=755&perf=%7B%22timing%22:%7B%22of%22:1675474385401,%22n%22:0,%22f%22:2204,%22dn%22:2204,%22dne%22:2204,%22c%22:2204,%22s%22:2204,%22ce%22:2204,%22rq%22:2206,%22rp%22:2335,%22rpe%22:2338,%22dl%22:2343,%22di%22:3100,%22ds%22:3125,%22de%22:3239,%22dc%22:3262,%22l%22:3262,%22le%22:3374%7D,%22navigation%22:%7B%7D%7D&fcp=2870&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1222.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3648&ck=0&s=a3eb532e44686b17&ref=https://www.quickmcafunding.com/optin1649442913231&ap=381&be=2371&fe=892&dc=755&perf=%7B%22timing%22:%7B%22of%22:1675474385401,%22n%22:0,%22f%22:2204,%22dn%22:2204,%22dne%22:2204,%22c%22:2204,%22s%22:2204,%22ce%22:2204,%22rq%22:2206,%22rp%22:2335,%22rpe%22:2338,%22dl%22:2343,%22di%22:3100,%22ds%22:3125,%22de%22:3239,%22dc%22:3262,%22l%22:3262,%22le%22:3374%7D,%22navigation%22:%7B%7D%7D&fcp=2870&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:32:36 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 793fa7438844b500-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
www.quickmcafunding.com/assets/userevents/application.js
104.16.15.194200 OK 0 B URL HTTP/2 www.quickmcafunding.com/assets/userevents/application.js
IP 104.16.15.194:0
GET /assets/userevents/application.js HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: application/x-javascript
cf-ray: 793fa73b9d5bb524-OSL
access-control-allow-origin: *
age: 707
cache-control: public, max-age=1200
etag: W/"63dbd64f-147c"
expires: Sat, 04 Feb 2023 01:52:34 GMT
last-modified: Thu, 02 Feb 2023 15:27:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/all.css
IP 172.64.133.15:0
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: text/css
x-amz-id-2: /OtkEEJVoMQ14PBnOHYcHfsR+nONSvC0Z85m+7yDK6Z9WYK1mV6R3bLk9Lx14PGHsM5PKnH989w=
x-amz-request-id: TPW5DC88SZY1RGGA
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 937814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BMYzaQRUMXde0D8ysvx8oXzsqXjRVGn6EF0%2FnR9IozYoqSIgrDMBH0M6iBQuw%2BhzO6%2BzcaYnVFZ28gn3tK1QAaRMW0erkIusL4RDEh8tDbedHbKHd94IVYfsPkG7tHys7VJNeeu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793fa73c7b1c76ed-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=enBLcWZaQWF5SktsMWdnQWJobnpCdz09LS1YdVRaRkd5ZmtmL3JmUlhFYThQU3NRPT0%3D--f209ca335a6df70261f0aa439c010bc40029f0e3&page_id=YUtmM2lpdW16M2trRTc1M2drL1kvQT09LS1ya0lyelp5Sk9iNmRmamhLZERpa1hBPT0%3D--ab909b92dd6156e56d8a17110fccf0153ae0ce33&funnel_step_id=VDZWbE0wZ3NVSWZubzVsS0hOK2I2UT09LS1Cc1JaQ1htejZvSXVOUnpDYTRsRkN3PT0%3D--519b16ff16d303bb4b77545a2b650f145ac98b60&user_id=ME1MWWkrc3Bsa1MvdG5aUWNUdTB1Zz09LS12N3htSzRPV05iUDJMZlJOZmNuT1NRPT0%3D--d097894e351456320d002ac27a37c16613bad420&account_id=WlhBQnRGbFB1NTllbFozdlNjdDA4QT09LS1ZdVp1TUFHRDJqM3ZjNkNJNlVDVzd3PT0%3D--0d0143cd714f78348aced736a3459b0c9fcd35f3&page_code=NTQwNjA2MDc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=a44c5a94-5d7f-472f-80da-2eb15fb3fb19&url=https%3A%2F%2Fwww.quickmcafunding.com%2Foptin1649442913231
104.16.14.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=enBLcWZaQWF5SktsMWdnQWJobnpCdz09LS1YdVRaRkd5ZmtmL3JmUlhFYThQU3NRPT0%3D--f209ca335a6df70261f0aa439c010bc40029f0e3&page_id=YUtmM2lpdW16M2trRTc1M2drL1kvQT09LS1ya0lyelp5Sk9iNmRmamhLZERpa1hBPT0%3D--ab909b92dd6156e56d8a17110fccf0153ae0ce33&funnel_step_id=VDZWbE0wZ3NVSWZubzVsS0hOK2I2UT09LS1Cc1JaQ1htejZvSXVOUnpDYTRsRkN3PT0%3D--519b16ff16d303bb4b77545a2b650f145ac98b60&user_id=ME1MWWkrc3Bsa1MvdG5aUWNUdTB1Zz09LS12N3htSzRPV05iUDJMZlJOZmNuT1NRPT0%3D--d097894e351456320d002ac27a37c16613bad420&account_id=WlhBQnRGbFB1NTllbFozdlNjdDA4QT09LS1ZdVp1TUFHRDJqM3ZjNkNJNlVDVzd3PT0%3D--0d0143cd714f78348aced736a3459b0c9fcd35f3&page_code=NTQwNjA2MDc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=a44c5a94-5d7f-472f-80da-2eb15fb3fb19&url=https%3A%2F%2Fwww.quickmcafunding.com%2Foptin1649442913231
IP 104.16.14.194:0
GET /userevents/?funnel_id=enBLcWZaQWF5SktsMWdnQWJobnpCdz09LS1YdVRaRkd5ZmtmL3JmUlhFYThQU3NRPT0%3D--f209ca335a6df70261f0aa439c010bc40029f0e3&page_id=YUtmM2lpdW16M2trRTc1M2drL1kvQT09LS1ya0lyelp5Sk9iNmRmamhLZERpa1hBPT0%3D--ab909b92dd6156e56d8a17110fccf0153ae0ce33&funnel_step_id=VDZWbE0wZ3NVSWZubzVsS0hOK2I2UT09LS1Cc1JaQ1htejZvSXVOUnpDYTRsRkN3PT0%3D--519b16ff16d303bb4b77545a2b650f145ac98b60&user_id=ME1MWWkrc3Bsa1MvdG5aUWNUdTB1Zz09LS12N3htSzRPV05iUDJMZlJOZmNuT1NRPT0%3D--d097894e351456320d002ac27a37c16613bad420&account_id=WlhBQnRGbFB1NTllbFozdlNjdDA4QT09LS1ZdVp1TUFHRDJqM3ZjNkNJNlVDVzd3PT0%3D--0d0143cd714f78348aced736a3459b0c9fcd35f3&page_code=NTQwNjA2MDc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=a44c5a94-5d7f-472f-80da-2eb15fb3fb19&url=https%3A%2F%2Fwww.quickmcafunding.com%2Foptin1649442913231 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.quickmcafunding.com
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Sat, 04 Feb 2023 01:32:35 GMT
content-type: text/html
cf-ray: 793fa73fca77b529-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: a9f36f963059279d0d35708ab7466ad4
x-runtime: 0.024183
set-cookie: __cf_bm=YYI7gK2Bs6JnotmTrbyZ_lfYMW7PZtd6vCQDlko5e0w-1675474355-0-AWxg/JihiNSNg4d6Dwp/edbWWXAEOA33BJ3yJxEC82Wg11BAb/RtlcCYS4wK15KXuT0VrD4jCx92nj0VO4NNCBQGRo8L+dzCgIKDHZh52o5U; path=/; expires=Sat, 04-Feb-23 02:02:35 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
www.quickmcafunding.com/images/background.png?_unique=0.8694012628270994&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.quickmcafunding.com/optin1649442913231&_title=Quick%20MCA%20Funding&_key=fq1volzp&_page_key=34o29sc44jimpj4h&_fid=12005394&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.quickmcafunding.com/optin1649442913231&_referrer=
104.16.15.194200 OK 0 B URL HTTP/2 www.quickmcafunding.com/images/background.png?_unique=0.8694012628270994&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.quickmcafunding.com/optin1649442913231&_title=Quick%20MCA%20Funding&_key=fq1volzp&_page_key=34o29sc44jimpj4h&_fid=12005394&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.quickmcafunding.com/optin1649442913231&_referrer=
IP 104.16.15.194:0
GET /images/background.png?_unique=0.8694012628270994&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.quickmcafunding.com/optin1649442913231&_title=Quick%20MCA%20Funding&_key=fq1volzp&_page_key=34o29sc44jimpj4h&_fid=12005394&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.quickmcafunding.com/optin1649442913231&_referrer= HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTQwNjA2MDc=:visited=true; cf:visitor_id=70ed153e-cb86-4825-af06-225e8e6768e5; addevent_track_cookie=2c18faa4-a16a-4623-756e-a67c99e67c77
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:35 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 793fa740a88db524-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 6b9edea5838b3c3ac5f41555f1f6979f
x-runtime: 0.019987
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/images/closemodal.png
104.16.14.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/images/closemodal.png
IP 104.16.14.194:0
GET /images/closemodal.png HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: image/webp
cf-ray: 793fa73cc8a9b529-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 118824
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "63daa488-314"
expires: Tue, 07 Mar 2023 01:32:34 GMT
last-modified: Wed, 01 Feb 2023 17:42:32 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=AprbQpo_jWjbZ9AKj5ywxBXd9yGUTCnj3AL_WjHY.44-1675474354-0-AcR9MEcUgz4rvEIT5+XxddcRu7B//d1QaUIfLeRR8CwNwfkOJnhL6AM0HKF9v9kEmuS+WWSWMlxAOrvc/QikLIvZ9cgWx27IFSepOvjdJLA3; path=/; expires=Sat, 04-Feb-23 02:02:34 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=enBLcWZaQWF5SktsMWdnQWJobnpCdz09LS1YdVRaRkd5ZmtmL3JmUlhFYThQU3NRPT0%3D--f209ca335a6df70261f0aa439c010bc40029f0e3&page_id=YUtmM2lpdW16M2trRTc1M2drL1kvQT09LS1ya0lyelp5Sk9iNmRmamhLZERpa1hBPT0%3D--ab909b92dd6156e56d8a17110fccf0153ae0ce33&funnel_step_id=VDZWbE0wZ3NVSWZubzVsS0hOK2I2UT09LS1Cc1JaQ1htejZvSXVOUnpDYTRsRkN3PT0%3D--519b16ff16d303bb4b77545a2b650f145ac98b60&user_id=ME1MWWkrc3Bsa1MvdG5aUWNUdTB1Zz09LS12N3htSzRPV05iUDJMZlJOZmNuT1NRPT0%3D--d097894e351456320d002ac27a37c16613bad420&account_id=WlhBQnRGbFB1NTllbFozdlNjdDA4QT09LS1ZdVp1TUFHRDJqM3ZjNkNJNlVDVzd3PT0%3D--0d0143cd714f78348aced736a3459b0c9fcd35f3&page_code=NTQwNjA2MDc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=57c932c3-5542-4a3e-815b-a34390166c7e&url=https%3A%2F%2Fwww.quickmcafunding.com%2Foptin1649442913231
104.16.14.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=enBLcWZaQWF5SktsMWdnQWJobnpCdz09LS1YdVRaRkd5ZmtmL3JmUlhFYThQU3NRPT0%3D--f209ca335a6df70261f0aa439c010bc40029f0e3&page_id=YUtmM2lpdW16M2trRTc1M2drL1kvQT09LS1ya0lyelp5Sk9iNmRmamhLZERpa1hBPT0%3D--ab909b92dd6156e56d8a17110fccf0153ae0ce33&funnel_step_id=VDZWbE0wZ3NVSWZubzVsS0hOK2I2UT09LS1Cc1JaQ1htejZvSXVOUnpDYTRsRkN3PT0%3D--519b16ff16d303bb4b77545a2b650f145ac98b60&user_id=ME1MWWkrc3Bsa1MvdG5aUWNUdTB1Zz09LS12N3htSzRPV05iUDJMZlJOZmNuT1NRPT0%3D--d097894e351456320d002ac27a37c16613bad420&account_id=WlhBQnRGbFB1NTllbFozdlNjdDA4QT09LS1ZdVp1TUFHRDJqM3ZjNkNJNlVDVzd3PT0%3D--0d0143cd714f78348aced736a3459b0c9fcd35f3&page_code=NTQwNjA2MDc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=57c932c3-5542-4a3e-815b-a34390166c7e&url=https%3A%2F%2Fwww.quickmcafunding.com%2Foptin1649442913231
IP 104.16.14.194:0
GET /userevents/?funnel_id=enBLcWZaQWF5SktsMWdnQWJobnpCdz09LS1YdVRaRkd5ZmtmL3JmUlhFYThQU3NRPT0%3D--f209ca335a6df70261f0aa439c010bc40029f0e3&page_id=YUtmM2lpdW16M2trRTc1M2drL1kvQT09LS1ya0lyelp5Sk9iNmRmamhLZERpa1hBPT0%3D--ab909b92dd6156e56d8a17110fccf0153ae0ce33&funnel_step_id=VDZWbE0wZ3NVSWZubzVsS0hOK2I2UT09LS1Cc1JaQ1htejZvSXVOUnpDYTRsRkN3PT0%3D--519b16ff16d303bb4b77545a2b650f145ac98b60&user_id=ME1MWWkrc3Bsa1MvdG5aUWNUdTB1Zz09LS12N3htSzRPV05iUDJMZlJOZmNuT1NRPT0%3D--d097894e351456320d002ac27a37c16613bad420&account_id=WlhBQnRGbFB1NTllbFozdlNjdDA4QT09LS1ZdVp1TUFHRDJqM3ZjNkNJNlVDVzd3PT0%3D--0d0143cd714f78348aced736a3459b0c9fcd35f3&page_code=NTQwNjA2MDc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=57c932c3-5542-4a3e-815b-a34390166c7e&url=https%3A%2F%2Fwww.quickmcafunding.com%2Foptin1649442913231 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.quickmcafunding.com
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Sat, 04 Feb 2023 01:32:35 GMT
content-type: text/html
cf-ray: 793fa73fca79b529-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: bd55b920b2c09f3560875bf2626730b3
x-runtime: 0.020924
set-cookie: __cf_bm=FrHGqVI7XC4kgo2eiWnGJBxYKnc479xXeO1wD_wkTWI-1675474355-0-AS1l3BEdfQM5YoU/CNN+OzIPuoVLeDZTbxKbKcZJTzncaNnDHsFJSL2jJXkEvl1MH980ZmJTurgXcsnMd8iSAUi6CulCcUcsfWAnPut4uLVq; path=/; expires=Sat, 04-Feb-23 02:02:35 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
app.clickfunnels.com/mailcheck.min.js
104.16.14.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/mailcheck.min.js
IP 104.16.14.194:0
GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: application/x-javascript
cf-ray: 793fa73cb8a3b529-OSL
access-control-allow-origin: *
age: 6764
etag: W/"63dbd64e-a8d"
last-modified: Thu, 02 Feb 2023 15:27:10 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
set-cookie: __cf_bm=aS94lPJBCmBBPpdc.PoYorg2rCHiv2eQxHvpxdq70zQ-1675474354-0-AYyWj453J2nrf/lji1KhfjN5r1mzWB6wXKFarfr0jKhu6ldJJOC4UvnEBMgv0Uc7/rDEyRfZTFn+5TLjkIAuFWn84nFBiWpJmtv6w8bsnZfr; path=/; expires=Sat, 04-Feb-23 02:02:34 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
js.hs-scripts.com/6286876.js
104.17.211.204404 Not Found 0 B URL HTTP/2 js.hs-scripts.com/6286876.js
IP 104.17.211.204:0
GET /6286876.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: application/json;charset=utf-8
x-trace: 2BC1698F24734630F7F03FDEC6156002E2F42935AF000000000000000000
x-hubspot-notfound: true
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 767e6b53-1e37-4485-a29a-f40a8058b9ea
access-control-allow-credentials: true
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-origin: https://www.quickmcafunding.com
cf-cache-status: EXPIRED
expires: Sat, 04 Feb 2023 01:33:34 GMT
server: cloudflare
cf-ray: 793fa73bef91b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.hs-scripts.com/6286876.js
104.17.211.204404 Not Found 0 B URL HTTP/2 js.hs-scripts.com/6286876.js
IP 104.17.211.204:0
GET /6286876.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Sat, 04 Feb 2023 01:32:35 GMT
content-type: application/json;charset=utf-8
x-trace: 2BC1698F24734630F7F03FDEC6156002E2F42935AF000000000000000000
x-hubspot-notfound: true
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 767e6b53-1e37-4485-a29a-f40a8058b9ea
access-control-allow-credentials: true
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-origin: https://www.quickmcafunding.com
cf-cache-status: HIT
age: 1
expires: Sat, 04 Feb 2023 01:33:35 GMT
server: cloudflare
cf-ray: 793fa73f89c4b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.quickmcafunding.com/
104.16.15.194302 Found 0 B IP 104.16.15.194:0
GET / HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: text/html; charset=utf-8
location: https://www.quickmcafunding.com/optin1649442913231
cf-ray: 793fa737bb82b524-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
access-control-request-method: *
pragma: no-cache
status: 302 Found
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 458be042931ded868d2b623e562706f6
x-runtime: 0.219415
set-cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY; path=/; expires=Sat, 04-Feb-23 02:02:34 GMT; domain=.www.quickmcafunding.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=RRv8XvYksAkTKkAo0G5ODNxNkA.m963M8Z0mFiQ9Kos-1675474354-0-AV-RBEWi0otRtNwNOfn_3dZFIPqVrfUyzZ1zHXkhkiMuF4QYxvzcH55Sea7M98-iTFKI4Z3VUOMGVmZcf1hZobyLAm98j-TdF7UXmlKpAnGL"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=RRv8XvYksAkTKkAo0G5ODNxNkA.m963M8Z0mFiQ9Kos-1675474354-0-AV-RBEWi0otRtNwNOfn_3dZFIPqVrfUyzZ1zHXkhkiMuF4QYxvzcH55Sea7M98-iTFKI4Z3VUOMGVmZcf1hZobyLAm98j-TdF7UXmlKpAnGL; report-to cf-csp-endpoint
server: cloudflare
X-Firefox-Spdy: h2
www.quickmcafunding.com/optin1649442913231
104.16.15.194200 OK 0 B URL HTTP/2 www.quickmcafunding.com/optin1649442913231
IP 104.16.15.194:0
GET /optin1649442913231 HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: text/html; charset=utf-8
cf-ray: 793fa739fc8eb524-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Thu, 29 Dec 2022 20:30:08 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
status: 200 OK
x-content-digest: 0d19ec44bff01622caeef85dc051d6bf396ee5bc
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: d58d09f46dab1bc3ea66cadf286b2720
x-runtime: 0.375050
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.quickmcafunding.com/assets/lander.css
104.16.15.194200 OK 0 B URL HTTP/2 www.quickmcafunding.com/assets/lander.css
IP 104.16.15.194:0
GET /assets/lander.css HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: text/css
cf-ray: 793fa73b8d54b524-OSL
access-control-allow-origin: *
age: 707
cache-control: public, max-age=1200
etag: W/"63dbd64f-6a514"
expires: Sat, 04 Feb 2023 01:52:34 GMT
last-modified: Thu, 02 Feb 2023 15:27:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP 172.64.133.15:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: text/css
x-amz-id-2: lj0FvMnfC9mptRM/Gd0lw9lT7Zj4wo+oaxaEYLcDnZaRJXq3Oc/kbTmcEwen2MxXaG9FhyIrGnI=
x-amz-request-id: 9D38DJ2PTJVFVSCR
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 620480
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpU0OJSkVgw4xZvVup1%2BD2GZVo3WTNbR883TwmsBM9fXXuiRT4qQ3W6XI56WQ7wIrwogXF14R%2B41%2BO6YWqmEhEqZj2fce2FBPJjc6oQhXVQ0HFK6%2FQS1D1UhcBKxIfnwSGxK4qFQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793fa73c7b1b76ed-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.quickmcafunding.com/vendor.js
104.16.15.194200 OK 0 B URL HTTP/2 www.quickmcafunding.com/vendor.js
IP 104.16.15.194:0
GET /vendor.js HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:35 GMT
content-type: application/javascript
cf-ray: 793fa73f8fe7b524-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: 8e4b8ac4e921c3eb8fd78601b0708011
x-runtime: 0.017788
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=enBLcWZaQWF5SktsMWdnQWJobnpCdz09LS1YdVRaRkd5ZmtmL3JmUlhFYThQU3NRPT0%3D--f209ca335a6df70261f0aa439c010bc40029f0e3&page_id=YUtmM2lpdW16M2trRTc1M2drL1kvQT09LS1ya0lyelp5Sk9iNmRmamhLZERpa1hBPT0%3D--ab909b92dd6156e56d8a17110fccf0153ae0ce33&funnel_step_id=VDZWbE0wZ3NVSWZubzVsS0hOK2I2UT09LS1Cc1JaQ1htejZvSXVOUnpDYTRsRkN3PT0%3D--519b16ff16d303bb4b77545a2b650f145ac98b60&user_id=ME1MWWkrc3Bsa1MvdG5aUWNUdTB1Zz09LS12N3htSzRPV05iUDJMZlJOZmNuT1NRPT0%3D--d097894e351456320d002ac27a37c16613bad420&account_id=WlhBQnRGbFB1NTllbFozdlNjdDA4QT09LS1ZdVp1TUFHRDJqM3ZjNkNJNlVDVzd3PT0%3D--0d0143cd714f78348aced736a3459b0c9fcd35f3&page_code=NTQwNjA2MDc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=ed66c251-958c-45b7-ba80-944a9b987b63&url=https%3A%2F%2Fwww.quickmcafunding.com%2Foptin1649442913231
104.16.14.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=enBLcWZaQWF5SktsMWdnQWJobnpCdz09LS1YdVRaRkd5ZmtmL3JmUlhFYThQU3NRPT0%3D--f209ca335a6df70261f0aa439c010bc40029f0e3&page_id=YUtmM2lpdW16M2trRTc1M2drL1kvQT09LS1ya0lyelp5Sk9iNmRmamhLZERpa1hBPT0%3D--ab909b92dd6156e56d8a17110fccf0153ae0ce33&funnel_step_id=VDZWbE0wZ3NVSWZubzVsS0hOK2I2UT09LS1Cc1JaQ1htejZvSXVOUnpDYTRsRkN3PT0%3D--519b16ff16d303bb4b77545a2b650f145ac98b60&user_id=ME1MWWkrc3Bsa1MvdG5aUWNUdTB1Zz09LS12N3htSzRPV05iUDJMZlJOZmNuT1NRPT0%3D--d097894e351456320d002ac27a37c16613bad420&account_id=WlhBQnRGbFB1NTllbFozdlNjdDA4QT09LS1ZdVp1TUFHRDJqM3ZjNkNJNlVDVzd3PT0%3D--0d0143cd714f78348aced736a3459b0c9fcd35f3&page_code=NTQwNjA2MDc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=ed66c251-958c-45b7-ba80-944a9b987b63&url=https%3A%2F%2Fwww.quickmcafunding.com%2Foptin1649442913231
IP 104.16.14.194:0
GET /userevents/?funnel_id=enBLcWZaQWF5SktsMWdnQWJobnpCdz09LS1YdVRaRkd5ZmtmL3JmUlhFYThQU3NRPT0%3D--f209ca335a6df70261f0aa439c010bc40029f0e3&page_id=YUtmM2lpdW16M2trRTc1M2drL1kvQT09LS1ya0lyelp5Sk9iNmRmamhLZERpa1hBPT0%3D--ab909b92dd6156e56d8a17110fccf0153ae0ce33&funnel_step_id=VDZWbE0wZ3NVSWZubzVsS0hOK2I2UT09LS1Cc1JaQ1htejZvSXVOUnpDYTRsRkN3PT0%3D--519b16ff16d303bb4b77545a2b650f145ac98b60&user_id=ME1MWWkrc3Bsa1MvdG5aUWNUdTB1Zz09LS12N3htSzRPV05iUDJMZlJOZmNuT1NRPT0%3D--d097894e351456320d002ac27a37c16613bad420&account_id=WlhBQnRGbFB1NTllbFozdlNjdDA4QT09LS1ZdVp1TUFHRDJqM3ZjNkNJNlVDVzd3PT0%3D--0d0143cd714f78348aced736a3459b0c9fcd35f3&page_code=NTQwNjA2MDc%3D&mode_id=1&time_zone=Pacific%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=ed66c251-958c-45b7-ba80-944a9b987b63&url=https%3A%2F%2Fwww.quickmcafunding.com%2Foptin1649442913231 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.quickmcafunding.com
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Sat, 04 Feb 2023 01:32:35 GMT
content-type: text/html
cf-ray: 793fa73fca75b529-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 7b50b8848f5645d53cd2c7a6035c7d7a
x-runtime: 0.032267
set-cookie: __cf_bm=GYXCIkm8YOmjhVafcWqshpl.0MgkgY9Jxz.vlv5EtmM-1675474355-0-AVL1gCcVUJg3be+HthP2C6uxynKYT3WkNTqPO+wTq4O+JVIgAiYPWMos5E9HdxhN/r0GHjI/zu1u3EwluvBkyCoMhfCE90yrhOib6Fo9/mOW; path=/; expires=Sat, 04-Feb-23 02:02:35 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
www.quickmcafunding.com/assets/lander.js
104.16.15.194200 OK 0 B URL HTTP/2 www.quickmcafunding.com/assets/lander.js
IP 104.16.15.194:0
GET /assets/lander.js HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: application/x-javascript
cf-ray: 793fa73bad6db524-OSL
access-control-allow-origin: *
age: 707
cache-control: public, max-age=1200
etag: W/"63dbd6a4-239357"
expires: Sat, 04 Feb 2023 01:52:34 GMT
last-modified: Thu, 02 Feb 2023 15:28:36 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.quickmcafunding.com/assets/pushcrew.js
104.16.15.194200 OK 0 B URL HTTP/2 www.quickmcafunding.com/assets/pushcrew.js
IP 104.16.15.194:0
GET /assets/pushcrew.js HTTP/1.1
Host: www.quickmcafunding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/optin1649442913231
Cookie: __cf_bm=WNg880p8clMSQTWvEqpkZaD6fQ_CSdpcGahBXZcIMkU-1675474354-0-AfjEzqc0GcZtTkNe9K/5EuHjFHVRj+SS4z560lIFQKzanbhDX2HrDr88DBeLKdJJke5hZzBEXHDQN89G8/5SD4HccvADGYBRb0+i65RUBNbY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: application/x-javascript
cf-ray: 793fa73bad6eb524-OSL
access-control-allow-origin: *
age: 112
cache-control: public, max-age=1200
etag: W/"63dbd64e-27d"
expires: Sat, 04 Feb 2023 01:52:34 GMT
last-modified: Thu, 02 Feb 2023 15:27:10 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.56.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.56.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.quickmcafunding.com
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:32:34 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 793fa73c5b03b521-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP 142.250.74.106:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickmcafunding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 01:32:34 GMT
date: Sat, 04 Feb 2023 01:32:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2