safe.secretfindertoday.com/campaigns/dd502fqvgd19f/track-url/jt596jxd0y326/8c4856fba7b6a4b99b1a45bba7fcf40709fec503
65.21.197.40301 Moved Permanently 0 B URL HTTP/1.1 safe.secretfindertoday.com/campaigns/dd502fqvgd19f/track-url/jt596jxd0y326/8c4856fba7b6a4b99b1a45bba7fcf40709fec503
IP 65.21.197.40:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /campaigns/dd502fqvgd19f/track-url/jt596jxd0y326/8c4856fba7b6a4b99b1a45bba7fcf40709fec503 HTTP/1.1
Host: safe.secretfindertoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Sep 2022 14:10:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Thu, 01 Sep 2022 14:10:27 GMT
Location: https://link1.secretfindertoday.com/smart
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10133
Expires: Thu, 01 Sep 2022 16:59:21 GMT
Date: Thu, 01 Sep 2022 14:10:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 13:41:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AaMv4eOuhduBFT4pE9O_JTdRQfbmmR59VzPKscBhpZ3BnvoQMWTZ1Q==
Age: 1752
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vAtr3j0IGasZxUETlvWg5ipcqC2-qRALqUgSU4bOMGsKx6oK9CdGHg==
age: 46512
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 14:10:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 13:57:05 GMT
Expires: Thu, 01 Sep 2022 13:57:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zJoGgYQLvxLxZupDp4I3WLmQP1f9-oBy22dwUF_UYC-dQCZ_tHKd3Q==
Age: 803
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4504
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:10:28 GMT
Last-Modified: Thu, 01 Sep 2022 12:55:24 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.214.82.71101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.82.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: F7tfyYoI62quIWIg5XJ2Bw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZejIaxhjBeP60FDOOY5PSJiBTeM=
ocsp.comodoca.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 3228f18a3e478485437e750da81a5dd7
92374cb8332b3580b25b3d4e05269ecefd7db93b
f0e93aa4a514d9fc4af08de6d7fc4051291bfe0f582664d2ff38e7cc29ad2842
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:10:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 13:46:29 GMT
Expires: Thu, 08 Sep 2022 13:46:28 GMT
Etag: "92374cb8332b3580b25b3d4e05269ecefd7db93b"
Cache-Control: max-age=602758,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743e96f15cbb0afa-OSL
link1.secretfindertoday.com/smart
144.208.71.125301 Moved Permanently 249 B URL HTTP/2 link1.secretfindertoday.com/smart
IP 144.208.71.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f79fab69096beab38410e6a4b8ed0a9e
cc9fa4c793a4a205aea50b71f771cb5514951f5e
36c03189f149ba41968076dfc8992ec7ccf80ccd80d7297351958a4ee5bf18fe
Analyzer Verdict Alert fortinet Phishing
GET /smart HTTP/1.1
Host: link1.secretfindertoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx/1.21.6
date: Thu, 01 Sep 2022 14:10:29 GMT
content-type: text/html; charset=iso-8859-1
content-length: 249
location: https://click.secretfindertoday.com/smart
x-proxy-cache: DISABLED
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14909
Expires: Thu, 01 Sep 2022 18:18:59 GMT
Date: Thu, 01 Sep 2022 14:10:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14909
Expires: Thu, 01 Sep 2022 18:18:59 GMT
Date: Thu, 01 Sep 2022 14:10:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14909
Expires: Thu, 01 Sep 2022 18:18:59 GMT
Date: Thu, 01 Sep 2022 14:10:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14909
Expires: Thu, 01 Sep 2022 18:18:59 GMT
Date: Thu, 01 Sep 2022 14:10:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 494ba0180ab4b2b80ca11aeb67ae69ab
2082e9f809e97bbcaf6ff11846398aca472f9f0f
c6a707e79315677912fa7cf6ab592abf4377aa76e51ae5149d4bae7e663d6801
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11031
x-amzn-requestid: bd49a4c9-205b-4553-90a3-308ebc6be818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv4hOHzVoAMFl8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd46e-783de8c2461d7cb9167f734e;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mDad6prX28HjnDw7hq0B9vE_BaX9qqrjaOo7A46jhu2S505prB5SJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:11 GMT
age: 59599
etag: "2082e9f809e97bbcaf6ff11846398aca472f9f0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0f6c541f6335bb709d2270147bd5aed
b691ef5e7a302e2678302818130a9637c3efbe3a
e63922331a4463519e6df77ae7a1ad3316a36e54dd03c00ff6b119ee3fa684c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 79dc68ea-ea2e-4eab-bab9-1c89b0a955a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjMSvHJ-oAMF6Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ac0de-2370cf5363d5f308121f0ca4;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 01:11:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAEve6mBQ9a1hr2fBR8xq42pxeG9Kjn4yWaMr4z4On46QC9R1K91pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 14:58:03 GMT
age: 83547
etag: "b691ef5e7a302e2678302818130a9637c3efbe3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: fa921878-2054-453b-b313-681cdd9c9068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj-Z_HUNIAMFltg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b110c-053ce81943fea70c2de7daa0;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 06:54:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 69fDjN-ZeYA8RVO_WGTY1KQHZ1t3PNdWIwq3ax1e1wKmuPODyGCMcQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 14:46:29 GMT
age: 84241
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba98f63d9bef7deebb9a8d1b3126d396
d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef
b8f6c1c6b34ec452a6aa3090c30ebf3a68cb3b4d45a7b134ed32e1959f4f0682
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10777
x-amzn-requestid: 2e9a081f-2ae4-49b9-b9d4-79cae2b7eae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3kRFiJIAMFgNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2e7-2f9eec0b239ceb6d617431b6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9ACDg_Mxbl2GSEDeDAqdMlKjkCiMyWExvCUa2jHquaQy6U-4EJtbQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:20 GMT
age: 59590
etag: "d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16c55402-8dff-4d38-9bf3-5867acbc9770.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16c55402-8dff-4d38-9bf3-5867acbc9770.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 374a3607782ca6a016be0fbfa8d38f7d
823d7261c40f8c5bf65a7e59544da90d88546c1f
d9ab7b8bfe0389c5fda3ad06b5c913d470d89f5921fc950a8c7245d512dc1b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16c55402-8dff-4d38-9bf3-5867acbc9770.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9593
x-amzn-requestid: 98542ed5-a8b2-49c8-bd9f-8bb88e655880
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XufKHGfUoAMFuKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f4573-38b597d859a48b971f5cfab4;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 11:26:43 GMT
x-amz-cf-pop: HIO50-C2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _OP760g92PmG8VTRevsoPXe_Yd5pORMRnzc5xGToV69WI7wCiy0e4A==
via: 1.1 75b094ecf0bf22429a44bab3eafcbf16.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:24 GMT
etag: "823d7261c40f8c5bf65a7e59544da90d88546c1f"
content-type: image/jpeg
age: 59586
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b2c036e67f8c39c136f6c69b0922eb1
98e27f0dafd7b1b49e159ee038b41a811096a2d0
9dc9e00e6f63a22dd85f54ba26326a9733f6c1d7a19c7b1636f14fca2722e6eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8009
x-amzn-requestid: 6d716dae-efa3-449a-a505-fb5f3d99c2df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XsvlaFEaoAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e92ef-708228ce7e1fb3cb770cb490;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 22:45:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OPvJ_5gjUyE05ZFPDdCvsGdr7JRtcILdFJVYkavZI90yzDdnyjBpUg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 01:21:30 GMT
age: 46140
etag: "98e27f0dafd7b1b49e159ee038b41a811096a2d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.comodoca.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b81f5f707290b9061cc9c080b8d4297d
6e05fe999c7737a362f5a94405215beaa6e3f0f6
bff223ec4fd3e0762e5e715b347fa5cae9aa88f781c9e3f1ca6f71db450fa95f
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:10:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 13:54:36 GMT
Expires: Wed, 07 Sep 2022 13:54:35 GMT
Etag: "6e05fe999c7737a362f5a94405215beaa6e3f0f6"
Cache-Control: max-age=547957,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743e96fbf8b30afa-OSL
click.secretfindertoday.com/smart
144.208.71.125307 Temporary Redirect 0 B URL HTTP/2 click.secretfindertoday.com/smart
IP 144.208.71.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /smart HTTP/1.1
Host: click.secretfindertoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
server: nginx/1.21.6
date: Thu, 01 Sep 2022 14:10:30 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro Developer 3.2.4 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_2=smart; expires=Sat, 01-Oct-2022 14:10:30 GMT; Max-Age=2592000; path=/
prli_visitor=6310bd56c6aa6; expires=Fri, 01-Sep-2023 14:10:30 GMT; Max-Age=31536000; path=/
location: https://click.secretfindertoday.com/1st
x-proxy-cache: MISS
X-Firefox-Spdy: h2
click.secretfindertoday.com/1st
144.208.71.125307 Temporary Redirect 0 B URL HTTP/2 click.secretfindertoday.com/1st
IP 144.208.71.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /1st HTTP/1.1
Host: click.secretfindertoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: prli_click_2=smart; prli_visitor=6310bd56c6aa6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 307 Temporary Redirect
server: nginx/1.21.6
date: Thu, 01 Sep 2022 14:10:31 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro Developer 3.2.4 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_6=1st; expires=Sat, 01-Oct-2022 14:10:31 GMT; Max-Age=2592000; path=/
location: https://click.socialuplifted.com/go/best
x-proxy-cache: MISS
X-Firefox-Spdy: h2
ocsp.comodoca.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 996fb7f2fd7c269a40fea841fd0ebf58
3ba751df9e7231ade4c8ca8689efff026f16429a
25761c2c5b1aecbb0fabf1c0d16f4a436c99cfc29640d0f6bf27980ccd943ff3
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:10:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 20:22:04 GMT
Expires: Tue, 06 Sep 2022 20:22:03 GMT
Etag: "3ba751df9e7231ade4c8ca8689efff026f16429a"
Cache-Control: max-age=562545,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 743e97059a890afa-OSL
click.socialuplifted.com/go/best
144.208.71.125307 Temporary Redirect 0 B URL HTTP/2 click.socialuplifted.com/go/best
IP 144.208.71.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/best HTTP/1.1
Host: click.socialuplifted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
server: nginx/1.21.6
date: Thu, 01 Sep 2022 14:10:32 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-robots-tag: noindex, nofollow, sponsored
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro Developer 3.2.4 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_50=go%2Fbest; expires=Sat, 01-Oct-2022 14:10:32 GMT; Max-Age=2592000; path=/
prli_visitor=6310bd5847334; expires=Fri, 01-Sep-2023 14:10:32 GMT; Max-Age=31536000; path=/
location: https://click.socialuplifted.com/go/tubemaster
x-proxy-cache: MISS
X-Firefox-Spdy: h2
click.socialuplifted.com/go/tubemaster
144.208.71.125307 Temporary Redirect 0 B URL HTTP/2 click.socialuplifted.com/go/tubemaster
IP 144.208.71.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/tubemaster HTTP/1.1
Host: click.socialuplifted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: prli_click_50=go%2Fbest; prli_visitor=6310bd5847334
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 307 Temporary Redirect
server: nginx/1.21.6
date: Thu, 01 Sep 2022 14:10:32 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-robots-tag: noindex, nofollow, sponsored
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro Developer 3.2.4 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_111=go%2Ftubemaster; expires=Sat, 01-Oct-2022 14:10:32 GMT; Max-Age=2592000; path=/
location: https://www.digistore24.com/content/299134/26781/maxprofit/CAMPAIGNKEY
x-proxy-cache: MISS
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 98f6c346e16773a5cad2670e34b1183b
a7b2d95f0df2a79e63b2e071929654653a371caa
2623384c0037226898aa9158ae2cc714979b7a2127cb65e3b16f13a190291bbd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:10:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 18:53:28 GMT
Expires: Wed, 07 Sep 2022 18:53:27 GMT
Etag: "a7b2d95f0df2a79e63b2e071929654653a371caa"
Cache-Control: max-age=534772,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743e9712fd4eb503-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 98f6c346e16773a5cad2670e34b1183b
a7b2d95f0df2a79e63b2e071929654653a371caa
2623384c0037226898aa9158ae2cc714979b7a2127cb65e3b16f13a190291bbd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 14:10:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 18:53:28 GMT
Expires: Wed, 07 Sep 2022 18:53:27 GMT
Etag: "a7b2d95f0df2a79e63b2e071929654653a371caa"
Cache-Control: max-age=534772,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 743e970bcc72b521-OSL
go.mattpar.com/hosted/images/e3/3dd2eae86d4bc5b2dfcf22c2143c33/Matt-Par-Logo-1-Retina.png
104.16.15.194200 OK 4.1 kB URL HTTP/2 go.mattpar.com/hosted/images/e3/3dd2eae86d4bc5b2dfcf22c2143c33/Matt-Par-Logo-1-Retina.png
IP 104.16.15.194:0
File type PNG image data, 544 x 180, 8-bit colormap, non-interlaced\012- data
Hash 402a4ff472f23270aa79f7da0bdf12b3
310f9c7b3b51be1efaccf8dd3897d0b51685bd72
3b4154ec307dd3efa8b732c4782a23d0d024fb1978560261caf29057f5b3d41c
GET /hosted/images/e3/3dd2eae86d4bc5b2dfcf22c2143c33/Matt-Par-Logo-1-Retina.png HTTP/1.1
Host: go.mattpar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/yt-free-training
Cookie: __cf_bm=BNHJw_K7EVapLP_lO07KpBA0WA75GZgD42Pd.XWDwJ8-1662041434-0-AdfXY1xYemmgiKtmoMBuCb1MtGq0Ubb3JMJLqNQEOXTgStZLw3j7RUUwHXDU0UjtD+RMvpiyHkhcanJfV3v8MwS9eDPzE9CeNw5KM5Itw9F7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:34 GMT
content-type: image/png
content-length: 4073
cf-ray: 743e9714fdf31c12-OSL
accept-ranges: bytes
age: 2038
cache-control: max-age=31536000
etag: "6f8af9ae58047edbc4eabcae0ffe1253"
last-modified: Thu, 01 Aug 2019 00:28:47 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-polished: origSize=4260
x-amz-cf-pop: ARN56-P1
server: cloudflare
X-Firefox-Spdy: h2
go.mattpar.com/hosted/images/dc/85ff96c4544f6483e73ef86cf2ecd7/Matt-Play-Button.jpg
104.16.15.194200 OK 501 kB URL HTTP/2 go.mattpar.com/hosted/images/dc/85ff96c4544f6483e73ef86cf2ecd7/Matt-Play-Button.jpg
IP 104.16.15.194:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, orientation=upper-left], progressive, precision 8, 3000x2250, components 3\012- data
Size 501 kB (501428 bytes)
Hash 4300375ad315b278a44a8ac6be012e4c
745e683463fe85c8d9ebd94588ffcb941841318d
656b403009100f492ce1f28404eff6c230b7581c8702c278f78a7c0c45a4a2fc
GET /hosted/images/dc/85ff96c4544f6483e73ef86cf2ecd7/Matt-Play-Button.jpg HTTP/1.1
Host: go.mattpar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/yt-free-training
Cookie: __cf_bm=BNHJw_K7EVapLP_lO07KpBA0WA75GZgD42Pd.XWDwJ8-1662041434-0-AdfXY1xYemmgiKtmoMBuCb1MtGq0Ubb3JMJLqNQEOXTgStZLw3j7RUUwHXDU0UjtD+RMvpiyHkhcanJfV3v8MwS9eDPzE9CeNw5KM5Itw9F7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:34 GMT
content-type: image/jpeg
content-length: 501428
cf-ray: 743e9714fdf81c12-OSL
accept-ranges: bytes
age: 2038
cache-control: max-age=31536000
etag: "adf2badc7c6eb8e7803e940ba588541a"
last-modified: Thu, 30 May 2019 04:26:04 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-polished: origSize=547164, status=webp_bigger
x-amz-cf-pop: OSL50-P1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
go.mattpar.com/hosted/images/8d/0d48b49ec548eca5b282a85a225d79/mmm-1.png
104.16.15.194200 OK 2.0 MB URL HTTP/2 go.mattpar.com/hosted/images/8d/0d48b49ec548eca5b282a85a225d79/mmm-1.png
IP 104.16.15.194:0
File type PNG image data, 1080 x 1080, 8-bit/color RGB, non-interlaced\012- data
Size 2.0 MB (1982884 bytes)
Hash 89566723a815426dedbc10e2ba13bdc2
ec33a04d8b1251d2181e87c12f94e6f521804573
29ad911a1e219a419253b51d7d1bd4668b5a3fcb860fce605e1857e13736ff27
GET /hosted/images/8d/0d48b49ec548eca5b282a85a225d79/mmm-1.png HTTP/1.1
Host: go.mattpar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/yt-free-training
Cookie: __cf_bm=BNHJw_K7EVapLP_lO07KpBA0WA75GZgD42Pd.XWDwJ8-1662041434-0-AdfXY1xYemmgiKtmoMBuCb1MtGq0Ubb3JMJLqNQEOXTgStZLw3j7RUUwHXDU0UjtD+RMvpiyHkhcanJfV3v8MwS9eDPzE9CeNw5KM5Itw9F7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:34 GMT
content-type: image/png
content-length: 1982884
cf-ray: 743e97150dfc1c12-OSL
accept-ranges: bytes
age: 2038
cache-control: max-age=31536000
etag: "97b13f1b5bc52a0caec7558c6c569727"
last-modified: Wed, 15 Jan 2020 04:51:31 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1983115
x-amz-cf-pop: ARN56-P1
server: cloudflare
X-Firefox-Spdy: h2
go.mattpar.com/assets/pushcrew.js
104.16.15.194200 OK 818 B URL HTTP/2 go.mattpar.com/assets/pushcrew.js
IP 104.16.15.194:0
File type ASCII text, with very long lines (637), with no line terminators
Hash 405d3039216cc5673235402d6d463838
9182928601c2a54ee35fb6108b3d47bd9f1b1c84
2469f42c74e60dc4bd7daae1cf189c6777fb04d7f6733e939274a721c1516318
GET /assets/pushcrew.js HTTP/1.1
Host: go.mattpar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/yt-free-training
Cookie: __cf_bm=BNHJw_K7EVapLP_lO07KpBA0WA75GZgD42Pd.XWDwJ8-1662041434-0-AdfXY1xYemmgiKtmoMBuCb1MtGq0Ubb3JMJLqNQEOXTgStZLw3j7RUUwHXDU0UjtD+RMvpiyHkhcanJfV3v8MwS9eDPzE9CeNw5KM5Itw9F7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:34 GMT
content-type: application/x-javascript
cf-ray: 743e97150e031c12-OSL
access-control-allow-origin: *
age: 152
cache-control: public, max-age=1200
etag: W/"630e9cfb-27d"
expires: Thu, 01 Sep 2022 14:30:34 GMT
last-modified: Tue, 30 Aug 2022 23:27:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 888b942029507a51149d121a3240e9d6
93590a3ac3a943506798dba597335cb144a5795d
7d358a347c38b06733ae7e7eae5a02f583d0d3db2a241bf427dff2588d7c6c1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-666807682
142.250.74.72200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-666807682
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 7005f1827a4a34a95df15e3bd8969a8f
a27089b146210e1e3d57e888581850dd3c06cfd1
d345c0e024dfe7d793a6a672812a75d23ae29144e3e22040bcfc0550662e3a13
GET /gtag/js?id=AW-666807682 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Sep 2022 14:10:34 GMT
expires: Thu, 01 Sep 2022 14:10:34 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46029
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-8Q161J6CNT
142.250.74.72200 OK 73 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-8Q161J6CNT
IP 142.250.74.72:0
File type ASCII text, with very long lines (11888)
Hash f89905e25602b02caaeb82dd91e5220b
0b8b2bc520603fa2267b2cb8662ea010b8799941
9043c23f29f899c0119ccd7eca395588ec1852e5ca3deb9fa7cac0bc95e3488d
GET /gtag/js?id=G-8Q161J6CNT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Sep 2022 14:10:34 GMT
expires: Thu, 01 Sep 2022 14:10:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73006
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
142.250.74.10200 OK 2.9 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP 142.250.74.10:0
Hash 89c13b457d938fa0e60b84e1cbb4aac1
dddb68dfd2bd110ed736582ac40dface67b48bab
ae44086d07a9b659685b20a31c748f5a4a3131b57b1316906cc150d87013a412
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Sep 2022 14:10:34 GMT
date: Thu, 01 Sep 2022 14:10:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.clickfunnels.com/images/closemodal.png
104.16.13.194200 OK 1.1 kB URL HTTP/2 www.clickfunnels.com/images/closemodal.png
IP 104.16.13.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a1cdf6ee8e377e01dd65b18330dda957
15a3d589e121618f153c24982133bf6a502663e4
3cb69ec3acbf9e95ec0b50c906ddf6ba7721e438149db326931420aca0755df8
GET /images/closemodal.png HTTP/1.1
Host: www.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:34 GMT
content-type: image/webp
cf-ray: 743e9715fb67b506-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 673696
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "62fbd4d8-314"
expires: Sun, 02 Oct 2022 14:10:34 GMT
last-modified: Tue, 16 Aug 2022 17:33:12 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=eybhYv1BBsL4e3gxe8m43512OpuaCgJ5LColXsOmDzQ-1662041434-0-AQmaL2KO9fNrDRC7pUmqr0Axm9Kb9+PYIXhcHJUyhD71GAxSJWJGW1klEGzh/jQJvTuA7tIZNrvgt3PEP7zYEVBMKVg+74rN6rPOuDKbbyCa; path=/; expires=Thu, 01-Sep-22 14:40:34 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
go.mattpar.com/assets/lander.js
104.16.15.194200 OK 471 B URL HTTP/2 go.mattpar.com/assets/lander.js
IP 104.16.15.194:0
Hash 0df4349f922a424e3feb92b8037a644b
515b467c1248b527a30dd7b806cf421dd8c58ed5
d62b59f7ebdb3e7dd80e7c3373846612c7d6f5953bdb0511c50a6343f92896b6
GET /assets/lander.js HTTP/1.1
Host: go.mattpar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/yt-free-training
Cookie: __cf_bm=BNHJw_K7EVapLP_lO07KpBA0WA75GZgD42Pd.XWDwJ8-1662041434-0-AdfXY1xYemmgiKtmoMBuCb1MtGq0Ubb3JMJLqNQEOXTgStZLw3j7RUUwHXDU0UjtD+RMvpiyHkhcanJfV3v8MwS9eDPzE9CeNw5KM5Itw9F7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:34 GMT
content-type: application/x-javascript
cf-ray: 743e97150dfd1c12-OSL
access-control-allow-origin: *
age: 373
cache-control: public, max-age=1200
etag: W/"630e9d40-238fd1"
expires: Thu, 01 Sep 2022 14:30:34 GMT
last-modified: Tue, 30 Aug 2022 23:29:04 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=EeUZ07a20AMBbgyJuNqooGTaghMOI4Cm8i6UDVKKaQk-1662041434-0-ATPFEUs-24GvYIkiq5hAKx3Mv6zRK140tvSDQWErW-A09TCyUm5uRN-_PnRXkv2cLG-7nO1vN3pW6PKIlgxJOac"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=EeUZ07a20AMBbgyJuNqooGTaghMOI4Cm8i6UDVKKaQk-1662041434-0-ATPFEUs-24GvYIkiq5hAKx3Mv6zRK140tvSDQWErW-A09TCyUm5uRN-_PnRXkv2cLG-7nO1vN3pW6PKIlgxJOac; report-to cf-csp-endpoint
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0df4349f922a424e3feb92b8037a644b
515b467c1248b527a30dd7b806cf421dd8c58ed5
d62b59f7ebdb3e7dd80e7c3373846612c7d6f5953bdb0511c50a6343f92896b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
104.18.47.230200 OK 28 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 104.18.47.230:0
Hash 75841f1c94837b5513b9ed304c6bdbb3
e7344798f8cd54a5f5799978178595ba51e34bd0
ed1b430704367edcd23848eef2d332718affebb80f51925f49c460dc963f84f2
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.mattpar.com
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:34 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 743e9715eb171bfa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.mattpar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 17:10:21 GMT
expires: Wed, 30 Aug 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 162013
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0df4349f922a424e3feb92b8037a644b
515b467c1248b527a30dd7b806cf421dd8c58ed5
d62b59f7ebdb3e7dd80e7c3373846612c7d6f5953bdb0511c50a6343f92896b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash dd96c570440252cede303946c51f9fa8
4f15926e8ac39b1f4f914dac8cadb91cc07283f5
9268a2d245f7ba35dd921ffb2dd92bca3b629be1fed64df8d104574351ac330b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 14:10:34 GMT
Last-Modified: Thu, 01 Sep 2022 12:45:36 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6ekmC8w7n4huRxpKHlf_MCwxdoJEk1PVTSPzhD1yjjplZeVZ8H031A==
Age: 5098
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash e6b6f219b4585f0e79d1d38796403315
a08d6d403fd77bb847438b8afac4cde4eb47ca85
e5ac488476ddd0f0ffce9c8822dc6f70f41589a49b5e2921a51032c56a8f5e12
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 14:10:34 GMT
Server: ECS (dcb/7EA4)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: P0VtGLGRfDUKD7SoWV0xadh-FflAb8fEXb2A9Z2D0BHMDmoGDcuhEg==
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.mattpar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 66987
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 48c2e73206f3bbf93421def55fc5d0a5
ee837e34ceb371355856149806da34791b36daa9
b6c55b8ea54d01e5b49d77f7d4f4a2b38b9974084daaf380a115709f4cb67697
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122412
Date: Thu, 01 Sep 2022 14:10:35 GMT
Etag: "630ff4e1-1d7"
Expires: Sat, 03 Sep 2022 00:10:47 GMT
Last-Modified: Wed, 31 Aug 2022 23:55:13 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ba8FAUnJHK3N8SN4r6qA9kGh47c2jJCEMK4Mn2vfWmogMOcfPiys2w==
Age: 934
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 48c2e73206f3bbf93421def55fc5d0a5
ee837e34ceb371355856149806da34791b36daa9
b6c55b8ea54d01e5b49d77f7d4f4a2b38b9974084daaf380a115709f4cb67697
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 14:10:35 GMT
Last-Modified: Thu, 01 Sep 2022 12:46:38 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: K3VcX3sgSSSOauzCvaQyzxwmdtg0GnQYtVzluCUASxL7YZyiZ868ig==
Age: 5037
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 77bd61b98f7b67af56639229724f8dd4
f04f07dd8ff53e58c32b738f81b71a014bca441d
8ce54c3b77bf31899b27b29188ff4936b580f2bd2b3222d43dda2851ba272e24
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 27433
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1538f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 673625
expires: Tue, 22 Aug 2023 14:10:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJUe%2BxW9T%2FhmyBtvPIe8P6YXXaLJ78zqEdQulHmfinnScDEH%2FgVXzKhzmUWqE0J8Xdgt1%2FpgSjUvNPeB0WYcNBuN9fkJZI98JlWuIzqxWT34Qk%2BEhGQqAtum4XZ8e%2BiGuVuPdTTf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 743e971cac900afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
174342.t.hyros.com/v1/lst/gusid?
34.226.127.56200 OK 1.1 kB URL HTTP/2 174342.t.hyros.com/v1/lst/gusid?
IP 34.226.127.56:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 500d52636fc54f3630f89d57561e6ea0
b8514b150abc8b46df8c1000133d9ec894672558
d69ab01048e0a6d2a84022ea4be736d836fbf0837e4dc8d9b1f91bf9a916888b
OPTIONS /v1/lst/gusid? HTTP/1.1
Host: 174342.t.hyros.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: product-id
Referer: https://go.mattpar.com/
Origin: https://go.mattpar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:35 GMT
content-type: application/vnd.sun.wadl+xml;charset=utf-8
content-length: 1081
access-control-allow-origin: https://go.mattpar.com
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers: product-id
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-credentials: true
allow: HEAD,GET,OPTIONS
last-modified: Thu, 01 Sep 2022 14:10:35 UTC
X-Firefox-Spdy: h2
174342.t.hyros.com/v1/lst/gusid?
34.226.127.56200 OK 0 B URL HTTP/2 174342.t.hyros.com/v1/lst/gusid?
IP 34.226.127.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/lst/gusid? HTTP/1.1
Host: 174342.t.hyros.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Product-ID: 174342
Origin: https://go.mattpar.com
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:35 GMT
content-length: 0
access-control-allow-origin: https://go.mattpar.com
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-credentials: true
etag: HB-ET_6b94d4c464cb9d73f85abb9023ebad5a49c5213d37c259f7221f0e744cbef899
set-cookie: __mh_tt_disable_script=true;SameSite=None;Secure;Version=1;Path=/;Max-Age=0
__mh_tt_s=HB-ET_6b94d4c464cb9d73f85abb9023ebad5a49c5213d37c259f7221f0e744cbef899;SameSite=None;Secure;Version=1;Path=/;Max-Age=400000000
session-id: HB-ET_6b94d4c464cb9d73f85abb9023ebad5a49c5213d37c259f7221f0e744cbef899
X-Firefox-Spdy: h2
event.webinarjam.com/css/registration_embed.css
104.16.246.28200 OK 8.3 kB URL HTTP/2 event.webinarjam.com/css/registration_embed.css
IP 104.16.246.28:0
File type ASCII text, with very long lines (45002)
Hash 038b4f2a13ef65bb7b332016ac4b5057
a077fa85ef3c25541460dabbf9b40f92a53e8a34
51c6748c8852153c1f4acd09e42993f04bc7fde7f061825dd089f2188cd85bf5
GET /css/registration_embed.css HTTP/1.1
Host: event.webinarjam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Cookie: XSRF-TOKEN=eyJpdiI6InRxNURKMkVyQWhFbzlvNXZ4VGRXOWc9PSIsInZhbHVlIjoibGowV2orSGtBMlwvSWR1MDZ3UysxRlVXQWUySzBSVGNiQzhKSXc1Rkg0eENqMjhheVlvaWRNTmNlWTdoejlIcXMiLCJtYWMiOiIwZDQxOTZmZWI3YWU2NDc2MjllZjQzOWNmYjBhNjlkMDkwMjI0NWFmNjA2MmQzMDNhYzMzYmM5NDM0NjIxZWEzIn0%3D; wj4s=n9Xzw9QLPpBm7OF2UUaCxCSM0h9djgJEyvC9NOet
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"6305eaba-afcb"
last-modified: Wed, 24 Aug 2022 09:09:14 GMT
cf-cache-status: HIT
age: 5396
expires: Thu, 01 Sep 2022 16:10:35 GMT
cache-control: public, max-age=7200
vary: Accept-Encoding
server: cloudflare
cf-ray: 743e971cfcde0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
event.webinarjam.com/js/registration_embed.js
104.16.246.28200 OK 9.1 kB URL HTTP/2 event.webinarjam.com/js/registration_embed.js
IP 104.16.246.28:0
File type Unicode text, UTF-8 text, with very long lines (26185), with no line terminators
Hash e090ed69984adca7651c24b973cecf44
bbb9fdb3b8455c97d4d302f6950fc923ad02ffcf
dd0646ab44c59fb8dfd5589535a1f8c3b35279f08ae5ede5d7bf87b8f2f713b1
GET /js/registration_embed.js HTTP/1.1
Host: event.webinarjam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Cookie: XSRF-TOKEN=eyJpdiI6InRxNURKMkVyQWhFbzlvNXZ4VGRXOWc9PSIsInZhbHVlIjoibGowV2orSGtBMlwvSWR1MDZ3UysxRlVXQWUySzBSVGNiQzhKSXc1Rkg0eENqMjhheVlvaWRNTmNlWTdoejlIcXMiLCJtYWMiOiIwZDQxOTZmZWI3YWU2NDc2MjllZjQzOWNmYjBhNjlkMDkwMjI0NWFmNjA2MmQzMDNhYzMzYmM5NDM0NjIxZWEzIn0%3D; wj4s=n9Xzw9QLPpBm7OF2UUaCxCSM0h9djgJEyvC9NOet
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=26228
etag: W/"6305eac3-6674"
last-modified: Wed, 24 Aug 2022 09:09:23 GMT
cf-cache-status: HIT
age: 1551
expires: Thu, 01 Sep 2022 16:10:35 GMT
cache-control: public, max-age=7200
vary: Accept-Encoding
server: cloudflare
cf-ray: 743e971d0ce90afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b6750faede6836366f73bbe648c14163
d489353c09f0aa01315c63900262859c571d420e
c3d13a9031f3ab49877147b71ec74e93161c3ac17152154c3ae5eeccf713f7f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:10:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4346627cf7d4d78ed2248ed44379d0b5
4919331157bc0704acbea885178b90a2f9055388
4aca7992f94d346229e4735c1b915bf170d0d916bd45d01af965802790ce8d4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:10:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/a/AGF-l78Unbq9JVQNWDW0MyfJIO-PKDt8sx3XD9vKwA=s100-mo-c-c0xffffffff-rj-k-no
142.250.74.161200 OK 3.0 kB URL HTTP/2 yt3.ggpht.com/a/AGF-l78Unbq9JVQNWDW0MyfJIO-PKDt8sx3XD9vKwA=s100-mo-c-c0xffffffff-rj-k-no
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 100x100, components 3\012- data
Hash b85c4b172ceb084d70476e107ad77ab7
7ae677870ead195448e892e9c51d4296b31ccee7
78a0b466ffd3e2858f216542469b59c14e9587ed5d318935119b6f85f969ab3a
GET /a/AGF-l78Unbq9JVQNWDW0MyfJIO-PKDt8sx3XD9vKwA=s100-mo-c-c0xffffffff-rj-k-no HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2985
x-xss-protection: 0
date: Thu, 01 Sep 2022 13:36:37 GMT
expires: Mon, 01 Aug 2022 07:43:06 GMT
cache-control: public, max-age=86400, no-transform
age: 2038
etag: "v26"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1623)
Hash 4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 01 Sep 2022 14:10:35 GMT
expires: Thu, 01 Sep 2022 14:10:35 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4346627cf7d4d78ed2248ed44379d0b5
4919331157bc0704acbea885178b90a2f9055388
4aca7992f94d346229e4735c1b915bf170d0d916bd45d01af965802790ce8d4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:10:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
event.webinarjam.com/register/qy3k0a8/embed-button?_=1662041434874
104.16.246.28200 OK 5.6 kB URL HTTP/2 event.webinarjam.com/register/qy3k0a8/embed-button?_=1662041434874
IP 104.16.246.28:0
File type ASCII text, with very long lines (2241)
Hash 1d5093f592902bb996d670e5f74a50a3
e55aa9ce4ce8e34a946f42c94adf4c2cfb19e37b
4f92200939c1b6d09580ac7178b19ee879ed5d2db707c9fe5b8223d42b87787d
GET /register/qy3k0a8/embed-button?_=1662041434874 HTTP/1.1
Host: event.webinarjam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:35 GMT
content-type: application/javascript
cache-control: private
x-frame-options: sameorigin
set-cookie: XSRF-TOKEN=eyJpdiI6InRxNURKMkVyQWhFbzlvNXZ4VGRXOWc9PSIsInZhbHVlIjoibGowV2orSGtBMlwvSWR1MDZ3UysxRlVXQWUySzBSVGNiQzhKSXc1Rkg0eENqMjhheVlvaWRNTmNlWTdoejlIcXMiLCJtYWMiOiIwZDQxOTZmZWI3YWU2NDc2MjllZjQzOWNmYjBhNjlkMDkwMjI0NWFmNjA2MmQzMDNhYzMzYmM5NDM0NjIxZWEzIn0%3D; expires=Fri, 02-Sep-2022 14:10:35 GMT; Max-Age=86400; path=/; domain=.webinarjam.com; secure; samesite=none
wj4s=n9Xzw9QLPpBm7OF2UUaCxCSM0h9djgJEyvC9NOet; expires=Fri, 02-Sep-2022 14:10:35 GMT; Max-Age=86400; path=/; domain=.webinarjam.com; secure; httponly; samesite=none
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 743e9719d9680afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1e230d71fac53f0baf663d169fd0ab4b
e6b9eef8b4169298034c58114a94028a16d426e2
bd490fdde2b281ce5559ad22ea4a954037b546adae591950f47c0d37de1125d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:10:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/666807682/?random=1662041435729&cv=9&fst=1662041435729&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8t0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training&tiba=FREE%20TRAINING%3A%20How%20to%20Make%20Money%20on%20YouTube%20Without%20Recording%20Videos&auid=734406788.1662041435&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/666807682/?random=1662041435729&cv=9&fst=1662041435729&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8t0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training&tiba=FREE%20TRAINING%3A%20How%20to%20Make%20Money%20on%20YouTube%20Without%20Recording%20Videos&auid=734406788.1662041435&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2406), with no line terminators
Hash 205594eb40d57d5bee01c7c7f6a5b38a
27f0604419a82d682496e7e16d10dd532ab60d83
ab5de4e012d06dcf02f679dbe2c0c6c3dbd4bc775d914c4585bef961cb1134d7
GET /pagead/viewthroughconversion/666807682/?random=1662041435729&cv=9&fst=1662041435729&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8t0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training&tiba=FREE%20TRAINING%3A%20How%20to%20Make%20Money%20on%20YouTube%20Without%20Recording%20Videos&auid=734406788.1662041435&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 14:10:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1089
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Sep-2022 14:25:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1e230d71fac53f0baf663d169fd0ab4b
e6b9eef8b4169298034c58114a94028a16d426e2
bd490fdde2b281ce5559ad22ea4a954037b546adae591950f47c0d37de1125d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:10:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a903e9e44a7d33edea89855b8eb81cc0
7de6f45551976c234c93be2a4966c5ee7832e4ea
e622e37b64b87dc7c04e43c424a030a9d09be1e77066d4b22d57743e91007d57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:10:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/666807682/?random=1662041435729&cv=9&fst=1662040800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training&tiba=FREE%20TRAINING%3A%20How%20to%20Make%20Money%20on%20YouTube%20Without%20Recording%20Videos&async=1&fmt=3&is_vtc=1&random=1142464907&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/666807682/?random=1662041435729&cv=9&fst=1662040800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training&tiba=FREE%20TRAINING%3A%20How%20to%20Make%20Money%20on%20YouTube%20Without%20Recording%20Videos&async=1&fmt=3&is_vtc=1&random=1142464907&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/666807682/?random=1662041435729&cv=9&fst=1662040800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training&tiba=FREE%20TRAINING%3A%20How%20to%20Make%20Money%20on%20YouTube%20Without%20Recording%20Videos&async=1&fmt=3&is_vtc=1&random=1142464907&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 14:10:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a903e9e44a7d33edea89855b8eb81cc0
7de6f45551976c234c93be2a4966c5ee7832e4ea
e622e37b64b87dc7c04e43c424a030a9d09be1e77066d4b22d57743e91007d57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 14:10:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
174342.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0
34.226.127.56200 OK 4.4 kB URL HTTP/2 174342.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0
IP 34.226.127.56:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 7a69240a6584fa3b8024a3bd67736b49
5178f6a3344bd6c32d5edffe58a81a0cff463825
b113b19251214c8099a63d55e7485d78de9754db8288e5e0c0f60330697571e3
OPTIONS /v1/lst/pc?ref_url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0 HTTP/1.1
Host: 174342.t.hyros.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Referer: https://go.mattpar.com/
Origin: https://go.mattpar.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:36 GMT
content-type: application/vnd.sun.wadl+xml;charset=utf-8
content-length: 4418
access-control-allow-origin: https://go.mattpar.com
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-credentials: true
allow: HEAD,GET,OPTIONS
last-modified: Thu, 01 Sep 2022 14:10:36 UTC
X-Firefox-Spdy: h2
174342.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0
34.226.127.56200 OK 117 B URL HTTP/2 174342.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0
IP 34.226.127.56:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9c753a42afa7f55a8558ad51b5e34fbe
f46fb67313304ab3efc80b48db1e827834e86e6e
66f7fd898595462acfe8b61bdd6ad86c6b4c0931bcd29ca6d7ccb87e437e523b
GET /v1/lst/pc?ref_url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%3B+rv%3A96.0%29+Gecko%2F20100101+Firefox%2F96.0 HTTP/1.1
Host: 174342.t.hyros.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-type: application/json; charset=utf-8
Session-ID: HB-ET_6b94d4c464cb9d73f85abb9023ebad5a49c5213d37c259f7221f0e744cbef899
Product-ID: 174342
Origin: https://go.mattpar.com
Connection: keep-alive
Referer: https://go.mattpar.com/
Cookie: __mh_tt_s=HB-ET_6b94d4c464cb9d73f85abb9023ebad5a49c5213d37c259f7221f0e744cbef899
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:36 GMT
content-type: application/json;charset=utf-8
content-length: 117
access-control-allow-origin: https://go.mattpar.com
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-credentials: true
X-Firefox-Spdy: h2
go.mattpar.com/images/background.png?_unique=0.7702297421638011&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//go.mattpar.com/yt-free-training&_title=FREE%20TRAINING%3A%20How%20to%20Make%20Money%20on%20YouTube%20Without%20Recording%20Videos&_key=z4wbwx48&_page_key=r4tteezip6ajh6ve&_fid=8494462&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://go.mattpar.com/yt-free-training&_referrer=
104.16.15.194200 OK 14 kB URL HTTP/2 go.mattpar.com/images/background.png?_unique=0.7702297421638011&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//go.mattpar.com/yt-free-training&_title=FREE%20TRAINING%3A%20How%20to%20Make%20Money%20on%20YouTube%20Without%20Recording%20Videos&_key=z4wbwx48&_page_key=r4tteezip6ajh6ve&_fid=8494462&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://go.mattpar.com/yt-free-training&_referrer=
IP 104.16.15.194:0
File type ASCII text, with no line terminators
Hash fb4e1a9b8072cf7cbfa003318404b096
1ec6dce5c978a2056bd4ef3abd67dace544c2164
5ed5be8c04c51e1861120ad392eb00fd74fbf06f7e28f2e0aa3ec0166aa6ea2c
GET /images/background.png?_unique=0.7702297421638011&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//go.mattpar.com/yt-free-training&_title=FREE%20TRAINING%3A%20How%20to%20Make%20Money%20on%20YouTube%20Without%20Recording%20Videos&_key=z4wbwx48&_page_key=r4tteezip6ajh6ve&_fid=8494462&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://go.mattpar.com/yt-free-training&_referrer= HTTP/1.1
Host: go.mattpar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/yt-free-training
Cookie: __cf_bm=BNHJw_K7EVapLP_lO07KpBA0WA75GZgD42Pd.XWDwJ8-1662041434-0-AdfXY1xYemmgiKtmoMBuCb1MtGq0Ubb3JMJLqNQEOXTgStZLw3j7RUUwHXDU0UjtD+RMvpiyHkhcanJfV3v8MwS9eDPzE9CeNw5KM5Itw9F7; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:MzU2OTYwMzE=:visited=true; cf:visitor_id=f087dfad-8944-4de7-9909-1c456e481caa; addevent_track_cookie=0f6da656-57f7-441c-5f64-6c20e2e1b138; _gcl_au=1.1.734406788.1662041435; _ga_8Q161J6CNT=GS1.1.1662041434.1.0.1662041434.0.0.0; _ga=GA1.1.966686190.1662041435; wj_reg_track_232726=%7B%22qy3k0a8%22%3A%7B%22v%22%3A1%7D%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:36 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 743e97203b071c12-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: d08f08a0069844806183a767f231813b
x-runtime: 0.020363
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
go.mattpar.com/assets/lander.css
104.16.15.194200 OK 0 B URL HTTP/2 go.mattpar.com/assets/lander.css
IP 104.16.15.194:0
GET /assets/lander.css HTTP/1.1
Host: go.mattpar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/yt-free-training
Cookie: __cf_bm=BNHJw_K7EVapLP_lO07KpBA0WA75GZgD42Pd.XWDwJ8-1662041434-0-AdfXY1xYemmgiKtmoMBuCb1MtGq0Ubb3JMJLqNQEOXTgStZLw3j7RUUwHXDU0UjtD+RMvpiyHkhcanJfV3v8MwS9eDPzE9CeNw5KM5Itw9F7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:34 GMT
content-type: text/css
cf-ray: 743e9714edd61c12-OSL
access-control-allow-origin: *
age: 474
cache-control: public, max-age=1200
etag: W/"630e9cfc-6a514"
expires: Thu, 01 Sep 2022 14:30:34 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=AIzxRumEdKLE61whEFp0qbc5yYOdLcVLOFbNG1CBPnE-1662041434-0-AQIYZtYTsTMA1TeRCA3cdwBZqGu-tCVqUwkj92CqigQi_CYk90Q79yYZxZ_AieNnQE7Utl2EKCmaSISRSw8A4Y4"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=AIzxRumEdKLE61whEFp0qbc5yYOdLcVLOFbNG1CBPnE-1662041434-0-AQIYZtYTsTMA1TeRCA3cdwBZqGu-tCVqUwkj92CqigQi_CYk90Q79yYZxZ_AieNnQE7Utl2EKCmaSISRSw8A4Y4; report-to cf-csp-endpoint
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
go.mattpar.com/vendor.js
104.16.15.194200 OK 0 B IP 104.16.15.194:0
GET /vendor.js HTTP/1.1
Host: go.mattpar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/yt-free-training
Cookie: __cf_bm=BNHJw_K7EVapLP_lO07KpBA0WA75GZgD42Pd.XWDwJ8-1662041434-0-AdfXY1xYemmgiKtmoMBuCb1MtGq0Ubb3JMJLqNQEOXTgStZLw3j7RUUwHXDU0UjtD+RMvpiyHkhcanJfV3v8MwS9eDPzE9CeNw5KM5Itw9F7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:35 GMT
content-type: application/javascript
cf-ray: 743e9718ea931c12-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: 3bf799007c71015047184059970e1293
x-runtime: 0.026495
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=OUdyUVRoQlNYK3RUYlhnWUwxelhMdz09LS1CNWVOZjBQNlovbEt0S1VZZXBwWFpnPT0%3D--ecb6ee6e0d681add58c8c53892a83ff03d274c98&page_id=UE5USjdLUkppT24wVlkvYjRscmpxZz09LS1MWFQxeHUyVGpJOUdRbitMcmZXZ2FRPT0%3D--ca5e0f86d589ed260fb1a5df371934cb2a576994&funnel_step_id=cFdNRkt1Q1ZDazdmcDBWSVpsd0tMdz09LS0xZTdYOCtpbDFZWVJhamNLdW94bGFBPT0%3D--5be59e1aceb648caa649aad45267f5382317acaf&user_id=R2dtcWpzY1VVNVdyZnlXSGMzWitkZz09LS13dm9yNFlRNnZROTJoV1Y0MmdZZ013PT0%3D--864c6f389fbb09cd3a196f60e8d6d31123ef31ed&account_id=Nk1KTUd3Mmt5U2ZmNkxlZXpzaUhNdz09LS1mdkE1NTZod0llYURSM1lNaFpHaVVRPT0%3D--402cd804751c150dc12952d2931777066f88f718&page_code=MzU2OTYwMzE%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=223f1ee4-4359-4381-8c78-9dea061a3d0a&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training
104.16.14.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=OUdyUVRoQlNYK3RUYlhnWUwxelhMdz09LS1CNWVOZjBQNlovbEt0S1VZZXBwWFpnPT0%3D--ecb6ee6e0d681add58c8c53892a83ff03d274c98&page_id=UE5USjdLUkppT24wVlkvYjRscmpxZz09LS1MWFQxeHUyVGpJOUdRbitMcmZXZ2FRPT0%3D--ca5e0f86d589ed260fb1a5df371934cb2a576994&funnel_step_id=cFdNRkt1Q1ZDazdmcDBWSVpsd0tMdz09LS0xZTdYOCtpbDFZWVJhamNLdW94bGFBPT0%3D--5be59e1aceb648caa649aad45267f5382317acaf&user_id=R2dtcWpzY1VVNVdyZnlXSGMzWitkZz09LS13dm9yNFlRNnZROTJoV1Y0MmdZZ013PT0%3D--864c6f389fbb09cd3a196f60e8d6d31123ef31ed&account_id=Nk1KTUd3Mmt5U2ZmNkxlZXpzaUhNdz09LS1mdkE1NTZod0llYURSM1lNaFpHaVVRPT0%3D--402cd804751c150dc12952d2931777066f88f718&page_code=MzU2OTYwMzE%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=223f1ee4-4359-4381-8c78-9dea061a3d0a&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training
IP 104.16.14.194:0
GET /userevents/?funnel_id=OUdyUVRoQlNYK3RUYlhnWUwxelhMdz09LS1CNWVOZjBQNlovbEt0S1VZZXBwWFpnPT0%3D--ecb6ee6e0d681add58c8c53892a83ff03d274c98&page_id=UE5USjdLUkppT24wVlkvYjRscmpxZz09LS1MWFQxeHUyVGpJOUdRbitMcmZXZ2FRPT0%3D--ca5e0f86d589ed260fb1a5df371934cb2a576994&funnel_step_id=cFdNRkt1Q1ZDazdmcDBWSVpsd0tMdz09LS0xZTdYOCtpbDFZWVJhamNLdW94bGFBPT0%3D--5be59e1aceb648caa649aad45267f5382317acaf&user_id=R2dtcWpzY1VVNVdyZnlXSGMzWitkZz09LS13dm9yNFlRNnZROTJoV1Y0MmdZZ013PT0%3D--864c6f389fbb09cd3a196f60e8d6d31123ef31ed&account_id=Nk1KTUd3Mmt5U2ZmNkxlZXpzaUhNdz09LS1mdkE1NTZod0llYURSM1lNaFpHaVVRPT0%3D--402cd804751c150dc12952d2931777066f88f718&page_code=MzU2OTYwMzE%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=223f1ee4-4359-4381-8c78-9dea061a3d0a&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.mattpar.com
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Thu, 01 Sep 2022 14:10:35 GMT
content-type: text/html
cf-ray: 743e97196b2db4f7-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 118cbfe79312cf69642fa3770337e2fd
x-runtime: 0.043240
set-cookie: __cf_bm=hM.9l8XzzE3Zd2KPHRtIQEP.Qbd1hLBFHzxZ0S3MW9U-1662041435-0-AXxAYFzeG1D2priH+lp2ZymK6eCa0NJ5H2/S59dgpLnEAnBOUFTzRePYzaC1gbo7Ui1Qj1c6jtchvqQ6wlUrtIcqAW+7fWSLlrJqWKIfne1x; path=/; expires=Thu, 01-Sep-22 14:40:35 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=OUdyUVRoQlNYK3RUYlhnWUwxelhMdz09LS1CNWVOZjBQNlovbEt0S1VZZXBwWFpnPT0%3D--ecb6ee6e0d681add58c8c53892a83ff03d274c98&page_id=UE5USjdLUkppT24wVlkvYjRscmpxZz09LS1MWFQxeHUyVGpJOUdRbitMcmZXZ2FRPT0%3D--ca5e0f86d589ed260fb1a5df371934cb2a576994&funnel_step_id=cFdNRkt1Q1ZDazdmcDBWSVpsd0tMdz09LS0xZTdYOCtpbDFZWVJhamNLdW94bGFBPT0%3D--5be59e1aceb648caa649aad45267f5382317acaf&user_id=R2dtcWpzY1VVNVdyZnlXSGMzWitkZz09LS13dm9yNFlRNnZROTJoV1Y0MmdZZ013PT0%3D--864c6f389fbb09cd3a196f60e8d6d31123ef31ed&account_id=Nk1KTUd3Mmt5U2ZmNkxlZXpzaUhNdz09LS1mdkE1NTZod0llYURSM1lNaFpHaVVRPT0%3D--402cd804751c150dc12952d2931777066f88f718&page_code=MzU2OTYwMzE%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=898c32ff-9bb0-49e9-9f21-a64ca036f3df&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training
104.16.14.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=OUdyUVRoQlNYK3RUYlhnWUwxelhMdz09LS1CNWVOZjBQNlovbEt0S1VZZXBwWFpnPT0%3D--ecb6ee6e0d681add58c8c53892a83ff03d274c98&page_id=UE5USjdLUkppT24wVlkvYjRscmpxZz09LS1MWFQxeHUyVGpJOUdRbitMcmZXZ2FRPT0%3D--ca5e0f86d589ed260fb1a5df371934cb2a576994&funnel_step_id=cFdNRkt1Q1ZDazdmcDBWSVpsd0tMdz09LS0xZTdYOCtpbDFZWVJhamNLdW94bGFBPT0%3D--5be59e1aceb648caa649aad45267f5382317acaf&user_id=R2dtcWpzY1VVNVdyZnlXSGMzWitkZz09LS13dm9yNFlRNnZROTJoV1Y0MmdZZ013PT0%3D--864c6f389fbb09cd3a196f60e8d6d31123ef31ed&account_id=Nk1KTUd3Mmt5U2ZmNkxlZXpzaUhNdz09LS1mdkE1NTZod0llYURSM1lNaFpHaVVRPT0%3D--402cd804751c150dc12952d2931777066f88f718&page_code=MzU2OTYwMzE%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=898c32ff-9bb0-49e9-9f21-a64ca036f3df&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training
IP 104.16.14.194:0
GET /userevents/?funnel_id=OUdyUVRoQlNYK3RUYlhnWUwxelhMdz09LS1CNWVOZjBQNlovbEt0S1VZZXBwWFpnPT0%3D--ecb6ee6e0d681add58c8c53892a83ff03d274c98&page_id=UE5USjdLUkppT24wVlkvYjRscmpxZz09LS1MWFQxeHUyVGpJOUdRbitMcmZXZ2FRPT0%3D--ca5e0f86d589ed260fb1a5df371934cb2a576994&funnel_step_id=cFdNRkt1Q1ZDazdmcDBWSVpsd0tMdz09LS0xZTdYOCtpbDFZWVJhamNLdW94bGFBPT0%3D--5be59e1aceb648caa649aad45267f5382317acaf&user_id=R2dtcWpzY1VVNVdyZnlXSGMzWitkZz09LS13dm9yNFlRNnZROTJoV1Y0MmdZZ013PT0%3D--864c6f389fbb09cd3a196f60e8d6d31123ef31ed&account_id=Nk1KTUd3Mmt5U2ZmNkxlZXpzaUhNdz09LS1mdkE1NTZod0llYURSM1lNaFpHaVVRPT0%3D--402cd804751c150dc12952d2931777066f88f718&page_code=MzU2OTYwMzE%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=898c32ff-9bb0-49e9-9f21-a64ca036f3df&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.mattpar.com
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Thu, 01 Sep 2022 14:10:35 GMT
content-type: text/html
cf-ray: 743e97196b3db4f7-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: a04e3f6831aa0ce83006999d7450650b
x-runtime: 0.051469
set-cookie: __cf_bm=IBJ2rCW1QSqWL3XlJDURtHhk8KLNFSZD7Rmf1Z6J_QM-1662041435-0-ARjL2/M9SqnyGSJ6IboSj4GyAFAZV65JWcPGPO3SZxHn+dG7Ppsk3uKYQeiUxeVH1KgroC+Nc8aJSK+1R/T4U2JU9iMqItCXfRVrXWUjcqMz; path=/; expires=Thu, 01-Sep-22 14:40:35 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
event.webinarjam.com/register/qy3k0a8/embed-button?_=1662041434875
104.16.246.28200 OK 0 B URL HTTP/2 event.webinarjam.com/register/qy3k0a8/embed-button?_=1662041434875
IP 104.16.246.28:0
GET /register/qy3k0a8/embed-button?_=1662041434875 HTTP/1.1
Host: event.webinarjam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:35 GMT
content-type: application/javascript
cache-control: private
x-frame-options: sameorigin
set-cookie: XSRF-TOKEN=eyJpdiI6Ik5ZZG5IcGlCblFzSjdNakNkTUdEeUE9PSIsInZhbHVlIjoiWVwva0cyc0R3bFYzQjA4YnNZYWhuYUZkK1JQYzRWeVhpeDFValJ4VlA2clwvNnBseFVUVXhaRE5vTk5mZ1wvTnhpeiIsIm1hYyI6IjMzZmRhOWYzNzNkNDJkZWI4NGE0MWY5Mzk3ZDBlNWFkM2Y1MWEzZDAxODI2NThlMGIwNWRmN2FjMDhmOTg3MzcifQ%3D%3D; expires=Fri, 02-Sep-2022 14:10:35 GMT; Max-Age=86400; path=/; domain=.webinarjam.com; secure; samesite=none
wj4s=3pfU6RBM5yuLaEh68K1bMLLUyScWBvIXPMj8uoGh; expires=Fri, 02-Sep-2022 14:10:35 GMT; Max-Age=86400; path=/; domain=.webinarjam.com; secure; httponly; samesite=none
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 743e9719d9740afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
go.mattpar.com/cdn-cgi/rum?
104.16.15.194200 OK 0 B URL HTTP/2 go.mattpar.com/cdn-cgi/rum?
IP 104.16.15.194:0
POST /cdn-cgi/rum? HTTP/1.1
Host: go.mattpar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 422
Origin: https://go.mattpar.com
Connection: keep-alive
Referer: https://go.mattpar.com/yt-free-training
Cookie: __cf_bm=BNHJw_K7EVapLP_lO07KpBA0WA75GZgD42Pd.XWDwJ8-1662041434-0-AdfXY1xYemmgiKtmoMBuCb1MtGq0Ubb3JMJLqNQEOXTgStZLw3j7RUUwHXDU0UjtD+RMvpiyHkhcanJfV3v8MwS9eDPzE9CeNw5KM5Itw9F7; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:MzU2OTYwMzE=:visited=true; cf:visitor_id=f087dfad-8944-4de7-9909-1c456e481caa; addevent_track_cookie=0f6da656-57f7-441c-5f64-6c20e2e1b138; _gcl_au=1.1.734406788.1662041435; _ga_8Q161J6CNT=GS1.1.1662041434.1.0.1662041436.0.0.0; _ga=GA1.1.966686190.1662041435; wj_reg_track_232726=%7B%22qy3k0a8%22%3A%7B%22v%22%3A1%7D%7D; is_eu=false; r4tteezip6ajh6ve=true; 8494462_viewed_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:36 GMT
content-type: text/plain
access-control-allow-origin: https://go.mattpar.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 743e9723ce981c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
www.digistore24.com/content/299134/26781/maxprofit/CAMPAIGNKEY
35.244.212.226301 Moved Permanently 0 B URL HTTP/2 www.digistore24.com/content/299134/26781/maxprofit/CAMPAIGNKEY
IP 35.244.212.226:0
GET /content/299134/26781/maxprofit/CAMPAIGNKEY HTTP/1.1
Host: www.digistore24.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Thu, 01 Sep 2022 14:10:33 GMT
server: envoy
x-robots-tag: noindex, nofollow, noarchive
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
set-cookie: pro_427430=565809%3D%3D%3D%3D1662041433%3D~~~~%3D%3D299134%3DN%3D26781%3D%3D16620414336310bd59f127b3.38596573; expires=Sun, 05-Mar-2023 14:10:33 GMT; Max-Age=15984000; path=/; domain=www.digistore24.com; secure; SameSite=None
fc_clicked_299134[initial]=1; path=/; domain=www.digistore24.com; secure; SameSite=None
location: https://go.mattpar.com/yt-free-training
content-type: text/html; charset=UTF-8
x-envoy-upstream-service-time: 81
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 google
x-envoy-decorator-operation: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
go.mattpar.com/yt-free-training
104.16.15.194200 OK 0 B URL HTTP/2 go.mattpar.com/yt-free-training
IP 104.16.15.194:0
GET /yt-free-training HTTP/1.1
Host: go.mattpar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:34 GMT
content-type: text/html; charset=utf-8
cf-ray: 743e9712fbd21c12-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Fri, 12 Nov 2021 16:47:12 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 6b8c918f43c42b82722d129fa07cc30cabdae804
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: 7d08ac171d834b57e0a8207aaa15ff13
x-runtime: 0.271041
set-cookie: __cf_bm=BNHJw_K7EVapLP_lO07KpBA0WA75GZgD42Pd.XWDwJ8-1662041434-0-AdfXY1xYemmgiKtmoMBuCb1MtGq0Ubb3JMJLqNQEOXTgStZLw3j7RUUwHXDU0UjtD+RMvpiyHkhcanJfV3v8MwS9eDPzE9CeNw5KM5Itw9F7; path=/; expires=Thu, 01-Sep-22 14:40:34 GMT; domain=.go.mattpar.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
174342.tracking.hyros.com/v1/lst/universal-script?ph=f83aeee371eeb73c3df3ec4b289c4e2b5ef4624828df38da70e6da6985714cb8&tag=!tracking
23.23.180.42200 OK 0 B URL HTTP/2 174342.tracking.hyros.com/v1/lst/universal-script?ph=f83aeee371eeb73c3df3ec4b289c4e2b5ef4624828df38da70e6da6985714cb8&tag=!tracking
IP 23.23.180.42:0
GET /v1/lst/universal-script?ph=f83aeee371eeb73c3df3ec4b289c4e2b5ef4624828df38da70e6da6985714cb8&tag=!tracking HTTP/1.1
Host: 174342.tracking.hyros.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:35 GMT
content-type: text/plain;charset=utf-8
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-credentials: true
X-Firefox-Spdy: h2
tracking.markethero.io/v1/lst/script?pid=174342
34.226.127.56200 OK 0 B URL HTTP/2 tracking.markethero.io/v1/lst/script?pid=174342
IP 34.226.127.56:0
GET /v1/lst/script?pid=174342 HTTP/1.1
Host: tracking.markethero.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:35 GMT
content-type: text/plain;charset=utf-8
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-expose-headers: Session-ID
access-control-max-age: 86400
access-control-allow-credentials: true
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=OUdyUVRoQlNYK3RUYlhnWUwxelhMdz09LS1CNWVOZjBQNlovbEt0S1VZZXBwWFpnPT0%3D--ecb6ee6e0d681add58c8c53892a83ff03d274c98&page_id=UE5USjdLUkppT24wVlkvYjRscmpxZz09LS1MWFQxeHUyVGpJOUdRbitMcmZXZ2FRPT0%3D--ca5e0f86d589ed260fb1a5df371934cb2a576994&funnel_step_id=cFdNRkt1Q1ZDazdmcDBWSVpsd0tMdz09LS0xZTdYOCtpbDFZWVJhamNLdW94bGFBPT0%3D--5be59e1aceb648caa649aad45267f5382317acaf&user_id=R2dtcWpzY1VVNVdyZnlXSGMzWitkZz09LS13dm9yNFlRNnZROTJoV1Y0MmdZZ013PT0%3D--864c6f389fbb09cd3a196f60e8d6d31123ef31ed&account_id=Nk1KTUd3Mmt5U2ZmNkxlZXpzaUhNdz09LS1mdkE1NTZod0llYURSM1lNaFpHaVVRPT0%3D--402cd804751c150dc12952d2931777066f88f718&page_code=MzU2OTYwMzE%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=36bd58e7-1c17-4a83-a1ec-25892792eedd&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training
104.16.14.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=OUdyUVRoQlNYK3RUYlhnWUwxelhMdz09LS1CNWVOZjBQNlovbEt0S1VZZXBwWFpnPT0%3D--ecb6ee6e0d681add58c8c53892a83ff03d274c98&page_id=UE5USjdLUkppT24wVlkvYjRscmpxZz09LS1MWFQxeHUyVGpJOUdRbitMcmZXZ2FRPT0%3D--ca5e0f86d589ed260fb1a5df371934cb2a576994&funnel_step_id=cFdNRkt1Q1ZDazdmcDBWSVpsd0tMdz09LS0xZTdYOCtpbDFZWVJhamNLdW94bGFBPT0%3D--5be59e1aceb648caa649aad45267f5382317acaf&user_id=R2dtcWpzY1VVNVdyZnlXSGMzWitkZz09LS13dm9yNFlRNnZROTJoV1Y0MmdZZ013PT0%3D--864c6f389fbb09cd3a196f60e8d6d31123ef31ed&account_id=Nk1KTUd3Mmt5U2ZmNkxlZXpzaUhNdz09LS1mdkE1NTZod0llYURSM1lNaFpHaVVRPT0%3D--402cd804751c150dc12952d2931777066f88f718&page_code=MzU2OTYwMzE%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=36bd58e7-1c17-4a83-a1ec-25892792eedd&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training
IP 104.16.14.194:0
GET /userevents/?funnel_id=OUdyUVRoQlNYK3RUYlhnWUwxelhMdz09LS1CNWVOZjBQNlovbEt0S1VZZXBwWFpnPT0%3D--ecb6ee6e0d681add58c8c53892a83ff03d274c98&page_id=UE5USjdLUkppT24wVlkvYjRscmpxZz09LS1MWFQxeHUyVGpJOUdRbitMcmZXZ2FRPT0%3D--ca5e0f86d589ed260fb1a5df371934cb2a576994&funnel_step_id=cFdNRkt1Q1ZDazdmcDBWSVpsd0tMdz09LS0xZTdYOCtpbDFZWVJhamNLdW94bGFBPT0%3D--5be59e1aceb648caa649aad45267f5382317acaf&user_id=R2dtcWpzY1VVNVdyZnlXSGMzWitkZz09LS13dm9yNFlRNnZROTJoV1Y0MmdZZ013PT0%3D--864c6f389fbb09cd3a196f60e8d6d31123ef31ed&account_id=Nk1KTUd3Mmt5U2ZmNkxlZXpzaUhNdz09LS1mdkE1NTZod0llYURSM1lNaFpHaVVRPT0%3D--402cd804751c150dc12952d2931777066f88f718&page_code=MzU2OTYwMzE%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=36bd58e7-1c17-4a83-a1ec-25892792eedd&url=https%3A%2F%2Fgo.mattpar.com%2Fyt-free-training HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.mattpar.com
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Thu, 01 Sep 2022 14:10:35 GMT
content-type: text/html
cf-ray: 743e97196b3bb4f7-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: accbc7aae2606a191203708cc04fcc8b
x-runtime: 0.047753
set-cookie: __cf_bm=yXDZ.wA0yUKzGYRaD2qq8nW.pJDFhbfNboPlCy6LBLc-1662041435-0-Ab/WeSmhdQkbkOWpBg6TxwKs7g5EFPAzVzBQgzl3+OXpzgolc0/+ttucldkUKvwyeq/Gjv4ajkf+GzZ/CV1xE1lNWe3r/6QBvmfz6HL8rHP0; path=/; expires=Thu, 01-Sep-22 14:40:35 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/all.css
172.67.169.247200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/all.css
IP 172.67.169.247:0
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:34 GMT
content-type: text/css
x-amz-id-2: 5R63sGXcq2LptVgWp1Hbu23fLcn6t7yox4MdVDD4fYkPpwwpE0tP8nap3nE7BUsLxb2kn6BawAQ=
x-amz-request-id: FW5J89H89QA35JM6
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2204025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=321fmQoXabjKQfe0J8zZ1JAt33x3H5ImLb13Mox%2B2vEteI7wuAvhaBGVsm9AV%2FC0VVtM1n%2B3DokccC3oL%2Bc3Ya8ICyz%2Bl5jO3QslHGYJ4e6HuzCYqq7yomzq%2B3mNRuRwTEndg0cV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743e971518391c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.mattpar.com/assets/userevents/application.js
104.16.15.194200 OK 0 B URL HTTP/2 go.mattpar.com/assets/userevents/application.js
IP 104.16.15.194:0
GET /assets/userevents/application.js HTTP/1.1
Host: go.mattpar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/yt-free-training
Cookie: __cf_bm=BNHJw_K7EVapLP_lO07KpBA0WA75GZgD42Pd.XWDwJ8-1662041434-0-AdfXY1xYemmgiKtmoMBuCb1MtGq0Ubb3JMJLqNQEOXTgStZLw3j7RUUwHXDU0UjtD+RMvpiyHkhcanJfV3v8MwS9eDPzE9CeNw5KM5Itw9F7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:34 GMT
content-type: application/x-javascript
cf-ray: 743e9714fde61c12-OSL
access-control-allow-origin: *
age: 474
cache-control: public, max-age=1200
etag: W/"630e9cfc-1353"
expires: Thu, 01 Sep 2022 14:30:34 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
172.67.169.247200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP 172.67.169.247:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:34 GMT
content-type: text/css
x-amz-id-2: 29dQf2WVNOHot5Ay8pBeGC9Jp0pul03AFXB61uD4zFysCnT6qW6VHySxi6MC8oLZjApsDY/NPq0=
x-amz-request-id: B6FTANBTWNEFCW5M
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2125621
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTOSDck4EjlybwfylAkiBX7pjfAE9rmBmxzjOAK6BWoqrn3M92FIPGrakUqE0m3hBRDvJnDJR93kFO8%2FyXDaxVRAVX3%2B3smWObX8A5ERJwbRnIcstpacFf5ZqWu1t9VkfmMz0LXq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 743e971518311c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
event.webinarjam.com/register/qy3k0a8/embed-button?_=1662041434876
104.16.246.28200 OK 0 B URL HTTP/2 event.webinarjam.com/register/qy3k0a8/embed-button?_=1662041434876
IP 104.16.246.28:0
GET /register/qy3k0a8/embed-button?_=1662041434876 HTTP/1.1
Host: event.webinarjam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.mattpar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:35 GMT
content-type: application/javascript
cache-control: private
x-frame-options: sameorigin
set-cookie: XSRF-TOKEN=eyJpdiI6IllhZFpRZWVEZHROc2M3eTFVQ3loSGc9PSIsInZhbHVlIjoiMTdzU1I0SVM3NXRmU25KSVN3T2M4bEx6UDhjY0NOeDRwS3JQT3E1eHo0TnM2VHhvVUxFc3VMK0RrZzF3bWo3QiIsIm1hYyI6ImIwMmZlYzA2NjY0ODQ5MTg2NTI2NDg5YTRkNmNmMTkzODUwY2NjMWMxMGM0M2Y1YjA2MDEwZGUwNDZiMTc5NjcifQ%3D%3D; expires=Fri, 02-Sep-2022 14:10:35 GMT; Max-Age=86400; path=/; domain=.webinarjam.com; secure; samesite=none
wj4s=ts7NkOa7NfTcEyXRvKguy83VcQDSzOTKYrfledH6; expires=Fri, 02-Sep-2022 14:10:35 GMT; Max-Age=86400; path=/; domain=.webinarjam.com; secure; httponly; samesite=none
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 743e9719d9710afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
go.mattpar.com/cdn-cgi/rum?
104.16.15.194200 OK 0 B URL HTTP/2 go.mattpar.com/cdn-cgi/rum?
IP 104.16.15.194:0
POST /cdn-cgi/rum? HTTP/1.1
Host: go.mattpar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 15048
Origin: https://go.mattpar.com
Connection: keep-alive
Referer: https://go.mattpar.com/yt-free-training
Cookie: __cf_bm=BNHJw_K7EVapLP_lO07KpBA0WA75GZgD42Pd.XWDwJ8-1662041434-0-AdfXY1xYemmgiKtmoMBuCb1MtGq0Ubb3JMJLqNQEOXTgStZLw3j7RUUwHXDU0UjtD+RMvpiyHkhcanJfV3v8MwS9eDPzE9CeNw5KM5Itw9F7; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:MzU2OTYwMzE=:visited=true; cf:visitor_id=f087dfad-8944-4de7-9909-1c456e481caa; addevent_track_cookie=0f6da656-57f7-441c-5f64-6c20e2e1b138; _gcl_au=1.1.734406788.1662041435; _ga_8Q161J6CNT=GS1.1.1662041434.1.0.1662041434.0.0.0; _ga=GA1.1.966686190.1662041435; wj_reg_track_232726=%7B%22qy3k0a8%22%3A%7B%22v%22%3A1%7D%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 14:10:36 GMT
content-type: text/plain
access-control-allow-origin: https://go.mattpar.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 743e9720ebad1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2