firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 804f8bbb7f556d51a5f52d5ebd5b6eef
922cd7e06df278615a04abb81d811d14596c8180
ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 09:14:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ajATHmpxUk0ifMPa02otiAEINtqyjR7jRZ5AK25OV2jubqK1H1jLAA==
Age: 1187
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11969
Expires: Wed, 21 Sep 2022 12:53:39 GMT
Date: Wed, 21 Sep 2022 09:34:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UG_2VQkKM7oIMxdWCOmev94w5q472X1CCtz0WEC5JgCyDzi65cwUVg==
age: 17937
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 09:34:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
soymariocorona.com/
192.185.225.126200 OK 36 kB IP 192.185.225.126:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10200)
Hash 2a59ce9e6ff9174dcf67f6e517b6a76f
b671ebc7817c68dad8a692e0b04b809e80a9f49a
2bcc7d9fab05b30b0954060162a3092cdbf1c8cb091f3ca0e3340b23c76cc65b
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: soymariocorona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:34:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 19 Sep 2022 00:04:29 GMT
Accept-Ranges: bytes
Cache-Control: max-age=7200
Expires: Wed, 21 Sep 2022 11:34:10 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
104.16.15.194200 OK 5.3 kB URL HTTP/2 images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
IP 104.16.15.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d99a10ef5010513b3d30f7cf51614b5f
d60c1da11f05540f39632c7357c22b76c9ee1ed7
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474
GET /3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png HTTP/1.1
Host: images.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:34:10 GMT
content-type: image/webp
content-length: 5276
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9030
content-disposition: inline; filename="ClickfunnelsTag.webp"
etag: "a633777156a5ffeb58c92d3d59fa4e34"
last-modified: Fri, 03 Jan 2020 17:41:49 GMT
vary: Accept
x-amz-id-2: yDQ4lWX/DNGyt7YNpk7GEhfR78bYc0+VDD0URlhGFtdycdY6Jqdci9bK+xUyRGtUazQ8facJvao=
x-amz-request-id: KMP0WXXNVQ62KDV3
cf-cache-status: HIT
age: 3750
expires: Sat, 15 Oct 2022 09:34:10 GMT
cache-control: public, max-age=2073600
accept-ranges: bytes
set-cookie: __cf_bm=Sq513X0mTkEsZOD6uhQPL1jM1OEuKZsUDOUmesQuEeQ-1663752850-0-AZWS2ODuEyQi/3SXfMOgtt0NWurgrySbkWvBM2tGBvCsDAWECF2MspRiIDwKSISYTyrsT/WXVj21DYJ5DSPrkQocn2/a6JQuw8Fqc/raezjP; path=/; expires=Wed, 21-Sep-22 10:04:10 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74e1cdb4cac7b51b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://soymariocorona.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 59029
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:34:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
142.250.74.163200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22376, version 1.0\012- data
Hash e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://soymariocorona.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 02:03:50 GMT
expires: Sun, 17 Sep 2023 02:03:50 GMT
cache-control: public, max-age=31536000
age: 372620
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://soymariocorona.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 59029
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21224, version 1.0\012- data
Hash 13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://soymariocorona.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 23:13:25 GMT
expires: Wed, 20 Sep 2023 23:13:25 GMT
cache-control: public, max-age=31536000
age: 37245
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Hash e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://soymariocorona.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:38:37 GMT
expires: Tue, 19 Sep 2023 21:38:37 GMT
cache-control: public, max-age=31536000
age: 129333
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/headlandone/v15/yYLu0hHR2vKnp89Tk1TCq3TB1_NS.woff2
142.250.74.163200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/headlandone/v15/yYLu0hHR2vKnp89Tk1TCq3TB1_NS.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 25172, version 1.0\012- data
Hash adb63ffc553e84f95f46f1ad43e72fb1
98cfabd3227280636d068a0fa767555a04dd63e2
30146a467b9bac758390990e2921749498353408318e42cdce9d0441a1fb1909
GET /s/headlandone/v15/yYLu0hHR2vKnp89Tk1TCq3TB1_NS.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://soymariocorona.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 04:17:59 GMT
expires: Thu, 21 Sep 2023 04:17:59 GMT
cache-control: public, max-age=31536000
age: 18971
last-modified: Tue, 26 Apr 2022 16:50:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:34:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 09:40:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kTv_xaLa6PF6l3rUHuBuS7pJ07vnwquYKgEtmdBiRwnrdBcs6T_cHQ==
Age: 1849
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6392
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:34:11 GMT
Last-Modified: Wed, 21 Sep 2022 07:47:39 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
app.clickfunnels.com/userevents/?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=ec2d76b0-064c-49d7-8bab-81f42e93cc05&url=http%3A%2F%2Fsoymariocorona.com%2F
104.16.15.194301 Moved Permanently 1.4 kB URL HTTP/1.1 app.clickfunnels.com/userevents/?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=ec2d76b0-064c-49d7-8bab-81f42e93cc05&url=http%3A%2F%2Fsoymariocorona.com%2F
IP 104.16.15.194:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1416)
Hash 16c3d8e0e3d597c55c013d1feb090c18
26ccc8f8d447a19e4b4b91837c396f57c859014c
62247f5ed1293286944ea468178f276b189e59658df45e1d628adfe53428b215
GET /userevents/?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=ec2d76b0-064c-49d7-8bab-81f42e93cc05&url=http%3A%2F%2Fsoymariocorona.com%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://soymariocorona.com
Connection: keep-alive
Referer: http://soymariocorona.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 09:34:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://app.clickfunnels.com/userevents?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=ec2d76b0-064c-49d7-8bab-81f42e93cc05&url=http%3A%2F%2Fsoymariocorona.com%2F
CF-Ray: 74e1cdb92c2cb517-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 301 Moved Permanently
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: 90cd48ed29914f95cb0c82d56f0d64b8
X-Runtime: 0.011766
Set-Cookie: __cf_bm=MEJcBZRLrPWNLugEMY.9uqRmfQf6W209bmxkyDhw7Rk-1663752851-0-ATDgpV49sNzW2z7SEMm54E9XG2Fn9rs/ERyWqeNkH1jn2Vd5vrX9clppeOPq9JF9/Pogc15jfkD8uqc5nfCkvjITnFWX5rSkwcD7MdPaqhUY; path=/; expires=Wed, 21-Sep-22 10:04:11 GMT; domain=.clickfunnels.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60
app.clickfunnels.com/userevents/?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=809eb8b6-d51e-463d-9a5c-92b8a8254e2c&url=http%3A%2F%2Fsoymariocorona.com%2F
104.16.15.194301 Moved Permanently 1.4 kB URL HTTP/1.1 app.clickfunnels.com/userevents/?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=809eb8b6-d51e-463d-9a5c-92b8a8254e2c&url=http%3A%2F%2Fsoymariocorona.com%2F
IP 104.16.15.194:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1410)
Hash 88e167a58b8bf058435b4021873c1431
5dcb955f4b2cfc9670deca3f7bd0b0eeb47459ca
4926d038fccaa429fa48823defe7a267b9b798ebae39ee7448ab6d588c68c545
GET /userevents/?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=809eb8b6-d51e-463d-9a5c-92b8a8254e2c&url=http%3A%2F%2Fsoymariocorona.com%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://soymariocorona.com
Connection: keep-alive
Referer: http://soymariocorona.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 09:34:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://app.clickfunnels.com/userevents?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3APageviewsCreatedSummary&nonce=809eb8b6-d51e-463d-9a5c-92b8a8254e2c&url=http%3A%2F%2Fsoymariocorona.com%2F
CF-Ray: 74e1cdb929c7fab8-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 301 Moved Permanently
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: a23dd4d0b629bc92870bc27e86226396
X-Runtime: 0.008254
Set-Cookie: __cf_bm=e.t3OCFIYWj8dHIbmV5YNQ3gHHK05b4Yl9SDw3A75Zs-1663752851-0-ASNVFDDPS8cg2/vohl0+Pm07dlyaNtA6nBsYDAKUrw5ATVLe1MA2c0S6Fjy3aFF6D6oLaVY7rIQPJ16sEJ8cNyroj8yqa7MDp2uLAkhWcF8g; path=/; expires=Wed, 21-Sep-22 10:04:11 GMT; domain=.clickfunnels.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60
app.clickfunnels.com/userevents/?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=f847b614-1c7e-4da3-984f-7e674464b0b6&url=http%3A%2F%2Fsoymariocorona.com%2F
104.16.15.194301 Moved Permanently 1.4 kB URL HTTP/1.1 app.clickfunnels.com/userevents/?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=f847b614-1c7e-4da3-984f-7e674464b0b6&url=http%3A%2F%2Fsoymariocorona.com%2F
IP 104.16.15.194:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1415)
Hash b8ee16630083edf4c6c1757266e991a5
8e3f542bc4f2db839fa4820f80a68ed4661f69b0
856b852f09f352429ae036dc55292ce4b987e8b408285b19d794b505d4cceee7
GET /userevents/?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=f847b614-1c7e-4da3-984f-7e674464b0b6&url=http%3A%2F%2Fsoymariocorona.com%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://soymariocorona.com
Connection: keep-alive
Referer: http://soymariocorona.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 09:34:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://app.clickfunnels.com/userevents?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=f847b614-1c7e-4da3-984f-7e674464b0b6&url=http%3A%2F%2Fsoymariocorona.com%2F
CF-Ray: 74e1cdb92cdbb529-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 301 Moved Permanently
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: 1dbbea14a4cbb5d2175111a20a21bf22
X-Runtime: 0.009402
Set-Cookie: __cf_bm=ZfER9vpVWf2sWkbKKWaQFX92ws8PbzNmDCczBboTw5E-1663752851-0-AfI93ihowY3ggdFD8brZA1EoRuZ1DxBUR6h3WC+PpSGVH+AENaptm7c8er9kUvLJlBYXvZWgRHEtX4ds1Dw0VxwG3nb95m1OtEvauLEMQfjF; path=/; expires=Wed, 21-Sep-22 10:04:11 GMT; domain=.clickfunnels.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
54.189.157.130101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.157.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qDr0EjvaeM8QKzPpzGix7w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Q0M2Y1dKtEaEtIqRrs33cTO7AOQ=
assets.clickfunnels.com/images/closemodal.png
104.16.15.194200 OK 672 B URL HTTP/2 assets.clickfunnels.com/images/closemodal.png
IP 104.16.15.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 19754ed4d508cf576c80cf36e0db8c50
f459beac714e5be68aa75349fa806a5642af456a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
GET /images/closemodal.png HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Cookie: __cf_bm=Sq513X0mTkEsZOD6uhQPL1jM1OEuKZsUDOUmesQuEeQ-1663752850-0-AZWS2ODuEyQi/3SXfMOgtt0NWurgrySbkWvBM2tGBvCsDAWECF2MspRiIDwKSISYTyrsT/WXVj21DYJ5DSPrkQocn2/a6JQuw8Fqc/raezjP
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:34:11 GMT
content-type: image/webp
content-length: 672
cf-ray: 74e1cdbafa06b51b-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 561893
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "630e9cfc-314"
expires: Sat, 22 Oct 2022 09:34:11 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
server: cloudflare
X-Firefox-Spdy: h2
www.clickfunnels.com/cf.js
104.16.15.194200 OK 22 kB URL HTTP/2 www.clickfunnels.com/cf.js
IP 104.16.15.194:0
Hash d091f4fbcba85a0140b9ea1ad066c609
c08cfbf7bf43f51ca0b11ea93da14e2c6ac7c12f
5315047f4b6360b83d3bf635c2918e770e8dcf0f95ecbbb3059864acc212c595
GET /cf.js HTTP/1.1
Host: www.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://soymariocorona.com/
Connection: keep-alive
Cookie: __cf_bm=Sq513X0mTkEsZOD6uhQPL1jM1OEuKZsUDOUmesQuEeQ-1663752850-0-AZWS2ODuEyQi/3SXfMOgtt0NWurgrySbkWvBM2tGBvCsDAWECF2MspRiIDwKSISYTyrsT/WXVj21DYJ5DSPrkQocn2/a6JQuw8Fqc/raezjP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:34:11 GMT
content-type: application/x-javascript
cf-ray: 74e1cdb9f8eab51b-OSL
access-control-allow-origin: *
etag: W/"632a4cc7-476a"
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 21 Sep 2022 09:34:12 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 22
x-timer: S1663752852.231221,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 37b6097226b409c237ef99f1da688e60
71ab02ee2fd165ba99e9b964a1a3e5055c88224b
ab0e339aa9b34926c6fb4e1191e121febe026996f1cb0bc05ecb187a69653282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4458
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:34:12 GMT
Last-Modified: Wed, 21 Sep 2022 08:19:54 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2111&ck=1&ref=http://soymariocorona.com/&ap=259&be=404&fe=1512&dc=1214&perf=%7B%22timing%22:%7B%22of%22:1663752850126,%22n%22:0,%22f%22:-5,%22dn%22:-5,%22dne%22:-3,%22c%22:-3,%22ce%22:155,%22rq%22:160,%22rp%22:330,%22rpe%22:330,%22dl%22:376,%22di%22:1201,%22ds%22:1214,%22de%22:1339,%22dc%22:1511,%22l%22:1511,%22le%22:1631%7D,%22navigation%22:%7B%7D%7D&fcp=726&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2111&ck=1&ref=http://soymariocorona.com/&ap=259&be=404&fe=1512&dc=1214&perf=%7B%22timing%22:%7B%22of%22:1663752850126,%22n%22:0,%22f%22:-5,%22dn%22:-5,%22dne%22:-3,%22c%22:-3,%22ce%22:155,%22rq%22:160,%22rp%22:330,%22rpe%22:330,%22dl%22:376,%22di%22:1201,%22ds%22:1214,%22de%22:1339,%22dc%22:1511,%22l%22:1511,%22le%22:1631%7D,%22navigation%22:%7B%7D%7D&fcp=726&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2111&ck=1&ref=http://soymariocorona.com/&ap=259&be=404&fe=1512&dc=1214&perf=%7B%22timing%22:%7B%22of%22:1663752850126,%22n%22:0,%22f%22:-5,%22dn%22:-5,%22dne%22:-3,%22c%22:-3,%22ce%22:155,%22rq%22:160,%22rp%22:330,%22rpe%22:330,%22dl%22:376,%22di%22:1201,%22ds%22:1214,%22de%22:1339,%22dc%22:1511,%22l%22:1511,%22le%22:1631%7D,%22navigation%22:%7B%7D%7D&fcp=726&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:34:12 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74e1cdc00ae3b51d-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=7572d341003e76ec; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13229
Expires: Wed, 21 Sep 2022 13:14:41 GMT
Date: Wed, 21 Sep 2022 09:34:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13229
Expires: Wed, 21 Sep 2022 13:14:41 GMT
Date: Wed, 21 Sep 2022 09:34:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13229
Expires: Wed, 21 Sep 2022 13:14:41 GMT
Date: Wed, 21 Sep 2022 09:34:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4eb6d1b35f680bfec656941b6167fd23
344c6000dbdafdb5105edc93a082d640c3e95ddc
67fc85fa0f1a55d57ab9db6f4c723fb9116ef3b2c5282dbdd42d9c37396bd7b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8826
x-amzn-requestid: cf0c711e-4ec9-4f87-a60f-41374262a114
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYweUHIyoAMFYQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202df5-17ad5d4e25a754586e531d05;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:15:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OEbpCQXLpTCDZH4OlzVvvsc-bSgbsIoXRgX6f-nKVwJTL5-SVTCHeA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:56:09 GMT
age: 41883
etag: "344c6000dbdafdb5105edc93a082d640c3e95ddc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 14:38:21 GMT
age: 68151
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13229
Expires: Wed, 21 Sep 2022 13:14:41 GMT
Date: Wed, 21 Sep 2022 09:34:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13229
Expires: Wed, 21 Sep 2022 13:14:41 GMT
Date: Wed, 21 Sep 2022 09:34:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29be3958-30ed-4b26-8320-662d71b90880.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29be3958-30ed-4b26-8320-662d71b90880.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34c353f713d6d470480fdeeb5175a123
f073fc7f24465b76b3681c462c60cd047ed67a6a
0449daa32ab4ec32fa999551cc9ab634c46e15891299162cbb4bbaad6ffa4753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29be3958-30ed-4b26-8320-662d71b90880.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7700
x-amzn-requestid: 3cadae91-6101-4072-b654-9da834fe22e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YmPyvHj8oAMFjiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63259344-4f7c9a7a1aca7f89017897fa;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 09:28:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jFAPc59XciJX2cBI16W9NVIHtdS6pO3DYQLdZFNl_MPjoYBIsxoQGw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 13:32:50 GMT
age: 72082
etag: "f073fc7f24465b76b3681c462c60cd047ed67a6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 42654
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:21:54 GMT
age: 40338
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 285c04fe0904d41ab1c0259942fa26ec
3a5ad499b134a33e79d5fe00c7f5c7c098b3ee34
b91184725a4171202201b5478271a3ab361c54a8893b4dee70d941821a2e70a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10293
x-amzn-requestid: 0c8a78d5-44be-47f4-927a-f39b0d0dc86f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yvoh3GT2oAMFvig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63295472-73b322996216171a342783b7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 05:49:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: a7rPEaM9bqheTlQP1Hr5xwHgW8HenLAvoH95TTtGFu0169tsGnheFQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:29:09 GMT
age: 39903
etag: "3a5ad499b134a33e79d5fe00c7f5c7c098b3ee34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=ec2d76b0-064c-49d7-8bab-81f42e93cc05&url=http%3A%2F%2Fsoymariocorona.com%2F
104.16.15.194202 Accepted 3.1 kB URL HTTP/2 app.clickfunnels.com/userevents?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=ec2d76b0-064c-49d7-8bab-81f42e93cc05&url=http%3A%2F%2Fsoymariocorona.com%2F
IP 104.16.15.194:0
File type gzip compressed data, from Unix\012- data
Hash f0db2ce396dcf7abc77ef6bde4c23483
e2ae5eb2d64c7bb775a16e363acdd0abd517ff09
36bc837530982b1c94b55c98526f731c4d83809de752a73c8209949b6f8c3d1a
GET /userevents?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=ec2d76b0-064c-49d7-8bab-81f42e93cc05&url=http%3A%2F%2Fsoymariocorona.com%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://soymariocorona.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 21 Sep 2022 09:34:11 GMT
content-type: text/html
cf-ray: 74e1cdba3959b51b-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: d1e01049799d9139719d22b78e5cfb19
x-runtime: 0.027828
set-cookie: __cf_bm=i3K._TndndgENS4pP1pl77N1d7IugjjALTTWL86sSfU-1663752851-0-AfEteIMXhtuCOE1T3415qbCDr0+BgrzXV+i2oPx8XwEOncovMFj53GI+CVoL+iqPrBsX2Wx260k2DsVZfyRqHVTN7cFGx7ye2YI+E8TOhwxj; path=/; expires=Wed, 21-Sep-22 10:04:11 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
soymariocorona.com/funnels/paused-account/cf-logo.png
192.185.225.126404 Not Found 3.0 kB URL HTTP/1.1 soymariocorona.com/funnels/paused-account/cf-logo.png
IP 192.185.225.126:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (379)
Hash fdbd6bcbff5136f010ca26bb1f20f6ab
16d7e84ee2d211dd70b55e40d5eaf1ab7ea561d0
83d5eaa86712c7c68c563815ae5835a4ccc5ef1d2b058d7a15678c1fd77904b1
GET /funnels/paused-account/cf-logo.png HTTP/1.1
Host: soymariocorona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soymariocorona.com/
Cookie: cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTUwMjk5OTU=:visited=true; cf:visitor_id=5f9d0c9a-5c05-4280-8c6f-db011e9a186a; addevent_track_cookie=0186aca2-f156-449a-d86c-8fb3326414cc
HTTP/1.1 404 Not Found
Date: Wed, 21 Sep 2022 09:34:11 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Upgrade: h2,h2c
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3023
Content-Type: text/html; charset=UTF-8
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP 172.64.133.15:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:34:10 GMT
content-type: text/css
x-amz-id-2: HpuDfuJOnoRBIn1oGWh6kpnFISyPAhBcUuSh2sgaSOixf+diILYpFUsoF1uDkiR93wgKGECAn7k=
x-amz-request-id: F0PPGVAN5CXAHSGM
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28519872
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmRMVrs%2FPOrjBnC%2Fw63%2BBk1OVZTuO8UD2Nxmi8Tyy%2B13X3WFZ9mzqq%2BcRSTrYKuPXO%2FM0lrQnsL1wlPVQmSc%2FTi8rJGKZMqGV9caXyR3%2B1kR87NPy7KNQJgXlJefWefTCjojP0uG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1cdb4bd858885-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/lander.js
104.16.15.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/assets/lander.js
IP 104.16.15.194:0
GET /assets/lander.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:34:10 GMT
content-type: application/x-javascript
cf-ray: 74e1cdb4bab0b51b-OSL
access-control-allow-origin: *
age: 858
cache-control: public, max-age=1200
etag: W/"632a4d03-238fd1"
expires: Wed, 21 Sep 2022 09:54:10 GMT
last-modified: Tue, 20 Sep 2022 23:30:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=uPOmhW.Bj4Xb94K39_7xijnCmHOlBMcRWrGZGV.x6UU-1663752850-0-AYEq2Kz/99iqOo4uPr6Sook4fJc5VV8W3uKewDJ17IXoDCwYLZpBoQJsPEKDl4CsYLnqInpJaRYoqyrvmqq7kVOoRLJo/1AXIr5KPE2RuFMr; path=/; expires=Wed, 21-Sep-22 10:04:10 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/pushcrew.js
104.16.15.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/assets/pushcrew.js
IP 104.16.15.194:0
GET /assets/pushcrew.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:34:10 GMT
content-type: application/x-javascript
cf-ray: 74e1cdb4cabeb51b-OSL
access-control-allow-origin: *
age: 853
cache-control: public, max-age=1200
etag: W/"632a4cc6-27d"
expires: Wed, 21 Sep 2022 09:54:10 GMT
last-modified: Tue, 20 Sep 2022 23:29:10 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=RqSfrnGMrlUH93WkuTHhYaWKXm9Hz_TrH9r8QciIDPI-1663752850-0-AUVjZyPGzk1YCjneEWTKZL0quZazUuAH6YB4+tdrsgY3mfH5xfZZ1sQ6+bRnPusNPXgL00pXImVKbQKWDG4jP2/AXUzhrdqWt65+iIg88ETc; path=/; expires=Wed, 21-Sep-22 10:04:10 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
172.64.156.26200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 172.64.156.26:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://soymariocorona.com
Connection: keep-alive
Referer: http://soymariocorona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:34:10 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1cdb50942b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/userevents/application.js
104.16.15.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/assets/userevents/application.js
IP 104.16.15.194:0
GET /assets/userevents/application.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:34:10 GMT
content-type: application/x-javascript
cf-ray: 74e1cdb49a73b51b-OSL
access-control-allow-origin: *
age: 859
cache-control: public, max-age=1200
etag: W/"632a4cc7-1353"
expires: Wed, 21 Sep 2022 09:54:10 GMT
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=TG4yUlNx2PtSm.4JgSUxrvjITBBuBMTZuZDhjuxm5UU-1663752850-0-AdMqERx51K8SGamHjpEXF48/UMRsb0V4T+FZT2R0JpDu/oh5NOOYnQq8ZhNbh3hHJBCGWw66O+sP0K6LABZwOLkSx2Ixjwd4stZBOx8Coqbk; path=/; expires=Wed, 21-Sep-22 10:04:10 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald+sans-serif%7CHeadland+One%7CLato%7CHeadland+One%7COswald+sans-serif%7CDroid+Sans%7COswald+sans-serif%7CDroid+Sans%7CHeadland+One%7CDroid+Sans%7COswald+sans-serif%7CDroid+Sans%7CHeadland+One%7CDroid+Sans%7COswald+sans-serif%7CDroid+Sans%7CHeadland+One%7CDroid+Sans%7COswald+sans-serif%7CDroid+Sans%7C%7C
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald+sans-serif%7CHeadland+One%7CLato%7CHeadland+One%7COswald+sans-serif%7CDroid+Sans%7COswald+sans-serif%7CDroid+Sans%7CHeadland+One%7CDroid+Sans%7COswald+sans-serif%7CDroid+Sans%7CHeadland+One%7CDroid+Sans%7COswald+sans-serif%7CDroid+Sans%7CHeadland+One%7CDroid+Sans%7COswald+sans-serif%7CDroid+Sans%7C%7C
IP 142.250.74.10:0
GET /css?family=Oswald+sans-serif%7CHeadland+One%7CLato%7CHeadland+One%7COswald+sans-serif%7CDroid+Sans%7COswald+sans-serif%7CDroid+Sans%7CHeadland+One%7CDroid+Sans%7COswald+sans-serif%7CDroid+Sans%7CHeadland+One%7CDroid+Sans%7COswald+sans-serif%7CDroid+Sans%7CHeadland+One%7CDroid+Sans%7COswald+sans-serif%7CDroid+Sans%7C%7C HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 09:34:10 GMT
date: Wed, 21 Sep 2022 09:34:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 09:34:10 GMT
date: Wed, 21 Sep 2022 09:34:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.clickfunnels.com/v1/track?_unique=0.10611836831687949&_uniqueVisitorID=null&_type=WINDOW&_location=ttp%3A//soymariocorona.com/&_title=COPYWRITER%20MARIO%20CORONA&_key=vg6i73ip&_page_key=rjgnxwjulwpg4xec&_fid=10834551&_fspos=13&_fvrs=420&_funnel_stat=0&_location=http://soymariocorona.com/&_referrer=
104.16.15.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/v1/track?_unique=0.10611836831687949&_uniqueVisitorID=null&_type=WINDOW&_location=ttp%3A//soymariocorona.com/&_title=COPYWRITER%20MARIO%20CORONA&_key=vg6i73ip&_page_key=rjgnxwjulwpg4xec&_fid=10834551&_fspos=13&_fvrs=420&_funnel_stat=0&_location=http://soymariocorona.com/&_referrer=
IP 104.16.15.194:0
GET /v1/track?_unique=0.10611836831687949&_uniqueVisitorID=null&_type=WINDOW&_location=ttp%3A//soymariocorona.com/&_title=COPYWRITER%20MARIO%20CORONA&_key=vg6i73ip&_page_key=rjgnxwjulwpg4xec&_fid=10834551&_fspos=13&_fvrs=420&_funnel_stat=0&_location=http://soymariocorona.com/&_referrer= HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://soymariocorona.com
Connection: keep-alive
Referer: http://soymariocorona.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:34:11 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 74e1cdbb0a1ab51b-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 9e164678a4777de0eb542e98ec2c0627
x-runtime: 0.017220
set-cookie: __cf_bm=_q2QpQB8t4_szIBYFJCMIb4_9okIRDmyOuAVbH0jyvQ-1663752851-0-ARcns386k+OlyVEoGA1WWP9Lo4RFjOUozcAkj4jpwzpN4Huk9wnn6fWxuR4j2PqjH+RaATUpsKRWjDm1ZfbhU0iA7zUZPgZajp9cpoXC1cVT; path=/; expires=Wed, 21-Sep-22 10:04:11 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.clickfunnels.com/favicon.ico
104.16.15.194200 OK 0 B URL HTTP/2 www.clickfunnels.com/favicon.ico
IP 104.16.15.194:0
GET /favicon.ico HTTP/1.1
Host: www.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Cookie: __cf_bm=Sq513X0mTkEsZOD6uhQPL1jM1OEuKZsUDOUmesQuEeQ-1663752850-0-AZWS2ODuEyQi/3SXfMOgtt0NWurgrySbkWvBM2tGBvCsDAWECF2MspRiIDwKSISYTyrsT/WXVj21DYJ5DSPrkQocn2/a6JQuw8Fqc/raezjP
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:34:12 GMT
content-type: image/x-icon
cf-ray: 74e1cdbe3d93b51b-OSL
access-control-allow-origin: *
age: 1956
etag: W/"632a4cc7-3aee"
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/assets/lander.css
104.16.15.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/assets/lander.css
IP 104.16.15.194:0
GET /assets/lander.css HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:34:10 GMT
content-type: text/css
cf-ray: 74e1cdb48a67b51b-OSL
access-control-allow-origin: *
age: 859
cache-control: public, max-age=1200
etag: W/"632a4cc7-6a514"
expires: Wed, 21 Sep 2022 09:54:10 GMT
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=NMpajGkuMzYENGPsmMNbM0tOcka_7VVb._QAHkujGEg-1663752850-0-Ae5UqJXxF+67dPlfHfusQTiAjcOer7U/R0cQgI7q6tLFc1ibXCU8BqsLJA292Cr5oTrLAuF1OZ9K1U0X6FWMuV4SeTtCtvIP7zgyPUW0iKLb; path=/; expires=Wed, 21-Sep-22 10:04:10 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/all.css
IP 172.64.133.15:0
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:34:10 GMT
content-type: text/css
x-amz-id-2: vC8KBN503iyWKZzHxfJc5rs99Ocw4DSTaifdaL1SsWTbuhhIHZc4Cm+BPlh6dJ7ueugjQrc5cWE=
x-amz-request-id: F0PHW7H6699FG8TW
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28519872
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wa2mN9Rza2sfBxN09Q%2FU7bK2yzWJLDvZnjyFdGS4T7hu84N4%2Fb3Qsw7L%2BIM76CNUAIJWDXbKz8brf%2FiRZeMmE2lsoiQbzhZrQXOPnSvJFu1NH53QNZybbOf4v1wMqifIPpH3iTjn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1cdb4bd7e8885-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.clickfunnels.com/cf.js
104.16.15.194301 Moved Permanently 0 B URL HTTP/2 app.clickfunnels.com/cf.js
IP 104.16.15.194:0
GET /cf.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Cookie: __cf_bm=Sq513X0mTkEsZOD6uhQPL1jM1OEuKZsUDOUmesQuEeQ-1663752850-0-AZWS2ODuEyQi/3SXfMOgtt0NWurgrySbkWvBM2tGBvCsDAWECF2MspRiIDwKSISYTyrsT/WXVj21DYJ5DSPrkQocn2/a6JQuw8Fqc/raezjP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 21 Sep 2022 09:34:11 GMT
content-type: text/html
location: https://www.clickfunnels.com/cf.js
cf-ray: 74e1cdb8ffb9b51b-OSL
access-control-allow-origin: *
age: 1115
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=f847b614-1c7e-4da3-984f-7e674464b0b6&url=http%3A%2F%2Fsoymariocorona.com%2F
104.16.15.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=f847b614-1c7e-4da3-984f-7e674464b0b6&url=http%3A%2F%2Fsoymariocorona.com%2F
IP 104.16.15.194:0
GET /userevents?funnel_id=VGJQSllsRnd0SVR4Rk0rd1VoSWRVdz09LS1ocDVDRU1EMVVpay9zcDhKbFdVeWlnPT0%3D--0cbaf9835c6ee16cdeebf7bbeb18c8d457f8b45d&page_id=a2k1aGpvejNVMXh3dXBqd2JpQTh1UT09LS1OTG9XaHJwRGxza21DZWUrZmpEaDZ3PT0%3D--a689e076cc6f8f1a5d435f93cbb96104b35bdd53&funnel_step_id=ZE5NeWNMc0t2S21VMjZ2VG5hWjNaUT09LS15QVR6dlpsOW12Y3FVU3JDOWxCOXd3PT0%3D--43e589968b93f5f09d42c1eec28362055bcf866d&user_id=bjJ2VmNnRGRBMnB0NDMwSmVJYXFHUT09LS1vTG96bVFNMzVEa2twSk9kdnVlaWZBPT0%3D--34aad6a559220c57da3a820b9f42d3b59484f950&account_id=UkJWSHRteXBLTUlabGptcWhpNGhVUT09LS12OUlLbXFzWGNYS2kyMXNRajh4N2hRPT0%3D--dedbafd14b0113fb5a884a5ac0ab4ac3328607c9&page_code=NTUwMjk5OTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=f847b614-1c7e-4da3-984f-7e674464b0b6&url=http%3A%2F%2Fsoymariocorona.com%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://soymariocorona.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 21 Sep 2022 09:34:11 GMT
content-type: text/html
cf-ray: 74e1cdba5979b51b-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 68577055f5b7fcbf0bd5f0dc7ff7a5c9
x-runtime: 0.031584
set-cookie: __cf_bm=GjAXZUOH61vyjAjD.7pAYpJXucGkGw8kBNd8WkaGf9k-1663752851-0-AaZ1GePJjo/yM0L8gPnse1NEeH/sR848C97jycmzHSgJi5TrH+rOFrR93fjfMpMCNXN6Kl0BEagAYs5Zv+bdnwdkoQvP3Rsiixol32nXJGoC; path=/; expires=Wed, 21-Sep-22 10:04:11 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
app.clickfunnels.com/mailcheck.min.js
104.16.15.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/mailcheck.min.js
IP 104.16.15.194:0
GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soymariocorona.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:34:10 GMT
content-type: application/x-javascript
cf-ray: 74e1cdb4cab2b51b-OSL
access-control-allow-origin: *
age: 6158
etag: W/"632a4cc7-a8d"
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=TVldRounwxVhtagMngHu4RshtXf0b2cYfzyQa8n6el4-1663752850-0-AQTKrUalJOdbdHY6KOOduzebJFxKHjcF2Y59cCTkWtiqQJFkwTAIdOsMGnMcNiiyuL16TabunxyF1RXJb6NxXFvuOB/+5A9f7yWIilDtC+b3; path=/; expires=Wed, 21-Sep-22 10:04:10 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2