urlscan.io logo urlscan.io
SecurityTrails logo

app.funnel-preview.com Open in urlscan Pro
104.16.12.194  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://short.gy/UxEDx4
Effective URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa7...
Submission: On June 02 via manual from SE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 15 domains to perform 19 HTTP transactions. The main IP is 104.16.12.194, located in and belongs to CLOUDFLARENET, US. The main domain is app.funnel-preview.com. The Cisco Umbrella rank of the primary domain is 722444.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 31st 2021. Valid for: a year.
This is the only time app.funnel-preview.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 1 52.59.165.42 16509 (AMAZON-02)
1 1 85.248.226.5 5578 (AS-BENEST...)
2 104.16.12.194 13335 (CLOUDFLAR...)
4 104.16.15.194 13335 (CLOUDFLAR...)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 142.250.185.202 15169 (GOOGLE)
1 104.21.91.123 13335 (CLOUDFLAR...)
1 104.18.47.230 13335 (CLOUDFLAR...)
1 142.250.186.131 15169 (GOOGLE)
1 151.101.112.193 54113 (FASTLY)
1 67.202.114.212 32748 (STEADFAST)
2 157.240.20.19 32934 (FACEBOOK)
1 151.101.130.137 54113 (FASTLY)
1 162.247.243.146 13335 (CLOUDFLAR...)
19 13
1    52.59.165.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: eu-ip-1.short.io
short.gy
1    85.248.226.5 (Považská Bystrica, Slovakia)

ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK)
PTR: promachos.platon.sk
ix.sk
2    104.16.12.194 (None, )

ASN13335 (CLOUDFLARENET, US)
app.funnel-preview.com
4    104.16.15.194 (None, )

ASN13335 (CLOUDFLARENET, US)
app.clickfunnels.com
images.clickfunnels.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
1    104.21.91.123 (None, )

ASN13335 (CLOUDFLARENET, US)
taran.one
1    104.18.47.230 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
fonts.gstatic.com
1    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    67.202.114.212 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
2    157.240.20.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
static.xx.fbcdn.net
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
Apex Domain
Subdomains		 Transfer
4 clickfunnels.com
app.clickfunnels.com — Cisco Umbrella Rank: 33473
images.clickfunnels.com — Cisco Umbrella Rank: 85693
738 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 611
3 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 818
17 KB
2 funnel-preview.com
app.funnel-preview.com — Cisco Umbrella Rank: 722444
14 KB
1 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 346
1 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 347
14 KB
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 14509
30 B
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5562
9 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1125
5 KB
1 taran.one
taran.one
11 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
3 KB
1 ix.sk
ix.sk
449 B
1 short.gy
short.gy — Cisco Umbrella Rank: 383409
355 B
0 addevent.com Failed
track.addevent.com Failed
19 15
Domain Requested by
3 app.clickfunnels.com app.funnel-preview.com
2 static.xx.fbcdn.net app.funnel-preview.com
2 use.fontawesome.com app.funnel-preview.com
2 app.funnel-preview.com static.cloudflareinsights.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com app.funnel-preview.com
1 whos.amung.us app.funnel-preview.com
1 i.imgur.com app.funnel-preview.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.cloudflareinsights.com app.funnel-preview.com
1 images.clickfunnels.com app.funnel-preview.com
1 taran.one app.funnel-preview.com
1 fonts.googleapis.com app.funnel-preview.com
1 ix.sk 1 redirects
1 short.gy 1 redirects
0 track.addevent.com Failed app.funnel-preview.com
19 16

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-31 -
2022-08-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
*.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2022-05-18 -
2023-06-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-11 -
2022-06-09		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Frame ID: 860D8BB370D59CFE18A76D41D413D113
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Logga in på Facebook för att titta på videon

Page URL History Show full URLs

  1. https://short.gy/UxEDx4 HTTP 302
    https://ix.sk/xJQ75 HTTP 301
    https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

15
Domains

16
Subdomains

13
IPs

5
Countries

860 kB
Transfer

3029 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://short.gy/UxEDx4 HTTP 302
    https://ix.sk/xJQ75 HTTP 301
    https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fotrtoo1651224190560
app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/
Redirect Chain
  • https://short.gy/UxEDx4
  • https://ix.sk/xJQ75
  • https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
45 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
be4615b3108e5e1cc5edd736df8d0cf3835b9e968ca5ea3930b818bcebcc7a2c
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store
cf-cache-status
BYPASS
cf-ray
714c4a270e0aefe8-TLL
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 02 Jun 2022 01:07:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
status
200 OK
strict-transport-security
max-age=0
vary
Accept-Encoding
x-frame-options
ALLOWALL
x-powered-by
Phusion Passenger Enterprise 6.0.7
x-rack-cache
miss
x-request-id
2d1f5b6811da5dc8bb65d78bd9f0da71
x-runtime
0.317892

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Thu, 02 Jun 2022 01:07:00 GMT
Location
https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Server
nginx
X-Powered-By
PHP/5.4.45-0+deb7u14
lander.css
app.clickfunnels.com/assets/ 		425 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/lander.css
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 01:07:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
454
last-modified
Thu, 26 May 2022 21:52:55 GMT
server
cloudflare
etag
W/"628ff6b7-6a514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
714c4a2be911abf0-TLL
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Thu, 02 Jun 2022 01:27:01 GMT
all.css
use.fontawesome.com/releases/v5.9.0/css/ 		55 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 01:07:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17430
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
QMSQQ7AKRF0E2R1K
x-amz-id-2
aQF5zQmT1UaLrtr2A8PB4TSACeXeChiKrL2pWFpHC+C2yDMGDaRUP2KrSN96YPgWg68LgXvH02c=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"dbf9d822cefe851ba6f66e1ad57e8987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6mlKO0o2TPUDvCdKX2pgno6cUV8pElbC687WQwl8cjxcNF9VW%2B0z%2BoiEEvwzleXJTW8MPZbtJMcSv06bIg5c65ezkq6oHueBZTucRb8g%2FatPJJ0Sk2MnGN4JJQu%2F6OvPpWzYRc4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
714c4a2b9ee2abd2-CPH
v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 01:07:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28267287
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
WHWMMY98DPBNBX4Y
x-amz-id-2
XE1qaBcAnjTc5Nkzzc4+vsAPe/JuEyX81uLZrXBM+Ys9D3kYoJD4g6XyKvrW0Oerw4UAZTqFqAo=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"e140a7d32f343530f016095df3cc2ae4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wp%2FGxxBr6AxJhFotkIrZJ%2B%2FJO0Tagnr1J9Leu5tnj6mwE2WejNmAA5C0RtbNeECDWRVMhSmtk5cZVpEn5HiwCwXI8rYGeDxOUhy%2B5HTyu1t7RxCXd%2FrnslKwHzHE%2BNB52iPLV7YY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
714c4a2b9ee4abd2-CPH
css
fonts.googleapis.com/ 		45 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
be649d327966b2a111b40dcce70e081e4275c13f9da6ed872d501e88d5b65687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 02 Jun 2022 00:09:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 02 Jun 2022 01:07:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Jun 2022 01:07:01 GMT
/
taran.one/ 		45 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://taran.one/?token=U2FsdGVkX18HGMF5i%2F3kliNulef9u838g4DLcfEKvV8LAF6w%2FCZHv1FITowkrggPyJI3ErTOIYbvK%2Fm2oGUTqQ%3D%3D
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.91.123 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6abab21e81e6549fe68408462613997dbddabd2ca08aec6e5b71566534c709d1

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 01:07:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkWQmsaqyvsk1%2FvtMie6mXQ01P2IWkclb6I1G4C%2BWUOjTkw90jmN8LI%2BoRpPVW24aSZngii9ROH3XEohAGf8YV1hdRXGJEOz5Yd4inwZyfIzRMK6dPmdTnAxdhE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
714c4a2bfc661d1a-CPH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lander.js
app.clickfunnels.com/assets/ 		2 MB
661 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/lander.js
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
025e4337e3c0b187ad9311ba6245f342852379ba27ea3e0ed63b6ad2d13ceb17
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 01:07:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
589
last-modified
Thu, 26 May 2022 21:54:43 GMT
server
cloudflare
etag
W/"628ff723-238a19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
714c4a2be913abf0-TLL
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Thu, 02 Jun 2022 01:27:01 GMT
ClickfunnelsTag.png
images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 01:07:01 GMT
cf-cache-status
HIT
age
1162
cf-polished
origFmt=png, origSize=9030
cf-ray
714c4a2f2ef7abf0-TLL
last-modified
Fri, 03 Jan 2020 17:41:49 GMT
content-disposition
inline; filename="ClickfunnelsTag.webp"
content-length
5276
x-amz-id-2
mJQMkUgIMuMK+4LTt6yAODXRq/xF1QMfL+c8Lqe0+wnTdqQPWIvjw2BMQfWwQrheD8RoOoNt0eU=
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"a633777156a5ffeb58c92d3d59fa4e34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
G62PEHXK7ZDNMW8Y
cache-control
public, max-age=2073600
accept-ranges
bytes
content-type
image/webp
expires
Sun, 26 Jun 2022 01:07:01 GMT
pushcrew.js
app.clickfunnels.com/assets/ 		637 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/pushcrew.js
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 01:07:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
209
last-modified
Thu, 26 May 2022 21:52:54 GMT
server
cloudflare
etag
W/"628ff6b6-27d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
714c4a2fbfdaabf0-TLL
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Thu, 02 Jun 2022 01:27:01 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.47.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://app.funnel-preview.com/
Origin
https://app.funnel-preview.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 01:07:01 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
714c4a30ed1495fa-ARN
truncated
/ 		26 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.funnel-preview.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 12:16:38 GMT
x-content-type-options
nosniff
age
219024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 12:16:38 GMT
wCOStwT.png
i.imgur.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/wCOStwT.png
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
0c4fbfd9d019d99f3e026fe0a41e5158bb3ec85c8c634d25328e4862559fc784
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 01:07:02 GMT
x-content-type-options
nosniff
age
736351
x-cache
HIT, HIT
content-length
9180
x-served-by
cache-iad-kiad7000154-IAD, cache-hhn4036-HHN
last-modified
Mon, 08 Mar 2021 04:50:40 GMT
server
cat factory 1.0
x-timer
S1654132022.326415,VS0,VE1
etag
"168c57cb0a4861565d8db5b896f40218"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
15, 1
/
whos.amung.us/pingjs/ 		30 B
30 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whos.amung.us/pingjs/?k=losiluminati&t=DJCAKELAPARA&x=https://panelfbs.me
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.114.212 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 01:07:02 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
/
track.addevent.com/atc/ 		0
0
5NR43BsYs8o.png
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/5NR43BsYs8o.png
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
9615b777212478a41835e410c9897cd544b98c5473b7b73cbec777f1db2d5404
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 01:07:02 GMT
x-content-type-options
nosniff
content-md5
zS7nNbuF+qoavNDFbgWDdA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1307
x-fb-rlafr
0
x-fb-debug
q5pt3Uz6qarJpohc+ExuefJSBLycG92ZhVXhed0QYl3tuv1U68q3k46n8rSUk+lIPqzrIMEJdt8WIvKAHEblBw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 27 May 2023 01:56:20 GMT
lqbz1hqlAFx.png
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/lqbz1hqlAFx.png
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
0fd58536eb089f2060e86f14e60ef83f68169fbe34d95f8cdc2ad60abe4bb8c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 01:07:02 GMT
x-content-type-options
nosniff
content-md5
8kNJ+LeRDyhmr8oF+ZZjoQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1364
x-fb-rlafr
0
x-fb-debug
Oi83iMJEfkHIki/LUaBFbfK6lA3m9HtR+f8WMHN3bkmyfUbzFiUT72utiikt8ySDDlqd6WSFZoV20xlbwlllmQ==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 22 May 2023 03:25:10 GMT
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
4AV5AVKCCR961CNG
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-served-by
cache-bma1679-BMA
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1654132023.659091,VS0,VE0
date
Thu, 02 Jun 2022 01:07:02 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
914
rum
app.funnel-preview.com/cdn-cgi/ 		0
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.funnel-preview.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560?updated_at=7dc45e68dfe42114a4a329aa78470923v2&track=0&preview=true
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type
application/json

Response headers

date
Thu, 02 Jun 2022 01:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://app.funnel-preview.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
714c4a354aa0efe8-TLL
vary
Origin
NRJS-fc902efb332119fff33
bam-cell.nr-data.net/1/ 		49 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3084&ck=1&ref=https://app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com/fotrtoo1651224190560&ap=320&be=1285&fe=2974&dc=2517&perf=%7B%22timing%22:%7B%22of%22:1654132019609,%22n%22:0,%22f%22:610,%22dn%22:611,%22dne%22:624,%22c%22:624,%22s%22:656,%22ce%22:696,%22rq%22:696,%22rp%22:1264,%22rpe%22:1268,%22dl%22:1268,%22di%22:2516,%22ds%22:2517,%22de%22:2554,%22dc%22:2974,%22l%22:2974,%22le%22:2978%7D,%22navigation%22:%7B%7D%7D&fp=2518&fcp=2518&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 01:07:02 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Connection
keep-alive
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nwXLHLuKg2J8zVmrtuUY%2FIXigiYa3lFMDdlKOYY6Mia3LD6Q06kt7ecahzxRbzo%2FaIV7r%2BwpN7rqUGRstigZIakvIxPfv09oQ659oRb1u%2BFoM3wu2NEfGUEO6%2BsQutqW2ClvXWO"}],"group":"cf-nel","max_age":604800}
Content-Type
text/javascript
Access-Control-Allow-Origin
*
access-control-allow-credentials
true
CF-Ray
714c4a36a90a15f0-ARN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
track.addevent.com
URL
https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=6725fe38-4747-4a9d-756a-43b193e09e6b&url=https%3A%2F%2Fapp.funnel-preview.com%2Ffor_domain%2Fsojodep120.clickfunnels.com%2Ffotrtoo1651224190560%3Fupdated_at%3D7dc45e68dfe42114a4a329aa78470923v2%26track%3D0%26preview%3Dtrue&cache=1654132022123

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| NREUM object| newrelic function| __nr_require object| data function| _0x38e3 function| _0x1342 function| _0x948242 function| _0x5e7b function| checkbody function| insertHtml function| init string| CFAppDomain boolean| domainIsCFInternal function| ouibounce function| CFbuildAudioPlayer function| evsfix function| calcTax function| cfStripeTokenHandler function| cfStripePaymentIntentFormAdder function| cfCreateElements function| cfCreateiDEALSource function| cfProcessiDEALSourceRedirect function| cfSaveiDEALSourceInfo function| cfPopulateFormForiDEAL function| cfCreateStripeToken function| cfHandlePaymentUsingSetupIntent function| cfOrderErrorMessage function| cfHandlePaymentUsingPaymentIntent function| shouldUsePaymentIntentFlow function| cfCreateStripePaymentMethod function| cfTransformStripeToken function| cfElementsFindFont function| cleanupLocalStorage function| cfHandleiDEALRedirect function| AttachStripeElements function| prettyNotify function| start_firebase function| displayPageNotifier function| start_page_notifier function| start_firebase_quantity_limiter function| readCookie function| CFExtractPayPalButtonConfiguration function| CFPaySelectPaypalTransactions function| PaySelectInit function| recalcRoundUp function| addCharityToSummary function| addSaasRedirectClickHandler function| CFInfusionsoftTokenizationHandler function| webinarDelay function| cookieWebinarTime function| getWebinarLastTime function| reportWebinarTime function| periodicAutoWebinarCheck function| periodicLessonCheck function| reportLessonProgress function| CFSanitizeCountdownElement function| CFstartBPVideos function| CFprocessBPVideos function| CFcheckForVimeo function| CFhandleWistiaBPVideo function| CFhandleAllVimeoBPVideos function| CFhandleAllYouTubeBPVideos function| CFhandleVideoLabels function| CFsetupSessionStarterBP function| CFsetupMutedVideos function| CFrenameVimeoURLAttribute undefined| checkPreview undefined| cookie_variable undefined| tag undefined| firstScriptTag undefined| elVideo_one undefined| elVideo_two undefined| elVideo_three undefined| elVideo_four undefined| elVideo_type undefined| elVideo_show undefined| elVideo_hide undefined| elVideo_numberofvideos undefined| gettheType_unlocker undefined| player undefined| playVideoText undefined| pauseVideoText undefined| playingVideoText undefined| lockedVideoText undefined| CFSurveyParticipantID boolean| cfpeorders function| recurlyDateHandler function| recurlyNameHandler function| recurlyCountryHandler number| CF_KEYCODE_ENTER number| CF_KEYCODE_SPACE undefined| checkifPreview_randomCookie undefined| elCheckVideoEndType undefined| unlockVideoDate undefined| checkifUnlockableDate undefined| checkifUnlockableEverGreenDate undefined| everGreenDates undefined| onYouTubeIframeAPIReady undefined| elUnlocker_startVideo undefined| onPlayerReady undefined| elvideounlockerProgress undefined| elUnlocker_changeVideo undefined| onPlayerStateChange undefined| runAnimationFade undefined| runAnimationScale undefined| runAnimationLeft undefined| runAnimationRight undefined| runAnimationTop undefined| runAnimationBottom function| getURLParameter function| cfpeRebuildOrderSummary function| formatRecurlyExpirationDate function| validateRecurlyExpirationDate function| $ function| jQuery function| moment object| jQuery18107895578239148477 function| JQClass function| tinycolor function| generateUniqueId object| CFUtils object| ClickFunnels function| _ object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer function| videojs function| _V_ function| $d string| proc string| _image_path string| _ate_license boolean| _ate_mouse string| _ate_css string| _ate_callback string| _ate_dropdown string| _ate_lbl_outlook string| _ate_lbl_google string| _ate_lbl_yahoo string| _ate_lbl_hotmail string| _ate_lbl_ical string| _ate_lbl_fb_event boolean| _ate_show_outlook boolean| _ate_show_google boolean| _ate_show_yahoo boolean| _ate_show_hotmail boolean| _ate_show_ical boolean| _ate_show_facebook boolean| _d_rd boolean| _ate_btn_found boolean| _ate_btn_expo object| addthisevent function| postscribe object| I18n object| Clickfunnels function| calcShipping undefined| cfStripeElementsCardElement function| Firebase function| ES6Promise object| cookieconsent object| options function| track_capi object| cfFacebookInitOptions function| fbAsyncInit function| getURLParameterExact function| callbackFunction object| _pcq object| __cfBeacon object| cfpe object| getVars object| $cfSurvey_outcome object| CFSurveyQueryOutcome undefined| target undefined| str undefined| checkVideoAttr undefined| showVideoBG string| $url object| $queries undefined| $utm_source undefined| $pID undefined| $rootID undefined| $variantcheck undefined| $userID undefined| $iframeCheck string| $requiredCheck object| SurveyMatcher undefined| $carContestProgress string| $todayYear string| $localTime string| $autoWebinarDay1 string| $autoWebinarDay1_raw string| $selectText string| $autoWebinarDay0 string| $autoWebinarDay0_raw string| $replayText string| $autoWebinarDay2 string| $autoWebinarDay2_raw string| $autoWebinarDay3 string| $autoWebinarDay3_raw undefined| date undefined| time object| webinar_datetime object| webinar_datetime_offset object| now object| now_offset number| webinar_delay object| webinar_delay_offset boolean| $removeSelectDateOnAutoWebinar

9 Cookies

Domain/Path Name / Value
app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com Name: addevent_track_cookie
Value: 6725fe38-4747-4a9d-756a-43b193e09e6b
app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com Name: updated_at
Value: 7dc45e68dfe42114a4a329aa78470923v2
app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com Name: track
Value: 0
app.funnel-preview.com/for_domain/sojodep120.clickfunnels.com Name: preview
Value: true
ix.sk/ Name: user
Value: QcnN1XmQEx7jfxe71ygqZR7B4MqAMujD
.funnel-preview.com/ Name: _etison_sessions_dcs_v2
Value: 0b76a5a7deae5c60386568335dad3ca4
.app.funnel-preview.com/ Name: __cf_bm
Value: 6zTwA0YYpQE6TF1qd7Qo3YqrxJk_rtjm_Srjvjz5AGw-1654132020-0-AV99AG/PgjjyeuKIbBTU5OmCwPYWoHs/U2LfM2NsqsQOU2pHCTy6Mi1H9J/IoV87ucYdlGyNwXsi7s4gKa7ATokIBAtr9OKW2simxdRgqavZ
.clickfunnels.com/ Name: __cf_bm
Value: OpeOXWHr2RlwYiNypPUMNLU2zy04EdVcpXciEMPRrp4-1654132021-0-AfOB5JptSxZ/DBOV8tTxpXgDCCV7vsbCgQhQ6Due8uNOMk2YmYn+mZ386tNgbtGnQsVUb4DyuGU4HnSmmJdH8O7seE8EJn1xENzr5o+e0F50
.nr-data.net/ Name: JSESSIONID
Value: 3918d1840812f34e

1 Console Messages

Source Level URL
Text
network error URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=6725fe38-4747-4a9d-756a-43b193e09e6b&url=https%3A%2F%2Fapp.funnel-preview.com%2Ffor_domain%2Fsojodep120.clickfunnels.com%2Ffotrtoo1651224190560%3Fupdated_at%3D7dc45e68dfe42114a4a329aa78470923v2%26track%3D0%26preview%3Dtrue&cache=1654132022123
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.clickfunnels.com
app.funnel-preview.com
bam-cell.nr-data.net
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
images.clickfunnels.com
ix.sk
js-agent.newrelic.com
short.gy
static.cloudflareinsights.com
static.xx.fbcdn.net
taran.one
track.addevent.com
use.fontawesome.com
whos.amung.us
track.addevent.com
104.16.12.194
104.16.15.194
104.18.47.230
104.21.91.123
142.250.185.202
142.250.186.131
151.101.112.193
151.101.130.137
157.240.20.19
162.247.243.146
188.114.96.3
52.59.165.42
67.202.114.212
85.248.226.5
025e4337e3c0b187ad9311ba6245f342852379ba27ea3e0ed63b6ad2d13ceb17
0c4fbfd9d019d99f3e026fe0a41e5158bb3ec85c8c634d25328e4862559fc784
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
0fd58536eb089f2060e86f14e60ef83f68169fbe34d95f8cdc2ad60abe4bb8c9
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474
6abab21e81e6549fe68408462613997dbddabd2ca08aec6e5b71566534c709d1
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
9615b777212478a41835e410c9897cd544b98c5473b7b73cbec777f1db2d5404
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
be4615b3108e5e1cc5edd736df8d0cf3835b9e968ca5ea3930b818bcebcc7a2c
be649d327966b2a111b40dcce70e081e4275c13f9da6ed872d501e88d5b65687
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505