urlscan.io logo urlscan.io
SecurityTrails logo

allowflannelmob.com Open in urlscan Pro
192.243.59.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://0a829d.vercel.app/?fbclid=IwAR3DXeR4XpkrKK_fPbNMzXhYZb5gw9K9g0js3ovQ05clpf7tMjOFgaHuG54&h=AT09shh-O87Toa69ldt0Nh3_...
Effective URL: https://allowflannelmob.com/pfnrskvfy?key=5e27bfb62cf0f00b2fdc5a751e0796e4
Submission: On July 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 22 HTTP transactions. The main IP is 192.243.59.13, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is allowflannelmob.com.
TLS certificate: Issued by R3 on July 10th 2023. Valid for: 3 months.
This is the only time allowflannelmob.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 76.76.21.142 16509 (AMAZON-02)
1 209.126.85.168 40021 (CONTABO)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 10 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.240.105.219 46606 (UNIFIEDLA...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
1 192.243.59.13 39572 (ADVANCEDH...)
22 11
1    76.76.21.142 (Walnut, United States)

ASN16509 (AMAZON-02, US)
0a829d.vercel.app
1    209.126.85.168 (United States)

ASN40021 (CONTABO, US)
PTR: vmi964601.contaboserver.net
draks.co
2    2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
1    2606:4700::6810:10c2 (United States)

ASN13335 (CLOUDFLARENET, US)
app.funnel-preview.com
10    2606:4700::6810:fc2 (United States)

ASN13335 (CLOUDFLARENET, US)
app.clickfunnels.com
images.clickfunnels.com
classic.clickfunnels.com
2    2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    162.240.105.219 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-240-105-219.unifiedlayer.com
qil.ykh.mybluehost.me
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2606:4700:4400::ac40:944b (United States)

ASN13335 (CLOUDFLARENET, US)
www.clickfunnels.com
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
allowflannelmob.com
Apex Domain
Subdomains		 Transfer
11 clickfunnels.com
app.clickfunnels.com — Cisco Umbrella Rank: 43045
images.clickfunnels.com — Cisco Umbrella Rank: 87456
www.clickfunnels.com — Cisco Umbrella Rank: 85348
classic.clickfunnels.com — Cisco Umbrella Rank: 155446
747 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1196
17 KB
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 14075
62 B
1 allowflannelmob.com
allowflannelmob.com
817 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1174
7 KB
1 mybluehost.me
qil.ykh.mybluehost.me
440 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
3 KB
1 funnel-preview.com
app.funnel-preview.com — Cisco Umbrella Rank: 376673
20 KB
1 draks.co
draks.co
2 KB
1 vercel.app
0a829d.vercel.app
1 KB
0 addevent.com Failed
track.addevent.com Failed
22 11
Domain Requested by
8 app.clickfunnels.com 1 redirects app.funnel-preview.com
app.clickfunnels.com
2 use.fontawesome.com app.funnel-preview.com
2 whos.amung.us
1 allowflannelmob.com qil.ykh.mybluehost.me
1 classic.clickfunnels.com app.funnel-preview.com
1 www.clickfunnels.com 1 redirects
1 static.cloudflareinsights.com app.funnel-preview.com
1 images.clickfunnels.com app.funnel-preview.com
1 qil.ykh.mybluehost.me app.funnel-preview.com
1 fonts.googleapis.com app.funnel-preview.com
1 app.funnel-preview.com 0a829d.vercel.app
static.cloudflareinsights.com
1 draks.co 0a829d.vercel.app
1 0a829d.vercel.app
0 track.addevent.com Failed app.funnel-preview.com
22 14

This site contains links to these domains. Also see Links.

Domain
highperformancedformats.com
Subject Issuer Validity Valid
*.vercel.app
R3		 2023-07-08 -
2023-10-06		 3 months crt.sh
draks.co
ZeroSSL RSA Domain Secure Site CA		 2023-06-07 -
2023-09-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-06-11 -
2024-06-09		 a year crt.sh
funnel-preview.com
GTS CA 1P5		 2023-07-01 -
2023-09-29		 3 months crt.sh
use.fontawesome.com
GTS CA 1P5		 2023-07-04 -
2023-10-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
qil.ykh.mybluehost.me
ZeroSSL RSA Domain Secure Site CA		 2023-06-12 -
2023-09-10		 3 months crt.sh
allowflannelmob.com
R3		 2023-07-10 -
2023-10-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://allowflannelmob.com/pfnrskvfy?key=5e27bfb62cf0f00b2fdc5a751e0796e4
Frame ID: 973F47134EE94C35923EDDFB2AE1DED6
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://0a829d.vercel.app/?fbclid=IwAR3DXeR4XpkrKK_fPbNMzXhYZb5gw9K9g0js3ovQ05clpf7tMjOFgaHuG54&h=AT09... Page URL
  2. https://app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/optin1689368806891 Page URL
  3. https://allowflannelmob.com/pfnrskvfy?key=5e27bfb62cf0f00b2fdc5a751e0796e4 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

22
Requests

86 %
HTTPS

64 %
IPv6

11
Domains

14
Subdomains

11
IPs

2
Countries

797 kB
Transfer

2939 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://0a829d.vercel.app/?fbclid=IwAR3DXeR4XpkrKK_fPbNMzXhYZb5gw9K9g0js3ovQ05clpf7tMjOFgaHuG54&h=AT09shh-O87Toa69ldt0Nh3_qBDBtRoLBfQN2wnAhiUJvXseF7gkLIPBI_nIrVERZDDnyvB3ll5wIbdNs0udbK_2EXAp3rBbBPUSWrKyiSZgKHmNcDvNn2sEaBPUaMR7rXDbrizQtXNYFjwh8A&__tn__=H-y-R&c.=AT2KjsQVNUkz1xbv4Sq5W39-6zHlKEsjjuUWg9Xz3YhU9Uv_JRhR0ZwZv5M2nn4BWnVp9JZOEUbxLv_zVFD6pVqVJ5jYWO43uq1xXd4TqPkRQ14vpkNh56UtJQCZl8_vTSx6c_MlT6SHp97tYMiJhcIfY5RSN1ude5aEbNjuUvlNpzitVp1BFE11rpX0DyCeArI2aRoZZPCXAqqV Page URL
  2. https://app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/optin1689368806891 Page URL
  3. https://allowflannelmob.com/pfnrskvfy?key=5e27bfb62cf0f00b2fdc5a751e0796e4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://app.clickfunnels.com/cf.js HTTP 301
  • https://www.clickfunnels.com/cf.js HTTP 301
  • https://classic.clickfunnels.com/cf.js

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
0a829d.vercel.app/ 		877 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0a829d.vercel.app/?fbclid=IwAR3DXeR4XpkrKK_fPbNMzXhYZb5gw9K9g0js3ovQ05clpf7tMjOFgaHuG54&h=AT09shh-O87Toa69ldt0Nh3_qBDBtRoLBfQN2wnAhiUJvXseF7gkLIPBI_nIrVERZDDnyvB3ll5wIbdNs0udbK_2EXAp3rBbBPUSWrKyiSZgKHmNcDvNn2sEaBPUaMR7rXDbrizQtXNYFjwh8A&__tn__=H-y-R&c.=AT2KjsQVNUkz1xbv4Sq5W39-6zHlKEsjjuUWg9Xz3YhU9Uv_JRhR0ZwZv5M2nn4BWnVp9JZOEUbxLv_zVFD6pVqVJ5jYWO43uq1xXd4TqPkRQ14vpkNh56UtJQCZl8_vTSx6c_MlT6SHp97tYMiJhcIfY5RSN1ude5aEbNjuUvlNpzitVp1BFE11rpX0DyCeArI2aRoZZPCXAqqV
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e51921a405d1607f2cbebc72798e1a0bd7525c3beb41b47f160a0cc68721f7f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
248841
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-length
877
content-type
text/html; charset=utf-8
date
Sat, 15 Jul 2023 23:16:14 GMT
etag
"3e05e33346d302667fa9ede1de84ca6b"
server
Vercel
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-vercel-cache
HIT
x-vercel-id
fra1::k4lgk-1689462974362-1c5696e85707
fbmultiplepais
draks.co/api/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://draks.co:3069/api/scripts/fbmultiplepais?contador=wanderoliver&owner=wander&isbot=false&before=true&selectedcountry=
Requested by
Host: 0a829d.vercel.app
URL: https://0a829d.vercel.app/?fbclid=IwAR3DXeR4XpkrKK_fPbNMzXhYZb5gw9K9g0js3ovQ05clpf7tMjOFgaHuG54&h=AT09shh-O87Toa69ldt0Nh3_qBDBtRoLBfQN2wnAhiUJvXseF7gkLIPBI_nIrVERZDDnyvB3ll5wIbdNs0udbK_2EXAp3rBbBPUSWrKyiSZgKHmNcDvNn2sEaBPUaMR7rXDbrizQtXNYFjwh8A&__tn__=H-y-R&c.=AT2KjsQVNUkz1xbv4Sq5W39-6zHlKEsjjuUWg9Xz3YhU9Uv_JRhR0ZwZv5M2nn4BWnVp9JZOEUbxLv_zVFD6pVqVJ5jYWO43uq1xXd4TqPkRQ14vpkNh56UtJQCZl8_vTSx6c_MlT6SHp97tYMiJhcIfY5RSN1ude5aEbNjuUvlNpzitVp1BFE11rpX0DyCeArI2aRoZZPCXAqqV
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.126.85.168 , United States, ASN40021 (CONTABO, US),
Reverse DNS
vmi964601.contaboserver.net
Software
/ Express
Resource Hash
ef5362e0dcdb5a8bf8cdd768eb9ebf69bf870539daca8d8253478a1fd340d132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0a829d.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 15 Jul 2023 23:16:15 GMT
Connection
keep-alive
X-Powered-By
Express
Keep-Alive
timeout=5
Transfer-Encoding
chunked
Content-Type
application/javascript
/
whos.amung.us/pingjs/ 		33 B
33 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whos.amung.us/pingjs/?k=wanderoliver&t=LA%20CORBATICA%20DIRECT&c=s&x=https://twitter.com&y=https://twitter.com&a=-1&d=0&v=27&r=5452
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0a829d.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:16:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7e75b64d9da94dc5-FRA
content-type
text/javascript;charset=UTF-8
/
whos.amung.us/pingjs/ 		29 B
29 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whos.amung.us/pingjs/?k=galapin&t=Drakgon%20Industries&c=s&x=https://twitter.com/&y=https://twitter.com/&a=-1&d=0&v=27&r=5294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0a829d.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:16:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7e75b64d9dab4dc5-FRA
content-type
text/javascript;charset=UTF-8
optin1689368806891
app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/ 		62 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/optin1689368806891
Requested by
Host: 0a829d.vercel.app
URL: https://0a829d.vercel.app/?fbclid=IwAR3DXeR4XpkrKK_fPbNMzXhYZb5gw9K9g0js3ovQ05clpf7tMjOFgaHuG54&h=AT09shh-O87Toa69ldt0Nh3_qBDBtRoLBfQN2wnAhiUJvXseF7gkLIPBI_nIrVERZDDnyvB3ll5wIbdNs0udbK_2EXAp3rBbBPUSWrKyiSZgKHmNcDvNn2sEaBPUaMR7rXDbrizQtXNYFjwh8A&__tn__=H-y-R&c.=AT2KjsQVNUkz1xbv4Sq5W39-6zHlKEsjjuUWg9Xz3YhU9Uv_JRhR0ZwZv5M2nn4BWnVp9JZOEUbxLv_zVFD6pVqVJ5jYWO43uq1xXd4TqPkRQ14vpkNh56UtJQCZl8_vTSx6c_MlT6SHp97tYMiJhcIfY5RSN1ude5aEbNjuUvlNpzitVp1BFE11rpX0DyCeArI2aRoZZPCXAqqV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
51b31bf9e9d064423aaa04e5543cf7c3adc20f2962dedc1160ebc53e4d4384e8
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

Referer
https://0a829d.vercel.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
age
210
cache-control
max-age=60, public, s-maxage=600, r-maxage=10
cf-cache-status
HIT
cf-ray
7e75b6548ea837f5-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 15 Jul 2023 23:16:16 GMT
last-modified
Fri, 14 Jul 2023 21:10:42 GMT
server
cloudflare
status
200 OK
strict-transport-security
max-age=0
vary
Accept-Encoding
x-content-digest
0b07ee8def2ba74874b376b414ff55cd1ecd8d94
x-frame-options
ALLOWALL
x-powered-by
Phusion Passenger Enterprise 6.0.7
x-rack-cache
miss, store
x-request-id
f1f96ff81123751a9c4e84aff4451420
x-runtime
0.188761
lander.css
app.clickfunnels.com/assets/ 		425 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/lander.css
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/optin1689368806891
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:16:16 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
age
189
last-modified
Fri, 14 Jul 2023 15:00:25 GMT
server
cloudflare
etag
W/"64b16309-6a514"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-max-age
1728000
cf-ray
7e75b6552cd63644-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sat, 15 Jul 2023 23:36:16 GMT
all.css
use.fontawesome.com/releases/v5.9.0/css/ 		55 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/optin1689368806891
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:16:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6Y8PV89KC9XPDZ8T
age
1127609
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CFX12FCvmZfEL+oB8PSM7BkmXntBiIF/Cy4Nwcxa2rCvbH0f99j2xL2eaLpYcI1CUjOY8b8jPi8=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04cSMO0olUjUFtnJYwscV2FfH%2B3Y6iLUpjE%2BwbyBCR5iXOXQ%2Bk199emNqRPWtyz%2B%2Br2Dz1BrUr8ZyOGChZZVWzputRERiQ4n%2FduPQXRecru3MqkXxxBXOKXDZ%2BT9RgVRSIOrEdEQroIGQsF1HVPTFn%2F3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7e75b65519439bd7-FRA
v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/optin1689368806891
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:16:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
81RM7ZAZRWQF92GM
age
2120830
alt-svc
h3=":443"; ma=86400
x-amz-id-2
cuRDylK4o+FLFSDbApL37V8IeLcTj8n+R0gtutUDFVsJDfPp05zPEH44hNLiM6pdxDMVdETjGQDkFNCMtbe3GQ==
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"e140a7d32f343530f016095df3cc2ae4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20hzt2Ds7EtCfsRF2ZNLWY9LPlybL%2FIIxiXkYqzS91BZ%2BntI62awmSsqVUDpcvHX1ylVKVADewPItBKTSuyKcX1loaWJpW3d2xyl0M%2FyoS2zE34EJXGvxvoLojNliMlvcQI1VW4ZkTew%2B2zkJ%2F99wVls"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7e75b65519449bd7-FRA
css
fonts.googleapis.com/ 		47 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/optin1689368806891
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d473aebb17ab5a364aecf466038a62133bafe5cb983c196a55ec6171131d9b45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Jul 2023 23:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 21:43:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Jul 2023 23:16:16 GMT
application.js
app.clickfunnels.com/assets/userevents/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/userevents/application.js
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/optin1689368806891
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:16:16 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
age
69
last-modified
Fri, 14 Jul 2023 15:00:25 GMT
server
cloudflare
etag
W/"64b16309-147c"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-max-age
1728000
cf-ray
7e75b6559d1d3644-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sat, 15 Jul 2023 23:36:16 GMT
index.php
qil.ykh.mybluehost.me/ 		95 B
440 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qil.ykh.mybluehost.me/index.php?username=wander
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/optin1689368806891
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.240.105.219 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-240-105-219.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 Jul 2023 23:16:17 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
lander.js
app.clickfunnels.com/assets/ 		2 MB
661 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/lander.js
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/optin1689368806891
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fd74283ebdf5730b4ccf4cd979b5927c473c79964fc9e0ea63429f24b0888e6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:16:16 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
age
117
last-modified
Fri, 14 Jul 2023 15:00:25 GMT
server
cloudflare
etag
W/"64b16309-238327"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-max-age
1728000
cf-ray
7e75b6552cd83644-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sat, 15 Jul 2023 23:36:16 GMT
ClickfunnelsTag.png
images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/optin1689368806891
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:16:16 GMT
cf-cache-status
HIT
x-amz-request-id
G5SAZDXYCT626M3N
age
2080
cf-polished
origFmt=png, origSize=9030
content-disposition
inline; filename="ClickfunnelsTag.webp"
content-length
5276
x-amz-id-2
dIphrbY8XqW7QMCanfXxIv0xx/auaNjdzU6EIBM/6Wb1YD7PtT7rgR7zyWGLsywUvnTQSJU9AbM=
cf-bgj
imgq:85,h2pri
last-modified
Fri, 03 Jan 2020 17:41:49 GMT
server
cloudflare
etag
"a633777156a5ffeb58c92d3d59fa4e34"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2073600
accept-ranges
bytes
cf-ray
7e75b655bd323644-FRA
expires
Tue, 08 Aug 2023 23:16:16 GMT
pushcrew.js
app.clickfunnels.com/assets/ 		637 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/pushcrew.js
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/optin1689368806891
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:16:16 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
age
1065
last-modified
Fri, 14 Jul 2023 15:00:25 GMT
server
cloudflare
etag
W/"64b16309-27d"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-max-age
1728000
cf-ray
7e75b655ad2a3644-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires
Sat, 15 Jul 2023 23:36:16 GMT
v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/optin1689368806891
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67

Request headers

Referer
https://app.funnel-preview.com/
Origin
https://app.funnel-preview.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:16:16 GMT
content-encoding
gzip
last-modified
Mon, 10 Jul 2023 23:05:42 GMT
server
cloudflare
etag
W/2023.7.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7e75b655c9111c28-FRA
truncated
/ 		26 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
cf.js
classic.clickfunnels.com/
Redirect Chain
  • https://app.clickfunnels.com/cf.js
  • https://www.clickfunnels.com/cf.js
  • https://classic.clickfunnels.com/cf.js
18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://classic.clickfunnels.com/cf.js
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com/optin1689368806891
Protocol
H2
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:16:17 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
age
1610
last-modified
Fri, 14 Jul 2023 15:00:25 GMT
server
cloudflare
etag
W/"64b16309-476a"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
cf-ray
7e75b6580ec43644-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

Redirect headers

date
Sat, 15 Jul 2023 23:16:17 GMT
server
cloudflare
vary
Accept-Encoding
location
https://classic.clickfunnels.com/cf.js
cache-control
max-age=3600
cf-ray
7e75b657c83991d7-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 16 Jul 2023 00:16:17 GMT
/
track.addevent.com/atc/ 		0
0
/
app.clickfunnels.com/userevents/ 		0
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=MUcvRkMzYWRJRkdCbWFycUlSZlB5QT09LS11a2prdnU1djdBczN5ZWNScVM0L0Z3PT0%3D--62a545aad0321f07025e4525ca84245098bf78aa&page_id=bW9iWmdZSnUzWURuM0JURDFJWnJTZz09LS1vWHFXcExBR2tJMlp6Ui9LM1NkNGZBPT0%3D--bfea8d3c729d0ff17dd4cf19db01d9c44f66603b&funnel_step_id=VU5FV2FqcHhWeXZ0c3B3WjRTT1dzQT09LS1PbENUR0FRVkRUR2dVTERydFFFbzJBPT0%3D--e8003e180ed5322b510934884998f4f223e15998&user_id=WHNnUTh1alV2bldQNDE5SmVOQzMwdz09LS1qZE5ZMUlrQ1pIU1EzNEw2dG5FY29nPT0%3D--0b11bfa42dcf6d0350145ef85ddcb6d8a8447d2d&account_id=TzFXazB5Y0w0Y2U1L2pJOTNvYWl0Zz09LS1RS0g3cDZJOHJhQlIxTWJ6OGlrWkdnPT0%3D--f656e28438ef80a3d6fe3cb60c6cb7ff5ea21375&page_code=NTk5MzYyODM%3D&mode_id=1&time_zone=America%2FPhoenix&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=4ba512b0-8b39-4124-8073-664c6b07a73b&url=https%3A%2F%2Fapp.funnel-preview.com%2Ffor_domain%2Fnewsalor1.clickfunnels.com%2Foptin1689368806891
Requested by
Host: app.clickfunnels.com
URL: https://app.clickfunnels.com/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:16:17 GMT
strict-transport-security
max-age=0
access-control-request-method
*
cf-cache-status
BYPASS
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
202 Accepted
x-request-id
392e1f2d48933b517ce40fedb6c9ce81
pragma
no-cache
x-runtime
0.028900
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-max-age
1728000
cf-ray
7e75b65739b64d4c-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options
ALLOWALL
x-rack-cache
miss
/
app.clickfunnels.com/userevents/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=MUcvRkMzYWRJRkdCbWFycUlSZlB5QT09LS11a2prdnU1djdBczN5ZWNScVM0L0Z3PT0%3D--62a545aad0321f07025e4525ca84245098bf78aa&page_id=bW9iWmdZSnUzWURuM0JURDFJWnJTZz09LS1vWHFXcExBR2tJMlp6Ui9LM1NkNGZBPT0%3D--bfea8d3c729d0ff17dd4cf19db01d9c44f66603b&funnel_step_id=VU5FV2FqcHhWeXZ0c3B3WjRTT1dzQT09LS1PbENUR0FRVkRUR2dVTERydFFFbzJBPT0%3D--e8003e180ed5322b510934884998f4f223e15998&user_id=WHNnUTh1alV2bldQNDE5SmVOQzMwdz09LS1qZE5ZMUlrQ1pIU1EzNEw2dG5FY29nPT0%3D--0b11bfa42dcf6d0350145ef85ddcb6d8a8447d2d&account_id=TzFXazB5Y0w0Y2U1L2pJOTNvYWl0Zz09LS1RS0g3cDZJOHJhQlIxTWJ6OGlrWkdnPT0%3D--f656e28438ef80a3d6fe3cb60c6cb7ff5ea21375&page_code=NTk5MzYyODM%3D&mode_id=1&time_zone=America%2FPhoenix&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=1ee3d719-0dd3-4cf0-8379-f375b6f7d4d7&url=https%3A%2F%2Fapp.funnel-preview.com%2Ffor_domain%2Fnewsalor1.clickfunnels.com%2Foptin1689368806891
Requested by
Host: app.clickfunnels.com
URL: https://app.clickfunnels.com/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:16:17 GMT
strict-transport-security
max-age=0
access-control-request-method
*
cf-cache-status
BYPASS
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
202 Accepted
x-request-id
ca80af299c8e8dfb6331ae45847a5905
pragma
no-cache
x-runtime
0.028948
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-max-age
1728000
cf-ray
7e75b65749ba4d4c-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options
ALLOWALL
x-rack-cache
miss
/
app.clickfunnels.com/userevents/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=MUcvRkMzYWRJRkdCbWFycUlSZlB5QT09LS11a2prdnU1djdBczN5ZWNScVM0L0Z3PT0%3D--62a545aad0321f07025e4525ca84245098bf78aa&page_id=bW9iWmdZSnUzWURuM0JURDFJWnJTZz09LS1vWHFXcExBR2tJMlp6Ui9LM1NkNGZBPT0%3D--bfea8d3c729d0ff17dd4cf19db01d9c44f66603b&funnel_step_id=VU5FV2FqcHhWeXZ0c3B3WjRTT1dzQT09LS1PbENUR0FRVkRUR2dVTERydFFFbzJBPT0%3D--e8003e180ed5322b510934884998f4f223e15998&user_id=WHNnUTh1alV2bldQNDE5SmVOQzMwdz09LS1qZE5ZMUlrQ1pIU1EzNEw2dG5FY29nPT0%3D--0b11bfa42dcf6d0350145ef85ddcb6d8a8447d2d&account_id=TzFXazB5Y0w0Y2U1L2pJOTNvYWl0Zz09LS1RS0g3cDZJOHJhQlIxTWJ6OGlrWkdnPT0%3D--f656e28438ef80a3d6fe3cb60c6cb7ff5ea21375&page_code=NTk5MzYyODM%3D&mode_id=1&time_zone=America%2FPhoenix&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=b7b02385-93d2-4888-9ba1-ebfa8ea60cc8&url=https%3A%2F%2Fapp.funnel-preview.com%2Ffor_domain%2Fnewsalor1.clickfunnels.com%2Foptin1689368806891
Requested by
Host: app.clickfunnels.com
URL: https://app.clickfunnels.com/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 23:16:17 GMT
strict-transport-security
max-age=0
access-control-request-method
*
cf-cache-status
BYPASS
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
202 Accepted
x-request-id
4c7e18239e4413b1fcaf9c6c2b81f6de
pragma
no-cache
x-runtime
0.030789
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-max-age
1728000
cf-ray
7e75b65749be4d4c-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-frame-options
ALLOWALL
x-rack-cache
miss
Primary Request pfnrskvfy
allowflannelmob.com/ 		115 B
817 B 		Document
General
Check archive.org
Download Go to
Full URL
https://allowflannelmob.com/pfnrskvfy?key=5e27bfb62cf0f00b2fdc5a751e0796e4
Requested by
Host: qil.ykh.mybluehost.me
URL: https://qil.ykh.mybluehost.me/index.php?username=wander
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://app.funnel-preview.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache
Connection
keep-alive
Content-Length
115
Content-Type
text/html
Date
Sat, 15 Jul 2023 23:16:18 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx/1.19.5
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
eddc88c7006d5d9c88a2ae810720a28f
rum
app.funnel-preview.com/cdn-cgi/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
track.addevent.com
URL
https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=7a4dd5ba-dfcb-4099-7fe7-7e574d52eb47&url=https%3A%2F%2Fapp.funnel-preview.com%2Ffor_domain%2Fnewsalor1.clickfunnels.com%2Foptin1689368806891&cache=1689462977133
Domain
app.funnel-preview.com
URL
https://app.funnel-preview.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

17 Cookies

Domain/Path Name / Value
app.funnel-preview.com/for_domain/newsalor1.clickfunnels.com Name: addevent_track_cookie
Value: 7a4dd5ba-dfcb-4099-7fe7-7e574d52eb47
.app.funnel-preview.com/ Name: __cf_bm
Value: fD7dTjBhOG1P0FCAHLsgoEKuv4VdgzmcW6GIAWw01a4-1689462976-0-ARyq2EKQz3vM6EbJFBpwurAifEbHy27Hw2w5SUivjh3jHgyGWffW4AXiSHndx8tpepBYq5I/1Dv7OEAg2rEvPORMzCZn6Jp9iKax3lgND/KU
.clickfunnels.com/ Name: __cf_bm
Value: Aa0Ie1AM4JZG2oLu5b6q0kn6tVVIZ6KFmiSirjcNdfw-1689462976-0-Aa3nW47Nnuk0FXcvTkxK86boNWZoDZllxwKPspcCwdrqkcysp9BjR+u/pSdRhnIYAnXNQFxc/8p6FR1FWdKRWE8TrlxdCksMkLdfhNHlwFha
app.funnel-preview.com/ Name: cf:aff_sub2
Value:
app.funnel-preview.com/ Name: cf:aff_sub3
Value:
app.funnel-preview.com/ Name: cf:aff_sub
Value:
app.funnel-preview.com/ Name: cf:affiliate_id
Value:
app.funnel-preview.com/ Name: cf:cf_affiliate_id
Value:
app.funnel-preview.com/ Name: cf:content
Value:
app.funnel-preview.com/ Name: cf:medium
Value:
app.funnel-preview.com/ Name: cf:name
Value:
app.funnel-preview.com/ Name: cf:source
Value:
app.funnel-preview.com/ Name: cf:term
Value:
app.funnel-preview.com/ Name: cf:NTk5MzYyODM
Value: :visited=true
app.funnel-preview.com/ Name: cf:visitor_id
Value: bcd2f130-f254-40c9-aa03-ba289951b780
.www.clickfunnels.com/ Name: __cf_bm
Value: FVkgvejfOI1yqPOzSVYQnwSpnJqf9K8FqpjitF_DLaI-1689462977-0-ATiNpG5d/kA85LBqFUXf62+kmBGujSP+DtAjNyVgaZ9zVLocOUD+DlxFgBoJbUhfXPvIjpoZtOscBAMlveylL2Q=
allowflannelmob.com/ Name: u_pl
Value: 19916165

1 Console Messages

Source Level URL
Text
network error URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=7a4dd5ba-dfcb-4099-7fe7-7e574d52eb47&url=https%3A%2F%2Fapp.funnel-preview.com%2Ffor_domain%2Fnewsalor1.clickfunnels.com%2Foptin1689368806891&cache=1689462977133
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a829d.vercel.app
allowflannelmob.com
app.clickfunnels.com
app.funnel-preview.com
classic.clickfunnels.com
draks.co
fonts.googleapis.com
images.clickfunnels.com
qil.ykh.mybluehost.me
static.cloudflareinsights.com
track.addevent.com
use.fontawesome.com
whos.amung.us
www.clickfunnels.com
app.funnel-preview.com
track.addevent.com
162.240.105.219
192.243.59.13
209.126.85.168
2606:4700:10::ac43:88d
2606:4700:4400::ac40:944b
2606:4700::6810:10c2
2606:4700::6810:3965
2606:4700::6810:fc2
2606:4700:e2::ac40:850f
2a00:1450:4001:829::200a
76.76.21.142
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
51b31bf9e9d064423aaa04e5543cf7c3adc20f2962dedc1160ebc53e4d4384e8
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474
9fd74283ebdf5730b4ccf4cd979b5927c473c79964fc9e0ea63429f24b0888e6
a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b
af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
d473aebb17ab5a364aecf466038a62133bafe5cb983c196a55ec6171131d9b45
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51921a405d1607f2cbebc72798e1a0bd7525c3beb41b47f160a0cc68721f7f4
ef5362e0dcdb5a8bf8cdd768eb9ebf69bf870539daca8d8253478a1fd340d132
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422