urlscan.io logo urlscan.io
SecurityTrails logo

000-affiliate-test.safechckout.com Open in urlscan Pro
209.170.211.179  Public Scan

Go To Rescan Add Verdict Report
URL: https://000-affiliate-test.safechckout.com/
Submission: On October 03 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 6 countries across 15 domains to perform 60 HTTP transactions. The main IP is 209.170.211.179, located in Venice, United States and belongs to ASN-VINS, US. The main domain is 000-affiliate-test.safechckout.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 3rd 2020. Valid for: 3 months.
This is the only time 000-affiliate-test.safechckout.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 7 209.170.211.179 13649 (ASN-VINS)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 10 2606:4700::68... 13335 (CLOUDFLAR...)
17 104.16.20.19 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2a04:4e42:3::729 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 52.95.169.51 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 52.214.255.171 16509 (AMAZON-02)
1 52.17.112.225 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 5 2a03:2880:f11... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 54.154.101.78 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
60 18
7    209.170.211.179 (Venice, United States)

ASN13649 (ASN-VINS, US)
PTR: mail9.ontramail.com
000-affiliate-test.safechckout.com
www1.moon-ray.com
forms.moon-ray.com
tracking.ontraport.com
3    2606:4700::6810:dc2 (United States)

ASN13335 (CLOUDFLARENET, US)
assets3.clickfunnels.com
app.clickfunnels.com
amg.clickfunnels.com
10    2606:4700::6810:fc2 (United States)

ASN13335 (CLOUDFLARENET, US)
static.clickfunnels.com
www.clickfunnels.com
images.clickfunnels.com
17    104.16.20.19 (United States)

ASN13335 (CLOUDFLARENET, US)
optassets.ontraport.com
forms.ontraport.com
app.ontraport.com
2    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
netdna.bootstrapcdn.com
2    2a04:4e42:3::729 (Ascension Island)

ASN54113 (FASTLY, US)
vjs.zencdn.net
4    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    52.95.169.51 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: s3-w.eu-north-1.amazonaws.com
nodo.s3.amazonaws.com
5    2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    52.214.255.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-255-171.eu-west-1.compute.amazonaws.com
addthisevent.com
1    52.17.112.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-112-225.eu-west-1.compute.amazonaws.com
www.addevent.com
3    2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    54.154.101.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-101-78.eu-west-1.compute.amazonaws.com
track.addevent.com
1    2606:4700::6810:10c2 (United States)

ASN13335 (CLOUDFLARENET, US)
amg.clickfunnels.com
Domain Requested by
14 forms.ontraport.com 000-affiliate-test.safechckout.com
www1.moon-ray.com
5 www.facebook.com 3 redirects 000-affiliate-test.safechckout.com
connect.facebook.net
5 cdnjs.cloudflare.com static.clickfunnels.com
000-affiliate-test.safechckout.com
5 www.clickfunnels.com 1 redirects static.clickfunnels.com
000-affiliate-test.safechckout.com
4 fonts.gstatic.com fonts.googleapis.com
4 images.clickfunnels.com static.clickfunnels.com
000-affiliate-test.safechckout.com
4 ajax.googleapis.com static.clickfunnels.com
www1.moon-ray.com
forms.ontraport.com
4 www1.moon-ray.com 4 redirects
3 www.google-analytics.com 000-affiliate-test.safechckout.com
www.google-analytics.com
2 amg.clickfunnels.com 000-affiliate-test.safechckout.com
amg.clickfunnels.com
2 connect.facebook.net 000-affiliate-test.safechckout.com
connect.facebook.net
2 vjs.zencdn.net static.clickfunnels.com
2 fonts.googleapis.com static.clickfunnels.com
ajax.googleapis.com
2 optassets.ontraport.com 000-affiliate-test.safechckout.com
1 tracking.ontraport.com optassets.ontraport.com
1 app.ontraport.com www1.moon-ray.com
1 track.addevent.com 000-affiliate-test.safechckout.com
1 app.clickfunnels.com 1 redirects
1 www.addevent.com 000-affiliate-test.safechckout.com
1 addthisevent.com 1 redirects
1 nodo.s3.amazonaws.com static.clickfunnels.com
1 forms.moon-ray.com static.clickfunnels.com
1 netdna.bootstrapcdn.com static.clickfunnels.com
1 static.clickfunnels.com 000-affiliate-test.safechckout.com
1 assets3.clickfunnels.com 000-affiliate-test.safechckout.com
1 000-affiliate-test.safechckout.com
60 26

This site contains links to these domains. Also see Links.

Domain
www.clickfunnels.com
Subject Issuer Validity Valid
000-affiliate-test.safechckout.com
Let's Encrypt Authority X3		 2020-10-03 -
2021-01-01		 3 months crt.sh
ssl566619.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-05-19 -
2020-11-25		 6 months crt.sh
*.ontraport.com
Go Daddy Secure Certificate Authority - G2		 2019-10-23 -
2020-11-21		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
osff.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-20 -
2020-12-18		 7 months crt.sh
*.moon-ray.com
Go Daddy Secure Certificate Authority - G2		 2020-04-29 -
2021-05-25		 a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2021-03-12		 a year crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-12 -
2022-08-17		 2 years crt.sh
addevent.com
Amazon		 2020-03-13 -
2021-04-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
tracking.ontraport.com
Let's Encrypt Authority X3		 2020-09-25 -
2020-12-24		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://000-affiliate-test.safechckout.com/
Frame ID: 9D3B1518FF1989EE65D97A61F1AEA1BC
Requests: 62 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?api_key=246441615530259&channel_url=https%3A%2F%2Fs-static.ak.facebook.com%2Fconnect%2Fxd_arbiter%2FKvoNGODIqPG.js%3Fversion%3D41%23cb%3Df1856dfebc%26domain%3Dapp.clickfunnels.com%26origin%3Dhttps%253A%252F%252Fapp.clickfunnels.com%252Ff1d8a48da8%26relation%3Dparent.parent&colorscheme=light&href=http%3A%2F%2Fexample.com%2Fcomments&locale=en_US&numposts=5&sdk=joey&skin=light&version=v2.0&width=100%25
Frame ID: A7949744305D609E6FBF61F19142BD8C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=246441615530259&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7ca8a8b052cc8%26domain%3D000-affiliate-test.safechckout.com%26origin%3Dhttps%253A%252F%252F000-affiliate-test.safechckout.com%252Ff37ec7c91ba8854%26relation%3Dparent.parent&color_scheme=light&container_width=920&height=100&href=http%3A%2F%2Fexample.com%2Fcomments&locale=en_US&numposts=5&sdk=joey&version=v2.0&width
Frame ID: 542DB5102B8360DF4F5D34D6BFA6D017
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /Clickfunnels/i

Page Statistics

60
Requests

100 %
HTTPS

67 %
IPv6

15
Domains

26
Subdomains

18
IPs

6
Countries

1077 kB
Transfer

3764 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://www1.moon-ray.com/formeditor/formeditor/css/form.default.css HTTP 302
  • https://forms.ontraport.com//formeditor/formeditor/css/form.default.css
Request Chain 8
  • https://www1.moon-ray.com/formeditor/formeditor/css/form.publish.css HTTP 302
  • https://forms.ontraport.com//formeditor/formeditor/css/form.publish.css
Request Chain 11
  • https://www1.moon-ray.com/v2.4/include/formEditor/gencss.php?uid=p2c10636f167 HTTP 302
  • https://forms.ontraport.com//v2.4/include/formEditor/gencss.php?uid=p2c10636f167
Request Chain 12
  • https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167 HTTP 302
  • https://forms.ontraport.com//v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Request Chain 19
  • https://addthisevent.com/libs/1.5.8/ate.min.js HTTP 301
  • https://www.addevent.com/libs/1.5.8/ate.min.js
Request Chain 23
  • https://www.clickfunnels.com/cf_pe_orders.js HTTP 301
  • https://www.clickfunnels.com/assets/cf_pe_orders.js
Request Chain 24
  • https://app.clickfunnels.com/javascripts/garlic.cf.js HTTP 301
  • https://www.clickfunnels.com/javascripts/garlic.cf.js
Request Chain 30
  • https://www.facebook.com/plugins/comments.php?api_key=246441615530259&channel_url=https%3A%2F%2Fs-static.ak.facebook.com%2Fconnect%2Fxd_arbiter%2FKvoNGODIqPG.js%3Fversion%3D41%23cb%3Df1856dfebc%26domain%3Dapp.clickfunnels.com%26origin%3Dhttps%253A%252F%252Fapp.clickfunnels.com%252Ff1d8a48da8%26relation%3Dparent.parent&colorscheme=light&href=http%3A%2F%2Fexample.com%2Fcomments&locale=en_US&numposts=5&sdk=joey&skin=light&version=v2.0&width=100%25 HTTP 302
  • https://www.facebook.com/plugins/feedback.php?api_key=246441615530259&channel_url=https%3A%2F%2Fs-static.ak.facebook.com%2Fconnect%2Fxd_arbiter%2FKvoNGODIqPG.js%3Fversion%3D41%23cb%3Df1856dfebc%26domain%3Dapp.clickfunnels.com%26origin%3Dhttps%253A%252F%252Fapp.clickfunnels.com%252Ff1d8a48da8%26relation%3Dparent.parent&colorscheme=light&href=http%3A%2F%2Fexample.com%2Fcomments&locale=en_US&numposts=5&sdk=joey&skin=light&version=v2.0&width=100%25
Request Chain 61
  • https://www.facebook.com/v2.0/plugins/comments.php?app_id=246441615530259&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7ca8a8b052cc8%26domain%3D000-affiliate-test.safechckout.com%26origin%3Dhttps%253A%252F%252F000-affiliate-test.safechckout.com%252Ff37ec7c91ba8854%26relation%3Dparent.parent&color_scheme=light&container_width=920&height=100&href=http%3A%2F%2Fexample.com%2Fcomments&locale=en_US&numposts=5&sdk=joey&version=v2.0&width= HTTP 302
  • https://www.facebook.com/plugins/comments.php?app_id=246441615530259&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7ca8a8b052cc8%26domain%3D000-affiliate-test.safechckout.com%26origin%3Dhttps%253A%252F%252F000-affiliate-test.safechckout.com%252Ff37ec7c91ba8854%26relation%3Dparent.parent&color_scheme=light&container_width=920&height=100&href=http%3A%2F%2Fexample.com%2Fcomments&locale=en_US&numposts=5&sdk=joey&version=v2.0&width HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=246441615530259&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7ca8a8b052cc8%26domain%3D000-affiliate-test.safechckout.com%26origin%3Dhttps%253A%252F%252F000-affiliate-test.safechckout.com%252Ff37ec7c91ba8854%26relation%3Dparent.parent&color_scheme=light&container_width=920&height=100&href=http%3A%2F%2Fexample.com%2Fcomments&locale=en_US&numposts=5&sdk=joey&version=v2.0&width

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
000-affiliate-test.safechckout.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://000-affiliate-test.safechckout.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.170.211.179 Venice, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
mail9.ontramail.com
Software
ONTRAport /
Resource Hash
7a7aa4d152f965fbd7e320d902f308994e35b1e32e03257585d5362ea27efd0e

Request headers

Host
000-affiliate-test.safechckout.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 03 Oct 2020 09:09:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
lpsplt_121=0; path=/; SameSite=Lax
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-op-class
hosted
X-op-release
3
X-op-ca
82.102.20.235
Server
ONTRAport
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Encoding
gzip
lander.css
assets3.clickfunnels.com/assets/ 		425 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets3.clickfunnels.com/assets/lander.css
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50201d2a7c5c0363880bde7bffebad032a0b3628bf6ad72ab87677d1357d21b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
162
status
200
cf-request-id
058f51f71200001f2d5a8be200000001
last-modified
Wed, 05 Aug 2020 19:10:32 GMT
server
cloudflare
etag
W/"5f2b0428-6a486"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
5dc585d1bf881f2d-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 03 Oct 2020 09:29:10 GMT
e2c7w1chtnda7vjl.js
static.clickfunnels.com/clickfunnels/landers/tmp/ 		69 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee6be264fdde558593aa0a0b6b44794647399eb8faf6264cbde3afedb1bf06ec

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 26 Apr 2015 21:50:51 GMT
server
cloudflare
x-amz-request-id
85DA897A44939338
etag
"e95d13866270080ad2b7a466fcae7fa3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-id-2
LmMhZh0QpsoNVQyf5oBBIBjUKpaGRRofJWrcPwweWaj7mst8K3113ISTbaiVXfbxj7Z040EHl4U=
status
200
accept-ranges
bytes
cf-ray
5dc585d1be2ed6c9-FRA
content-length
71107
cf-request-id
058f51f7170000d6c973097200000001
tracking.js
optassets.ontraport.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/tracking.js
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5561e8308eb5743824525749cf1fbb7207113619c0fa33e22170a073eddc77

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3981
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cf-request-id
058f51f734000010f3ad08c200000001
server
cloudflare
x-op-ca
10.2.80.206
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-op-release
3
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
5dc585d1ecad10f3-CPH
expires
Sat, 03 Oct 2020 13:09:10 GMT
lander.css
www.clickfunnels.com/assets/ 		425 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.clickfunnels.com/assets/lander.css
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50201d2a7c5c0363880bde7bffebad032a0b3628bf6ad72ab87677d1357d21b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
162
status
200
cf-request-id
058f51f8110000d6c9730a8200000001
last-modified
Wed, 05 Aug 2020 19:10:32 GMT
server
cloudflare
etag
W/"5f2b0428-6a486"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
5dc585d349b2d6c9-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 03 Oct 2020 09:29:10 GMT
css
fonts.googleapis.com/ 		46 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c8d42c73228b8d7c53512742a4da786efca4755f5fca2caa32e505d35333d86c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 03 Oct 2020 09:09:10 GMT
server
ESF
date
Sat, 03 Oct 2020 09:09:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 03 Oct 2020 09:09:10 GMT
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
status
200
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
4292
video-js.css
vjs.zencdn.net/4.11/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/4.11/video-js.css
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
04e20a40e2df545adf2d507a0292f4837336784d94e10c7434d55318fce9aa23

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
content-encoding
gzip
last-modified
Fri, 23 Jan 2015 19:30:39 GMT
status
200
etag
"7e4e8c086aca566a1f3abad9aa923cd8"
x-served-by
cache-fra19129-FRA
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
timing-allow-origin
*
content-length
3028
x-cache-hits
1
form.default.css
forms.ontraport.com//formeditor/formeditor/css/
Redirect Chain
  • https://www1.moon-ray.com/formeditor/formeditor/css/form.default.css
  • https://forms.ontraport.com//formeditor/formeditor/css/form.default.css
12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ontraport.com//formeditor/formeditor/css/form.default.css
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b2ba19fdc8214ba35e86a7ba90f58c57ea9bedb6c4ace37a4e88c31d60ccf2a

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:11 GMT
x-op-benvironment
production
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
cf-request-id
058f51fa29000010f3ad0a6200000001
x-op-what
what
last-modified
Fri, 19 Jun 2020 15:48:23 GMT
server
cloudflare
etag
W/"5eecde47-3143"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=120
access-control-allow-credentials
true
cf-ray
5dc585d6abe710f3-CPH
expires
Sat, 03 Oct 2020 09:11:11 GMT

Redirect headers

Date
Sat, 03 Oct 2020 09:09:10 GMT
Server
ONTRAport
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://forms.ontraport.com//formeditor/formeditor/css/form.default.css
Connection
keep-alive
Content-Type
text/html
Content-Length
158
X-op-ca
82.102.20.235
form.publish.css
forms.ontraport.com//formeditor/formeditor/css/
Redirect Chain
  • https://www1.moon-ray.com/formeditor/formeditor/css/form.publish.css
  • https://forms.ontraport.com//formeditor/formeditor/css/form.publish.css
1 KB
596 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ontraport.com//formeditor/formeditor/css/form.publish.css
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d12a2ed659318cb1109c933a7baf62bb96ffb9329f1074ce16726bf8a8ac8c

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:11 GMT
x-op-benvironment
production
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
cf-request-id
058f51fa29000010f3ad0a5200000001
x-op-what
what
last-modified
Tue, 04 Sep 2018 22:26:35 GMT
server
cloudflare
etag
W/"5b8f069b-4c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=120
access-control-allow-credentials
true
cf-ray
5dc585d6abe510f3-CPH
expires
Sat, 03 Oct 2020 09:11:11 GMT

Redirect headers

Date
Sat, 03 Oct 2020 09:09:10 GMT
Server
ONTRAport
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://forms.ontraport.com//formeditor/formeditor/css/form.publish.css
Connection
keep-alive
Content-Type
text/html
Content-Length
158
X-op-ca
82.102.20.235
/
forms.moon-ray.com/v2.4/include/minify/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.moon-ray.com/v2.4/include/minify/?g=moonrayCSS
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.170.211.179 Venice, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
mail9.ontramail.com
Software
ONTRAport /
Resource Hash
dc4ed09d68119a5644dc1e28a9ec8a932892af3c98024c31083390e546ff7037

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 03 Oct 2020 09:09:10 GMT
Content-Encoding
gzip
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
2354
X-op-ca
82.102.20.235
Pragma
no-cache
X-op-what
what
Last-Modified
Thu, 25 Jun 2020 20:57:13 GMT
Server
ONTRAport
ETag
"pub1593118633;gz"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800, public
Access-Control-Allow-Credentials
true
X-op-benvironment
production
Cache-Tag
app-deploy
Expires
Sat, 03 Oct 2020 09:39:10 GMT
jquery-ui.min.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/themes/smoothness/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/themes/smoothness/jquery-ui.min.css
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4007a847abc4399c1a96d516763161315a841de3cfa7760df9523345efc56f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 10:16:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
427970
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5236
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Sep 2021 10:16:20 GMT
gencss.php
forms.ontraport.com//v2.4/include/formEditor/
Redirect Chain
  • https://www1.moon-ray.com/v2.4/include/formEditor/gencss.php?uid=p2c10636f167
  • https://forms.ontraport.com//v2.4/include/formEditor/gencss.php?uid=p2c10636f167
5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms.ontraport.com//v2.4/include/formEditor/gencss.php?uid=p2c10636f167
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
738870693ad4d59ac5b51552309ad89320c7d16110ca170123b23da95dd90b5f

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:11 GMT
x-op-benvironment
production
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
cf-request-id
058f51fa28000010f3ad0a4200000001
pragma
no-cache
x-op-what
what
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
5dc585d6abdf10f3-CPH
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Date
Sat, 03 Oct 2020 09:09:10 GMT
Server
ONTRAport
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://forms.ontraport.com//v2.4/include/formEditor/gencss.php?uid=p2c10636f167
Connection
keep-alive
Content-Type
text/html
Content-Length
158
X-op-ca
82.102.20.235
genjs-v2.php
forms.ontraport.com//v2.4/include/formEditor/
Redirect Chain
  • https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
  • https://forms.ontraport.com//v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ontraport.com//v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
237a6811f499de9e31bafa89b4a2e2727788459e244a141d5c42ef8c9d1cc688

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:11 GMT
x-op-benvironment
production
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
cf-request-id
058f51fa2b000010f3ad0a7200000001
pragma
no-cache
x-op-what
what
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
5dc585d6abec10f3-CPH
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Date
Sat, 03 Oct 2020 09:09:10 GMT
Server
ONTRAport
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://forms.ontraport.com//v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Connection
keep-alive
Content-Type
text/html
Content-Length
158
X-op-ca
82.102.20.235
closemodal.png
nodo.s3.amazonaws.com/editor/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nodo.s3.amazonaws.com/editor/closemodal.png
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.169.51 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-north-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
preheadline-divider.png
images.clickfunnels.com/6b/11eb80589711e4b5a8d92fd4b77579/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.clickfunnels.com/6b/11eb80589711e4b5a8d92fd4b77579/preheadline-divider.png
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8453754af23c624d0f1b78f738fb4d8d6b86b679cc7e7e2205addc837e483ad

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
92A9260039FEA9DC
cf-polished
origFmt=png, origSize=5083
status
200
content-disposition
inline; filename="preheadline-divider.webp"
content-length
2004
x-amz-id-2
0e5EdVr/aNLMVc6BE7CWEFs+GhcCTHFksn/buBZXksJ9AWaHkuDoOrODksFjOrp3PAGw3SXyGk4=
last-modified
Mon, 20 Oct 2014 20:26:52 GMT
server
cloudflare
etag
"b5795d6432cc6780202c110f9f613f19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 27 Oct 2020 09:09:10 GMT
cache-control
public, max-age=2073600
cf-request-id
058f51f81b0000d6c9730ab200000001
accept-ranges
bytes
cf-ray
5dc585d359cfd6c9-FRA
cf-bgj
imgq:85,h2pri
plan.png
images.clickfunnels.com/76/7d4800589911e4be2957bd48865180/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.clickfunnels.com/76/7d4800589911e4be2957bd48865180/plan.png
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaca6cf478e703f556c60b9199e835099d7616c03a589960186a538c8c8cefec

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
63EB75D8EF4B90FF
cf-polished
origFmt=png, origSize=5138
status
200
content-disposition
inline; filename="plan.webp"
content-length
4466
x-amz-id-2
kP24hcXQXFVJENQGHP57j2ma23QSU88o2YrSetcBg/y2rq5s8GH5DgdnfbkF8XrbTs9vK50hRzE=
last-modified
Mon, 20 Oct 2014 20:41:29 GMT
server
cloudflare
etag
"b68e899fcf0eba5a2e89a74a6e8fd303"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 27 Oct 2020 09:09:10 GMT
cache-control
public, max-age=2073600
cf-request-id
058f51f81b0000d6c9730aa200000001
accept-ranges
bytes
cf-ray
5dc585d359ced6c9-FRA
cf-bgj
imgq:85,h2pri
pic.jpg
images.clickfunnels.com/c1/590fd057a411e4857e5565510fc994/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.clickfunnels.com/c1/590fd057a411e4857e5565510fc994/pic.jpg
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2588c882a73500479b37abf0042cf967bfb57c6f793f532a2d71fd758dcf6a96

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
D26E3D0032F62676
cf-polished
qual=85, origFmt=jpeg, origSize=4992
status
200
content-disposition
inline; filename="pic.webp"
content-length
1194
x-amz-id-2
EsiM5GsDjooBF0AzVumQe4y6d0iCRZN2V7GxK479+clMGz5HY/6wf/5U12DdmQgQmk0sVvSZM9E=
last-modified
Sun, 19 Oct 2014 15:29:47 GMT
server
cloudflare
etag
"18322ba6d2b90502df3a8e9cc7a1ecf5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 27 Oct 2020 09:09:10 GMT
cache-control
public, max-age=2073600
cf-request-id
058f51f81b0000d6c9730ac200000001
accept-ranges
bytes
cf-ray
5dc585d359d0d6c9-FRA
cf-bgj
imgq:85,h2pri
mediaelement.min.js
cdnjs.cloudflare.com/ajax/libs/mediaelement/2.13.2/js/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.13.2/js/mediaelement.min.js
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c0e79df23cc93a716bfbf084e3721d8dee71a52d93e35e4696a779c93c9a5c9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3413967
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7201
cf-request-id
058f51f811000017729daf2200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:19 GMT
server
cloudflare
etag
"5eb03f1f-6535"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601716150"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5dc585d348ff1772-FRA
expires
Thu, 23 Sep 2021 09:09:10 GMT
parsley.min.js
cdnjs.cloudflare.com/ajax/libs/parsley.js/1.2.3/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/parsley.js/1.2.3/parsley.min.js
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf197979b4d69627d3835a1cc58452bc9ffe8496dfc607857edfb5e9ab4e1a4a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3411461
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5395
cf-request-id
058f51f811000017729daf3200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:52 GMT
server
cloudflare
etag
"5eb03f40-56f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601716150"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5dc585d349011772-FRA
expires
Thu, 23 Sep 2021 09:09:10 GMT
ate.min.js
www.addevent.com/libs/1.5.8/
Redirect Chain
  • https://addthisevent.com/libs/1.5.8/ate.min.js
  • https://www.addevent.com/libs/1.5.8/ate.min.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.addevent.com/libs/1.5.8/ate.min.js
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.112.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-112-225.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
0eef003464f732c82d13c44944ed946ee543cd997e22668e5d6973e41b622ced
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 03 Oct 2020 09:09:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
5712
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 12 Feb 2019 10:19:00 GMT
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, public, must-revalidate
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin, x-requested-with, content-type
X-Content-Security-Policy
allow 'self';

Redirect headers

Location
https://www.addevent.com/libs/1.5.8/ate.min.js
Date
Sat, 03 Oct 2020 09:09:10 GMT
Server
Apache
Connection
keep-alive
Content-Length
254
Content-Type
text/html; charset=iso-8859-1
lander.js
www.clickfunnels.com/assets/ 		982 KB
274 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickfunnels.com/assets/lander.js
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b741899d48a4e2cf2c20f5575bd3b9baa05e7641bfcd1d9a60ea71f21d48d12d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
152
status
200
cf-request-id
058f51f8110000d6c9730a9200000001
last-modified
Wed, 05 Aug 2020 19:10:31 GMT
server
cloudflare
etag
W/"5f2b0427-f5831"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
5dc585d349b5d6c9-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 03 Oct 2020 09:29:10 GMT
mediaelementplayer.min.css
cdnjs.cloudflare.com/ajax/libs/mediaelement/2.13.2/css/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.13.2/css/mediaelementplayer.min.css
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b71f43286c78355a15e436f23b8de3d57465562307b42a2df7d244cab5352d9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
211258
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2392
cf-request-id
058f51f811000017729daf4200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:19 GMT
server
cloudflare
etag
"5eb03f1f-470c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601716150"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5dc585d349031772-FRA
expires
Thu, 23 Sep 2021 09:09:10 GMT
mejs-skins.css
cdnjs.cloudflare.com/ajax/libs/mediaelement/2.13.2/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.13.2/css/mejs-skins.css
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f360ca5f65913e44e2a0f5caabe9e04681c15c721ba83d8b35028037a90e9ea1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
730386
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
893
cf-request-id
058f51f811000017729daf5200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:19 GMT
server
cloudflare
etag
"5eb03f1f-1839"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601716150"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5dc585d349051772-FRA
expires
Thu, 23 Sep 2021 09:09:10 GMT
cf_pe_orders.js
www.clickfunnels.com/assets/
Redirect Chain
  • https://www.clickfunnels.com/cf_pe_orders.js
  • https://www.clickfunnels.com/assets/cf_pe_orders.js
41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickfunnels.com/assets/cf_pe_orders.js
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7606f5245f94d7daf690ee84e29fb3029ac5de568bdfed826abd9c139b83b5c8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
status
200
cf-request-id
058f51faf50000d6c9730e2200000001
last-modified
Wed, 05 Aug 2020 19:10:30 GMT
server
cloudflare
etag
W/"5f2b0426-a55a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
5dc585d7ecb7d6c9-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 03 Oct 2020 09:29:11 GMT

Redirect headers

date
Sat, 03 Oct 2020 09:09:11 GMT
vary
Accept-Encoding
cf-cache-status
EXPIRED
server
cloudflare
status
301
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://www.clickfunnels.com/assets/cf_pe_orders.js
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=0
cf-ray
5dc585d369e9d6c9-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-request-id
058f51f8210000d6c9730ae200000001
garlic.cf.js
www.clickfunnels.com/javascripts/
Redirect Chain
  • https://app.clickfunnels.com/javascripts/garlic.cf.js
  • https://www.clickfunnels.com/javascripts/garlic.cf.js
16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickfunnels.com/javascripts/garlic.cf.js
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee37d2b6a314f4c1878f915d4317bc7ec65aa0bc4a45b482a711a17b07aa7891
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
4842
status
200
cf-request-id
058f51f8d80000d6c9730be200000001
last-modified
Fri, 02 Oct 2020 19:58:46 GMT
server
cloudflare
etag
W/"5f778676-4184"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
5dc585d48caed6c9-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

Redirect headers

date
Sat, 03 Oct 2020 09:09:10 GMT
vary
Accept-Encoding
cf-cache-status
EXPIRED
server
cloudflare
status
301
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://www.clickfunnels.com/javascripts/garlic.cf.js
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=0
cf-ray
5dc585d36bb11f2d-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-request-id
058f51f82100001f2d5a8d6200000001
video.js
vjs.zencdn.net/4.11/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/4.11/video.js
Requested by
Host: static.clickfunnels.com
URL: https://static.clickfunnels.com/clickfunnels/landers/tmp/e2c7w1chtnda7vjl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16d0f10631780e6f883d0ec99240c59cc9836c76121d31111331732aac932fe0

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
content-encoding
gzip
last-modified
Fri, 23 Jan 2015 19:30:39 GMT
status
200
etag
"532c3b3953d350e917649027f2c2accc"
x-served-by
cache-fra19129-FRA
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
timing-allow-origin
*
content-length
21254
x-cache-hits
9
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
6811
date
Sat, 03 Oct 2020 07:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Sat, 03 Oct 2020 09:15:39 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
221416
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29447
cf-request-id
058f51f878000017729dafc200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
etag
"5eb03ec4-16bac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601716150"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5dc585d3fa911772-FRA
expires
Thu, 23 Sep 2021 09:09:10 GMT
collect
www.google-analytics.com/j/ 		2 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=728697330&t=pageview&_s=1&dl=https%3A%2F%2F000-affiliate-test.safechckout.com%2F&dp=user-page&ul=en-us&de=UTF-8&dt=000-affiliate%20test&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1821795359&gjid=1927711337&cid=310078711.1601716150&tid=UA-51074959-1&_gid=1081566538.1601716150&_r=1&_slc=1&z=919426587
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Oct 2020 09:09:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://000-affiliate-test.safechckout.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.1/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js
Requested by
Host: www1.moon-ray.com
URL: https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 01 Oct 2020 12:20:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
161327
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33396
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Oct 2021 12:20:24 GMT
feedback.php
www.facebook.com/plugins/ Frame A794
Redirect Chain
  • https://www.facebook.com/plugins/comments.php?api_key=246441615530259&channel_url=https%3A%2F%2Fs-static.ak.facebook.com%2Fconnect%2Fxd_arbiter%2FKvoNGODIqPG.js%3Fversion%3D41%23cb%3Df1856dfebc%26d...
  • https://www.facebook.com/plugins/feedback.php?api_key=246441615530259&channel_url=https%3A%2F%2Fs-static.ak.facebook.com%2Fconnect%2Fxd_arbiter%2FKvoNGODIqPG.js%3Fversion%3D41%23cb%3Df1856dfebc%26d...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?api_key=246441615530259&channel_url=https%3A%2F%2Fs-static.ak.facebook.com%2Fconnect%2Fxd_arbiter%2FKvoNGODIqPG.js%3Fversion%3D41%23cb%3Df1856dfebc%26domain%3Dapp.clickfunnels.com%26origin%3Dhttps%253A%252F%252Fapp.clickfunnels.com%252Ff1d8a48da8%26relation%3Dparent.parent&colorscheme=light&href=http%3A%2F%2Fexample.com%2Fcomments&locale=en_US&numposts=5&sdk=joey&skin=light&version=v2.0&width=100%25
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/feedback.php?api_key=246441615530259&channel_url=https%3A%2F%2Fs-static.ak.facebook.com%2Fconnect%2Fxd_arbiter%2FKvoNGODIqPG.js%3Fversion%3D41%23cb%3Df1856dfebc%26domain%3Dapp.clickfunnels.com%26origin%3Dhttps%253A%252F%252Fapp.clickfunnels.com%252Ff1d8a48da8%26relation%3Dparent.parent&colorscheme=light&href=http%3A%2F%2Fexample.com%2Fcomments&locale=en_US&numposts=5&sdk=joey&skin=light&version=v2.0&width=100%25
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://000-affiliate-test.safechckout.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://000-affiliate-test.safechckout.com/

Response headers

status
200
vary
Accept-Encoding
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
timing-allow-origin
*
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
u73qZDgzHYTmIhDAZcJMT1mKBU7cQCxsCa26fbL2iK2kGtPK8d8z/3xw4dHSTS2ajB2Bg8VLMAavXWATKlLDHw==
date
Sat, 03 Oct 2020 09:09:18 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

status
302
location
https://www.facebook.com/plugins/feedback.php?api_key=246441615530259&channel_url=https%3A%2F%2Fs-static.ak.facebook.com%2Fconnect%2Fxd_arbiter%2FKvoNGODIqPG.js%3Fversion%3D41%23cb%3Df1856dfebc%26domain%3Dapp.clickfunnels.com%26origin%3Dhttps%253A%252F%252Fapp.clickfunnels.com%252Ff1d8a48da8%26relation%3Dparent.parent&colorscheme=light&href=http%3A%2F%2Fexample.com%2Fcomments&locale=en_US&numposts=5&sdk=joey&skin=light&version=v2.0&width=100%25
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
yXJworKK//yAXXiDmt4RAwUw7eXtC9eU06truA8Golahazwrntw3/++D54LRNijdYo+vipQ7EGhqBCnbrFe++g==
content-length
0
date
Sat, 03 Oct 2020 09:09:11 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
dialog-warning.png
images.clickfunnels.com/e4/79844058a311e4b5a8d92fd4b77579/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.clickfunnels.com/e4/79844058a311e4b5a8d92fd4b77579/dialog-warning.png
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c853e4a39323f332681dc77e7a6d2897eca9ea4bc6587d8090017a53f1b19fff

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:11 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
DE1256A095F561AC
cf-polished
origFmt=png, origSize=5470
status
200
content-disposition
inline; filename="dialog-warning.webp"
content-length
4642
x-amz-id-2
S4wpB0aQBwc0Gb7/vW2PvKoTawF8/P62/dOG8t3O+raaf+cMHsiMKR3x3+jZ57aIgXvrnMRncd4=
last-modified
Mon, 20 Oct 2014 21:56:20 GMT
server
cloudflare
etag
"141713124fe966018eaf57c1de402366"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 27 Oct 2020 09:09:11 GMT
cache-control
public, max-age=2073600
cf-request-id
058f51fd740000d6c97310c200000001
accept-ranges
bytes
cf-ray
5dc585dbed33d6c9-FRA
cf-bgj
imgq:85,h2pri
TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v35/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v35/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://000-affiliate-test.safechckout.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 11:04:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Jul 2020 19:17:26 GMT
server
sffe
age
425104
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25376
x-xss-protection
0
expires
Tue, 28 Sep 2021 11:04:07 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://000-affiliate-test.safechckout.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 18:23:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:25 GMT
server
sffe
age
312313
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14176
x-xss-protection
0
expires
Wed, 29 Sep 2021 18:23:58 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://000-affiliate-test.safechckout.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 18:22:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
312408
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Wed, 29 Sep 2021 18:22:23 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ccaff5b393480bda3e4d9fa863aa4b02de9ddcc797502e16a2e12f479866966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
qsRSdQoX3WH+U3zZy6ODOw==
status
200
cross-origin-resource-policy
cross-origin
expires
Sat, 03 Oct 2020 09:28:46 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1776
etag
"3d9e6d7b3964af334e6000096f037ad1"
x-fb-debug
x/q6u+AmFWhAeh+b1pZ5Xy42njOyQDSo7kSJePxS/4zBQ5/ivuSQ1XoaXVKTd766meCJCAKEdDiqjHCoDAgPrg==
x-fb-trip-id
664085054
x-fb-content-md5
964272643a929ba26ac92a1bfc40efd1
date
Sat, 03 Oct 2020 09:09:11 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cf.js
amg.clickfunnels.com/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amg.clickfunnels.com/cf.js
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
status
200
cf-request-id
058f51fe6600001f2d5a932200000001
last-modified
Fri, 02 Oct 2020 19:58:46 GMT
server
cloudflare
etag
W/"5f778676-476a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
5dc585dd7c271f2d-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
__utm.gif
www.google-analytics.com/ 		35 B
85 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/__utm.gif?utmwv=5.4.2&utmac=UA-16505296-2&utmn=1&utmhn=000-affiliate-test.safechckout.com&utmsr=1600x1200&utmul=en-us&utmr=https%3A%2F%2F000-affiliate-test.safechckout.com%2F&utmp=000-affiliate-test.safechckout.com%2F&utmcc=__utma%3D1.1808781944.1.1.1.1%3B&utme=8(vjsv)9(v4.11.4)
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Oct 2020 22:46:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37353
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
track.addevent.com/atc/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=0b460d69-0f68-44a9-23a9-543d12918983&url=https%3A%2F%2F000-affiliate-test.safechckout.com&cache=1601716151976
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.101.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-101-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
sdk.js
connect.facebook.net/en_US/ 		201 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=76f9e7cab4aaba08aa653a0aeb87bfa2&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b66f23e023926a437eaad32d70babdbeef936847c039b57f092e66f706c1779
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://000-affiliate-test.safechckout.com
Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
09R9/d0kOYAI1sxDaljlWA==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
62360
etag
"971eee608dd033720b788d1fa1c028de"
x-fb-debug
GeuiqJD6SfaFCKhH5ErpCnWwG73ikLYXbVxY8o/bu9A4R0vGCKNEn6LEMuwO8PsGjfMTIVl0SEveOgLfONa0QA==
x-fb-trip-id
664085054
x-fb-content-md5
e87417a004991211effe6782a0de5a01
x-frame-options
DENY
date
Sat, 03 Oct 2020 09:09:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Sun, 03 Oct 2021 08:31:22 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: www1.moon-ray.com
URL: https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 30 Sep 2020 15:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236206
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67948
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Sep 2021 15:32:25 GMT
/
forms.ontraport.com/v2.4/include/minify/ 		91 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ontraport.com/v2.4/include/minify/?g=moonrayJS&12686630778
Requested by
Host: www1.moon-ray.com
URL: https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
506be9c13b083e528778538b25cffeeb5ce42231051db78f0d9c3805b584ac3b

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:12 GMT
x-op-benvironment
production
cf-cache-status
HIT
age
58337
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
cf-request-id
058f51fedf000010f3ad1d9200000001
pragma
no-cache
x-op-what
what
last-modified
Thu, 01 Feb 2018 23:47:33 GMT
server
cloudflare
etag
W/"pub1517528853;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5dc585de3f6a10f3-CPH
expires
Sun, 03 Oct 2021 09:09:12 GMT
/
forms.ontraport.com/v2.4/include/minify/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ontraport.com/v2.4/include/minify/?g=moonrayJSCartV2&12686630778
Requested by
Host: www1.moon-ray.com
URL: https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07862aa5629b19450ac7a0511c4dfdabd732a9220508ac866be05c7cc7b2e354

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:12 GMT
x-op-benvironment
production
cf-cache-status
HIT
age
58337
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
cf-request-id
058f51ff0b000010f3ad1da200000001
pragma
no-cache
x-op-what
what
last-modified
Tue, 17 May 2016 19:03:18 GMT
server
cloudflare
etag
W/"pub1463511798;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5dc585de7fd010f3-CPH
expires
Sun, 03 Oct 2021 09:09:12 GMT
jquery.jb.formconditions.js
forms.ontraport.com/v2.4/include/formEditor/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ontraport.com/v2.4/include/formEditor/jquery.jb.formconditions.js
Requested by
Host: www1.moon-ray.com
URL: https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27f57725650637b9e07633f13e6371babc00499c8cd3bff9600a6a79b02fcbd

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:12 GMT
x-op-benvironment
production
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
cf-request-id
058f51ff2a000010f3ad1dd200000001
x-op-what
what
last-modified
Fri, 05 Jun 2020 03:10:21 GMT
server
cloudflare
etag
W/"5ed9b79d-1fec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
access-control-allow-credentials
true
cf-ray
5dc585dea84c10f3-CPH
expires
Sat, 03 Oct 2020 09:11:12 GMT
moment.min.js
forms.ontraport.com/v2.4/include/formEditor/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ontraport.com/v2.4/include/formEditor/moment.min.js
Requested by
Host: www1.moon-ray.com
URL: https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a3bb1e382060c6999c26faac38aed7e3d6cc03f7376a9a36b881a7e5ba923ca

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:12 GMT
x-op-benvironment
production
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
cf-request-id
058f520013000010f3ad1e8200000001
x-op-what
what
last-modified
Tue, 17 May 2016 19:03:17 GMT
server
cloudflare
etag
W/"573b6af5-87b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
access-control-allow-credentials
true
cf-ray
5dc585e01ae810f3-CPH
expires
Sat, 03 Oct 2020 09:11:12 GMT
jquery-cloneVal.js
forms.ontraport.com/v2.4/include/formEditor/ 		2 KB
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ontraport.com/v2.4/include/formEditor/jquery-cloneVal.js
Requested by
Host: www1.moon-ray.com
URL: https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
537355412bb27be31c7bbd30fa127258f064d35819495b30bd3cb2dab9ed6cfb

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:12 GMT
x-op-benvironment
production
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
cf-request-id
058f520122000010f3ad201200000001
x-op-what
what
last-modified
Tue, 17 May 2016 19:03:17 GMT
server
cloudflare
etag
W/"573b6af5-95b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
access-control-allow-credentials
true
cf-ray
5dc585e1dd8e10f3-CPH
expires
Sat, 03 Oct 2020 09:11:12 GMT
jquery.tools.min.js
forms.ontraport.com/v2.4/include/formEditor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ontraport.com/v2.4/include/formEditor/jquery.tools.min.js
Requested by
Host: www1.moon-ray.com
URL: https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f1d94529a13b57eb016da939982a50bbfb3ac53ce996dfff0e1dd99c6ed64c6

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:13 GMT
x-op-benvironment
production
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
cf-request-id
058f520214000010f3ad232200000001
x-op-what
what
last-modified
Tue, 17 May 2016 19:03:17 GMT
server
cloudflare
etag
W/"573b6af5-4d08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
access-control-allow-credentials
true
cf-ray
5dc585e3582310f3-CPH
expires
Sat, 03 Oct 2020 09:11:12 GMT
validator-effect.js
forms.ontraport.com/v2.4/include/formEditor/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ontraport.com/v2.4/include/formEditor/validator-effect.js
Requested by
Host: www1.moon-ray.com
URL: https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe442b8a78d6c1f69b5ec5f9a97e5389a6ca749cb0e8861eba44435234aaf88

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:13 GMT
x-op-benvironment
production
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
cf-request-id
058f520312000010f3ad255200000001
x-op-what
what
last-modified
Thu, 16 Mar 2017 20:59:51 GMT
server
cloudflare
etag
W/"58cafcc7-1cff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
access-control-allow-credentials
true
cf-ray
5dc585e4eabe10f3-CPH
expires
Sat, 03 Oct 2020 09:11:13 GMT
postmessage.js
forms.ontraport.com/v2.4/include/scripts/moonrayJS/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ontraport.com/v2.4/include/scripts/moonrayJS/postmessage.js
Requested by
Host: www1.moon-ray.com
URL: https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
382f68f6bf9447e1a55b6e8dcb6d7cfd87d76e6df3eb8266c8caf0c42680c150

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:13 GMT
x-op-benvironment
production
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
cf-request-id
058f520406000010f3ad2a4200000001
x-op-what
what
last-modified
Tue, 17 May 2016 19:03:18 GMT
server
cloudflare
etag
W/"573b6af6-e7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
access-control-allow-credentials
true
cf-ray
5dc585e67d1810f3-CPH
expires
Sat, 03 Oct 2020 09:11:13 GMT
jquery.recaptcha.wrapper.js
forms.ontraport.com/v2.4/include/formEditor/ 		722 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ontraport.com/v2.4/include/formEditor/jquery.recaptcha.wrapper.js
Requested by
Host: www1.moon-ray.com
URL: https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8d69e1ab1f102070b08a3be2f5cc7133d597d5ab44e7512252fc8b37437224a

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:13 GMT
x-op-benvironment
production
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
cf-request-id
058f5204f1000010f3ad2d4200000001
x-op-what
what
last-modified
Tue, 17 May 2016 19:03:17 GMT
server
cloudflare
etag
W/"573b6af5-2d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
access-control-allow-credentials
true
cf-ray
5dc585e7ef7110f3-CPH
expires
Sat, 03 Oct 2020 09:11:13 GMT
jquery.moonray.smartform.js
forms.ontraport.com/v2.4/include/formEditor/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.ontraport.com/v2.4/include/formEditor/jquery.moonray.smartform.js
Requested by
Host: www1.moon-ray.com
URL: https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecd6f41cf81137e649dde32e3de39536f7ab783e0529cd4f2f6adf1acf093b7e

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:14 GMT
x-op-benvironment
production
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-pci
true
content-encoding
br
cf-request-id
058f5205d9000010f3ad2ee200000001
x-op-what
what
last-modified
Fri, 28 Aug 2020 00:22:27 GMT
server
cloudflare
etag
W/"5f484e43-e4a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
access-control-allow-credentials
true
cf-ray
5dc585e9592e10f3-CPH
expires
Sat, 03 Oct 2020 09:11:13 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/jquery.moonray.smartform.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 13:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71887
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Oct 2021 13:11:07 GMT
load.gif
optassets.ontraport.com/opt_assets/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optassets.ontraport.com/opt_assets/images/load.gif
Requested by
Host: 000-affiliate-test.safechckout.com
URL: https://000-affiliate-test.safechckout.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ab21501c829516d91901c1f04da862d095aeb9e5019360aed6624920edd882

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:14 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
61780
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cf-request-id
058f5206e2000010f3ad30f200000001
server
cloudflare
x-op-ca
10.2.80.206
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-op-release
3
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
5dc585eb0b4210f3-CPH
expires
Sat, 03 Oct 2020 10:09:14 GMT
moonrayform.paymentplandisplay.js
app.ontraport.com/js/formeditor/moonrayform/paymentplandisplay/ 		418 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ontraport.com/js/formeditor/moonrayform/paymentplandisplay/moonrayform.paymentplandisplay.js
Requested by
Host: www1.moon-ray.com
URL: https://www1.moon-ray.com/v2.4/include/formEditor/genjs-v2.php?html=false&uid=p2c10636f167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bd7007c9e6f9cb6db047090c517881ba5d75f82050cf763b7a80d2825a73b6a

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:14 GMT
x-op-benvironment
production
vary
Accept-Encoding
cf-cache-status
HIT
age
8
cf-polished
origSize=427835
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
content-encoding
br
cf-request-id
058f5206ea000010f3ad311200000001
last-modified
Fri, 02 Oct 2020 15:53:25 GMT
server
cloudflare
x-op-ca
10.2.80.206
etag
W/"5f774cf5-6873b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-op-release
3
content-type
application/javascript
expires
Sat, 03 Oct 2020 09:29:14 GMT
cache-control
public, max-age=1200
x-op-class
app
cf-ray
5dc585eb1b5910f3-CPH
cf-bgj
minify
css
fonts.googleapis.com/ 		2 KB
645 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300&subset=latin
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a034cf5bacb85cbe6929cabcb47742d65b76ca7e2a7d5fcc178e9d1458f0302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 03 Oct 2020 08:48:09 GMT
server
ESF
date
Sat, 03 Oct 2020 09:09:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 03 Oct 2020 09:09:14 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300&subset=latin
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://000-affiliate-test.safechckout.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300&subset=latin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 18:26:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:16 GMT
server
sffe
age
312163
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9016
x-xss-protection
0
expires
Wed, 29 Sep 2021 18:26:31 GMT
truncated
/ 		20 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bf2f8d980b3466bc479869776c7e22944d789cf5c1fc82e37a9cf3d8c171277

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96187aeadbd3138f31cb6b4da9bb73b4f3e952a9d633c3ca60b033aea30b2c64

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a62bc760a8fb96ac25892b4f2326450b2a14c8e79f58959a275c9c3e6a6d2fb3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5ef2e0fd81e377e8b9dac5cce525908836c9a93ed998d567b8878112b3c7716

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
track.php
tracking.ontraport.com/ 		796 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.ontraport.com/track.php?mid=10636_lp121.0_2&llc=https://000-affiliate-test.safechckout.com/&first_visit=1&referral_page=&s=61s8ty7cfp9tj1ghcz3w&l=000-affiliate-test.safechckout.com/&ti=000-affiliate%20test&gcid=310078711.1601716150&forms%5Bp2c10636f167%5D=0&is_unique=1
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.170.211.179 Venice, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
mail9.ontramail.com
Software
ONTRAport /
Resource Hash
ee597374a2bafdf58b5c3bfdb7e7a695477af120c0a111936219e61f5915eba0

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 03 Oct 2020 09:09:20 GMT
Content-Encoding
gzip
X-op-class
hosted
Server
ONTRAport
X-op-release
3
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html
X-op-ca
82.102.20.235
feedback.php
www.facebook.com/plugins/ Frame 542D
Redirect Chain
  • https://www.facebook.com/v2.0/plugins/comments.php?app_id=246441615530259&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7ca8a8b052cc8%26domain%3D0...
  • https://www.facebook.com/plugins/comments.php?app_id=246441615530259&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7ca8a8b052cc8%26domain%3D000-af...
  • https://www.facebook.com/plugins/feedback.php?app_id=246441615530259&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7ca8a8b052cc8%26domain%3D000-af...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=246441615530259&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7ca8a8b052cc8%26domain%3D000-affiliate-test.safechckout.com%26origin%3Dhttps%253A%252F%252F000-affiliate-test.safechckout.com%252Ff37ec7c91ba8854%26relation%3Dparent.parent&color_scheme=light&container_width=920&height=100&href=http%3A%2F%2Fexample.com%2Fcomments&locale=en_US&numposts=5&sdk=joey&version=v2.0&width
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=76f9e7cab4aaba08aa653a0aeb87bfa2&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/feedback.php?app_id=246441615530259&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7ca8a8b052cc8%26domain%3D000-affiliate-test.safechckout.com%26origin%3Dhttps%253A%252F%252F000-affiliate-test.safechckout.com%252Ff37ec7c91ba8854%26relation%3Dparent.parent&color_scheme=light&container_width=920&height=100&href=http%3A%2F%2Fexample.com%2Fcomments&locale=en_US&numposts=5&sdk=joey&version=v2.0&width
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://000-affiliate-test.safechckout.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

status
200
vary
Accept-Encoding
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
timing-allow-origin
*
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
XWdGTCskvfpEOYbQDdy44z8eHetDx4QuXhHyByBl9MSoAPWSC8jAc2g6DCbrDmsXXkiiHbQ0+rUn5J4R/rE2mQ==
date
Sat, 03 Oct 2020 09:09:24 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

status
302
location
https://www.facebook.com/plugins/feedback.php?app_id=246441615530259&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7ca8a8b052cc8%26domain%3D000-affiliate-test.safechckout.com%26origin%3Dhttps%253A%252F%252F000-affiliate-test.safechckout.com%252Ff37ec7c91ba8854%26relation%3Dparent.parent&color_scheme=light&container_width=920&height=100&href=http%3A%2F%2Fexample.com%2Fcomments&locale=en_US&numposts=5&sdk=joey&version=v2.0&width
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
uZsmMYj6MtGNNqni9w1LvChQq2DuSlfhfBQaPPOspK0rqkH0K6x6QakHOymlaOlBdCT5xtME9IKfkIqAERrbbg==
content-length
0
date
Sat, 03 Oct 2020 09:09:19 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
track
amg.clickfunnels.com/v1/ 		116 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg.clickfunnels.com/v1/track?_unique=0.6181963815232534&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//000-affiliate-test.safechckout.com/&_title=000-affiliate%20test&_key=bw0d4cw0&_page_key=e2c7w1chtnda7vjl&_fid=928611&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://000-affiliate-test.safechckout.com/&_referrer=
Requested by
Host: amg.clickfunnels.com
URL: https://amg.clickfunnels.com/cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.2
Resource Hash
32d5e237a8d8efb453e25e68974258eac786c2765b4c2168186215e4e0654d9c
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

Referer
https://000-affiliate-test.safechckout.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 03 Oct 2020 09:09:19 GMT
access-control-request-method
*
cf-cache-status
BYPASS
x-powered-by
Phusion Passenger Enterprise 6.0.2
status
200, 200 OK
strict-transport-security
max-age=0
content-encoding
br
cf-request-id
058f521a520000c295953fc200000001
x-request-id
d37345b13c326c11c09b6e34fe912ff9
x-runtime
0.014262
server
cloudflare
x-frame-options
ALLOWALL
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
5dc5860a1b7bc295-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache
miss

Verdicts & Comments Add Verdict or Comment

361 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes string| _opt_lpid number| mr_lp_id number| mr_split_id function| getParameterByName string| $preview function| onLoad undefined| checkCookie string| random string| GoogleAnalyticsObject function| ga boolean| jQueryScriptOutputted function| initJQuery object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery function| sssl object| mejs function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement object| jQuery110207247049092852449 function| $d string| proc string| _image_path string| _ate_license boolean| _ate_mouse string| _ate_css string| _ate_callback string| _ate_dropdown string| _ate_lbl_outlook string| _ate_lbl_google string| _ate_lbl_yahoo string| _ate_lbl_hotmail string| _ate_lbl_ical string| _ate_lbl_fb_event boolean| _ate_show_outlook boolean| _ate_show_google boolean| _ate_show_yahoo boolean| _ate_show_hotmail boolean| _ate_show_ical boolean| _ate_show_facebook boolean| _d_rd boolean| _ate_btn_found boolean| _ate_btn_expo object| addthisevent function| ouibounce function| CFbuildAudioPlayer function| evsfix function| calcTax function| cfStripeTokenHandler function| cfCreateElements function| cfCreateStripeToken function| cfElementsFindFont function| AttachStripeElements function| prettyNotify function| start_firebase function| displayPageNotifier function| start_page_notifier function| start_firebase_quantity_limiter function| readCookie function| CFExtractPayPalButtonConfiguration function| CFPaySelectPaypalTransactions function| PaySelectInit function| recalcRoundUp function| addCharityToSummary function| addSaasRedirectClickHandler function| CFInfusionsoftTokenizationHandler function| webinarDelay function| cookieWebinarTime function| getWebinarLastTime function| reportWebinarTime function| periodicAutoWebinarCheck function| periodicLessonCheck function| reportLessonProgress function| CFSanitizeCountdownElement function| CFstartBPVideos function| CFprocessBPVideos function| CFcheckForVimeo function| CFhandleWistiaBPVideo function| CFhandleAllVimeoBPVideos function| CFhandleAllYouTubeBPVideos function| CFhandleVideoLabels function| CFsetupSessionStarterBP function| CFsetupMutedVideos function| CFrenameVimeoURLAttribute undefined| checkPreview undefined| cookie_variable undefined| tag undefined| firstScriptTag undefined| elVideo_one undefined| elVideo_two undefined| elVideo_three undefined| elVideo_four undefined| elVideo_type undefined| elVideo_show undefined| elVideo_hide undefined| elVideo_numberofvideos undefined| gettheType_unlocker undefined| player undefined| playVideoText undefined| pauseVideoText undefined| playingVideoText undefined| lockedVideoText undefined| CFSurveyParticipantID boolean| cfpeorders function| recurlyNameHandler function| recurlyCountryHandler function| recurlyTokenHandler number| CF_KEYCODE_ENTER number| CF_KEYCODE_SPACE undefined| checkifPreview_randomCookie undefined| elCheckVideoEndType undefined| unlockVideoDate undefined| checkifUnlockableDate undefined| checkifUnlockableEverGreenDate undefined| everGreenDates undefined| onYouTubeIframeAPIReady undefined| elUnlocker_startVideo undefined| onPlayerReady undefined| elvideounlockerProgress undefined| elUnlocker_changeVideo undefined| onPlayerStateChange undefined| runAnimationFade undefined| runAnimationScale undefined| runAnimationLeft undefined| runAnimationRight undefined| runAnimationTop undefined| runAnimationBottom function| getURLParameter function| cfpeRebuildOrderSummary function| moment object| jQuery18104554449351338099 function| JQClass function| tinycolor function| generateUniqueId object| CFUtils object| ClickFunnels function| _ object| HtmlMediaElement function| DefaultPlayer function| MediaElementPlayer function| videojs function| _V_ function| postscribe object| Clickfunnels function| calcShipping undefined| cfStripeElementsCardElement function| Firebase function| ES6Promise function| CFFacebookMessengerCheckbox object| cookieconsent object| options string| page_key string| fid string| fspos string| fvrs object| cf_tracker string| cf_key string| serverUrl string| _mri string| _mrq string| _mrsess_ undefined| _mr_cid object| _mrd string| _mrl object| _mrct string| _mr_ex string| _linktrack string| _mr_title string| _mrl_internal_url string| _mrl_internal_domain function| mrSetupActual function| mrtracking function| gC function| parseGetVars function| genmrSess function| _escapeT function| _mrGetLinkTo function| _sanitizeMrLink function| _mrScanLinks function| _mrTrackLink function| _mrReturnXmlHttpObject string| _mr_domain string| session string| possible object| cfpe object| getVars function| AttachClickPushListeners object| $cfSurvey_outcome object| CFSurveyQueryOutcome string| target string| str undefined| checkVideoAttr undefined| showVideoBG string| $url object| $queries undefined| $utm_source string| $pID string| $rootID string| $variantcheck string| $userID undefined| $iframeCheck string| $ID string| $type string| $delay string| $requiredCheck object| SurveyMatcher undefined| $carContestProgress string| $todayYear string| $localTime string| $autoWebinarDay1 string| $autoWebinarDay1_raw string| $selectText string| $autoWebinarDay0 string| $autoWebinarDay0_raw string| $replayText string| $autoWebinarDay2 string| $autoWebinarDay2_raw string| $autoWebinarDay3 string| $autoWebinarDay3_raw undefined| date undefined| time object| webinar_datetime object| webinar_datetime_offset boolean| now object| now_offset number| webinar_delay object| webinar_delay_offset boolean| $removeSelectDateOnAutoWebinar object| FB number| funnel_stat boolean| ecookie function| loadScript function| jQueryCheck function| createCookie function| formatObject function| getFormData function| filteredMatch function| changeText boolean| replied object| sender object| cfUniqueVisitorID function| cfSetUniqueVisitorID function| SendData function| wait function| sleep function| checkresponse function| answered function| postpone object| formSubmitFunctions function| formAttach function| addEvent function| filtered_string object| url_params undefined| parts undefined| nv function| cf_load function| get_XmlHttp object| moonrayJS object| XD object| RecaptchaTemplates object| RecaptchaStr_en object| RecaptchaStr_af object| RecaptchaStr_am object| RecaptchaStr_ar object| RecaptchaStr_bg object| RecaptchaStr_bn object| RecaptchaStr_ca object| RecaptchaStr_cs object| RecaptchaStr_da object| RecaptchaStr_de object| RecaptchaStr_el object| RecaptchaStr_es object| RecaptchaStr_es_419 object| RecaptchaStr_et object| RecaptchaStr_eu object| RecaptchaStr_fa object| RecaptchaStr_fi object| RecaptchaStr_fil object| RecaptchaStr_fr object| RecaptchaStr_fr_ca object| RecaptchaStr_gl object| RecaptchaStr_gu object| RecaptchaStr_hi object| RecaptchaStr_hr object| RecaptchaStr_hu object| RecaptchaStr_hy object| RecaptchaStr_id object| RecaptchaStr_is object| RecaptchaStr_it object| RecaptchaStr_iw object| RecaptchaStr_ja object| RecaptchaStr_kn object| RecaptchaStr_ko object| RecaptchaStr_lt object| RecaptchaStr_lv object| RecaptchaStr_ml object| RecaptchaStr_mr object| RecaptchaStr_ms object| RecaptchaStr_nl object| RecaptchaStr_no object| RecaptchaStr_pl object| RecaptchaStr_pt object| RecaptchaStr_pt_pt object| RecaptchaStr_ro object| RecaptchaStr_ru object| RecaptchaStr_sk object| RecaptchaStr_sl object| RecaptchaStr_sr object| RecaptchaStr_sv object| RecaptchaStr_sw object| RecaptchaStr_ta object| RecaptchaStr_te object| RecaptchaStr_th object| RecaptchaStr_tr object| RecaptchaStr_uk object| RecaptchaStr_ur object| RecaptchaStr_vi object| RecaptchaStr_zh_cn object| RecaptchaStr_zh_hk object| RecaptchaStr_zh_tw object| RecaptchaStr_zu object| RecaptchaLangMap object| RecaptchaStr undefined| RecaptchaOptions object| RecaptchaDefaultOptions object| Recaptcha object| dem object| overlay object| canvas function| des function| des_createKeys function| stringToHex function| hexToString object| jQuery18108330853350180716 function| OPCapcha_filled function| OPCapcha_expired object| Modernizr object| WebFontConfig boolean| OPreCaptchaAllowSubmit object| WebFont function| clss object| ajaxMethods function| sprintf function| $l object| Orderform function| setImmediate function| clearImmediate object| Ontraport function| Globalize object| __ussr object| ussr object| Moonrayform object| f string| root_url number| timeout object| _mrTrackLinks

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.clickfunnels.com/assets/lander.js(Line 112)
Message:
keen.io could not be loaded

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

000-affiliate-test.safechckout.com
addthisevent.com
ajax.googleapis.com
amg.clickfunnels.com
app.clickfunnels.com
app.ontraport.com
assets3.clickfunnels.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.moon-ray.com
forms.ontraport.com
images.clickfunnels.com
netdna.bootstrapcdn.com
nodo.s3.amazonaws.com
optassets.ontraport.com
static.clickfunnels.com
track.addevent.com
tracking.ontraport.com
vjs.zencdn.net
www.addevent.com
www.clickfunnels.com
www.facebook.com
www.google-analytics.com
www1.moon-ray.com
104.16.20.19
2001:4de0:ac19::1:b:3b
209.170.211.179
2606:4700::6810:10c2
2606:4700::6810:dc2
2606:4700::6810:fc2
2606:4700::6811:4e6b
2a00:1450:4001:808::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:81e::200e
2a00:1450:4001:825::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::729
52.17.112.225
52.214.255.171
52.95.169.51
54.154.101.78
02d12a2ed659318cb1109c933a7baf62bb96ffb9329f1074ce16726bf8a8ac8c
04e20a40e2df545adf2d507a0292f4837336784d94e10c7434d55318fce9aa23
07862aa5629b19450ac7a0511c4dfdabd732a9220508ac866be05c7cc7b2e354
0a3bb1e382060c6999c26faac38aed7e3d6cc03f7376a9a36b881a7e5ba923ca
0bd7007c9e6f9cb6db047090c517881ba5d75f82050cf763b7a80d2825a73b6a
0eef003464f732c82d13c44944ed946ee543cd997e22668e5d6973e41b622ced
16d0f10631780e6f883d0ec99240c59cc9836c76121d31111331732aac932fe0
1b2ba19fdc8214ba35e86a7ba90f58c57ea9bedb6c4ace37a4e88c31d60ccf2a
237a6811f499de9e31bafa89b4a2e2727788459e244a141d5c42ef8c9d1cc688
2588c882a73500479b37abf0042cf967bfb57c6f793f532a2d71fd758dcf6a96
2bf2f8d980b3466bc479869776c7e22944d789cf5c1fc82e37a9cf3d8c171277
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
32d5e237a8d8efb453e25e68974258eac786c2765b4c2168186215e4e0654d9c
382f68f6bf9447e1a55b6e8dcb6d7cfd87d76e6df3eb8266c8caf0c42680c150
506be9c13b083e528778538b25cffeeb5ce42231051db78f0d9c3805b584ac3b
537355412bb27be31c7bbd30fa127258f064d35819495b30bd3cb2dab9ed6cfb
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5b66f23e023926a437eaad32d70babdbeef936847c039b57f092e66f706c1779
5ccaff5b393480bda3e4d9fa863aa4b02de9ddcc797502e16a2e12f479866966
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
738870693ad4d59ac5b51552309ad89320c7d16110ca170123b23da95dd90b5f
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
7606f5245f94d7daf690ee84e29fb3029ac5de568bdfed826abd9c139b83b5c8
7a7aa4d152f965fbd7e320d902f308994e35b1e32e03257585d5362ea27efd0e
7e5561e8308eb5743824525749cf1fbb7207113619c0fa33e22170a073eddc77
7fe442b8a78d6c1f69b5ec5f9a97e5389a6ca749cb0e8861eba44435234aaf88
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8b71f43286c78355a15e436f23b8de3d57465562307b42a2df7d244cab5352d9
8c0e79df23cc93a716bfbf084e3721d8dee71a52d93e35e4696a779c93c9a5c9
96187aeadbd3138f31cb6b4da9bb73b4f3e952a9d633c3ca60b033aea30b2c64
9a034cf5bacb85cbe6929cabcb47742d65b76ca7e2a7d5fcc178e9d1458f0302
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9f1d94529a13b57eb016da939982a50bbfb3ac53ce996dfff0e1dd99c6ed64c6
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a62bc760a8fb96ac25892b4f2326450b2a14c8e79f58959a275c9c3e6a6d2fb3
a9ab21501c829516d91901c1f04da862d095aeb9e5019360aed6624920edd882
b741899d48a4e2cf2c20f5575bd3b9baa05e7641bfcd1d9a60ea71f21d48d12d
b8d69e1ab1f102070b08a3be2f5cc7133d597d5ab44e7512252fc8b37437224a
bf197979b4d69627d3835a1cc58452bc9ffe8496dfc607857edfb5e9ab4e1a4a
c27f57725650637b9e07633f13e6371babc00499c8cd3bff9600a6a79b02fcbd
c853e4a39323f332681dc77e7a6d2897eca9ea4bc6587d8090017a53f1b19fff
c8d42c73228b8d7c53512742a4da786efca4755f5fca2caa32e505d35333d86c
dc4ed09d68119a5644dc1e28a9ec8a932892af3c98024c31083390e546ff7037
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50201d2a7c5c0363880bde7bffebad032a0b3628bf6ad72ab87677d1357d21b
e5ef2e0fd81e377e8b9dac5cce525908836c9a93ed998d567b8878112b3c7716
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
eaca6cf478e703f556c60b9199e835099d7616c03a589960186a538c8c8cefec
ecd6f41cf81137e649dde32e3de39536f7ab783e0529cd4f2f6adf1acf093b7e
ee37d2b6a314f4c1878f915d4317bc7ec65aa0bc4a45b482a711a17b07aa7891
ee597374a2bafdf58b5c3bfdb7e7a695477af120c0a111936219e61f5915eba0
ee6be264fdde558593aa0a0b6b44794647399eb8faf6264cbde3afedb1bf06ec
f360ca5f65913e44e2a0f5caabe9e04681c15c721ba83d8b35028037a90e9ea1
f4007a847abc4399c1a96d516763161315a841de3cfa7760df9523345efc56f3
f8453754af23c624d0f1b78f738fb4d8d6b86b679cc7e7e2205addc837e483ad
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29