urlscan.io logo urlscan.io
SecurityTrails logo

app.funnel-preview.com Open in urlscan Pro
2606:4700::6810:cc2  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://onx.la/ac596
Effective URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f...
Submission: On September 05 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 11 domains to perform 25 HTTP transactions. The main IP is 2606:4700::6810:cc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.funnel-preview.com.
TLS certificate: Issued by GTS CA 1P5 on August 29th 2023. Valid for: 3 months.
This is the only time app.funnel-preview.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 1 3.208.47.221 14618 (AMAZON-AES)
14 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2607:f8b0:402... 15169 (GOOGLE)
2 77.73.70.76 43317 (VEESP-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.130.137 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 162.247.243.29 54113 (FASTLY)
25 9
1    3.208.47.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-47-221.compute-1.amazonaws.com
onx.la
14    2606:4700::6810:cc2 (United States)

ASN13335 (CLOUDFLARENET, US)
app.funnel-preview.com
app.clickfunnels.com
images.clickfunnels.com
assets.clickfunnels.com
2    2606:4700:e0::ac40:670b (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    77.73.70.76 (St Petersburg, Russian Federation)

ASN43317 (VEESP-AS, LV)
b2.fudacioncovid19.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
2    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
11 clickfunnels.com
app.clickfunnels.com — Cisco Umbrella Rank: 50671
images.clickfunnels.com — Cisco Umbrella Rank: 110059
assets.clickfunnels.com — Cisco Umbrella Rank: 83804
747 KB
3 funnel-preview.com
app.funnel-preview.com
30 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 227
763 B
2 fudacioncovid19.com
b2.fudacioncovid19.com
15 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1070
17 KB
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 16600
25 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 386
26 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 954
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
3 KB
1 onx.la
onx.la
209 B
0 addevent.com Failed
track.addevent.com Failed
25 11
Domain Requested by
9 app.clickfunnels.com app.funnel-preview.com
3 app.funnel-preview.com app.funnel-preview.com
2 bam.nr-data.net app.funnel-preview.com
2 b2.fudacioncovid19.com app.funnel-preview.com
2 use.fontawesome.com app.funnel-preview.com
1 whos.amung.us
1 assets.clickfunnels.com
1 js-agent.newrelic.com app.funnel-preview.com
1 static.cloudflareinsights.com app.funnel-preview.com
1 images.clickfunnels.com app.funnel-preview.com
1 fonts.googleapis.com app.funnel-preview.com
1 onx.la 1 redirects
0 track.addevent.com Failed app.funnel-preview.com
25 13

This site contains no links.

Subject Issuer Validity Valid
funnel-preview.com
GTS CA 1P5		 2023-08-29 -
2023-11-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-06-23 -
2024-06-22		 a year crt.sh
use.fontawesome.com
GTS CA 1P5		 2023-09-01 -
2023-11-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
b2.fudacioncovid19.com
R3		 2023-08-04 -
2023-11-02		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Frame ID: 135D21DE8A3E1CF9B0482D804E5E4A85
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Messenger

Page URL History Show full URLs

  1. https://onx.la/ac596 HTTP 301
    https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

25
Requests

96 %
HTTPS

56 %
IPv6

11
Domains

13
Subdomains

9
IPs

3
Countries

845 kB
Transfer

3057 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://onx.la/ac596 HTTP 301
    https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request optin1644977931028
app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/
Redirect Chain
  • https://onx.la/ac596
  • https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
87 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
ccc590090ec85a617ac44a0a24020cea251ec5dae0825ea2a68bcf2d1e1093a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
36
cache-control
max-age=60, public, s-maxage=600, r-maxage=10
cf-cache-status
HIT
cf-ray
802028c2dac64bd2-BUF
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 05 Sep 2023 17:23:17 GMT
last-modified
Thu, 24 Aug 2023 18:04:41 GMT
server
cloudflare
status
200 OK
vary
Accept-Encoding
x-content-digest
5bdde24d322338452c5d2a4c3b1c802c9048c2c2
x-powered-by
Phusion Passenger Enterprise 6.0.7
x-rack-cache
stale, valid, store
x-request-id
14686eaa8cc9e508424a85ef57347dab
x-runtime
0.179761

Redirect headers

content-length
894
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 17:23:17 GMT
location
https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
server
awselb/2.0
x-powered-by
PHP/8.1.21
lander.css
app.clickfunnels.com/assets/ 		425 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/lander.css
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:23:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Aug 2023 18:03:10 GMT
server
cloudflare
age
36
etag
W/"64ef845e-6a514"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=1200
cf-ray
802028c3cace4bd2-BUF
expires
Tue, 05 Sep 2023 17:43:17 GMT
all.css
use.fontawesome.com/releases/v5.9.0/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:23:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1ZVBRXWH8VRSADVJ
age
1956411
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8T0h/VPp1+TH80ZV8Z2LmVA9eNrV/h6IhTiS94Ey5iw/++4Tt/d02bGLd2yLRJWr1d796IV3q9M=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fv5VD1eLCX0T7H5Xqeoj6JK2oOl18kssu%2BNfG%2FcpmMxtAFaQj%2BhitVhn6P7eGKamhTzz7jsARl9Uji7MQyZrACu%2FTUChKaWKLcGpJ5TYeC5aq2xUl5sSNp%2FrX4HOelcWvqOgJ5FxWSOWcsxGB8FhwyvG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
802028c3bf3018b4-EWR
v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:23:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1ZV6C6V8BEHKG5F8
age
1956411
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Js5d/pRYy1WpA0P05S7UTh6Fhh+5wr1owCn1IcgD8N5tMcAQhgfVKdIue49bQN433DK1R4A0V2E=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"e140a7d32f343530f016095df3cc2ae4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvx%2FQ7xIfUomrb8Uk%2BecGgIZ%2FfiKnwqhAoCbQRDW2z1xAKrTtDx%2BaT5eI%2BfkZdFt6%2Fl%2FjdfiAZZdxgvp3LFJscZbflvpIMVF%2BUy9AqYCviQg59ZIz10g%2BYXb1M9AG9G%2BbjJWa%2B6uFiyr9XjLt4lM9VdQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
802028c3bf3218b4-EWR
css
fonts.googleapis.com/ 		47 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e5e8efadc0a91b136a0c423605584fffb389787c5825e019ec7b7a0004cb47b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Sep 2023 17:23:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 16:23:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Sep 2023 17:23:17 GMT
application.js
app.clickfunnels.com/assets/userevents/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/userevents/application.js
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:23:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Aug 2023 18:03:10 GMT
server
cloudflare
age
36
etag
W/"64ef845e-147c"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
cf-ray
802028c45ad84bd2-BUF
expires
Tue, 05 Sep 2023 17:43:17 GMT
/
b2.fudacioncovid19.com/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2.fudacioncovid19.com/?api=1&lan=facebookmessenger&ht=2&counter0=je%20ho%20va0%200
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.73.70.76 St Petersburg, Russian Federation, ASN43317 (VEESP-AS, LV),
Reverse DNS
Software
Apache /
Resource Hash
29a23eec5c3c8deeee003647f78ab7d529b9c69a7857007345c0baf1b2e61d92

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 17:23:18 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Expires
Thu, 19 Nov 1981 08:52:00 GMT
lander.js
app.clickfunnels.com/assets/ 		2 MB
661 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/lander.js
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39c7e8ccf2bd8f2c915ac24838e82f64e25f9e84891c474b75e6c72137715461

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:23:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Aug 2023 18:04:58 GMT
server
cloudflare
age
36
etag
W/"64ef84ca-238672"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=1200
cf-ray
802028c3cacf4bd2-BUF
expires
Tue, 05 Sep 2023 17:43:17 GMT
ClickfunnelsTag.png
images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:23:17 GMT
cf-cache-status
HIT
x-amz-request-id
DEPFGSCYVGFVAP30
age
36
cf-polished
origFmt=png, origSize=9030
content-disposition
inline; filename="ClickfunnelsTag.webp"
content-length
5276
x-amz-id-2
ffsTtgPBNWlQju3aRj8V4N1t8LdWLwuK2AZ+xhwqSJ4OFm17y1/PtdMto4w9UBl+el6ewoGredE=
cf-bgj
imgq:85,h2pri
last-modified
Fri, 03 Jan 2020 17:41:49 GMT
server
cloudflare
etag
"a633777156a5ffeb58c92d3d59fa4e34"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2073600
accept-ranges
bytes
cf-ray
802028c48ae04bd2-BUF
expires
Fri, 29 Sep 2023 17:23:17 GMT
pushcrew.js
app.clickfunnels.com/assets/ 		637 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/pushcrew.js
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:23:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Aug 2023 18:03:09 GMT
server
cloudflare
age
36
etag
W/"64ef845d-27d"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=1200
cf-ray
802028c46ad94bd2-BUF
expires
Tue, 05 Sep 2023 17:43:17 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://app.funnel-preview.com/
Origin
https://app.funnel-preview.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:23:17 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
802028c4dacd4bc7-BUF
truncated
/ 		26 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
cf.js
app.clickfunnels.com/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/cf.js
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:23:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Aug 2023 18:03:10 GMT
server
cloudflare
age
36
etag
W/"64ef845e-476a"
vary
Accept-Encoding
content-type
application/x-javascript
cf-ray
802028c5aaf64bd2-BUF
/
track.addevent.com/atc/ 		0
0
/
app.clickfunnels.com/userevents/ 		0
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=OTVqTVEyUkVzWkg3ZHhlTC9Fck43QT09LS0yMUp2SmdlY1Uza1pyNXByM0c5T2hBPT0%3D--55dcd1e3f81016c7873dcaf20fae495b77db82db&page_id=cFJESW5vckNaT0YycTRXSkZyMStLQT09LS01ZWNkYi9OM3ZOMW5LMTNldW5zSzl3PT0%3D--5b696f5489ec4d0145dfe79669094f94fa293ed4&funnel_step_id=N0JMd1Z1QktiajM5amZsbDV1ZHZ1dz09LS1UbE10ckdaT3Q0QjFzOGYxWjA5TWpnPT0%3D--acab866fc413f7a9ea52c3fe0e7eae4a50d7acf7&user_id=QVhiNkVmbUlRbTBLYVltaUE5MU02QT09LS16eG5TRld2cmFqSVk0aXJUL3JzaWF3PT0%3D--fb995bd3ca08c8603a46c1717739f647b59ea514&account_id=TC9yQkdtUnE0bzNRNUNwV3kzNkJNQT09LS1semlud3ByMEFKK1RIQjdxVkxTQkRnPT0%3D--7206ca4914f0accaf0c8f663505946bac4d26770&page_code=NTMyNDY2MjY%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=1d5da5c3-a7e4-4379-8fdf-5aedf233da3d&url=https%3A%2F%2Fapp.funnel-preview.com%2Ffor_domain%2Fgucci2022.clickfunnels.com%2Foptin1644977931028%3Fupdated_at%3D3bea860d82b7b9e11bef77de869f51e5v2%26track%3D0%26preview%3Dtrue
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 17:23:18 GMT
access-control-request-method
*
x-runtime
0.052020
cf-cache-status
BYPASS
server
cloudflare
x-powered-by
Phusion Passenger Enterprise 6.0.7
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
status
202 Accepted
cache-control
no-cache, no-store
cf-ray
802028c61dcf4bcf-BUF
x-rack-cache
miss
x-request-id
390284e2647bfcebb4493d48f4edfa54
/
app.clickfunnels.com/userevents/ 		0
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=OTVqTVEyUkVzWkg3ZHhlTC9Fck43QT09LS0yMUp2SmdlY1Uza1pyNXByM0c5T2hBPT0%3D--55dcd1e3f81016c7873dcaf20fae495b77db82db&page_id=cFJESW5vckNaT0YycTRXSkZyMStLQT09LS01ZWNkYi9OM3ZOMW5LMTNldW5zSzl3PT0%3D--5b696f5489ec4d0145dfe79669094f94fa293ed4&funnel_step_id=N0JMd1Z1QktiajM5amZsbDV1ZHZ1dz09LS1UbE10ckdaT3Q0QjFzOGYxWjA5TWpnPT0%3D--acab866fc413f7a9ea52c3fe0e7eae4a50d7acf7&user_id=QVhiNkVmbUlRbTBLYVltaUE5MU02QT09LS16eG5TRld2cmFqSVk0aXJUL3JzaWF3PT0%3D--fb995bd3ca08c8603a46c1717739f647b59ea514&account_id=TC9yQkdtUnE0bzNRNUNwV3kzNkJNQT09LS1semlud3ByMEFKK1RIQjdxVkxTQkRnPT0%3D--7206ca4914f0accaf0c8f663505946bac4d26770&page_code=NTMyNDY2MjY%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=f2a928c8-7b73-44aa-b007-63ba6cdac165&url=https%3A%2F%2Fapp.funnel-preview.com%2Ffor_domain%2Fgucci2022.clickfunnels.com%2Foptin1644977931028%3Fupdated_at%3D3bea860d82b7b9e11bef77de869f51e5v2%26track%3D0%26preview%3Dtrue
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 17:23:18 GMT
access-control-request-method
*
x-runtime
0.060133
cf-cache-status
BYPASS
server
cloudflare
x-powered-by
Phusion Passenger Enterprise 6.0.7
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
status
202 Accepted
cache-control
no-cache, no-store
cf-ray
802028c61dd14bcf-BUF
x-rack-cache
miss
x-request-id
1fde3e6ded30cb16a4f3e621698c7bf3
/
app.clickfunnels.com/userevents/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=OTVqTVEyUkVzWkg3ZHhlTC9Fck43QT09LS0yMUp2SmdlY1Uza1pyNXByM0c5T2hBPT0%3D--55dcd1e3f81016c7873dcaf20fae495b77db82db&page_id=cFJESW5vckNaT0YycTRXSkZyMStLQT09LS01ZWNkYi9OM3ZOMW5LMTNldW5zSzl3PT0%3D--5b696f5489ec4d0145dfe79669094f94fa293ed4&funnel_step_id=N0JMd1Z1QktiajM5amZsbDV1ZHZ1dz09LS1UbE10ckdaT3Q0QjFzOGYxWjA5TWpnPT0%3D--acab866fc413f7a9ea52c3fe0e7eae4a50d7acf7&user_id=QVhiNkVmbUlRbTBLYVltaUE5MU02QT09LS16eG5TRld2cmFqSVk0aXJUL3JzaWF3PT0%3D--fb995bd3ca08c8603a46c1717739f647b59ea514&account_id=TC9yQkdtUnE0bzNRNUNwV3kzNkJNQT09LS1semlud3ByMEFKK1RIQjdxVkxTQkRnPT0%3D--7206ca4914f0accaf0c8f663505946bac4d26770&page_code=NTMyNDY2MjY%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=cd4d4d40-43e1-4fc0-b5aa-5047fbe0c9a0&url=https%3A%2F%2Fapp.funnel-preview.com%2Ffor_domain%2Fgucci2022.clickfunnels.com%2Foptin1644977931028%3Fupdated_at%3D3bea860d82b7b9e11bef77de869f51e5v2%26track%3D0%26preview%3Dtrue
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 17:23:18 GMT
access-control-request-method
*
x-runtime
0.027793
cf-cache-status
BYPASS
server
cloudflare
x-powered-by
Phusion Passenger Enterprise 6.0.7
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
status
202 Accepted
cache-control
no-cache, no-store
cf-ray
802028c61dd04bcf-BUF
x-rack-cache
miss
x-request-id
18b781f190ee46ab79b59d9e2cc54b33
nr-spa.1097a448-1.238.0.min.js
js-agent.newrelic.com/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa.1097a448-1.238.0.min.js
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2cffb3d4620ddeb697ba04e787b68c7749efaa66614d9c6d16bc6082444f3bb
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
b8eo8xMxP6q71yVPfdHT5aV6JuNPOpkg
content-encoding
br
via
1.1 varnish
date
Tue, 05 Sep 2023 17:23:18 GMT
strict-transport-security
max-age=300
x-amz-request-id
XGE1ZG8XX2EN0MTC
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
25963
x-amz-id-2
QxpmcUITqL+O952S4jgpwHckFYz0Ai2u/enzuH0RMTPI6C59Ze/3kohzzH1FyBHIvgrbqJOglos=
x-served-by
cache-yyz4560-YYZ
last-modified
Wed, 16 Aug 2023 21:40:47 GMT
server
AmazonS3
x-timer
S1693934599.518116,VS0,VE0
etag
"50ff460817c14cc3cdb0112cf58f1456"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3253
cf-logo.png
app.funnel-preview.com/funnels/paused-account/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.funnel-preview.com/funnels/paused-account/cf-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22555c585cf38ea21df4e833b1eaf94ab484b9dc9d32021e160c8de030c6f31e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:23:18 GMT
cf-cache-status
HIT
last-modified
Wed, 30 Aug 2023 18:03:10 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
age
36
etag
"64ef845e-17c9"
cf-polished
origFmt=png, origSize=6089
vary
Accept, Accept-Encoding
content-type
image/webp
content-disposition
inline; filename="cf-logo.webp"
accept-ranges
bytes
cf-ray
802028c87b214bd2-BUF
content-length
2486
closemodal.png
assets.clickfunnels.com/images/ 		672 B
899 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.clickfunnels.com/images/closemodal.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:23:18 GMT
cf-cache-status
HIT
age
854684
cf-polished
origFmt=png, origSize=788
content-disposition
inline; filename="closemodal.webp"
content-length
672
last-modified
Wed, 23 Aug 2023 15:40:29 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"64e6286d-314"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
802028c89b244bd2-BUF
expires
Fri, 06 Oct 2023 17:23:18 GMT
track
app.clickfunnels.com/v1/ 		121 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/v1/track?_unique=0.2118744044010561&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028%3Fupdated_at%3D3bea860d82b7b9e11bef77de869f51e5v2%26track%3D0%26preview%3Dtrue&_title=&_key=6chs8vnw&_page_key=axbx91czfdfdbu8t&_fid=11857512&_fspos=193&_fvrs=1&_funnel_stat=0&_location=https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true&_referrer=
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
13b568f0874accae92af39b94327e286e8e397a7f3d9eba50196c044544957f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:23:18 GMT
access-control-request-method
*
content-encoding
br
cf-cache-status
DYNAMIC
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
200 OK
x-request-id
71fcf213460a0cbe3e5512d146f4c0e9
x-runtime
0.018106
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, GET
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store
cf-ray
802028c88dff4bcf-BUF
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-rack-cache
miss
rum
app.funnel-preview.com/cdn-cgi/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.funnel-preview.com/cdn-cgi/rum?
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-NewRelic-ID
UAYHVF5UCBAFUFRWAQMDUFc=
tracestate
2882645@nr=0-1-4005870-601403195-2dd6b520420f3c86----1693934598575
traceparent
00-56e74b64634ac2bbeae9751a02083f00-2dd6b520420f3c86-01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQwMDU4NzAiLCJhcCI6IjYwMTQwMzE5NSIsImlkIjoiMmRkNmI1MjA0MjBmM2M4NiIsInRyIjoiNTZlNzRiNjQ2MzRhYzJiYmVhZTk3NTFhMDIwODNmMDAiLCJ0aSI6MTY5MzkzNDU5ODU3NSwidGsiOiIyODgyNjQ1In19
content-type
application/json
Referer
https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true

Response headers

date
Tue, 05 Sep 2023 17:23:18 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://app.funnel-preview.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
802028c92b284bd2-BUF
location
b2.fudacioncovid19.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://b2.fudacioncovid19.com/location
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.73.70.76 St Petersburg, Russian Federation, ASN43317 (VEESP-AS, LV),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
truncated
/ 		954 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cae74ee5bad20861dee4906df15d793b948297238f4da81c1b0d7adf3d25f38

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
whos.amung.us/pingjs/ 		25 B
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whos.amung.us/pingjs/?k=rulay00&t=Luis&x=%20https://twitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 17:23:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
802028c9bee04bd5-BUF
content-type
text/javascript;charset=UTF-8
NRJS-14b9fc0143e6570151a
bam.nr-data.net/1/ 		40 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-14b9fc0143e6570151a?a=545462463&v=1.238.0&to=IgpZQUBdWF8DFEsXEQQXR1RVV0ccFgcDBxFOFUJXXltHWwMC&rst=2378&ck=0&s=eb20e4c203f55794&ref=https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028&af=err,xhr,stn,ins,spa&ap=183&be=1190&fe=952&dc=447&perf=%7B%22timing%22:%7B%22of%22:1693934596429,%22n%22:0,%22f%22:1030,%22dn%22:1031,%22dne%22:1069,%22c%22:1069,%22s%22:1098,%22ce%22:1133,%22rq%22:1133,%22rp%22:1190,%22rpe%22:1193,%22di%22:1590,%22ds%22:1592,%22de%22:1638,%22dc%22:2035,%22l%22:2035,%22le%22:2142%7D,%22navigation%22:%7B%7D%7D&fp=1399&fcp=1399
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://app.funnel-preview.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 05 Sep 2023 17:23:18 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://app.funnel-preview.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-nyc-kteb1890033-NYC
NRJS-14b9fc0143e6570151a
bam.nr-data.net/events/1/ 		24 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-14b9fc0143e6570151a?a=545462463&v=1.238.0&to=IgpZQUBdWF8DFEsXEQQXR1RVV0ccFgcDBxFOFUJXXltHWwMC&rst=2514&ck=0&s=eb20e4c203f55794&ref=https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com/optin1644977931028?updated_at=3bea860d82b7b9e11bef77de869f51e5v2&track=0&preview=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://app.funnel-preview.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 05 Sep 2023 17:23:18 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://app.funnel-preview.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-nyc-kteb1890033-NYC

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
track.addevent.com
URL
https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=182c3b6b-871b-4f96-9ce6-5f469aa26dbe&url=https%3A%2F%2Fapp.funnel-preview.com%2Ffor_domain%2Fgucci2022.clickfunnels.com%2Foptin1644977931028%3Fupdated_at%3D3bea860d82b7b9e11bef77de869f51e5v2%26track%3D0%26preview%3Dtrue&cache=1693934598014

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

270 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| NREUM object| webpackChunk:NRBA-1.238.0.PROD object| newrelic function| init string| CFAppDomain boolean| domainIsCFInternal function| createGUID function| toQueryString function| setCookie function| getCookie function| logError function| done function| recordUserEvent function| setCFMetaTagsFromCookies function| setCFMetaTagsFromQueryString function| getCFMetaTag function| writeCFMetaTag function| queryStringFromCFMetaTags function| recordPageview function| recordUniqueVisitor function| recordUniquePageview function| setClientWidth function| setForm function| CLICKFUNNELS_OLD_FORM_SUBMIT function| ouibounce function| CFbuildAudioPlayer function| evsfix function| calcTax function| cfStripeTokenHandler function| cfStripePaymentIntentFormAdder function| cfCreateElements function| cfCreateiDEALSource function| cfProcessiDEALSourceRedirect function| cfSaveiDEALSourceInfo function| cfPopulateFormForiDEAL function| cfCreateStripeToken function| cfHandlePaymentUsingSetupIntent function| cfOrderErrorMessage function| cfHandlePaymentUsingPaymentIntent function| shouldUsePaymentIntentFlow function| cfCreateStripePaymentMethod function| cfTransformStripeToken function| cfElementsFindFont function| cleanupLocalStorage function| cfHandleiDEALRedirect function| AttachStripeElements function| prettyNotify function| start_firebase function| displayPageNotifier function| start_page_notifier function| start_firebase_quantity_limiter function| readCookie function| CFExtractPayPalButtonConfiguration function| CFPaySelectPaypalTransactions function| PaySelectInit function| recalcRoundUp function| addCharityToSummary function| addSaasRedirectClickHandler function| CFInfusionsoftTokenizationHandler function| webinarDelay function| cookieWebinarTime function| getWebinarLastTime function| reportWebinarTime function| periodicAutoWebinarCheck function| periodicLessonCheck function| reportLessonProgress function| CFSanitizeCountdownElement function| CFstartBPVideos function| CFprocessBPVideos function| CFcheckForVimeo function| CFhandleWistiaBPVideo function| CFhandleAllVimeoBPVideos function| CFhandleAllYouTubeBPVideos function| CFhandleVideoLabels function| CFsetupSessionStarterBP function| CFsetupMutedVideos function| CFrenameVimeoURLAttribute undefined| checkPreview undefined| cookie_variable undefined| tag undefined| firstScriptTag undefined| elVideo_one undefined| elVideo_two undefined| elVideo_three undefined| elVideo_four undefined| elVideo_type undefined| elVideo_show undefined| elVideo_hide undefined| elVideo_numberofvideos undefined| gettheType_unlocker undefined| player undefined| playVideoText undefined| pauseVideoText undefined| playingVideoText undefined| lockedVideoText boolean| cfpeorders function| recurlyDateHandler function| recurlyNameHandler function| recurlyCountryHandler number| CF_KEYCODE_ENTER number| CF_KEYCODE_SPACE undefined| checkifPreview_randomCookie undefined| elCheckVideoEndType undefined| unlockVideoDate undefined| checkifUnlockableDate undefined| checkifUnlockableEverGreenDate undefined| everGreenDates undefined| onYouTubeIframeAPIReady undefined| elUnlocker_startVideo undefined| onPlayerReady undefined| elvideounlockerProgress undefined| elUnlocker_changeVideo undefined| onPlayerStateChange undefined| runAnimationFade undefined| runAnimationScale undefined| runAnimationLeft undefined| runAnimationRight undefined| runAnimationTop undefined| runAnimationBottom function| getURLParameter function| cfpeRebuildOrderSummary function| formatRecurlyExpirationDate function| validateRecurlyExpirationDate function| $ function| jQuery function| moment object| jQuery18103910976355833271 function| JQClass function| tinycolor function| generateUniqueId object| CFUtils object| ClickFunnels function| _ object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer function| videojs function| _V_ function| $d string| proc string| _image_path string| _ate_license boolean| _ate_mouse string| _ate_css string| _ate_callback string| _ate_dropdown string| _ate_lbl_outlook string| _ate_lbl_google string| _ate_lbl_yahoo string| _ate_lbl_hotmail string| _ate_lbl_ical string| _ate_lbl_fb_event boolean| _ate_show_outlook boolean| _ate_show_google boolean| _ate_show_yahoo boolean| _ate_show_hotmail boolean| _ate_show_ical boolean| _ate_show_facebook boolean| _d_rd boolean| _ate_btn_found boolean| _ate_btn_expo object| addthisevent function| postscribe object| I18n object| Clickfunnels function| calcShipping undefined| cfStripeElementsCardElement function| Firebase function| ES6Promise object| cookieconsent object| options function| track_capi object| cfFacebookInitOptions function| fbAsyncInit string| page_key string| fid string| fspos string| fvrs object| cf_tracker string| cf_key string| serverUrl function| getURLParameterExact function| callbackFunction object| _pcq object| __cfBeacon object| cfpe object| getVars object| $cfSurvey_outcome object| CFSurveyQueryOutcome string| target string| str undefined| checkVideoAttr undefined| showVideoBG string| $url object| $queries undefined| $utm_source string| $pID string| $rootID string| $variantcheck string| $userID undefined| $iframeCheck string| $requiredCheck object| SurveyMatcher undefined| $carContestProgress string| $todayYear string| $localTime string| $autoWebinarDay1 string| $autoWebinarDay1_raw string| $selectText string| $autoWebinarDay0 string| $autoWebinarDay0_raw string| $replayText string| $autoWebinarDay2 string| $autoWebinarDay2_raw string| $autoWebinarDay3 string| $autoWebinarDay3_raw undefined| date undefined| time object| webinar_datetime object| webinar_datetime_offset boolean| now object| now_offset number| webinar_delay object| webinar_delay_offset boolean| $removeSelectDateOnAutoWebinar number| funnel_stat boolean| ecookie function| loadScript function| jQueryCheck function| createCookie function| formatObject function| getFormData function| filteredMatch function| changeText boolean| replied object| sender object| cfUniqueVisitorID function| cfSetUniqueVisitorID function| SendData function| wait function| sleep function| checkresponse function| answered function| postpone object| formSubmitFunctions function| formAttach function| addEvent function| filtered_string object| url_params object| parts object| nv function| cf_load function| get_XmlHttp boolean| IS_MOBILE number| limit_bot string| object string| type string| OUTPUT object| ___ object| params number| tt object| to_object string| a string| root_url number| timeout function| __updateOrientation

23 Cookies

Domain/Path Name / Value
app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com Name: addevent_track_cookie
Value: 182c3b6b-871b-4f96-9ce6-5f469aa26dbe
app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com Name: updated_at
Value: 3bea860d82b7b9e11bef77de869f51e5v2
app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com Name: track
Value: 0
app.funnel-preview.com/for_domain/gucci2022.clickfunnels.com Name: preview
Value: true
.app.funnel-preview.com/ Name: __cf_bm
Value: 87zCDmMiFkJED5OZ3EzCOXDetxKHasUf6as9AXHoFEo-1693934597-0-AXp1qSDL9mEuqRYV6qV6EQ7FYqpAwF4YSpFSwQdf6D4Yvyg1vbtp531WDCDSCqM9c1IvzpGXNsMoVUgMuXLdzbgtXyah2IV+1E7+RaqUFP0U
.app.funnel-preview.com/ Name: _cfuvid
Value: 8Ge4j9cN0rgnwijCU6IB.wWxe5KQWOKP48l9DO3YRmg-1693934597595-0-604800000
.clickfunnels.com/ Name: __cf_bm
Value: mnFSsr3no5JMAxptiiHUq9vK7RoKIpGo3tz4ExiDmec-1693934597-0-AT+N47Hs2NB4a+eU8HqSiD9Ldvee3ssIXuKvZ2M8I4irZnR22S36/om/IlwZ/8TcqOBfNTqchibKhHwrIQjxxzV0rGSDiKnWeRUq0IBCIQSU
.clickfunnels.com/ Name: _cfuvid
Value: oKcSQI8_MlwtCXzeguK17uRj6aNSTf8ETM8ATYRlOQc-1693934597750-0-604800000
app.funnel-preview.com/ Name: cf:aff_sub2
Value:
app.funnel-preview.com/ Name: cf:aff_sub3
Value:
app.funnel-preview.com/ Name: cf:aff_sub
Value:
app.funnel-preview.com/ Name: cf:affiliate_id
Value:
app.funnel-preview.com/ Name: cf:cf_affiliate_id
Value:
app.funnel-preview.com/ Name: cf:content
Value:
app.funnel-preview.com/ Name: cf:medium
Value:
app.funnel-preview.com/ Name: cf:name
Value:
app.funnel-preview.com/ Name: cf:source
Value:
app.funnel-preview.com/ Name: cf:term
Value:
app.funnel-preview.com/ Name: cf:NTMyNDY2MjY
Value: :visited=true
app.funnel-preview.com/ Name: cf:visitor_id
Value: 7a81cb14-568b-4d0c-bf03-f7738e478b80
app.funnel-preview.com/ Name: is_eu
Value: false
app.funnel-preview.com/ Name: axbx91czfdfdbu8t
Value: true
app.funnel-preview.com/ Name: 11857512_viewed_193
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=182c3b6b-871b-4f96-9ce6-5f469aa26dbe&url=https%3A%2F%2Fapp.funnel-preview.com%2Ffor_domain%2Fgucci2022.clickfunnels.com%2Foptin1644977931028%3Fupdated_at%3D3bea860d82b7b9e11bef77de869f51e5v2%26track%3D0%26preview%3Dtrue&cache=1693934598014
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://b2.fudacioncovid19.com/location
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.clickfunnels.com
app.funnel-preview.com
assets.clickfunnels.com
b2.fudacioncovid19.com
bam.nr-data.net
fonts.googleapis.com
images.clickfunnels.com
js-agent.newrelic.com
onx.la
static.cloudflareinsights.com
track.addevent.com
use.fontawesome.com
whos.amung.us
track.addevent.com
151.101.130.137
162.247.243.29
2606:4700:10::6816:4bab
2606:4700::6810:3865
2606:4700::6810:cc2
2606:4700:e0::ac40:670b
2607:f8b0:4020:805::200a
3.208.47.221
77.73.70.76
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cae74ee5bad20861dee4906df15d793b948297238f4da81c1b0d7adf3d25f38
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
13b568f0874accae92af39b94327e286e8e397a7f3d9eba50196c044544957f7
22555c585cf38ea21df4e833b1eaf94ab484b9dc9d32021e160c8de030c6f31e
29a23eec5c3c8deeee003647f78ab7d529b9c69a7857007345c0baf1b2e61d92
39c7e8ccf2bd8f2c915ac24838e82f64e25f9e84891c474b75e6c72137715461
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
7e5e8efadc0a91b136a0c423605584fffb389787c5825e019ec7b7a0004cb47b
a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b
b2cffb3d4620ddeb697ba04e787b68c7749efaa66614d9c6d16bc6082444f3bb
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
ccc590090ec85a617ac44a0a24020cea251ec5dae0825ea2a68bcf2d1e1093a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422