urlscan.io logo urlscan.io
SecurityTrails logo

piscinaveronza.com Open in urlscan Pro
2001:8d8:100f:f000::2de  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aamkaesyc6rkm.clickfunnels.com/optinelfr2186
Effective URL: https://piscinaveronza.com/ajax/dpd/de/
Submission: On September 17 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 10 domains to perform 25 HTTP transactions. The main IP is 2001:8d8:100f:f000::2de, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is piscinaveronza.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on May 27th 2022. Valid for: a year.
This is the only time piscinaveronza.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DPD (Transportation)

Domain & IP information

IP Address AS Autonomous System
2 10 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 108.138.24.50 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.194.137 54113 (FASTLY)
1 2001:8d8:100f... 8560 (IONOS-AS ...)
25 9
10    2606:4700::6810:fc2 (United States)

ASN13335 (CLOUDFLARENET, US)
aamkaesyc6rkm.clickfunnels.com
app.clickfunnels.com
images.clickfunnels.com
www.clickfunnels.com
2    2606:4700:3033::6815:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    108.138.24.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-50.fra56.r.cloudfront.net
d26b395fwzu5fz.cloudfront.net
4    2606:4700::6810:dc2 (United States)

ASN13335 (CLOUDFLARENET, US)
app.clickfunnels.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2001:8d8:100f:f000::2de (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
piscinaveronza.com
Apex Domain
Subdomains		 Transfer
14 clickfunnels.com
aamkaesyc6rkm.clickfunnels.com
app.clickfunnels.com — Cisco Umbrella Rank: 39753
images.clickfunnels.com — Cisco Umbrella Rank: 121320
www.clickfunnels.com — Cisco Umbrella Rank: 73481
764 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
4 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 884
17 KB
1 piscinaveronza.com
piscinaveronza.com
238 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 326
14 KB
1 cloudfront.net
d26b395fwzu5fz.cloudfront.net
9 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1027
5 KB
0 keen.io Failed
api.keen.io Failed
0 amazonaws.com Failed
klee.studio.s3.amazonaws.com Failed
0 addevent.com Failed
track.addevent.com Failed
25 10
Domain Requested by
10 app.clickfunnels.com 1 redirects aamkaesyc6rkm.clickfunnels.com
app.clickfunnels.com
2 fonts.googleapis.com aamkaesyc6rkm.clickfunnels.com
2 use.fontawesome.com aamkaesyc6rkm.clickfunnels.com
2 aamkaesyc6rkm.clickfunnels.com 1 redirects static.cloudflareinsights.com
1 piscinaveronza.com
1 js-agent.newrelic.com aamkaesyc6rkm.clickfunnels.com
1 www.clickfunnels.com aamkaesyc6rkm.clickfunnels.com
1 d26b395fwzu5fz.cloudfront.net app.clickfunnels.com
1 images.clickfunnels.com aamkaesyc6rkm.clickfunnels.com
1 static.cloudflareinsights.com aamkaesyc6rkm.clickfunnels.com
0 api.keen.io Failed d26b395fwzu5fz.cloudfront.net
0 klee.studio.s3.amazonaws.com Failed
0 track.addevent.com Failed aamkaesyc6rkm.clickfunnels.com
25 13

This site contains links to these domains. Also see Links.

Domain
rizarichempire.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-23 -
2023-07-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.piscinaveronza.com
Encryption Everywhere DV TLS CA - G1		 2022-05-27 -
2023-06-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://piscinaveronza.com/ajax/dpd/de/
Frame ID: FB948D46EAB4BDAE810F6F00E128B3DC
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zahlung bestätigen - Schweizerische DPD

Page URL History Show full URLs

  1. https://aamkaesyc6rkm.clickfunnels.com/optinelfr2186 HTTP 302
    https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334 Page URL
  2. https://piscinaveronza.com/ajax/dpd/de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

25
Requests

76 %
HTTPS

75 %
IPv6

10
Domains

13
Subdomains

9
IPs

2
Countries

1258 kB
Transfer

3563 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aamkaesyc6rkm.clickfunnels.com/optinelfr2186 HTTP 302
    https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334 Page URL
  2. https://piscinaveronza.com/ajax/dpd/de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://aamkaesyc6rkm.clickfunnels.com/optinelfr2186 HTTP 302
  • https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Request Chain 14
  • https://app.clickfunnels.com/cf.js HTTP 301
  • https://www.clickfunnels.com/cf.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
optin1663426080334
aamkaesyc6rkm.clickfunnels.com/
Redirect Chain
  • https://aamkaesyc6rkm.clickfunnels.com/optinelfr2186
  • https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
62 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
7b1f36e4489039759beda709e343c3fb3df4ba87cb1d366bc41fcdf76f804838
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
cache-control
max-age=60, public, s-maxage=600, r-maxage=10
cf-cache-status
REVALIDATED
cf-ray
74c4cedadd33905e-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 17 Sep 2022 21:06:50 GMT
last-modified
Sat, 17 Sep 2022 14:50:40 GMT
server
cloudflare
status
200 OK
strict-transport-security
max-age=0
vary
Accept-Encoding
x-content-digest
8f748b3b24cc88b97cc62d073e1d21cb69c3829b
x-frame-options
ALLOWALL
x-powered-by
Phusion Passenger Enterprise 6.0.7
x-rack-cache
fresh
x-request-id
fc786d961a97d34f2036338e19946da8
x-runtime
0.300436

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
EXPIRED
cf-ray
74c4ced8fa7a905e-FRA
content-type
text/html; charset=utf-8
date
Sat, 17 Sep 2022 21:06:50 GMT
location
https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
server
cloudflare
status
302 Found
strict-transport-security
max-age=0
vary
Accept-Encoding
x-frame-options
ALLOWALL
x-powered-by
Phusion Passenger Enterprise 6.0.7
x-rack-cache
miss
x-request-id
f7c969d93783006812d24534f1d10a5e
x-runtime
0.085915
lander.css
app.clickfunnels.com/assets/ 		425 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/lander.css
Requested by
Host: aamkaesyc6rkm.clickfunnels.com
URL: https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:06:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
785
last-modified
Tue, 30 Aug 2022 23:27:56 GMT
server
cloudflare
etag
W/"630e9cfc-6a514"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
74c4cedc0f2b905e-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 17 Sep 2022 21:26:50 GMT
all.css
use.fontawesome.com/releases/v5.9.0/css/ 		55 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by
Host: aamkaesyc6rkm.clickfunnels.com
URL: https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:06:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22083217
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ETCCP07ASRX57QTJ
x-amz-id-2
gdxz7o5XAFQqjEMtTmfaIdOXVna8G3EziQh+Wczyb3stzhgzANQTX1MKstyrM0MmRZu7wZdB2dk=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOkz4tbVVscZsiQEbuavHNubGriLnFW%2F8q0i8qhIMIIDzHZqw12rn9IhEEuI0wWSYqBUvxmJb0DEXXDeS9xMXLR00%2B0Mqzr%2FVvsU%2BK1gUVgJiCUvwsDU%2BnWVadsP5r0flOXIXtIHNhIJ8LbCmdHAnYHz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
74c4cedca9f0995c-FRA
v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by
Host: aamkaesyc6rkm.clickfunnels.com
URL: https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:06:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17406150
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TTAKPBW0XYYD6XRF
x-amz-id-2
AP9UO+Bv38KJLZyALgJy5gVvb1Xywrkqiht+WtUxo69IbxT/4hgQaFkLqGIxci/ow2h21/zNDyg=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"e140a7d32f343530f016095df3cc2ae4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFrlBVJlPvjsY%2BEU1E%2FkxHr%2BLXTVQIBEHYvGn%2BstN7rTShYV%2B7Y8hnArpZMjqnLBcoZ9gUl%2BLpzISnBUY8NOQmvDr5zE18DVjxejmuLH9FCD4YVK2iZy4%2FN0uGGdenyu2%2BkSptaxxKUGSeLLHRKNPBu8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
74c4cedca9f4995c-FRA
css
fonts.googleapis.com/ 		45 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Requested by
Host: aamkaesyc6rkm.clickfunnels.com
URL: https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
49688b73fa32173ed401d94ed1380dd216a5a9665c11f180e7a0e5248bb07388
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 17 Sep 2022 20:55:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 17 Sep 2022 21:06:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Sep 2022 21:06:50 GMT
application.js
app.clickfunnels.com/assets/userevents/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/userevents/application.js
Requested by
Host: aamkaesyc6rkm.clickfunnels.com
URL: https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:06:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
830
last-modified
Tue, 30 Aug 2022 23:27:56 GMT
server
cloudflare
etag
W/"630e9cfc-1353"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
74c4cedc2f58905e-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 17 Sep 2022 21:26:50 GMT
pushcrew.js
app.clickfunnels.com/assets/ 		637 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/pushcrew.js
Requested by
Host: aamkaesyc6rkm.clickfunnels.com
URL: https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:06:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1154
last-modified
Tue, 30 Aug 2022 23:27:55 GMT
server
cloudflare
etag
W/"630e9cfb-27d"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
74c4cedc2f59905e-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 17 Sep 2022 21:26:50 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: aamkaesyc6rkm.clickfunnels.com
URL: https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://aamkaesyc6rkm.clickfunnels.com/
Origin
https://aamkaesyc6rkm.clickfunnels.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:06:51 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
74c4cedcb9b8911f-FRA
css
fonts.googleapis.com/ 		2 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%7Csans-serif%7CMontserrat%7Csans-serif%7CMontserrat%7Csans-serif%7C%7C
Requested by
Host: aamkaesyc6rkm.clickfunnels.com
URL: https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 17 Sep 2022 21:06:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 17 Sep 2022 21:06:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Sep 2022 21:06:50 GMT
lander.js
app.clickfunnels.com/assets/ 		2 MB
661 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/lander.js
Requested by
Host: aamkaesyc6rkm.clickfunnels.com
URL: https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5824467254c4dff6cbb9de37d441170f9243287bba4380e206297e2f2c0ef7cd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:06:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
101
last-modified
Tue, 30 Aug 2022 23:29:04 GMT
server
cloudflare
etag
W/"630e9d40-238fd1"
strict-transport-security
max-age=0
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
74c4cedc0f2c905e-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 17 Sep 2022 21:26:50 GMT
ClickfunnelsTag.png
images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
Requested by
Host: aamkaesyc6rkm.clickfunnels.com
URL: https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:06:51 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
8HP8W00S4NBH8ZQF
cf-polished
origFmt=png, origSize=9030
last-modified
Fri, 03 Jan 2020 17:41:49 GMT
content-disposition
inline; filename="ClickfunnelsTag.webp"
content-length
5276
x-amz-id-2
zi9/gphVqjdDgrHXvsflw8q5boaBk6JXHatK43SvLhm+emQsGlsgzKbuH5N85WRdl/yNrtmpImQ=
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"a633777156a5ffeb58c92d3d59fa4e34"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2073600
accept-ranges
bytes
cf-ray
74c4cedc3f67905e-FRA
expires
Tue, 11 Oct 2022 21:06:51 GMT
mailcheck.min.js
app.clickfunnels.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/mailcheck.min.js
Requested by
Host: aamkaesyc6rkm.clickfunnels.com
URL: https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:06:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Aug 2022 23:27:56 GMT
server
cloudflare
age
6771
etag
W/"630e9cfc-a8d"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=0
cf-ray
74c4cedc2f5a905e-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
truncated
/ 		26 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
keen-tracking-1.0.3.min.js
d26b395fwzu5fz.cloudfront.net/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d26b395fwzu5fz.cloudfront.net/keen-tracking-1.0.3.min.js
Requested by
Host: app.clickfunnels.com
URL: https://app.clickfunnels.com/assets/lander.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8fbd44351b2040cbd911e73aa17794cfd00261d0f10a6881fd48ca8a1d880b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 15 Jun 2022 12:20:28 GMT
Content-Encoding
gzip
Age
8153184
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8994
Last-Modified
Thu, 31 Mar 2016 04:24:33 GMT
Server
AmazonS3
ETag
"a6acb97120359c326c8f7775a5514f5d"
Content-Type
application/javascript
Via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000000, public
X-Amz-Cf-Pop
FRA56-P7
Accept-Ranges
bytes
X-Amz-Cf-Id
FHG8YpCS2GZ_SFU52DfPxaF3RUbEt9brpPC0dOb4MY7I7eDXJ_G1vg==
Expires
Fri, 31 Mar 2017 04:24:29 GMT
cf.js
www.clickfunnels.com/
Redirect Chain
  • https://app.clickfunnels.com/cf.js
  • https://www.clickfunnels.com/cf.js
18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickfunnels.com/cf.js
Requested by
Host: aamkaesyc6rkm.clickfunnels.com
URL: https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Protocol
H2
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:06:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Aug 2022 23:27:56 GMT
server
cloudflare
age
3130
etag
W/"630e9cfc-476a"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=0
cf-ray
74c4cedefbde905e-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

Redirect headers

date
Sat, 17 Sep 2022 21:06:51 GMT
cf-cache-status
HIT
access-control-allow-origin
*
server
cloudflare
age
585
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
location
https://www.clickfunnels.com/cf.js
access-control-allow-credentials
true
strict-transport-security
max-age=0
cf-ray
74c4cede8b28905e-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
/
track.addevent.com/atc/ 		0
0
/
app.clickfunnels.com/userevents/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=Vnk4dmd1SzY2WEdodGRBVFdTZXJ3Zz09LS1wODJVMFo1eGZ3R0FLNlQvbWpNUW13PT0%3D--bdab3ebd4a68025f89c679f23be75933ec54a8e4&page_id=UTBrbHVQMnUxQXBoalUwZFZQZlB5QT09LS1yNm5uRGcxSS95TzdyWlpGYTdqMkpRPT0%3D--381ebc396b599c57ef93d7b6dcb6c4a09a8b28da&funnel_step_id=S3JmRlNiSDZnMG9hTXpHa1NwSjZLQT09LS1mdFBUaHUrc2kvRnQ2b2RsTWw3N0J3PT0%3D--13ad4c15134ef885fea61fe9118d042c00bba5ee&user_id=MThYRHkwTytDa1JWK0hGTy9rSlpkZz09LS0yMVRkWDV2OWZjbTg1Y1RyUUowcnJRPT0%3D--0a3b025c0a866bba82ee407fe1d085b0be2b2bda&account_id=S2VTVXN2NG1lQ3pWVi9ob0lhTjZ0QT09LS1zNWxYUnlWeG50WWJYclpYUmhFV2tRPT0%3D--29da563667acab9449e9d043e1882ba556c04110&page_code=NTYzMzM0MjM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=32ab1a4d-daa0-4b2e-a38a-084da13a248f&url=https%3A%2F%2Faamkaesyc6rkm.clickfunnels.com%2Foptin1663426080334
Requested by
Host: app.clickfunnels.com
URL: https://app.clickfunnels.com/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:06:51 GMT
access-control-request-method
*
cf-cache-status
BYPASS
access-control-allow-origin
*
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
202 Accepted
strict-transport-security
max-age=0
x-request-id
8741bc71e2ec882f86cffc11bedc553d
x-runtime
0.067194
server
cloudflare
x-frame-options
ALLOWALL
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
pragma
no-cache
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
74c4cedf1d549b6e-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache
miss
/
app.clickfunnels.com/userevents/ 		0
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=Vnk4dmd1SzY2WEdodGRBVFdTZXJ3Zz09LS1wODJVMFo1eGZ3R0FLNlQvbWpNUW13PT0%3D--bdab3ebd4a68025f89c679f23be75933ec54a8e4&page_id=UTBrbHVQMnUxQXBoalUwZFZQZlB5QT09LS1yNm5uRGcxSS95TzdyWlpGYTdqMkpRPT0%3D--381ebc396b599c57ef93d7b6dcb6c4a09a8b28da&funnel_step_id=S3JmRlNiSDZnMG9hTXpHa1NwSjZLQT09LS1mdFBUaHUrc2kvRnQ2b2RsTWw3N0J3PT0%3D--13ad4c15134ef885fea61fe9118d042c00bba5ee&user_id=MThYRHkwTytDa1JWK0hGTy9rSlpkZz09LS0yMVRkWDV2OWZjbTg1Y1RyUUowcnJRPT0%3D--0a3b025c0a866bba82ee407fe1d085b0be2b2bda&account_id=S2VTVXN2NG1lQ3pWVi9ob0lhTjZ0QT09LS1zNWxYUnlWeG50WWJYclpYUmhFV2tRPT0%3D--29da563667acab9449e9d043e1882ba556c04110&page_code=NTYzMzM0MjM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=5e8fc75a-8f11-4241-b113-9a8a338805cc&url=https%3A%2F%2Faamkaesyc6rkm.clickfunnels.com%2Foptin1663426080334
Requested by
Host: app.clickfunnels.com
URL: https://app.clickfunnels.com/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:06:51 GMT
access-control-request-method
*
cf-cache-status
BYPASS
access-control-allow-origin
*
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
202 Accepted
strict-transport-security
max-age=0
x-request-id
c4042baf2d0115f211722cbd97044f7d
x-runtime
0.029002
server
cloudflare
x-frame-options
ALLOWALL
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
pragma
no-cache
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
74c4cedf1d569b6e-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache
miss
/
app.clickfunnels.com/userevents/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=Vnk4dmd1SzY2WEdodGRBVFdTZXJ3Zz09LS1wODJVMFo1eGZ3R0FLNlQvbWpNUW13PT0%3D--bdab3ebd4a68025f89c679f23be75933ec54a8e4&page_id=UTBrbHVQMnUxQXBoalUwZFZQZlB5QT09LS1yNm5uRGcxSS95TzdyWlpGYTdqMkpRPT0%3D--381ebc396b599c57ef93d7b6dcb6c4a09a8b28da&funnel_step_id=S3JmRlNiSDZnMG9hTXpHa1NwSjZLQT09LS1mdFBUaHUrc2kvRnQ2b2RsTWw3N0J3PT0%3D--13ad4c15134ef885fea61fe9118d042c00bba5ee&user_id=MThYRHkwTytDa1JWK0hGTy9rSlpkZz09LS0yMVRkWDV2OWZjbTg1Y1RyUUowcnJRPT0%3D--0a3b025c0a866bba82ee407fe1d085b0be2b2bda&account_id=S2VTVXN2NG1lQ3pWVi9ob0lhTjZ0QT09LS1zNWxYUnlWeG50WWJYclpYUmhFV2tRPT0%3D--29da563667acab9449e9d043e1882ba556c04110&page_code=NTYzMzM0MjM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=6f0dbf6d-eb04-453a-83eb-b84a116b4f87&url=https%3A%2F%2Faamkaesyc6rkm.clickfunnels.com%2Foptin1663426080334
Requested by
Host: app.clickfunnels.com
URL: https://app.clickfunnels.com/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:06:51 GMT
access-control-request-method
*
cf-cache-status
BYPASS
access-control-allow-origin
*
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
202 Accepted
strict-transport-security
max-age=0
x-request-id
85dc172813e874b6f02979cc02d47b1e
x-runtime
0.072226
server
cloudflare
x-frame-options
ALLOWALL
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/html
pragma
no-cache
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
74c4cedf1d579b6e-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache
miss
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: aamkaesyc6rkm.clickfunnels.com
URL: https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
PT1X3XEF2KF64GRE
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
rWr2JWGo0/hJJpCkOl46Jludz4/khIecVhbiRQQ0qpVwJVN5XkS3fA4iIlbnsr7DzvXsY648nRw=
x-served-by
cache-hhn4051-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1663448812.571445,VS0,VE0
date
Sat, 17 Sep 2022 21:06:51 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5268
popclose2.png
klee.studio.s3.amazonaws.com/cfmarketplace/plf1/ 		0
0
track
app.clickfunnels.com/v1/ 		118 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/v1/track?_unique=0.14026732163259137&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//aamkaesyc6rkm.clickfunnels.com/optin1663426080334&_title=My%20Awesome%20Landing%20Page%20-%20Powered%20by%20ClickFunnels.com&_key=m0xque65&_page_key=xknilrcvwni2lx9w&_fid=12440429&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334&_referrer=
Requested by
Host: app.clickfunnels.com
URL: https://app.clickfunnels.com/cf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://aamkaesyc6rkm.clickfunnels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 21:06:51 GMT
access-control-request-method
*
cf-cache-status
BYPASS
x-powered-by
Phusion Passenger Enterprise 6.0.7
status
200 OK
strict-transport-security
max-age=0
content-encoding
br
x-request-id
c83de7a4d56463642e67f2c4a5023e49
x-runtime
0.025297
server
cloudflare
x-frame-options
ALLOWALL
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
74c4cedfee6c9b6e-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache
miss
rum
aamkaesyc6rkm.clickfunnels.com/cdn-cgi/ 		0
0
Primary Request /
piscinaveronza.com/ajax/dpd/de/ 		335 KB
238 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://piscinaveronza.com/ajax/dpd/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::2de , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
541e6b6aaa56bcb9602fa3f8604dd4cb79f7ae49a93c884dfd9bfbcfd34e5ed9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://aamkaesyc6rkm.clickfunnels.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 17 Sep 2022 21:06:51 GMT
etag
W/"53d1d-5e8677454072f"
last-modified
Sun, 11 Sep 2022 14:18:34 GMT
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
survey_data_collector
api.keen.io/3.0/projects/58a35e6f8db53dfda8a87a67/events/ 		0
0
rum
aamkaesyc6rkm.clickfunnels.com/cdn-cgi/ 		0
0
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1ff2532853664ecbc145f4dbc95fae8291a3ec722dbb0586b5a248790d9a52f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a123b651c9caea90bfa0b9dd5c1df7ce16ed998ff8ee14801147f0113cc68a14

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		597 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
255ac343be8acf31ca3debe1a89ecfeb7bf7949ca9bfcce726ec20db90d4ff71

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
441985bca86f350bd89721c5219dbcee393f2d9b206930ba3997919a1f4d2e9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		564 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1dd20181a733ac6bad0e65d39105cd1fe1bdd5cb9f68341a82d7a206310a1290

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		657 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b07b4ba931d2ff580554dec6bcdad83977282139a2c2278df7b37eeb811c9ade

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		187 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf3d35d5cb9529e6a751dd854a9916e390be29855f04209c316a9ae8b2ceadb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
291cb4d4ba35092b9b8bd849c7156784c4d15c7b6857da97fa41ae0b80e972b9

Request headers

Referer
Origin
https://piscinaveronza.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dceea27395ed1b2ab536cc460a7b398429d88232a11cea81458db125457a2b1c

Request headers

Referer
Origin
https://piscinaveronza.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa4f0aed1d0ec5764d186315819d7d80651bf620bc6378a9745701ad501a4984

Request headers

Referer
Origin
https://piscinaveronza.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
Origin
https://piscinaveronza.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
font/woff2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
track.addevent.com
URL
https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=e56b5d82-dc92-472f-6eea-2206d8be7489&url=https%3A%2F%2Faamkaesyc6rkm.clickfunnels.com%2Foptin1663426080334&cache=1663448811266
Domain
klee.studio.s3.amazonaws.com
URL
https://klee.studio.s3.amazonaws.com/cfmarketplace/plf1/popclose2.png
Domain
aamkaesyc6rkm.clickfunnels.com
URL
https://aamkaesyc6rkm.clickfunnels.com/cdn-cgi/rum?
Domain
api.keen.io
URL
https://api.keen.io/3.0/projects/58a35e6f8db53dfda8a87a67/events/survey_data_collector?api_key=E844E116CB12000A6B72AA691F8A2108E6BEBC97A05786370C6703C31E3A5FD4EDC7CC8012418A997621F11C2CFD95A9C1D64E6EF1850AFCC2B76E360F7BA3BC3BE6AEFCCFAAD87B19E1309B88378181E69436B7E01A38447184F2886A9D7AF9&data=eyJzdXJ2ZXlfaWQiOiI1NjMzMzQyM190bXBfc3VydmV5LTYxNDQ4IiwicGlkIjoicGFydGljaXBhbnRfOTNzYzMiLCJ0eXBlIjoic3RhcnRlZCJ9&modified=1663448811588&jsonp=keenJSONPCallback1663448811588
Domain
aamkaesyc6rkm.clickfunnels.com
URL
https://aamkaesyc6rkm.clickfunnels.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DPD (Transportation)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

15 Cookies

Domain/Path Name / Value
.clickfunnels.com/ Name: __cf_bm
Value: 1EBzI.iTdAA3tAM1Tznu.tvRp9dbXgGaiLYphzdH2bk-1663448810-0-Aa9lLVZJQ2BPUByNVz+exXNacs4hLxOT3gnuQYNlgB0+bSbw+xdEnW27CQXS0rZOrwiaURaPbZ+XpLAnfI+u5aQH4y41sl1PFe+xO5CDqsy1
aamkaesyc6rkm.clickfunnels.com/ Name: addevent_track_cookie
Value: e56b5d82-dc92-472f-6eea-2206d8be7489
aamkaesyc6rkm.clickfunnels.com/ Name: cf:aff_sub2
Value:
aamkaesyc6rkm.clickfunnels.com/ Name: cf:aff_sub3
Value:
aamkaesyc6rkm.clickfunnels.com/ Name: cf:aff_sub
Value:
aamkaesyc6rkm.clickfunnels.com/ Name: cf:affiliate_id
Value:
aamkaesyc6rkm.clickfunnels.com/ Name: cf:cf_affiliate_id
Value:
aamkaesyc6rkm.clickfunnels.com/ Name: cf:content
Value:
aamkaesyc6rkm.clickfunnels.com/ Name: cf:medium
Value:
aamkaesyc6rkm.clickfunnels.com/ Name: cf:name
Value:
aamkaesyc6rkm.clickfunnels.com/ Name: cf:source
Value:
aamkaesyc6rkm.clickfunnels.com/ Name: cf:term
Value:
aamkaesyc6rkm.clickfunnels.com/ Name: cf:NTYzMzM0MjM
Value: :visited=true
aamkaesyc6rkm.clickfunnels.com/ Name: cf:visitor_id
Value: 9a23a54c-67f8-463e-b857-2de9a5cb9e4f
aamkaesyc6rkm.clickfunnels.com/ Name: cf_survey_participant_56333423
Value: participant_93sc3

2 Console Messages

Source Level URL
Text
network error URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=e56b5d82-dc92-472f-6eea-2206d8be7489&url=https%3A%2F%2Faamkaesyc6rkm.clickfunnels.com%2Foptin1663426080334&cache=1663448811266
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning URL: https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334
Message:
Mixed Content: The page at 'https://aamkaesyc6rkm.clickfunnels.com/optin1663426080334' was loaded over HTTPS, but requested an insecure element 'http://klee.studio.s3.amazonaws.com/cfmarketplace/plf1/popclose2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aamkaesyc6rkm.clickfunnels.com
api.keen.io
app.clickfunnels.com
d26b395fwzu5fz.cloudfront.net
fonts.googleapis.com
images.clickfunnels.com
js-agent.newrelic.com
klee.studio.s3.amazonaws.com
piscinaveronza.com
static.cloudflareinsights.com
track.addevent.com
use.fontawesome.com
www.clickfunnels.com
aamkaesyc6rkm.clickfunnels.com
api.keen.io
klee.studio.s3.amazonaws.com
track.addevent.com
108.138.24.50
151.101.194.137
2001:8d8:100f:f000::2de
2606:4700:3033::6815:3f36
2606:4700:440e::ac40:9c1a
2606:4700::6810:dc2
2606:4700::6810:fc2
2a00:1450:4001:813::200a
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
1dd20181a733ac6bad0e65d39105cd1fe1bdd5cb9f68341a82d7a206310a1290
255ac343be8acf31ca3debe1a89ecfeb7bf7949ca9bfcce726ec20db90d4ff71
291cb4d4ba35092b9b8bd849c7156784c4d15c7b6857da97fa41ae0b80e972b9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
441985bca86f350bd89721c5219dbcee393f2d9b206930ba3997919a1f4d2e9c
49688b73fa32173ed401d94ed1380dd216a5a9665c11f180e7a0e5248bb07388
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
541e6b6aaa56bcb9602fa3f8604dd4cb79f7ae49a93c884dfd9bfbcfd34e5ed9
5824467254c4dff6cbb9de37d441170f9243287bba4380e206297e2f2c0ef7cd
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
7b1f36e4489039759beda709e343c3fb3df4ba87cb1d366bc41fcdf76f804838
a123b651c9caea90bfa0b9dd5c1df7ce16ed998ff8ee14801147f0113cc68a14
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
b07b4ba931d2ff580554dec6bcdad83977282139a2c2278df7b37eeb811c9ade
bf3d35d5cb9529e6a751dd854a9916e390be29855f04209c316a9ae8b2ceadb9
c1ff2532853664ecbc145f4dbc95fae8291a3ec722dbb0586b5a248790d9a52f
c8fbd44351b2040cbd911e73aa17794cfd00261d0f10a6881fd48ca8a1d880b3
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
dceea27395ed1b2ab536cc460a7b398429d88232a11cea81458db125457a2b1c
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
fa4f0aed1d0ec5764d186315819d7d80651bf620bc6378a9745701ad501a4984
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505