urlscan.io logo urlscan.io
SecurityTrails logo

leroidesplacements.biz Open in urlscan Pro
2606:4700::6810:fc2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cf.roidescryptomonnaies.com/queued_emails/816861052/click?url=http%3A%2F%2Fleroidesplacements.com%2Fpdv-easy-paye%3Futm_cont...
Effective URL: https://leroidesplacements.biz/felicitationstrading17858023
Submission: On June 05 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 16 domains to perform 49 HTTP transactions. The main IP is 2606:4700::6810:fc2, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is leroidesplacements.biz.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 10th 2018. Valid for: a year.
This is the only time leroidesplacements.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 8 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 28 2606:4700::68... 13335 (CLOUDFLAR...)
1 209.197.3.15 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 104.16.83.55 13335 (CLOUDFLAR...)
1 151.101.0.217 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.85.188.226 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 34.250.75.128 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
49 14
1    2606:4700::6810:ec2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cf.roidescryptomonnaies.com
8    2606:4700::6810:cc2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cf.roidescryptomonnaies.com
www.clickfunnels.com
app.clickfunnels.com
1    2606:4700:30::681f:518c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
leroidesplacements.com
28    2606:4700::6810:fc2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
leroidesplacements.biz
app.clickfunnels.com
1    209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    104.16.83.55 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
v2.zopim.com
1    151.101.0.217 (United States)

ASN54113 (FASTLY - Fastly, US)
player.vimeo.com
2    2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
1    52.85.188.226 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-188-226.fra2.r.cloudfront.net
d26b395fwzu5fz.cloudfront.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    34.250.75.128 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-250-75-128.eu-west-1.compute.amazonaws.com
track.addevent.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com
Domain Requested by
25 leroidesplacements.biz 2 redirects cf.roidescryptomonnaies.com
leroidesplacements.biz
7 app.clickfunnels.com leroidesplacements.biz
3 cf.roidescryptomonnaies.com 2 redirects
2 connect.facebook.net leroidesplacements.biz
connect.facebook.net
2 www.youtube.com leroidesplacements.biz
2 v2.zopim.com 1 redirects leroidesplacements.biz
2 www.clickfunnels.com leroidesplacements.biz
1 s.ytimg.com www.youtube.com
1 track.addevent.com leroidesplacements.biz
1 d26b395fwzu5fz.cloudfront.net leroidesplacements.biz
1 player.vimeo.com leroidesplacements.biz
1 www.googletagmanager.com leroidesplacements.biz
1 fonts.googleapis.com leroidesplacements.biz
1 maxcdn.bootstrapcdn.com leroidesplacements.biz
1 leroidesplacements.com 1 redirects
0 staticxx.facebook.com Failed connect.facebook.net
0 www.googleadservices.com Failed www.googletagmanager.com
49 17

This site contains no links.

Subject Issuer Validity Valid
leroidesplacements.biz
CloudFlare Inc ECC CA-2		 2018-11-10 -
2019-11-10		 a year crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-03 -
2019-10-12		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
ssl566619.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-17 -
2019-09-23		 6 months crt.sh
*.zopim.com
COMODO RSA Domain Validation Secure Server CA		 2017-12-06 -
2020-12-29		 3 years crt.sh
*.vimeo.com
DigiCert SHA2 Secure Server CA		 2018-08-24 -
2020-04-02		 2 years crt.sh
*.google.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-04-22 -
2019-07-21		 3 months crt.sh
addevent.com
Amazon		 2019-04-11 -
2020-05-11		 a year crt.sh

This page contains 6 frames:

Primary Page: https://leroidesplacements.biz/felicitationstrading17858023
Frame ID: EC7DAE8AFA985BFA283D72169121797D
Requests: 44 HTTP requests in this frame

Frame: https://player.vimeo.com/video/300696680?autoplay=1&title=0&byline=0&wmode=transparent
Frame ID: 9273DBB04370E195903089AC8D9E0927
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5TWQK5ZUrQ0?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: ECE200B54554BD4C46526AFEA41CACBA
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/300696680?autoplay=1&title=0&byline=0&wmode=transparent
Frame ID: DF78D59EDC7155877D146717FDFD0E7C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5TWQK5ZUrQ0?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: 1EA1EA861B6F441BDF9704749C7FBA78
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 452504B5BCF43FADF1D97BD9C1E4F3CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cf.roidescryptomonnaies.com/queued_emails/816861052/click?url=http%3A%2F%2Fleroidesplacements.com%2Fpdv-... Page URL
  2. http://cf.roidescryptomonnaies.com/cdn-cgi/l/chk_jschl?s=1672ae5f26da4f3c1734f4a170a7763223eff72f-1559731345-18... HTTP 302
    http://cf.roidescryptomonnaies.com/queued_emails/816861052/click?url=http%3A%2F%2Fleroidesplacements.com%2Fpdv-... HTTP 302
    http://leroidesplacements.com/pdv-easy-paye?utm_content=8507930&utm_medium=Email&utm_name=Id&utm_source=Ac... HTTP 307
    https://leroidesplacements.biz/pdv-easy-paye Page URL
  3. https://leroidesplacements.biz/cdn-cgi/l/chk_jschl?s=9d1fbac5d8d18d7c5ce0fc941081d41a86d69dc7-1559731351-18... HTTP 302
    https://leroidesplacements.biz/pdv-easy-paye HTTP 302
    https://leroidesplacements.biz/felicitationstrading17858023 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Page Statistics

49
Requests

90 %
HTTPS

64 %
IPv6

16
Domains

17
Subdomains

14
IPs

3
Countries

1040 kB
Transfer

3412 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cf.roidescryptomonnaies.com/queued_emails/816861052/click?url=http%3A%2F%2Fleroidesplacements.com%2Fpdv-easy-paye%3Futm_content%3D8507930%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=7500263c07cf987ae7a0522e10e107d2 Page URL
  2. http://cf.roidescryptomonnaies.com/cdn-cgi/l/chk_jschl?s=1672ae5f26da4f3c1734f4a170a7763223eff72f-1559731345-1800-AXkQvPRbC%2BIVOHunpN%2BXTd4mSpRlLc%2FEwKDGxcoXVjDpoV%2BKlLoO4ZoARBIUS4xTWWg%2FJM8P7tmm8fC3vDAq6CVDrV%2FJgP48lGb3M5A0cX4vUYiw%2BZrlzIYsWJcEkeUt8c7nbaLoIbMyn8C70%2BZL2qBVO9TGG6Y7mlLfi23mOsTszvZKLU7NeHzvaKTT8ZT7WxnAdao0u3Avg8HOFe9iEGfzoz8C%2FxdYFvyRD%2FP17rAt5ttqUFyj4HHNJg%2FAQ%2BVOJk1BHYbcCyCqyCThXbEUurmtzRruayKD7g43MvMBWGyB%2BnW9etFQAoGU%2F6qfb61fB4mbi%2F3Ap2O5vvH3cGTM7a0gRIExp4KVwAfo4GQz97AJKTk9ebSRffaBtHAy1O%2BBRkdzqdU8sxtgUy%2BTe%2Bpx3%2FPMwEX%2FPp1SkZeh9mb2rzlZ%2FfQ1JJUpJwQRH%2FgnBHhXaA%3D%3D&jschl_vc=9f7976776e22e9f405845aa72b409269&pass=1559731349.706-ENt8z9dk9s&jschl_answer=39.2388182028 HTTP 302
    http://cf.roidescryptomonnaies.com/queued_emails/816861052/click?url=http%3A%2F%2Fleroidesplacements.com%2Fpdv-easy-paye%3Futm_content%3D8507930%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=7500263c07cf987ae7a0522e10e107d2 HTTP 302
    http://leroidesplacements.com/pdv-easy-paye?utm_content=8507930&utm_medium=Email&utm_name=Id&utm_source=Actionetics&utm_term=Email HTTP 307
    https://leroidesplacements.biz/pdv-easy-paye Page URL
  3. https://leroidesplacements.biz/cdn-cgi/l/chk_jschl?s=9d1fbac5d8d18d7c5ce0fc941081d41a86d69dc7-1559731351-1800-AR13vjToOJrrPxVfUrhT%2FuTShpCV4aYXeaKKb3%2FM4Hjr4uzUGzc0NdXTRr5rMEpAErfUMk0%2FNRKxJNZCU4TwHPBe2Pyvg3%2FG6HSsHvBOhcSCUDWSAPZNfSqsBArz7ymzvb%2F54K0pdnWr7%2BmC0YN09WA%3D&jschl_vc=8238c0a09eb07fcae577582b25bbb49b&pass=1559731355.362-9i3B9VWn%2FQ&jschl_answer=26.6574671273 HTTP 302
    https://leroidesplacements.biz/pdv-easy-paye HTTP 302
    https://leroidesplacements.biz/felicitationstrading17858023 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://cf.roidescryptomonnaies.com/cdn-cgi/l/chk_jschl?s=1672ae5f26da4f3c1734f4a170a7763223eff72f-1559731345-1800-AXkQvPRbC%2BIVOHunpN%2BXTd4mSpRlLc%2FEwKDGxcoXVjDpoV%2BKlLoO4ZoARBIUS4xTWWg%2FJM8P7tmm8fC3vDAq6CVDrV%2FJgP48lGb3M5A0cX4vUYiw%2BZrlzIYsWJcEkeUt8c7nbaLoIbMyn8C70%2BZL2qBVO9TGG6Y7mlLfi23mOsTszvZKLU7NeHzvaKTT8ZT7WxnAdao0u3Avg8HOFe9iEGfzoz8C%2FxdYFvyRD%2FP17rAt5ttqUFyj4HHNJg%2FAQ%2BVOJk1BHYbcCyCqyCThXbEUurmtzRruayKD7g43MvMBWGyB%2BnW9etFQAoGU%2F6qfb61fB4mbi%2F3Ap2O5vvH3cGTM7a0gRIExp4KVwAfo4GQz97AJKTk9ebSRffaBtHAy1O%2BBRkdzqdU8sxtgUy%2BTe%2Bpx3%2FPMwEX%2FPp1SkZeh9mb2rzlZ%2FfQ1JJUpJwQRH%2FgnBHhXaA%3D%3D&jschl_vc=9f7976776e22e9f405845aa72b409269&pass=1559731349.706-ENt8z9dk9s&jschl_answer=39.2388182028 HTTP 302
  • http://cf.roidescryptomonnaies.com/queued_emails/816861052/click?url=http%3A%2F%2Fleroidesplacements.com%2Fpdv-easy-paye%3Futm_content%3D8507930%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=7500263c07cf987ae7a0522e10e107d2 HTTP 302
  • http://leroidesplacements.com/pdv-easy-paye?utm_content=8507930&utm_medium=Email&utm_name=Id&utm_source=Actionetics&utm_term=Email HTTP 307
  • https://leroidesplacements.biz/pdv-easy-paye
Request Chain 28
  • https://v2.zopim.com/?65Khh7747cz9ltKrIIomOz74VcqjDHql HTTP 302
  • https://v2.zopim.com/bin/v/widget_v2.298.js

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set click
cf.roidescryptomonnaies.com/queued_emails/816861052/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cf.roidescryptomonnaies.com/queued_emails/816861052/click?url=http%3A%2F%2Fleroidesplacements.com%2Fpdv-easy-paye%3Futm_content%3D8507930%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=7500263c07cf987ae7a0522e10e107d2
Protocol
HTTP/1.1
Server
2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
192703aac96106d07ae5ee43c1afb33933a1d5e566f0849bfe24a88e4b8e5c6b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
cf.roidescryptomonnaies.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 10:42:25 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Frame-Options
SAMEORIGIN
Set-Cookie
__cfduid=d8b7399c08c755d4870ab7a83217e52e71559731345; expires=Thu, 04-Jun-20 10:42:25 GMT; path=/; domain=.cf.roidescryptomonnaies.com; HttpOnly __cf_bm=b163b028decc037836a265059d43a4275bfd405f-1559731345-1800-AcQpRZ/KkSvMc+waC2r3SGG75Xs19duGfZmTLp41RRzBJuEvHsRcDFsoSkQaes9zylkfwQHEh0+DGxdJZuoim+I=; path=/; expires=Wed, 05-Jun-19 11:12:25 GMT; domain=.cf.roidescryptomonnaies.com; HttpOnly
Cache-Control
no-cache
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4e218a2ead5a6509-FRA
pdv-easy-paye
leroidesplacements.biz/
Redirect Chain
  • http://cf.roidescryptomonnaies.com/cdn-cgi/l/chk_jschl?s=1672ae5f26da4f3c1734f4a170a7763223eff72f-1559731345-1800-AXkQvPRbC%2BIVOHunpN%2BXTd4mSpRlLc%2FEwKDGxcoXVjDpoV%2BKlLoO4ZoARBIUS4xTWWg%2FJM8P7...
  • http://cf.roidescryptomonnaies.com/queued_emails/816861052/click?url=http%3A%2F%2Fleroidesplacements.com%2Fpdv-easy-paye%3Futm_content%3D8507930%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3D...
  • http://leroidesplacements.com/pdv-easy-paye?utm_content=8507930&utm_medium=Email&utm_name=Id&utm_source=Actionetics&utm_term=Email
  • https://leroidesplacements.biz/pdv-easy-paye
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leroidesplacements.biz/pdv-easy-paye
Requested by
Host: cf.roidescryptomonnaies.com
URL: http://cf.roidescryptomonnaies.com/queued_emails/816861052/click?url=http%3A%2F%2Fleroidesplacements.com%2Fpdv-easy-paye%3Futm_content%3D8507930%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=7500263c07cf987ae7a0522e10e107d2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7cd373184de6cc317c6913d93f5ccc7275fc6d2007eeaec989ccb901f625a6c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
leroidesplacements.biz
:scheme
https
:path
/pdv-easy-paye
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://cf.roidescryptomonnaies.com/queued_emails/816861052/click?url=http%3A%2F%2Fleroidesplacements.com%2Fpdv-easy-paye%3Futm_content%3D8507930%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=7500263c07cf987ae7a0522e10e107d2
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cf.roidescryptomonnaies.com/queued_emails/816861052/click?url=http%3A%2F%2Fleroidesplacements.com%2Fpdv-easy-paye%3Futm_content%3D8507930%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=7500263c07cf987ae7a0522e10e107d2

Response headers

status
503
date
Wed, 05 Jun 2019 10:42:31 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
set-cookie
__cfduid=d24ddc6c68e834dcc0dcff2cb80bcc7691559731351; expires=Thu, 04-Jun-20 10:42:31 GMT; path=/; domain=.leroidesplacements.biz; HttpOnly __cf_bm=24c301ac07ec89702e87fefc60b3d80af45a202a-1559731351-1800-AVbktY7eScvBxB6at9LO6tLR/cmbezQv7LoRdYfPsRsxO5MiL2ZVYDK9loRD4WN8Tc6PKLNUuZz/DxJUy0sn/0U=; path=/; expires=Wed, 05-Jun-19 11:12:31 GMT; domain=.leroidesplacements.biz; HttpOnly
cache-control
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4e218a51fae36461-FRA

Redirect headers

Date
Wed, 05 Jun 2019 10:42:31 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dfce8f68e2be5a43978927233b4124afd1559731349; expires=Thu, 04-Jun-20 10:42:29 GMT; path=/; domain=.leroidesplacements.com; HttpOnly prli_click_6=pdv-easy-paye; expires=Fri, 05-Jul-2019 10:42:30 GMT; Max-Age=2592000; path=/ prli_visitor=5cf79c9700993; expires=Thu, 04-Jun-2020 10:42:30 GMT; Max-Age=31536000; path=/
X-Powered-By
PHP/7.1.29
X-Robots-Tag
noindex, nofollow
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma
no-cache
Expires
Mon, 07 Jul 1777 07:07:07 GMT
X-Redirect-Powered-By
Pretty Link Lite 2.1.2 http://prettylink.com
Location
https://leroidesplacements.biz/pdv-easy-paye
Server
cloudflare
CF-RAY
4e218a491ce3640d-FRA
Primary Request felicitationstrading17858023
leroidesplacements.biz/
Redirect Chain
  • https://leroidesplacements.biz/cdn-cgi/l/chk_jschl?s=9d1fbac5d8d18d7c5ce0fc941081d41a86d69dc7-1559731351-1800-AR13vjToOJrrPxVfUrhT%2FuTShpCV4aYXeaKKb3%2FM4Hjr4uzUGzc0NdXTRr5rMEpAErfUMk0%2FNRKxJNZCU...
  • https://leroidesplacements.biz/pdv-easy-paye
  • https://leroidesplacements.biz/felicitationstrading17858023
296 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leroidesplacements.biz/felicitationstrading17858023
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/pdv-easy-paye
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 5.3.7
Resource Hash
72a4516e42e55d4638dc626db56504999e981689c5041e303d1750acf590c060
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

:method
GET
:authority
leroidesplacements.biz
:scheme
https
:path
/felicitationstrading17858023
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://leroidesplacements.biz/pdv-easy-paye
accept-encoding
gzip, deflate, br
cookie
__cfduid=db4351683efe1e2e7c088342598ab518c1559731355; cf_clearance=cb3357422f6397b8b6aa7a6a3767de430a2e13ad-1559731355-3600-150; __cf_bm=8a99f7d74deeac0edc47fdfab1841c4a45b982f5-1559731355-1800-AeQUKugJz9dXYRQ5MxyMEzZkLNW5KrtMjGPgjwZS6PgSW1pyRKXejP45MInKs/ovIShrdBaGFZ8mgBlsukNQ+a8=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://leroidesplacements.biz/pdv-easy-paye

Response headers

status
200 200 OK
date
Wed, 05 Jun 2019 10:42:35 GMT
content-type
text/html; charset=utf-8
last-modified
Tue, 23 Apr 2019 14:14:51 GMT
cache-control
max-age=60, public, s-maxage=15552000, r-maxage=10
x-request-id
85ecc07a-b246-4b86-9a90-2f2657e72917
x-content-digest
cd2342e9b184f375dcd6738d7d648b1a2057ff46
x-frame-options
ALLOWALL
x-runtime
0.323634
x-rack-cache
stale, valid, store
x-powered-by
Phusion Passenger Enterprise 5.3.7
via
1.1 vegur
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4e218a6d1a506461-FRA
content-encoding
br

Redirect headers

status
302 302 Found
date
Wed, 05 Jun 2019 10:42:35 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache, private
x-request-id
c5afa552-534a-4dab-b848-ede8af8a63e2
location
https://leroidesplacements.biz/felicitationstrading17858023
x-runtime
0.113952
x-frame-options
ALLOWALL
x-rack-cache
miss
x-powered-by
Phusion Passenger Enterprise 5.3.7
via
1.1 vegur
cf-cache-status
BYPASS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
set-cookie
__cf_bm=8a99f7d74deeac0edc47fdfab1841c4a45b982f5-1559731355-1800-AeQUKugJz9dXYRQ5MxyMEzZkLNW5KrtMjGPgjwZS6PgSW1pyRKXejP45MInKs/ovIShrdBaGFZ8mgBlsukNQ+a8=; path=/; expires=Wed, 05-Jun-19 11:12:35 GMT; domain=.leroidesplacements.biz; HttpOnly
server
cloudflare
cf-ray
4e218a6b89026461-FRA
lander.css
leroidesplacements.biz/assets/ 		420 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leroidesplacements.biz/assets/lander.css
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce0e4520004fd0d3a14b711780975da93476cd06a61bbd7f70ab1d63144b17c

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Tue, 04 Jun 2019 17:50:41 GMT
server
cloudflare
etag
W/"5cf6af71-6911e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
content-encoding
br
cache-control
public, max-age=1200
cf-ray
4e218a6d5a816461-FRA
expires
Wed, 05 Jun 2019 11:02:35 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin
*
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
css
fonts.googleapis.com/ 		41 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
03232b500b8a4883dd3667641640d577833233721d53144ffab6ddc517a46822
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 05 Jun 2019 10:42:35 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 05 Jun 2019 10:42:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 05 Jun 2019 10:42:35 GMT
application.js
leroidesplacements.biz/assets/userevents/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leroidesplacements.biz/assets/userevents/application.js
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
via
1.1 vegur
cf-cache-status
HIT
status
200
content-encoding
br
last-modified
Wed, 01 May 2019 15:31:12 GMT
server
cloudflare
etag
W/"5cc9bbc0-1353"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
cf-ray
4e218a6d5a826461-FRA
expires
Wed, 05 Jun 2019 11:02:35 GMT
js
www.googletagmanager.com/gtag/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-989957962
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
aaa4c024d1df1d5440755caa932524c7dfe6cf06c6e96c9f62e671620071ce1e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2019 01:02:29 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25345
x-xss-protection
0
expires
Wed, 05 Jun 2019 10:42:35 GMT
closemodal.png
www.clickfunnels.com/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clickfunnels.com/images/closemodal.png
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
Logo-JN-3-2019.png
leroidesplacements.biz/hosted/images/3b/f0e138461c4089a61701fa75d03c60/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/3b/f0e138461c4089a61701fa75d03c60/Logo-JN-3-2019.png
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eef2233695285f148ba0973861b23c701eb639846b65e76f2f5b4114a3f72c0

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:85
server
cloudflare
etag
"ff31ca979772f5abba439920b7e61954"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=31536000
cf-polished
status=not_needed
last-modified
Wed, 27 Mar 2019 11:42:59 GMT
accept-ranges
bytes
cf-ray
4e218a6dead86461-FRA
content-length
12533
down-2.png
leroidesplacements.biz/hosted/images/images/stock/arrows/black/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/images/stock/arrows/black/down-2.png
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a189502713a99b9b03b428f20941e62717d2bdfcc9f6578fe8e9a478b701fb7b

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
cf-cache-status
HIT
cf-polished
pngoptimizer, origSize=75496
status
200
cf-bgj
imgq:100
content-length
65512
last-modified
Fri, 11 Nov 2016 20:39:29 GMT
server
cloudflare
etag
"51045b11821f62268f9ed09144a69583"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
4e218a6deadb6461-FRA
expires
Sat, 06 Jul 2019 10:42:35 GMT
c3.png
leroidesplacements.biz/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/images/c3.png
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
286bb8b03b3d4654c30f82fa31b8340e8f87a30dcff0cc076effd931d8340f70

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:36 GMT
via
1.1 vegur
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=11318
status
200
content-disposition
inline; filename="c3.webp"
cf-bgj
imgq:100
content-length
9996
last-modified
Fri, 31 May 2019 20:51:15 GMT
server
cloudflare
etag
"5cf193c3-2c36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
4e218a6dfae46461-FRA
expires
Sat, 06 Jul 2019 10:42:36 GMT
isabelle.jpg
leroidesplacements.biz/hosted/images/a6/e598d1ecc411e89f38d3e70d49b4dd/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/a6/e598d1ecc411e89f38d3e70d49b4dd/isabelle.jpg
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d74b018d85c2ae1518a9d4356c9098e15c892c2a0f2a516b2322e4698b1438f

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:85
server
cloudflare
etag
"9d1e0e3dfc6635a40006f1255a952061"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=31536000
cf-polished
status=not_needed
last-modified
Tue, 20 Nov 2018 13:03:22 GMT
accept-ranges
bytes
cf-ray
4e218a6dfae56461-FRA
content-length
80820
Pascal.jpg
leroidesplacements.biz/hosted/images/a6/42c920ecc411e891406f728cea67ff/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/a6/42c920ecc411e891406f728cea67ff/Pascal.jpg
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
112869c5ae96e993b8e1cb5af788980d64e36b78424e858d12e373a1cec3b34f

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
cf-cache-status
HIT
cf-bgj
imgq:85
server
cloudflare
etag
"d21e25580c6cf935666fe4bd9a44f715"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=31536000
cf-polished
status=not_needed
last-modified
Tue, 20 Nov 2018 13:03:21 GMT
accept-ranges
bytes
cf-ray
4e218a6dfae76461-FRA
content-length
59996
logo_test.png
leroidesplacements.biz/hosted/images/57/f277906f1311e8ac1659abb7481012/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/57/f277906f1311e8ac1659abb7481012/logo_test.png
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
70593aec91110bab41796f4b170def8cde108d689e5da00c7ae4b87005bd8a14
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
503
cache-control
no-cache
cf-ray
4e218a6e5b336461-FRA
Gaetan.jpg
leroidesplacements.biz/hosted/images/ac/ab3ab0ecc711e88896d3a7367ead5d/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/ac/ab3ab0ecc711e88896d3a7367ead5d/Gaetan.jpg
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
145b3e96824ed677994cf8b19d96de25a97a19dc26de99ef7c0d5db3c062f3d4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
503
cache-control
no-cache
cf-ray
4e218a6e5b346461-FRA
chantal.jpg
leroidesplacements.biz/hosted/images/a5/3eedb0ecc411e88896d3a7367ead5d/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/a5/3eedb0ecc411e88896d3a7367ead5d/chantal.jpg
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfd226388bc607f4edf2609207b0113d9917e92a6ece626c0a19ce6a6d1074b1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
503
cache-control
no-cache
cf-ray
4e218a6e5b356461-FRA
sub-title_competitivite-1-300x300.png
leroidesplacements.biz/hosted/images/fa/890440dcf211e8965a8f8f00607498/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/fa/890440dcf211e8965a8f8f00607498/sub-title_competitivite-1-300x300.png
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee40675e82c5daa537f8558c44c9d83e4592a1a176375f11e0e292bf04d9f53
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
503
cache-control
no-cache
cf-ray
4e218a6e5b366461-FRA
Gaetan.jpg
leroidesplacements.biz/hosted/images/a6/4b7bb1ecc411e89a2c6d71dbc9e5fe/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/a6/4b7bb1ecc411e89a2c6d71dbc9e5fe/Gaetan.jpg
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
80e369fe66d9c4ab0d09c9f0d157427e3e4df96d5793fcfa0482c1c8b778d57f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
503
cache-control
no-cache
cf-ray
4e218a6e6b3e6461-FRA
gains-mensuels.jpg
leroidesplacements.biz/hosted/images/44/8c4d60ecc811e89a2c6d71dbc9e5fe/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/44/8c4d60ecc811e89a2c6d71dbc9e5fe/gains-mensuels.jpg
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9341462c272a0acc7c06f6368f5e4c7e00463e7b492601b8bf3d18b5a0499725
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
503
cache-control
no-cache
cf-ray
4e218a6e8b526461-FRA
Mobile-Smartphone-icon.png
leroidesplacements.biz/hosted/images/6c/92e1e0dcef11e89b72198710f3760d/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/6c/92e1e0dcef11e89b72198710f3760d/Mobile-Smartphone-icon.png
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eadb1c33fd408583061612d47e4e4f5d3f88edf2a25c8e57588905c6516eebf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
503
cache-control
no-cache
cf-ray
4e218a6e8b546461-FRA
assistante.jpg
leroidesplacements.biz/hosted/images/39/8bdd30d39711e8b5a04b61c4be0270/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/39/8bdd30d39711e8b5a04b61c4be0270/assistante.jpg
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e36c599ef4438943be275d479f3a7ad6a2b1df2a80d1702e9e15a8e7790da0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
503
cache-control
no-cache
cf-ray
4e218a6e8b556461-FRA
78200f2f-c295-4bb1-9cae-48f8422b5aed.png
leroidesplacements.biz/hosted/images/7c/929ca0ece111e89f0c65d78bedb6f8/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/7c/929ca0ece111e89f0c65d78bedb6f8/78200f2f-c295-4bb1-9cae-48f8422b5aed.png
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fa531b3cb172605cec2172e4c775fd705806a94c8f55490a9abb664c6297b32
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
503
cache-control
no-cache
cf-ray
4e218a6e8b5c6461-FRA
meilleur.jpg
leroidesplacements.biz/hosted/images/7d/769400ece111e89f38d3e70d49b4dd/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/7d/769400ece111e89f38d3e70d49b4dd/meilleur.jpg
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1baea7705fb2cbd15ec263c71f0feda61915098cbb471de56f9847a88226aaee
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
503
cache-control
no-cache
cf-ray
4e218a6e9b636461-FRA
fiscalite.jpg
leroidesplacements.biz/hosted/images/7c/75ece1ece111e89a20af1011a788b4/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/7c/75ece1ece111e89a20af1011a788b4/fiscalite.jpg
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
caadb200f0c824ca86a366c906bc4351c151f58c6ac5c243f6ca98a90c5f958a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
503
cache-control
no-cache
cf-ray
4e218a6e9b646461-FRA
lander.js
leroidesplacements.biz/assets/ 		939 KB
259 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leroidesplacements.biz/assets/lander.js
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a43be63f0cb1878c54173be83f0bfa63b9f99eebff10786f23a68ec16073f2

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Tue, 04 Jun 2019 18:48:59 GMT
server
cloudflare
etag
W/"5cf6bd1b-eab87"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
content-encoding
br
cache-control
public, max-age=1200
cf-ray
4e218a6ddacf6461-FRA
expires
Wed, 05 Jun 2019 11:02:35 GMT
badge.png
www.clickfunnels.com/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clickfunnels.com/images/badge.png
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
mailcheck.min.js
app.clickfunnels.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/mailcheck.min.js
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
pushcrew.js
app.clickfunnels.com/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/pushcrew.js
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
widget_v2.298.js
v2.zopim.com/bin/v/
Redirect Chain
  • https://v2.zopim.com/?65Khh7747cz9ltKrIIomOz74VcqjDHql
  • https://v2.zopim.com/bin/v/widget_v2.298.js
1 MB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.zopim.com/bin/v/widget_v2.298.js
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.83.55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
423b93ef016c8c640a4e64926769dc3d1e3eacb397cfb2eb8144cad7fcb5930a

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 May 2019 06:50:38 GMT
server
cloudflare
etag
W/"5cecda3e-102d60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=315360000
cf-ray
4e218a6ef9209bdf-AMS
expires
Sat, 02 Jun 2029 10:42:35 GMT

Redirect headers

date
Wed, 05 Jun 2019 10:42:35 GMT
cf-cache-status
HIT
server
cloudflare
location
https://v2.zopim.com/bin/v/widget_v2.298.js
etag
"5cf5decf-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
302
cache-control
max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray
4e218a6e58a89bdf-AMS
content-length
0
expires
Wed, 05 Jun 2019 14:41:31 GMT
300696680
player.vimeo.com/video/ Frame 9273 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/300696680?autoplay=1&title=0&byline=0&wmode=transparent
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.217 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://leroidesplacements.biz/felicitationstrading17858023
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://leroidesplacements.biz/felicitationstrading17858023

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Wed, 05 Jun 2019 14:07:14 GMT
Via
1.1 varnish 1.1 varnish 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-a-8
X-Vimeo-DC
ge
Content-Length
7538
Accept-Ranges
bytes
Date
Wed, 05 Jun 2019 10:42:36 GMT
Age
0
Connection
keep-alive
X-Served-By
cache-bwi5121-BWI, cache-hhn1540-HHN
X-Cache
MISS, MISS
X-Cache-Hits
0, 0
X-Timer
S1559731356.899287,VS0,VE101
Vary
Accept-Encoding
5TWQK5ZUrQ0
www.youtube.com/embed/ Frame ECE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/5TWQK5ZUrQ0?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/5TWQK5ZUrQ0?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://leroidesplacements.biz/felicitationstrading17858023
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://leroidesplacements.biz/felicitationstrading17858023

Response headers

status
200
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
cache-control
no-cache
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 EST
date
Wed, 05 Jun 2019 10:42:36 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=XZrcoVWY-j4; path=/; domain=.youtube.com; expires=Mon, 02-Dec-2019 10:42:35 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Wed, 05-Jun-2019 11:12:35 GMT YSC=1jj7elHrHRI; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=XZrcoVWY-j4; path=/; domain=.youtube.com; expires=Mon, 02-Dec-2019 10:42:35 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Mon, 03-Feb-2020 22:35:36 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
crissXcross__2X.png
leroidesplacements.biz/hosted/images/65/2eedf03db811e68974d5a01d1d5c10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leroidesplacements.biz/hosted/images/65/2eedf03db811e68974d5a01d1d5c10/crissXcross__2X.png
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b79fb000048225bf67f64c46004597372115ab87e1e2e53ef48115dca7406094
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
503
cache-control
no-cache
cf-ray
4e218a6eab6d6461-FRA
conversion_async.js
www.googleadservices.com/pagead/ 		0
0
keen-tracking-1.0.3.min.js
d26b395fwzu5fz.cloudfront.net/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d26b395fwzu5fz.cloudfront.net/keen-tracking-1.0.3.min.js
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/assets/lander.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.226 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-226.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 22 Sep 2017 01:41:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Mar 2016 04:24:33 GMT
Server
AmazonS3
Age
27626447
ETag
"a6acb97120359c326c8f7775a5514f5d"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8994
X-Amz-Cf-Id
JtHwUUUZPHoc1zoOMSP9_GPWC-lngx08qL4X3vHnV1dD_K5notdBrg==
Expires
Fri, 31 Mar 2017 04:24:29 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
EaYZWK13TDu+ngn0N9tlKw==
status
200
content-length
1780
x-fb-debug
aZiZyeK4Z+7aXQytu8NR+A4oXwPRhoQ5UmYwyLs2B6HbaV7OcJWt533vipiLT83nh8NNb0EeSpl1QwEQ6U4KEg==
x-fb-content-md5
6b599b7fe2d67dbba050b2a9e1f00225
x-frame-options
DENY
etag
"a4b2a8c87cf2623dde341b9a342fd7a4"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 05 Jun 2019 10:43:22 GMT
vendor.js
leroidesplacements.biz/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://leroidesplacements.biz/vendor.js
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
503
cache-control
no-cache
cf-ray
4e218a710d676461-FRA
mailcheck.min.js
app.clickfunnels.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/mailcheck.min.js
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
/
track.addevent.com/atc/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=d546d87a-6c0a-4f6b-cf39-77235d663338&url=https%3A%2F%2Fleroidesplacements.biz%2Ffelicitationstrading17858023&cache=1559731356332
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.75.128 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-250-75-128.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
sdk.js
connect.facebook.net/en_US/ 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c5122e8fbc6196cac50c805e58637594&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://leroidesplacements.biz/felicitationstrading17858023
Origin
https://leroidesplacements.biz

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
G6selbQEAa5Hn0fxGX//lA==
status
200
date
Wed, 05 Jun 2019 10:42:36 GMT
vary
Accept-Encoding
content-length
59629
x-fb-debug
nFONjeKN25NU/D2n486kmy9bp6hlMgDvjF8mJdML4dIhxJoddCp6Wz1BfGsK6FINZ/LWIU0UK5VQVucR3fc/qw==
x-fb-content-md5
4064778b54f3fb870749fb0e1bf8e42d
etag
"1bd898cdbdd4aac17021b99648275899"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 04 Jun 2020 10:11:19 GMT
pushcrew.js
app.clickfunnels.com/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/pushcrew.js
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/felicitationstrading17858023
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
/
app.clickfunnels.com/userevents/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=OGxHdklGRFp5ZzNEdmF5eHAzdHdOUT09LS13VnAzQmJlZUx5YXRTbVU0OTBBUkxBPT0%3D--47568c10606d5f04c97f9b81207e324d7519e560&page_id=SSt1UDZlSzlVYTRQMzRwaThXYytkUT09LS1iaDVCVCtTK2JoNGRlZFFaL2kvUWZRPT0%3D--ca79a75de61db282242627c2a60a2b89f0f17f3c&funnel_step_id=S2JlRWlyRWFJME5GcVE3L3Zpekc1Zz09LS1BZ1c4djlLTWRhc1FMSkk5SFgxSGVRPT0%3D--837a8302380130c1daf8f0f412e6d06c37cc168e&user_id=SXZpcVc4dzVtZGh2NS9kNHpnK0pLZz09LS1OWGdwaXN2cnRDazNORkJEWS96ci9RPT0%3D--48ac8a0a9d4de85a71378edd0dd0bea0333d8ae8&page_code=MTc4NTgwMjM%3D&mode_id=1&time_zone=Paris&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1585&type=Userevents::PageviewsCreatedSummary&nonce=8a579e4d-270c-42ea-b5ed-a86811318984&url=https%3A%2F%2Fleroidesplacements.biz%2Ffelicitationstrading17858023
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://leroidesplacements.biz/felicitationstrading17858023
Origin
https://leroidesplacements.biz

Response headers
/
app.clickfunnels.com/userevents/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=OGxHdklGRFp5ZzNEdmF5eHAzdHdOUT09LS13VnAzQmJlZUx5YXRTbVU0OTBBUkxBPT0%3D--47568c10606d5f04c97f9b81207e324d7519e560&page_id=SSt1UDZlSzlVYTRQMzRwaThXYytkUT09LS1iaDVCVCtTK2JoNGRlZFFaL2kvUWZRPT0%3D--ca79a75de61db282242627c2a60a2b89f0f17f3c&funnel_step_id=S2JlRWlyRWFJME5GcVE3L3Zpekc1Zz09LS1BZ1c4djlLTWRhc1FMSkk5SFgxSGVRPT0%3D--837a8302380130c1daf8f0f412e6d06c37cc168e&user_id=SXZpcVc4dzVtZGh2NS9kNHpnK0pLZz09LS1OWGdwaXN2cnRDazNORkJEWS96ci9RPT0%3D--48ac8a0a9d4de85a71378edd0dd0bea0333d8ae8&page_code=MTc4NTgwMjM%3D&mode_id=1&time_zone=Paris&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1585&type=Userevents::UniquePageviewsCreatedSummary&nonce=e111223f-5dc7-48c9-90e9-6fefc054b234&url=https%3A%2F%2Fleroidesplacements.biz%2Ffelicitationstrading17858023
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://leroidesplacements.biz/felicitationstrading17858023
Origin
https://leroidesplacements.biz

Response headers
/
app.clickfunnels.com/userevents/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=OGxHdklGRFp5ZzNEdmF5eHAzdHdOUT09LS13VnAzQmJlZUx5YXRTbVU0OTBBUkxBPT0%3D--47568c10606d5f04c97f9b81207e324d7519e560&page_id=SSt1UDZlSzlVYTRQMzRwaThXYytkUT09LS1iaDVCVCtTK2JoNGRlZFFaL2kvUWZRPT0%3D--ca79a75de61db282242627c2a60a2b89f0f17f3c&funnel_step_id=S2JlRWlyRWFJME5GcVE3L3Zpekc1Zz09LS1BZ1c4djlLTWRhc1FMSkk5SFgxSGVRPT0%3D--837a8302380130c1daf8f0f412e6d06c37cc168e&user_id=SXZpcVc4dzVtZGh2NS9kNHpnK0pLZz09LS1OWGdwaXN2cnRDazNORkJEWS96ci9RPT0%3D--48ac8a0a9d4de85a71378edd0dd0bea0333d8ae8&page_code=MTc4NTgwMjM%3D&mode_id=1&time_zone=Paris&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1585&type=Userevents::UniqueVisitorsCreatedSummary&nonce=5faa5c6e-c76a-4b4f-9483-beb662d351bf&url=https%3A%2F%2Fleroidesplacements.biz%2Ffelicitationstrading17858023
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://leroidesplacements.biz/felicitationstrading17858023
Origin
https://leroidesplacements.biz

Response headers
iframe_api
www.youtube.com/ 		859 B
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: leroidesplacements.biz
URL: https://leroidesplacements.biz/assets/lander.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 10:42:36 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 EST
300696680
player.vimeo.com/video/ Frame DF78 		0
0
5TWQK5ZUrQ0
www.youtube.com/embed/ Frame 1EA1 		0
0
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflWEkxrd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflWEkxrd/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://leroidesplacements.biz/felicitationstrading17858023
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 08:36:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353185
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8093
x-xss-protection
0
last-modified
Sat, 01 Jun 2019 02:01:50 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sun, 09 Jun 2019 08:36:11 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 4525 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/conversion_async.js
Domain
player.vimeo.com
URL
https://player.vimeo.com/video/300696680?autoplay=1&title=0&byline=0&wmode=transparent
Domain
www.youtube.com
URL
https://www.youtube.com/embed/5TWQK5ZUrQ0?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Domain
staticxx.facebook.com
URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

2 Cookies

Domain/Path Name / Value
.leroidesplacements.biz/ Name: __cf_bm
Value: 24c301ac07ec89702e87fefc60b3d80af45a202a-1559731351-1800-AVbktY7eScvBxB6at9LO6tLR/cmbezQv7LoRdYfPsRsxO5MiL2ZVYDK9loRD4WN8Tc6PKLNUuZz/DxJUy0sn/0U=
.leroidesplacements.biz/ Name: __cfduid
Value: d24ddc6c68e834dcc0dcff2cb80bcc7691559731351

3 Console Messages

Source Level URL
Text
console-api error URL: https://leroidesplacements.biz/assets/userevents/application.js(Line 1)
Message:
console-api error URL: https://leroidesplacements.biz/assets/userevents/application.js(Line 1)
Message:
console-api error URL: https://leroidesplacements.biz/assets/userevents/application.js(Line 1)
Message:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.clickfunnels.com
cf.roidescryptomonnaies.com
connect.facebook.net
d26b395fwzu5fz.cloudfront.net
fonts.googleapis.com
leroidesplacements.biz
leroidesplacements.com
maxcdn.bootstrapcdn.com
player.vimeo.com
s.ytimg.com
staticxx.facebook.com
track.addevent.com
v2.zopim.com
www.clickfunnels.com
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
player.vimeo.com
staticxx.facebook.com
www.googleadservices.com
www.youtube.com
104.16.83.55
151.101.0.217
209.197.3.15
2606:4700:30::681f:518c
2606:4700::6810:cc2
2606:4700::6810:ec2
2606:4700::6810:fc2
2a00:1450:4001:818::200e
2a00:1450:4001:819::200a
2a00:1450:4001:81f::2008
2a00:1450:4001:821::200e
2a03:2880:f02d:12:face:b00c:0:3
34.250.75.128
52.85.188.226
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
03232b500b8a4883dd3667641640d577833233721d53144ffab6ddc517a46822
112869c5ae96e993b8e1cb5af788980d64e36b78424e858d12e373a1cec3b34f
145b3e96824ed677994cf8b19d96de25a97a19dc26de99ef7c0d5db3c062f3d4
192703aac96106d07ae5ee43c1afb33933a1d5e566f0849bfe24a88e4b8e5c6b
1baea7705fb2cbd15ec263c71f0feda61915098cbb471de56f9847a88226aaee
1d74b018d85c2ae1518a9d4356c9098e15c892c2a0f2a516b2322e4698b1438f
286bb8b03b3d4654c30f82fa31b8340e8f87a30dcff0cc076effd931d8340f70
34e36c599ef4438943be275d479f3a7ad6a2b1df2a80d1702e9e15a8e7790da0
423b93ef016c8c640a4e64926769dc3d1e3eacb397cfb2eb8144cad7fcb5930a
5eadb1c33fd408583061612d47e4e4f5d3f88edf2a25c8e57588905c6516eebf
6ee40675e82c5daa537f8558c44c9d83e4592a1a176375f11e0e292bf04d9f53
70593aec91110bab41796f4b170def8cde108d689e5da00c7ae4b87005bd8a14
72a4516e42e55d4638dc626db56504999e981689c5041e303d1750acf590c060
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80e369fe66d9c4ab0d09c9f0d157427e3e4df96d5793fcfa0482c1c8b778d57f
8ce0e4520004fd0d3a14b711780975da93476cd06a61bbd7f70ab1d63144b17c
8fa531b3cb172605cec2172e4c775fd705806a94c8f55490a9abb664c6297b32
9341462c272a0acc7c06f6368f5e4c7e00463e7b492601b8bf3d18b5a0499725
9eef2233695285f148ba0973861b23c701eb639846b65e76f2f5b4114a3f72c0
a189502713a99b9b03b428f20941e62717d2bdfcc9f6578fe8e9a478b701fb7b
aaa4c024d1df1d5440755caa932524c7dfe6cf06c6e96c9f62e671620071ce1e
b79fb000048225bf67f64c46004597372115ab87e1e2e53ef48115dca7406094
caadb200f0c824ca86a366c906bc4351c151f58c6ac5c243f6ca98a90c5f958a
cfd226388bc607f4edf2609207b0113d9917e92a6ece626c0a19ce6a6d1074b1
e2a43be63f0cb1878c54173be83f0bfa63b9f99eebff10786f23a68ec16073f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7cd373184de6cc317c6913d93f5ccc7275fc6d2007eeaec989ccb901f625a6c