urlscan.io logo urlscan.io
SecurityTrails logo

www.roundx.one Open in urlscan Pro
2606:4700::6810:fc2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://laitalcni.ml/1101282-king-mount-international-co-ltd.html
Effective URL: https://www.roundx.one/upright1
Submission: On August 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 6 countries across 25 domains to perform 58 HTTP transactions. The main IP is 2606:4700::6810:fc2, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.roundx.one.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 1st 2019. Valid for: a year.
This is the only time www.roundx.one was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2 79.110.23.98 202023 (LLHOST //...)
1 2 185.50.248.98 209813 (FASTCONTENT)
1 3 99.198.108.198 32475 (SINGLEHOP...)
1 3 107.6.174.196 32475 (SINGLEHOP...)
1 213.227.130.45 60781 (LEASEWEB-...)
1 1 34.201.158.191 14618 (AMAZON-AES)
2 17 2606:4700::68... 13335 (CLOUDFLAR...)
3 23.111.9.35 33438 (HIGHWINDS2)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2.21.38.79 20940 (AKAMAI-ASN1)
6 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.35.254.66 16509 (AMAZON-02)
1 108.128.217.130 16509 (AMAZON-02)
3 2a03:2880:f11... 32934 (FACEBOOK)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
58 23
2    2606:4700:30::681b:b76c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
laitalcni.ml
1    2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    2606:4700:30::681b:9934 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
alloutlife.host
1    2606:4700:30::681c:f17 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
logicalgold.club
2    79.110.23.98 (Romania)

ASN202023 (LLHOST // M247, RO)
best9266.toptiptrack45.life
2    185.50.248.98 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)
realcenter-mobileapps2.com
3    99.198.108.198 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi
best.prizedeal0819.info
3    107.6.174.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: bigfish.setupcentral.network
up.trkgenius.com
1    213.227.130.45 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
minently.com
1    34.201.158.191 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-201-158-191.compute-1.amazonaws.com
ps.popcash.net
17    2606:4700::6810:fc2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.roundx.one
assets.clickfunnels.com
images.clickfunnels.com
app.clickfunnels.com
3    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
use.fontawesome.com
2    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
5    2.21.38.79 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-38-79.deploy.static.akamaitechnologies.com
www.paypalobjects.com
www.paypal.com
t.paypal.com
6    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
2    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    13.35.254.66 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-66.fra6.r.cloudfront.net
d26b395fwzu5fz.cloudfront.net
1    108.128.217.130 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-108-128-217-130.eu-west-1.compute.amazonaws.com
track.addevent.com
3    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
3    2606:4700::6810:cc2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
app.clickfunnels.com
1    2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
1    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com
Domain Requested by
12 www.roundx.one 1 redirects minently.com
www.roundx.one
5 connect.facebook.net www.roundx.one
connect.facebook.net
5 app.clickfunnels.com www.roundx.one
3 www.paypal.com www.paypalobjects.com
3 www.facebook.com www.roundx.one
connect.facebook.net
3 use.fontawesome.com www.roundx.one
3 up.trkgenius.com 1 redirects best.prizedeal0819.info
up.trkgenius.com
3 best.prizedeal0819.info 1 redirects realcenter-mobileapps2.com
best.prizedeal0819.info
2 www.google-analytics.com www.googletagmanager.com
www.roundx.one
2 fonts.gstatic.com www.roundx.one
2 assets.clickfunnels.com 1 redirects www.roundx.one
2 fonts.googleapis.com www.roundx.one
2 realcenter-mobileapps2.com 1 redirects best9266.toptiptrack45.life
2 best9266.toptiptrack45.life 1 redirects alloutlife.host
2 laitalcni.ml laitalcni.ml
1 s.ytimg.com www.youtube.com
1 t.paypal.com www.roundx.one
1 staticxx.facebook.com connect.facebook.net
1 www.youtube.com www.roundx.one
1 track.addevent.com www.roundx.one
1 d26b395fwzu5fz.cloudfront.net www.roundx.one
1 www.paypalobjects.com www.roundx.one
1 images.clickfunnels.com www.roundx.one
1 www.googletagmanager.com www.roundx.one
1 ps.popcash.net minently.com
1 minently.com
1 logicalgold.club 1 redirects
1 alloutlife.host laitalcni.ml
1 cdnjs.cloudflare.com laitalcni.ml
58 29

This site contains links to these domains. Also see Links.

Domain
www.de.pxlx.us
Subject Issuer Validity Valid

1970-01-01 -
1970-01-01		 a few seconds crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
best.prizedeal0819.info
Let's Encrypt Authority X3		 2019-08-14 -
2019-11-12		 3 months crt.sh
up.trkgenius.com
Let's Encrypt Authority X3		 2019-07-21 -
2019-10-19		 3 months crt.sh
minently.com
Let's Encrypt Authority X3		 2019-07-12 -
2019-10-10		 3 months crt.sh
www.roundx.one
CloudFlare Inc ECC CA-2		 2019-08-01 -
2020-07-31		 a year crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2018-09-17 -
2019-11-21		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh
ssl566619.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-25 -
2020-03-02		 6 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2019-08-18 -
2020-08-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-08-24 -
2019-10-19		 2 months crt.sh
*.google.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
addevent.com
Amazon		 2019-04-11 -
2020-05-11		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.roundx.one/upright1
Frame ID: D05B0F9C1358EE7AAE4D299CA569E14D
Requests: 56 HTTP requests in this frame

Frame: https://www.paypal.com/webapps/hermes/button?env=production&commit=true&style.size=responsive&style.shape=rect&style.color=blue&style.layout=vertical&funding.allowed=credit&funding.disallowed=card%2Cvenmo&domain=www.roundx.one&sessionID=b04a344009_mjm6mzk6mtc&buttonSessionID=555dbb7c11_mjm6mzk6mtg&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ%3D%3D&uid=bc5d4c0d8a&version=4&xcomponent=1
Frame ID: CCFD337293231F9C7DB2E26535E5C3EC
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0BDB80ABBF68D4EBC474DF617ADDB7CB
Requests: 3 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: A4A73C476E0CECAF3F19906B5B4B3DB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://laitalcni.ml/1101282-king-mount-international-co-ltd.html Page URL
  2. http://logicalgold.club/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=1n584rade1bfpqh0tuiup6 HTTP 302
    http://best9266.toptiptrack45.life/3427448646/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=1n584rade1bfpqh0tuiup6&f=1 Page URL
  3. http://best9266.toptiptrack45.life/web/ HTTP 302
    http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENtzbZftBQtuyFvKz2QO5dDRW7e99w9Jm9cB%2fXduXRzCGLvESO7... HTTP 302
    http://realcenter-mobileapps2.com/away.php Page URL
  4. https://best.prizedeal0819.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=ca17... Page URL
  5. https://best.prizedeal0819.info/?utm_term=6730366460427763878&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  6. https://best.prizedeal0819.info/proc.php?0f5cb30f7e3d25d706a97e2eab08a5afc6c77eec HTTP 302
    https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=673036646042776... Page URL
  7. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763... Page URL
  8. https://up.trkgenius.com/out.php?v=d7719c377fb2865d8db11a426e21b2f0 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=W... Page URL
  9. http://ps.popcash.net/ad/ad?p=216668&w=498903&d=6539fbfbca1ca848e9f4-1561026291498903 HTTP 303
    https://www.roundx.one/upright HTTP 302
    https://www.roundx.one/upright1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

58
Requests

90 %
HTTPS

58 %
IPv6

25
Domains

29
Subdomains

23
IPs

6
Countries

1518 kB
Transfer

4531 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://laitalcni.ml/1101282-king-mount-international-co-ltd.html Page URL
  2. http://logicalgold.club/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=1n584rade1bfpqh0tuiup6 HTTP 302
    http://best9266.toptiptrack45.life/3427448646/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=1n584rade1bfpqh0tuiup6&f=1 Page URL
  3. http://best9266.toptiptrack45.life/web/ HTTP 302
    http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENtzbZftBQtuyFvKz2QO5dDRW7e99w9Jm9cB%2fXduXRzCGLvESO7VeMqy%2b3M%2bZchrUboTwlzh72XwTVgiFBZGpVzecs61YMkzuGvJvlbexQRNCXG8shblZ0OdE4WqBbu%2fU5qT8868Y197tq8dDpQUKOAITIBKPh2%2f%2f3enw%2fwWTb4nG5 HTTP 302
    http://realcenter-mobileapps2.com/away.php Page URL
  4. https://best.prizedeal0819.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=ca17b538-7411-47d8-8e5b-54df56f175ab Page URL
  5. https://best.prizedeal0819.info/?utm_term=6730366460427763878&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e Page URL
  6. https://best.prizedeal0819.info/proc.php?0f5cb30f7e3d25d706a97e2eab08a5afc6c77eec HTTP 302
    https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763878&pubid=1314 Page URL
  7. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763878&pubid=1314&m=W2en0585.X.0cK6jP0fH8zQ1c0fxd23QddNFi8x7Ks6id26mFr6ZWz6mFxfCWpfBFDZiG2COF6mWveRxlK6jcfCJcfbN5K-Rv8mur6mwveUxQlTZW5rNiU2a Page URL
  8. https://up.trkgenius.com/out.php?v=d7719c377fb2865d8db11a426e21b2f0 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=0fe1b97a2c43203d933d3a679d33ddce&ext1=dvx Page URL
  9. http://ps.popcash.net/ad/ad?p=216668&w=498903&d=6539fbfbca1ca848e9f4-1561026291498903 HTTP 303
    https://www.roundx.one/upright HTTP 302
    https://www.roundx.one/upright1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://logicalgold.club/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=1n584rade1bfpqh0tuiup6 HTTP 302
  • http://best9266.toptiptrack45.life/3427448646/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=1n584rade1bfpqh0tuiup6&f=1
Request Chain 5
  • http://best9266.toptiptrack45.life/web/ HTTP 302
  • http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENtzbZftBQtuyFvKz2QO5dDRW7e99w9Jm9cB%2fXduXRzCGLvESO7VeMqy%2b3M%2bZchrUboTwlzh72XwTVgiFBZGpVzecs61YMkzuGvJvlbexQRNCXG8shblZ0OdE4WqBbu%2fU5qT8868Y197tq8dDpQUKOAITIBKPh2%2f%2f3enw%2fwWTb4nG5 HTTP 302
  • http://realcenter-mobileapps2.com/away.php
Request Chain 8
  • https://best.prizedeal0819.info/proc.php?0f5cb30f7e3d25d706a97e2eab08a5afc6c77eec HTTP 302
  • https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763878&pubid=1314
Request Chain 10
  • https://up.trkgenius.com/out.php?v=d7719c377fb2865d8db11a426e21b2f0 HTTP 302
  • https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=0fe1b97a2c43203d933d3a679d33ddce&ext1=dvx
Request Chain 21
  • https://assets.clickfunnels.com/templates/listhacking-sales/images/arrow-flash-small.gif HTTP 301
  • https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 1101282-king-mount-international-co-ltd.html
laitalcni.ml/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://laitalcni.ml/1101282-king-mount-international-co-ltd.html
Protocol
HTTP/1.1
Server
2606:4700:30::681b:b76c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dcb9d50a46f42a6e79ce50661d7b280d187cd798fd181c5e35c73b4c5a3f932

Request headers

Host
laitalcni.ml
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 23:39:14 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d1b5961dafad1070ad8f69f373fc9d40d1567035554; expires=Thu, 27-Aug-20 23:39:14 GMT; path=/; domain=.laitalcni.ml; HttpOnly
Expires
Sat, 07 Sep 2019 23:39:14 GMT
Last-Modified
Wed, 28 Aug 2019 23:39:14 GMT
Cache-Control
public, max-age=864000
Server
cloudflare
CF-RAY
50da1f97afd1cba8-VIE
Content-Encoding
gzip
style.css
laitalcni.ml/ 		42 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://laitalcni.ml/style.css
Requested by
Host: laitalcni.ml
URL: http://laitalcni.ml/1101282-king-mount-international-co-ltd.html
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:b76c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
74d05ed4a7d8aa5c8ab349ddefd1399bca2887e2ae8986afc546dfbe9f9ee3ac

Request headers

Referer
http://laitalcni.ml/1101282-king-mount-international-co-ltd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 28 Aug 2019 23:39:14 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
public, max-age=2678400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
50da1f9878e8cba8-VIE
Expires
Sat, 28 Sep 2019 23:39:14 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: laitalcni.ml
URL: http://laitalcni.ml/1101282-king-mount-international-co-ltd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://laitalcni.ml/1101282-king-mount-international-co-ltd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:14 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
11669485
status
200
served-in-seconds
0.010
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:15 GMT
server
cloudflare
etag
W/"5afd494f-176f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
50da1f987bc859e2-VIE
expires
Mon, 17 Aug 2020 23:39:14 GMT
/
alloutlife.host/ 		220 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://alloutlife.host/?wtmqc5&keyword=King%20mount%20international%20co%20ltd&se_referrer=&
Requested by
Host: laitalcni.ml
URL: http://laitalcni.ml/1101282-king-mount-international-co-ltd.html
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:30::681b:9934 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://laitalcni.ml/1101282-king-mount-international-co-ltd.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Aug 2019 23:39:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 28 Aug 2019 23:39:12 GMT
Server
cloudflare
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
CF-RAY
50da1f9a6c885946-VIE
Expires
0
Cookie set /
best9266.toptiptrack45.life/3427448646/
Redirect Chain
  • http://logicalgold.club/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=1n584rade1bfpqh0tuiup6
  • http://best9266.toptiptrack45.life/3427448646/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=1n584rade1bfpqh0tuiup6&f=1
85 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
http://best9266.toptiptrack45.life/3427448646/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=1n584rade1bfpqh0tuiup6&f=1
Requested by
Host: alloutlife.host
URL: http://alloutlife.host/?wtmqc5&keyword=King%20mount%20international%20co%20ltd&se_referrer=&
Protocol
HTTP/1.1
Server
79.110.23.98 , Romania, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software
nginx/1.12.0 / ASP.NET
Resource Hash
a7bae1c42dc7bbd0783d5fa483075b3ca30c47f7b83bbd0fa3816407cb6161d6

Request headers

Host
best9266.toptiptrack45.life
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://laitalcni.ml/1101282-king-mount-international-co-ltd.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://laitalcni.ml/1101282-king-mount-international-co-ltd.html

Response headers

Server
nginx/1.12.0
Date
Wed, 28 Aug 2019 23:39:15 GMT
Content-Type
text/html
Content-Length
85
Connection
keep-alive
Cache-Control
private
Set-Cookie
ASP.NET_SessionId=qwchp1e5na1t5v5p02m2dwif; path=/; HttpOnly
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET

Redirect headers

Date
Wed, 28 Aug 2019 23:39:15 GMT
Content-Length
237
Connection
keep-alive
Set-Cookie
__cfduid=d7524fab0bfb6f011c6b5793adec4d0cc1567035555; expires=Thu, 27-Aug-20 23:39:15 GMT; path=/; domain=.logicalgold.club; HttpOnly ASP.NET_SessionId=p3q2wig0erfrbclv35uqpsdw; path=/; HttpOnly
Cache-Control
private
Location
http://best9266.toptiptrack45.life/3427448646/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=1n584rade1bfpqh0tuiup6&f=1
X-Powered-By
ASP.NET
Server
cloudflare
CF-RAY
50da1f9afbb3cbc0-VIE
away.php
realcenter-mobileapps2.com/
Redirect Chain
  • http://best9266.toptiptrack45.life/web/
  • http://realcenter-mobileapps2.com/?url=I4WHKFughjJF8hN7lWENtzbZftBQtuyFvKz2QO5dDRW7e99w9Jm9cB%2fXduXRzCGLvESO7VeMqy%2b3M%2bZchrUboTwlzh72XwTVgiFBZGpVzecs61YMkzuGvJvlbexQRNCXG8shblZ0OdE4WqBbu%2fU5qT...
  • http://realcenter-mobileapps2.com/away.php
341 B
569 B 		Document
General
Check archive.org
Download Go to
Full URL
http://realcenter-mobileapps2.com/away.php
Requested by
Host: best9266.toptiptrack45.life
URL: http://best9266.toptiptrack45.life/3427448646/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=1n584rade1bfpqh0tuiup6&f=1
Protocol
HTTP/1.1
Server
185.50.248.98 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash
ac7c72ee816c3710ead8db87f98d1cc6ff765cd79a24584766d9ad199ac16750

Request headers

Host
realcenter-mobileapps2.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://best9266.toptiptrack45.life/3427448646/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=1n584rade1bfpqh0tuiup6&f=1
Accept-Encoding
gzip, deflate
Cookie
PHPSESSID=03tcjs3a4l9e752hh1rrdvdg34
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://best9266.toptiptrack45.life/3427448646/?u=1gnpae3&o=0lpkqzc&t=mw4m&cid=1n584rade1bfpqh0tuiup6&f=1

Response headers

Server
nginx
Date
Wed, 28 Aug 2019 23:39:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 28 Aug 2019 23:39:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
PHPSESSID=03tcjs3a4l9e752hh1rrdvdg34; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
/away.php
/
best.prizedeal0819.info/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://best.prizedeal0819.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=ca17b538-7411-47d8-8e5b-54df56f175ab
Requested by
Host: realcenter-mobileapps2.com
URL: http://realcenter-mobileapps2.com/away.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
fbff3295eccfd044f2ab4c3ab1bcaf85731f9e9b5f38634baa137bc3ba5ff3c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
best.prizedeal0819.info
:scheme
https
:path
/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=ca17b538-7411-47d8-8e5b-54df56f175ab
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate

Response headers

status
200
server
nginx
date
Wed, 28 Aug 2019 23:39:15 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=d2ee561b130a2a1f04f3bf972f11f534; expires=Thu, 27-Aug-2020 23:39:15 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
/
best.prizedeal0819.info/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://best.prizedeal0819.info/?utm_term=6730366460427763878&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
Requested by
Host: best.prizedeal0819.info
URL: https://best.prizedeal0819.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=ca17b538-7411-47d8-8e5b-54df56f175ab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
6511d3ad702754443affd6f1d2d76e5344ea5ea4de527567f5419d90674d94de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
best.prizedeal0819.info
:scheme
https
:path
/?utm_term=6730366460427763878&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
referer
https://best.prizedeal0819.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=ca17b538-7411-47d8-8e5b-54df56f175ab
accept-encoding
gzip, deflate, br
cookie
u=d2ee561b130a2a1f04f3bf972f11f534
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://best.prizedeal0819.info/?utm_medium=593d75f27d437562cfb360c43159d12cbeef5418&utm_campaign=m&cid=ca17b538-7411-47d8-8e5b-54df56f175ab

Response headers

status
200
server
nginx
date
Wed, 28 Aug 2019 23:39:15 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
in.html
up.trkgenius.com/
Redirect Chain
  • https://best.prizedeal0819.info/proc.php?0f5cb30f7e3d25d706a97e2eab08a5afc6c77eec
  • https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763878&pubid=1314
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763878&pubid=1314
Requested by
Host: best.prizedeal0819.info
URL: https://best.prizedeal0819.info/?utm_term=6730366460427763878&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
bigfish.setupcentral.network
Software
nginx/1.17.0 /
Resource Hash
7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
up.trkgenius.com
:scheme
https
:path
/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763878&pubid=1314
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://best.prizedeal0819.info/?utm_term=6730366460427763878&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://best.prizedeal0819.info/?utm_term=6730366460427763878&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e

Response headers

status
200
server
nginx/1.17.0
date
Wed, 28 Aug 2019 23:39:16 GMT
content-type
text/html
last-modified
Sun, 27 Jan 2019 05:38:08 GMT
etag
W/"5c4d43c0-1605"
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

status
302
server
nginx
date
Wed, 28 Aug 2019 23:39:16 GMT
content-type
text/html; charset=UTF-8
location
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763878&pubid=1314
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
in.php
up.trkgenius.com/ 		1 KB
984 B 		Document
General
Check archive.org
Download Go to
Full URL
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763878&pubid=1314&m=W2en0585.X.0cK6jP0fH8zQ1c0fxd23QddNFi8x7Ks6id26mFr6ZWz6mFxfCWpfBFDZiG2COF6mWveRxlK6jcfCJcfbN5K-Rv8mur6mwveUxQlTZW5rNiU2a
Requested by
Host: up.trkgenius.com
URL: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763878&pubid=1314
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
bigfish.setupcentral.network
Software
nginx/1.17.0 /
Resource Hash
5d0db4c3b3fc0d36adc7d2a495db5a8ac11a08afa5037a84a6b094cb088e73bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
up.trkgenius.com
:scheme
https
:path
/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763878&pubid=1314&m=W2en0585.X.0cK6jP0fH8zQ1c0fxd23QddNFi8x7Ks6id26mFr6ZWz6mFxfCWpfBFDZiG2COF6mWveRxlK6jcfCJcfbN5K-Rv8mur6mwveUxQlTZW5rNiU2a
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
referer
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763878&pubid=1314
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763878&pubid=1314

Response headers

status
200
server
nginx/1.17.0
date
Wed, 28 Aug 2019 23:39:16 GMT
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
surrogate-control
no-store
refresh
0; url=out.php?v=d7719c377fb2865d8db11a426e21b2f0
set-cookie
t=b0bf0eda398a6c32
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ
minently.com/RnSda/rDN3/ojdn/
Redirect Chain
  • https://up.trkgenius.com/out.php?v=d7719c377fb2865d8db11a426e21b2f0
  • https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=0fe1b97a2c43203d933d3a679d33ddce&ext1=dvx
5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=0fe1b97a2c43203d933d3a679d33ddce&ext1=dvx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.227.130.45 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
9fb0184026d1e48b8e906880346069f784a453170a7dee240a5f71d17432b426
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Host
minently.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763878&pubid=1314&m=W2en0585.X.0cK6jP0fH8zQ1c0fxd23QddNFi8x7Ks6id26mFr6ZWz6mFxfCWpfBFDZiG2COF6mWveRxlK6jcfCJcfbN5K-Rv8mur6mwveUxQlTZW5rNiU2a
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6730366460427763878&pubid=1314&m=W2en0585.X.0cK6jP0fH8zQ1c0fxd23QddNFi8x7Ks6id26mFr6ZWz6mFxfCWpfBFDZiG2COF6mWveRxlK6jcfCJcfbN5K-Rv8mur6mwveUxQlTZW5rNiU2a

Response headers

date
Wed, 28 Aug 2019 23:39:16 GMT
content-type
text/html;charset=utf-8
transfer-encoding
chunked
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-encoding
gzip
set-cookie
MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=a4f62c86c4ab9537acbb45028932c296_1567035556.4435; domain=minently.com; path=/; expires=Sat, 25-Aug-2029 23:39:16 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1567035556.447; domain=minently.com; path=/; expires=Sat, 25-Aug-2029 23:39:16 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3Y3UzME9Pa25qWjMwN1l1UFA0NFB1K25zMGhOQWM3alV5cExvR2RjNkduRA%3D%3D; domain=minently.com; path=/; expires=Sat, 25-Aug-2029 23:39:16 UTC; Secure a4f62c86c4ab9537acbb45028932c296_1567035556.4435_ck=MzhEZ044WllxeTNrQ0VUajhpc0luL01aclZJUFRHSmJSTDBFRDRhKzNVTXdYZnZZcXR6bC9CVWFEN1ZyVkd5VXlUVFdLVkphOUQ4elFZNHZqenltWFNKaEpJck0vaGliYWxtekNKV3oyR1FaQUh5aDd4Tk40Mm9hUjBMU1pCVDF0WWJlbEVDZDFBNTZBU1ZIUnJaajNINDR0eUo0cUtyaE0zT295RDVja0grbjU2ejNITUF4OU04WHd3aWQ0UlVJNkV0Z2RuZWYrSGdvbjllQ0Q0RzVBRWhnYnliaWJNUzh4RFlrQnhMeWdQb1NrT1ZnZlh1TVBnZWFMajlpdlFnb09LaGxieGwxdS9sM3RuMjdsbTRpVmZZanZiTVJGbDZZWXY0Y1BFdHVrelhycnY0ZGZ2blRaZ2dQenhWU0hCUmNOaFV0SmMveUVXbUNGTkNBMW9sSXhyU1FkQnJ3TmFtNHZUVHdIRngrYTNzTW1lZWVxdURLZTMwdmNBbUw4ZkJTckY1YmdNWTA0TXNyZ3ZVY3MxYk51clN1RHM5MlpIWHdoRHBuSytFdGNMdXYrQjBuNDJkNnNsZHBMakRBSE9LelNYb2txTkFRRUxocWdBYmhlekplbFN3RkFwWkF3d09VT1VzeER6NkRGQXlNR3hiRU1rYUUvT0U5RlJGOGJiNEM5am9OY3dHMHFPSFJlUll6Nzcwbjh4UlpuNU82WnE5STFycGgwUE1PL2U3S0tjUVd5ci82TnpXN01GbDZvRWxaVTl6ZXdaUW9LRFYzQk92eW1CcFpWdE1ueGJwTFVjcEhlV050S2FJZ3cxL25wandma3IyQlJUU1lyR3BzQ2g2ditWaFdZaG1PMmJwZXlYeUtYMGQ3Rk90WXdoSFZGT0IxUzFoSGMvOFhZb2VROHMwK01NeW5zZkJ3UTh5NTkwYXBTV1p6SlN2enpTZlhsNWJpSXhkKzEzV2xpMjZRZmpiQ0NqN0loSmhDd0xBZEZpaUtOc1ZLT1ZPTVBNOHdFR1Qv; domain=minently.com; path=/; expires=Sat, 25-Aug-2029 23:39:16 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=UUJ0SjdjakFqb3NyUnNGQW0rcWJ1Nmo2ZFd1ZkpyRFlObmtPWUZBbURtRnZWeGR2eUJTM24wdjhqZFNvcXdlSDZFZHpxdmtINXhodEdMUnNVUVVJb0FSUHpwWWJwTldBZnhYM1RuT25lb289; domain=minently.com; path=/; expires=Thu, 29-Aug-2019 00:44:16 UTC; Secure SERVERID=sfc10; path=/
strict-transport-security
max-age=31536000; includeSubDomains;

Redirect headers

status
302
server
nginx/1.17.0
date
Wed, 28 Aug 2019 23:39:16 GMT
content-type
text/html; charset=UTF-8
location
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=0fe1b97a2c43203d933d3a679d33ddce&ext1=dvx
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
surrogate-control
no-store
strict-transport-security
max-age=31536000; includeSubDomains
ad
ps.popcash.net/ad/ 		0
0
Primary Request upright1
www.roundx.one/
Redirect Chain
  • http://ps.popcash.net/ad/ad?p=216668&w=498903&d=6539fbfbca1ca848e9f4-1561026291498903
  • https://www.roundx.one/upright
  • https://www.roundx.one/upright1
113 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.roundx.one/upright1
Requested by
Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=0fe1b97a2c43203d933d3a679d33ddce&ext1=dvx
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 5.3.7
Resource Hash
98a9a4c336dccdb7ea1812edd2b575b2b4a08b5782654ceb300824544f2c1b0c
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

:method
GET
:authority
www.roundx.one
:scheme
https
:path
/upright1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://minently.com/
accept-encoding
gzip, deflate, br
cookie
__cfduid=debaeb48d2afe0fc9b8c75cbb8e97c60f1567035557; __cf_bm=36e65c14787161c179348ff36b2b52732e7e408b-1567035557-1800-ATwieEk6C3ClJpVFMtjFpaaIQolSQen2BaaPBKONrkei4SVSGTbWo8tYQPeGQxsxXMZWcvWIw93+N09WyCgFTto=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://minently.com/

Response headers

status
200 200 OK
date
Wed, 28 Aug 2019 23:39:17 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 28 Aug 2019 15:42:41 GMT
cache-control
max-age=60, public, s-maxage=15552000, r-maxage=10
x-request-id
ff9480f8-23b2-478e-95b4-9c908518d0d2
x-content-digest
ae1db9d7908d2e1029507bb9ace6f730a796f547
x-frame-options
ALLOWALL
x-runtime
0.332750
x-rack-cache
stale, valid, store
x-powered-by
Phusion Passenger Enterprise 5.3.7
via
1.1 vegur
cf-cache-status
HIT
age
23799
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
50da1faaf81dcbd0-VIE
content-encoding
br

Redirect headers

status
302 302 Found
date
Wed, 28 Aug 2019 23:39:17 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=debaeb48d2afe0fc9b8c75cbb8e97c60f1567035557; expires=Thu, 27-Aug-20 23:39:17 GMT; path=/; domain=.www.roundx.one; HttpOnly; Secure __cf_bm=36e65c14787161c179348ff36b2b52732e7e408b-1567035557-1800-ATwieEk6C3ClJpVFMtjFpaaIQolSQen2BaaPBKONrkei4SVSGTbWo8tYQPeGQxsxXMZWcvWIw93+N09WyCgFTto=; path=/; expires=Thu, 29-Aug-19 00:09:17 GMT; domain=.www.roundx.one; HttpOnly
cache-control
no-cache
x-request-id
acaf10e8-4ed2-49b2-b8ac-c74ee77c0dec
location
https://www.roundx.one/upright1
x-runtime
0.097073
x-frame-options
ALLOWALL
x-rack-cache
miss
x-powered-by
Phusion Passenger Enterprise 5.3.7
via
1.1 vegur
cf-cache-status
EXPIRED
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
50da1fa95e1dcbd0-VIE
lander.css
www.roundx.one/assets/ 		414 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.roundx.one/assets/lander.css
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58ab89db6daef9fda9c980babf92906f79786afe766c15f84792a2e4399fb5c4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
50da1fab689dcbd0-VIE
date
Wed, 28 Aug 2019 23:39:17 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2019 16:19:27 GMT
server
cloudflare
age
1123
etag
W/"5d5ec08f-676c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=1200
content-encoding
br
expires
Wed, 28 Aug 2019 23:59:17 GMT
all.css
use.fontawesome.com/releases/v5.9.0/css/ 		55 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:17 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2019 20:35:33 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:17 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2019 20:35:35 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"e140a7d32f343530f016095df3cc2ae4"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
css
fonts.googleapis.com/ 		43 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
6d57d2d342b40fbf41f907ff7f041cf8fc7cf842919c7a4bda785ce520a4dde5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 28 Aug 2019 23:39:17 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 28 Aug 2019 23:39:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Wed, 28 Aug 2019 23:39:17 GMT
application.js
www.roundx.one/assets/userevents/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.roundx.one/assets/userevents/application.js
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:17 GMT
via
1.1 vegur
cf-cache-status
HIT
age
1121
status
200
content-encoding
br
last-modified
Tue, 18 Jun 2019 16:37:18 GMT
server
cloudflare
etag
W/"5d09133e-1353"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
cf-ray
50da1fab689fcbd0-VIE
expires
Wed, 28 Aug 2019 23:59:17 GMT
js
www.googletagmanager.com/gtag/ 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-146587441-1
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb253d3392f7ffb457fbd371b2d1beadea6c798764639e4b0b77940e988c4cce
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:17 GMT
content-encoding
br
last-modified
Wed, 28 Aug 2019 21:09:26 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
26577
x-xss-protection
0
expires
Wed, 28 Aug 2019 23:39:17 GMT
closemodal.png
assets.clickfunnels.com/images/ 		672 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.clickfunnels.com/images/closemodal.png
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:17 GMT
via
1.1 vegur
cf-cache-status
HIT
age
10080
cf-polished
origFmt=png, origSize=788
status
200
content-disposition
inline; filename="closemodal.webp"
content-length
672
last-modified
Thu, 08 Aug 2019 19:01:04 GMT
server
cloudflare
etag
"5d4c7170-314"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sat, 28 Sep 2019 23:39:17 GMT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
50da1fabbd7459a0-VIE
cf-bgj
imgq:100
upright.png
www.roundx.one/hosted/images/23/6815a26f7e47af876736aebfbbd64b/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.roundx.one/hosted/images/23/6815a26f7e47af876736aebfbbd64b/upright.png
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
864f0a475b63bdb277e14b44c2e6a84d08a9b81962e334bfc4733f77decd2b0c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:17 GMT
cf-cache-status
HIT
age
1891
cf-polished
status=not_needed
status
200
content-length
5217
last-modified
Wed, 07 Aug 2019 13:23:15 GMT
server
cloudflare
etag
"52885cf9f95d6aa205503f2e94f31c53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
cf-ray
50da1fabc900cbd0-VIE
cf-bgj
imgq:85
Medical-Clavicle-Posture-Corrector-Adult-Children-Back-Support-Belt-Corset-Orthopedic-Brace-Shoulder-Correct.jpg
www.roundx.one/hosted/images/a5/157a4772a54e05bd82af9c5f6b8109/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.roundx.one/hosted/images/a5/157a4772a54e05bd82af9c5f6b8109/Medical-Clavicle-Posture-Corrector-Adult-Children-Back-Support-Belt-Corset-Orthopedic-Brace-Shoulder-Correct.jpg
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
679fd38c34e06f58bfbce3fbb1afa52fbb961b94fc172c6c4a556a5012bad552

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:17 GMT
cf-cache-status
HIT
age
1041
cf-polished
degrade=85, origSize=85790
status
200
content-length
79208
last-modified
Wed, 24 Jul 2019 20:54:18 GMT
server
cloudflare
etag
"fd30bd36f09e8105819957ee0a0366e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
cf-ray
50da1fabc902cbd0-VIE
cf-bgj
imgq:85
arrow-flash-small.gif
images.clickfunnels.com/old-public-templates/listhacking-sales/images/
Redirect Chain
  • https://assets.clickfunnels.com/templates/listhacking-sales/images/arrow-flash-small.gif
  • https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif
494 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
77627ae6d65d8980bba4577917e1ab03cef2377cfd93f8418d0774860523d176

Request headers

Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:17 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
608250
status
200
x-amz-request-id
1665DD7703FFFB58
x-amz-id-2
Fma7MYFI2zuCeUDP6n83bFYyb2cxigRrj9E8J0vpYZ0QDBPNBO9Yz4MCBsSyzl+bWsi34cM0zwo=
accept-ranges
bytes
last-modified
Fri, 14 Aug 2015 19:43:23 GMT
server
cloudflare
etag
"64a7dd71d7bdc6a7200c52ce9b36701a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-country
DE
request-eu
true
content-type
image/gif
cache-control
public, max-age=2678400
content-length
494
cf-ray
50da1fac2d8f59a0-VIE
expires
Sat, 28 Sep 2019 23:39:17 GMT

Redirect headers

date
Wed, 28 Aug 2019 23:39:17 GMT
via
1.1 vegur
status
301
cf-cache-status
HIT
server
cloudflare
cache-control
public, max-age=2678400
age
1699746
request-country
DE
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
location
https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif
request-eu
true
cf-ray
50da1fabcd7a59a0-VIE
expires
Sat, 28 Sep 2019 23:39:17 GMT
credit-paypal.png
www.roundx.one/hosted/images/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.roundx.one/hosted/images/images/credit-paypal.png
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
66091826fdccc97d4f15b39ca296317d4b74d0b1f313d847eb3cfd18806c1061

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:17 GMT
cf-cache-status
HIT
age
1259767
cf-polished
status=not_needed
status
200
content-length
11500
last-modified
Thu, 31 Aug 2017 15:24:27 GMT
server
cloudflare
etag
"53c65d7e316d7162cdd962a878145736"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/png
expires
Sat, 28 Sep 2019 23:39:17 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
50da1fabc903cbd0-VIE
cf-bgj
imgq:100
Upright5.png
www.roundx.one/hosted/images/a3/28c04cfa994fd1a4e82034a6d935bd/ 		333 KB
334 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.roundx.one/hosted/images/a3/28c04cfa994fd1a4e82034a6d935bd/Upright5.png
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5f03d924f263f75a0c4e1742de744b509357fc5cedeb7188904df0ba52dcf7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:17 GMT
cf-cache-status
HIT
age
1041
cf-polished
origSize=342294
status
200
content-length
341445
last-modified
Thu, 08 Aug 2019 10:34:54 GMT
server
cloudflare
etag
"3bc2a6fa2efa476e6dc0405867af2106"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
cf-ray
50da1fabc904cbd0-VIE
cf-bgj
imgq:85
Upright1.png
www.roundx.one/hosted/images/0d/b2bcda48454316850237f159045d0e/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.roundx.one/hosted/images/0d/b2bcda48454316850237f159045d0e/Upright1.png
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dd6e56f76541aeddf06fd9ea32e75125a7ff4e110b43033c80e14aa8d7bb43e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:17 GMT
cf-cache-status
HIT
age
1041
cf-polished
status=not_needed
status
200
content-length
110369
last-modified
Thu, 08 Aug 2019 10:34:53 GMT
server
cloudflare
etag
"d3add7fc3417a15bf6c55ff424e481cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
cf-ray
50da1fabc905cbd0-VIE
cf-bgj
imgq:85
css
fonts.googleapis.com/ 		2 KB
527 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand%7CFjalla+One%7CQuicksand%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CQuicksand%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CQuicksand%7CQuicksand%7C
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
5d91dad67589c1078f9b1bed2b13dd2bbad438fc15718cb026aa2498088fe2a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 28 Aug 2019 23:39:17 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 28 Aug 2019 23:39:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Wed, 28 Aug 2019 23:39:17 GMT
lander.js
www.roundx.one/assets/ 		950 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.roundx.one/assets/lander.js
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e04ccda935ca22c4b14b70bdd6ba74b5f2e9c6496ab4a9df42a56fe17b099e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
50da1fab88c3cbd0-VIE
date
Wed, 28 Aug 2019 23:39:17 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Wed, 21 Aug 2019 18:15:08 GMT
server
cloudflare
age
1121
etag
W/"5d5d8a2c-ed6e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=1200
content-encoding
br
expires
Wed, 28 Aug 2019 23:59:17 GMT
mailcheck.min.js
app.clickfunnels.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/mailcheck.min.js
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
50da1fabdd7f59a0-VIE
date
Wed, 28 Aug 2019 23:39:17 GMT
via
1.1 vegur
cf-cache-status
REVALIDATED
last-modified
Wed, 28 Aug 2019 17:40:38 GMT
server
cloudflare
etag
W/"5d66bc96-a8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=30
content-encoding
br
expires
Wed, 28 Aug 2019 23:39:47 GMT
checkout.js
www.paypalobjects.com/api/ 		1 MB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.js
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-38-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
90a8f1ad844ccf9f45d879314c3f9ef2308bbfc385f1757fc04dff1c4cb2079a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
208603
last-modified
Thu, 08 Aug 2019 18:08:30 GMT
server
Apache
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Thu, 29 Aug 2019 23:39:17 GMT
pushcrew.js
app.clickfunnels.com/assets/ 		637 B
671 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/assets/pushcrew.js
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
50da1fabdd8059a0-VIE
date
Wed, 28 Aug 2019 23:39:17 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Tue, 18 Jun 2019 16:37:18 GMT
server
cloudflare
age
266
etag
W/"5d09133e-27d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=1200
content-encoding
br
expires
Wed, 28 Aug 2019 23:59:17 GMT
fbevents.js
connect.facebook.net/en_US/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
23404
x-xss-protection
0
pragma
public
x-fb-debug
gMQlxz25cgFSXgoZYgCYS/RaPJrXyDKnS/ndqsciGIYpvtw0rpDpfnhsI6R7ocRn7KP2RdUEHRkGuKNeO5fzrA==
x-fb-trip-id
365799557
x-frame-options
DENY
date
Wed, 28 Aug 2019 23:39:17 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
Yq6R-LCAWCX3-6Ky7FAFrOF6kjouQb4.woff2
fonts.gstatic.com/s/fjallaone/v7/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fjallaone/v7/Yq6R-LCAWCX3-6Ky7FAFrOF6kjouQb4.woff2
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
529e77ee17cf48e9ccbb5a64a0e59a1bbda0d9c011ee061f40b1aa189e8fabb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Quicksand%7CFjalla+One%7CQuicksand%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CQuicksand%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CQuicksand%7CQuicksand%7C
Origin
https://www.roundx.one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 24 Aug 2019 14:51:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:50:02 GMT
server
sffe
age
377289
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11668
x-xss-protection
0
expires
Sun, 23 Aug 2020 14:51:08 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Sec-Fetch-Mode
cors
Referer
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin
https://www.roundx.one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:17 GMT
last-modified
Tue, 04 Jun 2019 20:34:47 GMT
server
NetDNA-cache/2.2
status
200
etag
"b5cf8ae26748570d8fb95a47f46b69e1"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
75440
6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-xDwxUD2GFw.woff
fonts.gstatic.com/s/quicksand/v13/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v13/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-xDwxUD2GFw.woff
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bab1251f87550e489899194eb6f0053dafeb8ba939e571024efcb0f0612989
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Quicksand%7CFjalla+One%7CQuicksand%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CQuicksand%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CQuicksand%7CQuicksand%7C
Origin
https://www.roundx.one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 08:41:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Jul 2019 19:36:57 GMT
server
sffe
age
226693
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17032
x-xss-protection
0
expires
Tue, 25 Aug 2020 08:41:04 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146587441-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3343
date
Wed, 28 Aug 2019 22:43:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Thu, 29 Aug 2019 00:43:34 GMT
913203839047082
connect.facebook.net/signals/config/ 		308 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/913203839047082?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
7b2a7879e56cd1919e162792f0e5ba9d425bf8d22f2e83e2410f8a9320ee984d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79795
x-xss-protection
0
pragma
public
x-fb-debug
H/znYZxJONWYTDXBOCwmun3dWVe/3j7CCkqteT4TIsSmRZtWuNPXksV/B5hpNILva88FxE8+bNzDw/PVoyo78Q==
x-fb-trip-id
365799557
x-frame-options
DENY
date
Wed, 28 Aug 2019 23:39:17 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
keen-tracking-1.0.3.min.js
d26b395fwzu5fz.cloudfront.net/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d26b395fwzu5fz.cloudfront.net/keen-tracking-1.0.3.min.js
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/assets/lander.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.66 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-66.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8fbd44351b2040cbd911e73aa17794cfd00261d0f10a6881fd48ca8a1d880b3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Jun 2019 00:51:28 GMT
Content-Encoding
gzip
Age
6562070
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8994
Last-Modified
Thu, 31 Mar 2016 04:24:33 GMT
Server
AmazonS3
ETag
"a6acb97120359c326c8f7775a5514f5d"
Content-Type
application/javascript
Via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000000, public
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
gW3gcylIrB__T5V4yY_kCuKUgu2SnY7GOHNPERAH4H4vAzLcHEDYKg==
Expires
Fri, 31 Mar 2017 04:24:29 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
736ba7dd6beddd2101be1be87706a3b9c1cc68c85127e207561615c16c988c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
uUdrSgNW7zvsS36oAupikA==
status
200
content-length
1780
etag
"3eb892a71652ffad2f9c7bb07d3976ae"
x-fb-debug
J+XJn86Wng6IID4iuG3ARo1l+0wTAXgDIU0xiK0z2N0eE+U3qPH5/KcLHwR6REacw7HVYES+KXl3r49eOPdBeQ==
x-fb-trip-id
365799557
x-fb-content-md5
14925baa776e9c1ee7d7b1d6d3114df4
x-frame-options
DENY
date
Wed, 28 Aug 2019 23:39:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Aug 2019 23:59:05 GMT
vendor.js
www.roundx.one/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.roundx.one/vendor.js
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 5.3.7
Resource Hash
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:18 GMT
via
1.1 vegur
cf-cache-status
REVALIDATED
x-powered-by
Phusion Passenger Enterprise 5.3.7
status
200, 200 OK
content-encoding
br
x-request-id
13a24605-44b5-4cde-8e46-d9a188ee8300
x-runtime
0.005854
x-content-digest
581e49c9b7bdd06dab54c00931f4256b223e620e
server
cloudflare
x-frame-options
ALLOWALL
etag
W/"7422e50efbaea439fda7ef3b0eb54ee1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=900
cf-ray
50da1facfaaecbd0-VIE
x-rack-cache
fresh
/
track.addevent.com/atc/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=9b3e69ad-57ea-415d-23b8-af90191dd0cd&url=https%3A%2F%2Fwww.roundx.one%2Fupright1&cache=1567035557911
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.217.130 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-108-128-217-130.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
origin, x-requested-with, content-type
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=781827847&t=pageview&_s=1&dl=https%3A%2F%2Fwww.roundx.one%2Fupright1&dr=https%3A%2F%2Fminently.com%2F&ul=en-us&de=UTF-8&dt=Haltungs-Corrector&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1210826729&gjid=751901076&cid=826268042.1567035558&tid=UA-146587441-1&_gid=476568247.1567035558&_r=1&gtm=2ou8e1&z=1203494033
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2019 23:39:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
0pbThX44JBvv+uKq0cBM76IDW075PsviwmNORGbC+gP5dBFYZzpRUClBB9Jl9L4RlhoFVAA8hV+Vf/H9C+ezZQ==
x-fb-trip-id
365799557
x-frame-options
DENY
date
Wed, 28 Aug 2019 23:39:17 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		200 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=4f7e6c4293f226325ea7ffe0ec041754&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a489c7d7e194d4d49023fc220ee92d375aad55a845d1f8d02d6619b7f48b0525
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.roundx.one/upright1
Origin
https://www.roundx.one
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
oDmWLFFj/se/6fX34moJzA==
status
200
content-length
60731
etag
"ea9ea04012730acad7530e84b2191555"
x-fb-debug
PCarBkTnWYt8fDx3ZmIPyMkcONLuXgJ2D1IFs62rWc987242fm5rLM+1sbOAjKnlQEzYSyvKsOA8DdWviFelSA==
x-fb-trip-id
365799557
x-fb-content-md5
44a9dc1c723be077fd3237362d937f6a
x-frame-options
DENY
date
Wed, 28 Aug 2019 23:39:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 27 Aug 2020 21:44:22 GMT
/
www.facebook.com/tr/ 		44 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=913203839047082&ev=PageView&dl=https%3A%2F%2Fwww.roundx.one%2Fupright1&rl=https%3A%2F%2Fminently.com%2F&if=false&ts=1567035557952&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1567035557951.223505750&it=1567035557787&coo=false&rqm=GET
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 28 Aug 2019 23:39:17 GMT
pptm.js
www.paypal.com/tagmanager/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.roundx.one&source=checkoutjs&t=xo&v=4.0.284
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-38-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d69182fae9ab3261fb315c27f4c678da0bff12d11a315c0cdf95c2f896e5f06c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-rLk08KzpUKm0s7V6RVGVXE3tWtzhulaxe6kLuR5AcZfAvHEY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-rLk08KzpUKm0s7V6RVGVXE3tWtzhulaxe6kLuR5AcZfAvHEY' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
status
200
http_x_pp_az_locator
ccg23.lvs
paypal-debug-id
dee42a6fc9471, dee42a6fc9471
dc
ccg11-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
4467
x-xss-protection
1; mode=block
pragma
no-cache
server
Apache
x-frame-options
SAMEORIGIN
date
Wed, 28 Aug 2019 23:39:17 GMT
strict-transport-security
max-age=63072000
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=900, max-age=0, no-cache, no-store, must-revalidate
etag
W/"3123-fZLdNFp9zZJYYcw8ylpc4twnNa0"
/
app.clickfunnels.com/userevents/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=Zk1DNjhnUjd3TkpJeFFFOS9pZ1g5dz09LS1jRDdPbnkrc2oydjRHL3NPRVZ1VDdBPT0%3D--f4604879aa7509491feb92ebd9e63b70ff82b558&page_id=WDZ3ZzA1MGJ6WkcyTHd4RW9XYzdjZz09LS1WcDR3T2dnMHdtZXlwWXFLL3l3Wkx3PT0%3D--a552771261285dae79ed4f1b87d5084efe0e6b57&funnel_step_id=TEo4a3ByNEZFKzltYW5qRk9jcDBlUT09LS1nODFTNEpnVFNMUGJ3ODZDNzkzOVZ3PT0%3D--51cde6b571bae0d5cf86147b7203d78363d652a9&user_id=dmM2bU5JYkJMVSsxSU9EdWZCS0lZUT09LS1mQTREMjA5aTFab0tUTmF5RFJhNHRBPT0%3D--7f527620fba9b5ad9eecb3574188be131a8ce5fa&account_id=NUN4WnpaSUJ3L2tOVWg1Ti9BOTY3dz09LS1rdTM0L1BlRzNvYVh3QnR2OEFHeGJRPT0%3D--9673750bc1f228f586a24762e939d796cc01f3ad&page_code=MzEyNTY2OTY%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1585&type=Userevents::PageviewsCreatedSummary&nonce=e2c03bb2-42e0-459a-a37e-885a2809ce1b&url=https%3A%2F%2Fwww.roundx.one%2Fupright1
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 5.3.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-runtime
0.025933
date
Wed, 28 Aug 2019 23:39:18 GMT
access-control-request-method
*
server
cloudflare
status
202, 202 Accepted
x-powered-by
Phusion Passenger Enterprise 5.3.7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOWALL
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
x-request-id
d7381ef6-4e5a-4e23-865e-ded191a97a84
cf-ray
50da1fadabdfcbb0-VIE
via
1.1 vegur
x-rack-cache
miss
/
app.clickfunnels.com/userevents/ 		0
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=Zk1DNjhnUjd3TkpJeFFFOS9pZ1g5dz09LS1jRDdPbnkrc2oydjRHL3NPRVZ1VDdBPT0%3D--f4604879aa7509491feb92ebd9e63b70ff82b558&page_id=WDZ3ZzA1MGJ6WkcyTHd4RW9XYzdjZz09LS1WcDR3T2dnMHdtZXlwWXFLL3l3Wkx3PT0%3D--a552771261285dae79ed4f1b87d5084efe0e6b57&funnel_step_id=TEo4a3ByNEZFKzltYW5qRk9jcDBlUT09LS1nODFTNEpnVFNMUGJ3ODZDNzkzOVZ3PT0%3D--51cde6b571bae0d5cf86147b7203d78363d652a9&user_id=dmM2bU5JYkJMVSsxSU9EdWZCS0lZUT09LS1mQTREMjA5aTFab0tUTmF5RFJhNHRBPT0%3D--7f527620fba9b5ad9eecb3574188be131a8ce5fa&account_id=NUN4WnpaSUJ3L2tOVWg1Ti9BOTY3dz09LS1rdTM0L1BlRzNvYVh3QnR2OEFHeGJRPT0%3D--9673750bc1f228f586a24762e939d796cc01f3ad&page_code=MzEyNTY2OTY%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1585&type=Userevents::UniquePageviewsCreatedSummary&nonce=27e7f1bd-4200-4704-97dd-60f28cb80bff&url=https%3A%2F%2Fwww.roundx.one%2Fupright1
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 5.3.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-runtime
0.028359
date
Wed, 28 Aug 2019 23:39:18 GMT
access-control-request-method
*
server
cloudflare
status
202, 202 Accepted
x-powered-by
Phusion Passenger Enterprise 5.3.7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOWALL
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
x-request-id
3cc3aba4-630d-4705-a04c-b4f6f7e8deb7
cf-ray
50da1fadabe0cbb0-VIE
via
1.1 vegur
x-rack-cache
miss
/
app.clickfunnels.com/userevents/ 		0
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.clickfunnels.com/userevents/?funnel_id=Zk1DNjhnUjd3TkpJeFFFOS9pZ1g5dz09LS1jRDdPbnkrc2oydjRHL3NPRVZ1VDdBPT0%3D--f4604879aa7509491feb92ebd9e63b70ff82b558&page_id=WDZ3ZzA1MGJ6WkcyTHd4RW9XYzdjZz09LS1WcDR3T2dnMHdtZXlwWXFLL3l3Wkx3PT0%3D--a552771261285dae79ed4f1b87d5084efe0e6b57&funnel_step_id=TEo4a3ByNEZFKzltYW5qRk9jcDBlUT09LS1nODFTNEpnVFNMUGJ3ODZDNzkzOVZ3PT0%3D--51cde6b571bae0d5cf86147b7203d78363d652a9&user_id=dmM2bU5JYkJMVSsxSU9EdWZCS0lZUT09LS1mQTREMjA5aTFab0tUTmF5RFJhNHRBPT0%3D--7f527620fba9b5ad9eecb3574188be131a8ce5fa&account_id=NUN4WnpaSUJ3L2tOVWg1Ti9BOTY3dz09LS1rdTM0L1BlRzNvYVh3QnR2OEFHeGJRPT0%3D--9673750bc1f228f586a24762e939d796cc01f3ad&page_code=MzEyNTY2OTY%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1585&type=Userevents::UniqueVisitorsCreatedSummary&nonce=729382b9-d904-43d1-afee-86e168bbf896&url=https%3A%2F%2Fwww.roundx.one%2Fupright1
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/assets/userevents/application.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 5.3.7
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-runtime
0.027186
date
Wed, 28 Aug 2019 23:39:18 GMT
access-control-request-method
*
server
cloudflare
status
202, 202 Accepted
x-powered-by
Phusion Passenger Enterprise 5.3.7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOWALL
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
x-request-id
85094763-dfb1-47f4-8729-86d3db3e44ba
cf-ray
50da1fadabe2cbb0-VIE
via
1.1 vegur
x-rack-cache
miss
iframe_api
www.youtube.com/ 		859 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/assets/lander.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
4ba24b3b0893a8ee74bc043ece4c52e17f4b1a4574ee36545821ac7e4f91711c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:18 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 EST
button
www.paypal.com/webapps/hermes/ Frame CCFD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/webapps/hermes/button?env=production&commit=true&style.size=responsive&style.shape=rect&style.color=blue&style.layout=vertical&funding.allowed=credit&funding.disallowed=card%2Cvenmo&domain=www.roundx.one&sessionID=b04a344009_mjm6mzk6mtc&buttonSessionID=555dbb7c11_mjm6mzk6mtg&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ%3D%3D&uid=bc5d4c0d8a&version=4&xcomponent=1
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-38-79.deploy.static.akamaitechnologies.com
Software
Apache / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://connect.facebook.net https://www.facebook.com https://m.facebook.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com https://staticxx.facebook.com https://www.facebook.com https://m.facebook.com https://*.baidu.com https://*.baifubao.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data:; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/webapps/hermes/button?env=production&commit=true&style.size=responsive&style.shape=rect&style.color=blue&style.layout=vertical&funding.allowed=credit&funding.disallowed=card%2Cvenmo&domain=www.roundx.one&sessionID=b04a344009_mjm6mzk6mtc&buttonSessionID=555dbb7c11_mjm6mzk6mtg&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ%3D%3D&uid=bc5d4c0d8a&version=4&xcomponent=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.roundx.one/upright1
accept-encoding
gzip, deflate, br
cookie
AKDC=ccg11-origin-www-2.paypal.com; akavpau_ppsd=1567036157~id=cb938d014dfa73edd4b8bacc20663098
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.roundx.one/upright1

Response headers

status
200
server
Apache
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
paypal-debug-id
871651f828f5f 871651f828f5f
cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0 max-age=0, no-cache, no-store, must-revalidate
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://connect.facebook.net https://www.facebook.com https://m.facebook.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com https://staticxx.facebook.com https://www.facebook.com https://m.facebook.com https://*.baidu.com https://*.baifubao.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data:; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
x-powered-by
Express
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6ImV5ei1Hc09TU1FXRVhiUl9scVRpUFZMTXNLUkxjZkFxbEpRNk5qZFNDb3pnZ2dFd0hpdVMzVUdjY2xmNVZQMDhDaVNVVkc0T0VVSmtXUlhjMlVMaW10SmR5VXFVOElnZm43T2xmYnpWWVhfcTQ4T0x5aUpiUWREVE85clUwRUlzRlhNUEVXRW9mLTlYUVFzNnJNSXVKWG1Ic2k1RmRNRUlpRExNMmpmaHoydkN0Y2thdDQtWnc3ajJKcmkiLCJpYXQiOjE1NjcwMzU1NTgsImV4cCI6MTU2NzAzOTE1OH0.kRYIzJi0u2aW6sSku0HWhLcpBtKBaiK74TQYhjbSp3E
x-csrf-jwt-hash
ffce6b73eedd96500d70f05ee65cb65f32ad04a81789ba92158a97f98b4ce2a8
x-cookies
{"tD08unW5xWPYcc3Vtbf3fJ3V3AQpBSPfm6WSV5oz4qyqFW9g":"HvEe4UfKcdVV4YOaKKW28G55afagwBeGCDwP2QXgi2w5DJnXiPbPt7fgkQJYS_A0twjrK0VOcOBptq32","iQCnhIy5-64PvineZIGVfUafYGUgmm9iludbMKXVIUhFSMEA":"pQCqiWQnUjd_ijRIDHkYBcsyEc6HPugaVTNYSMaAS608h4IleRHA3XJlNKEjTEvCQVp6eHHfacBSh_U5","ag57olvZ7MWSTJXCB7PUbg1HbJ7ibAsoAYd73FZ9IOdz_8eW4AApCl4lKlO":"3FlN38TLUn8KZoEO8IIZ5uVPJ45IctWiD3yEBz8k2m21wC5GN1pRXEMBcwznPWLLenq_F3KBOz_gwFlOrB_zLuDP15gW7KhuPWD42-X2CdcGiB_j2LuU3UupwD8RqZsfjHJsjTrxKFT-aOJT9_pENfGjij0XX2MSu-YP1KluafUt7O0_f3KRt0V8yw3zPhMxVZQT-FadvzUJ2xUfObz4a1a5d04FVbLzFEcU3fMGPUQmObc5ksEAaR7ez9GnW86L8cBmgRCGFYXjN40jFSPvEvmLccrkm065yRfx0dF80__Yb1HCJ_1tpAeHAfZCbVCqVKNGKcFG4yiqR4_37gbTBB2tZQGZrZmX8QPBeUDcEOo0Ise9isgGZpYcBRr2g2XYmX8b8KlN9AiEBcEysbQBbrDdnU8T34nYQxUQdkPQmqP-5B_BPSECHTuOF_-hGb0otTRDYWvCG2XvCtrrEDDnALI0ATK7xtBlAYz4nqws596Bd6cVTpT63V9BJc1doid1Uj8dr7FsimbsDBAbDeMzqATnMOsulN9niA_wQhh5MbcKkfhY0T0xgz3B5LthMJfPDcJWuoLqmg5pb19R","kg2qV_XhZLeHBcIhqJRalQcoTeI628APAgUHhMKICIrHc2Pz":"3Co-gsr1LQj5Vhp-k_BA0alpoj-m7bDsup05a-zNzcnsqtEcvyyXmAwswLU2WIWZ1Wu3kPZ68ff67dbiJ86Ab0HqAe8FsS1bkZ2WHXvHRXQ4ogrin1MxkVaCb0X0eYN8aRPkaMF-tqdxlVxvAOoSd2KEMcWb5fS4IYsIjpsqx3_zY2u75C984JMgnDejPZ0zlQQJkfp7CUh-Ky0A3JgDA1CD_TSnD8oEM60I7W","1lqGsXW4eqX_7BylYaffZSBrM_FVp-T5d4SAddgQWEt6_lR1":"PIzUTxZ1RjMSpWK86BmFdZm7bDKu9X5vA41N2mDErXaRPiMBzWXZuXCKfRbvC8nbklxxuVZvzeWYpRoDJZu7TiYvUJHo-EYSR90OVYy3hWx2zDVoyDBJ5uAtdr6Slf4n0YK75w8rzzI14fEr0VP9JkZ6pK6c-L8HW8IAl3H7vE94a2e_"}
x-cookies-hash
d7e69ec21939454a98939293a85df82d8fe77bc9ae1e9e8f739dae0d3099650b
http_x_pp_az_locator
ccg23.lvs
content-encoding
gzip
pragma
no-cache
content-type
text/html; charset=utf-8
dc
ccg11-origin-www-2.paypal.com
date
Wed, 28 Aug 2019 23:39:18 GMT
vary
Accept-Encoding
set-cookie
LANG=en_US%3BUS; Domain=.paypal.com; Path=/; Expires=Thu, 29 Aug 2019 08:25:14 GMT; HttpOnly; Secure tsrce=hermesnodeweb; Domain=.paypal.com; Path=/; Expires=Sat, 31 Aug 2019 23:39:18 GMT; HttpOnly; Secure x-csrf-jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6Iks1bjMyX0FyQzdCbVdZb3hlMU5lTDlqZVRKcHQyMUdfSEhkVGFFeFl1OFF3VUpuMTQzTlZ0aW1FY3U3VU82UG16TmFSUlAyLVRCUTVCQzk2TFVWcVlwV0J2UnNXd2l3Y1N1enVzeXdNNklGOFRQMGNoRkNTMjdZREQ5cG9TUjhhZGViM19OTUUwWVg0bXg2WlF2Y0s0TXJzUHZacG5BVzkxWnlvekVsdENISTVZSFhLaFBROVNEbVdJVnkiLCJpYXQiOjE1NjcwMzU1NTgsImV4cCI6MTU2NzAzOTE1OH0.Saz2jFprJX-1Qma-437zlSDWUZwWjSGV4wR0UflKhaQ; Domain=.paypal.com; Path=/; Expires=Wed, 04 Sep 2019 23:39:18 GMT; HttpOnly; Secure tsrce=hermesnodeweb; Domain=.paypal.com; Path=/; Expires=Sat, 31 Aug 2019 23:39:18 GMT; HttpOnly; Secure ts=vr%3Dda99095416cac120001d3adeffff5dca%26vreXpYrS%3D1661706335%26vteXpYrS%3D1567037358%26vt%3Dda99095916cac120001d3adeffff5dc9; Domain=.paypal.com; Path=/; Expires=Sun, 28 Aug 2022 17:05:35 GMT; HttpOnly; Secure nsid=s%3A0iqWv8zwNfErMvtLS4C-UOrp0umsxyYI.Cembpt5cyxLBKkXxZrEDcIqJPt2Ch6gTpNLJ09Y2Qg4; Path=/; HttpOnly; Secure X-PP-SILOVER=name%3DLIVE5.WEB.1%26silo_version%3D880%26app%3Dhermesnodeweb%26TIME%3D2786092893%26HTTP_X_PP_AZ_LOCATOR%3Dccg23.lvs; Expires=Thu, 29 Aug 2019 00:09:18 GMT; domain=.paypal.com; path=/; Secure; HttpOnly X-PP-SILOVER=; Expires=Thu, 01 Jan 1970 00:00:01 GMT akavpau_ppsd=1567036158~id=03ef61a025f78f5fdd2d858cf930575d; Domain=www.paypal.com; Path=/; Secure; HttpOnly
strict-transport-security
max-age=63072000
truncated
/ Frame 0BDB 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3551a75936077de738fa814761a357e4616685f20b8b4c7b80ca565eb6c7b3a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0BDB 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
969120fcfbd39914a5e73208e24420bedd03238c32c53b0ed80a0558658133d4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0BDB 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59f43716cabcb5cf8e918fe857f49e517e41b5eb608e92cb17a2b7e95579ad0d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
logger
www.paypal.com/xoplatform/logger/api/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-38-79.deploy.static.akamaitechnologies.com
Software
Apache / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

x-app-name
checkoutjs
Referer
https://www.roundx.one/upright1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-type
application/json

Response headers

x-edgeconnect-origin-mex-latency
146
date
Wed, 28 Aug 2019 23:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
143
x-powered-by
Express
x-recruiting
If you are reading this, maybe you should be working at PayPal instead! Check out https://www.paypal.com/us/webapps/mpp/paypal-jobs
status
200
http_x_pp_az_locator
ccg23.lvs
paypal-debug-id
b4b2604979cf9, b4b2604979cf9
dc
phx-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
26
pragma
no-cache
server
Apache
strict-transport-security
max-age=63072000
content-type
text/html
access-control-allow-origin
https://www.roundx.one
cache-control
no-cache, max-age=0, no-cache, no-store, must-revalidate
xd_arbiter.php
staticxx.facebook.com/connect/ Frame A4A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4f7e6c4293f226325ea7ffe0ec041754&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.roundx.one/upright1
accept-encoding
gzip, deflate, br
cookie
fr=0rR2j6b0xHPrEdtVX..BdZxCl...1.0.BdZxCl.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.roundx.one/upright1

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Wed, 26 Aug 2020 21:13:55 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
SIq9ekWxtXqpkvi6mh/B/jpUuKBNS9DkUOGlASKkStAVztJxF8ouqxCRn3DgU1LHOObXah4UKy/DLc0xzPUwfQ==
content-length
11642
x-fb-trip-id
365799557
date
Wed, 28 Aug 2019 23:39:18 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=246441615530259&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.roundx.one%2Fupright1&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4f7e6c4293f226325ea7ffe0ec041754&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.roundx.one/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
ZFWcFnDvh56IAWJKRbcjln+ZhAevb6xLMEJQRI6IPw89h/NyK1qbtKcd1qP8EMqf0apUWkCmyOZDb6lIAhnzjA==
fb-s
unknown
status
200
x-frame-options
DENY
date
Wed, 28 Aug 2019 23:39:18 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.roundx.one
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
ts
t.paypal.com/ 		42 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Haltungs-Corrector&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1567035558131&g=-120&completeurl=https%3A%2F%2Fwww.roundx.one%2Fupright1&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-38-79.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.7 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Aug 2019 23:39:18 GMT
server
akka-http/10.1.7
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status
200
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
42
expires
Wed, 28 Aug 2019 23:39:18 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vfl_QvS8o/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl_QvS8o/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
743cc926a4314f25d09ad7fa042ddc4dbbb81c7f28fa11be70af367ee3015ecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 12:01:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
214679
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9985
x-xss-protection
0
last-modified
Sun, 25 Aug 2019 13:44:44 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Tue, 03 Sep 2019 12:01:19 GMT
/
www.facebook.com/tr/ 		44 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=913203839047082&ev=Microdata&dl=https%3A%2F%2Fwww.roundx.one%2Fupright1&rl=https%3A%2F%2Fminently.com%2F&if=false&ts=1567035558454&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Haltungs-Corrector%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Atitle%22%3A%22Haltungs-Corrector%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.roundx.one%2Fupright1%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1567035557951.223505750&it=1567035557787&coo=false&es=automatic&rqm=GET
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/upright1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:18 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 28 Aug 2019 23:39:18 GMT
background.png
www.roundx.one/images/ 		117 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.roundx.one/images/background.png?_unique=0.6174296507389667&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.roundx.one/upright1&_referrer=ttps%3A//minently.com/&_title=Haltungs-Corrector&_key=8k2dqqc4&_page_key=48nmf4t9x97854wu&_fid=7736785&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://www.roundx.one/upright1&_referrer=https://minently.com/
Requested by
Host: www.roundx.one
URL: https://www.roundx.one/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 5.3.7
Resource Hash
a1a4e1a7345895223984cc81e794fc5b18d85363b235f8995e88b3d032e28600
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.roundx.one/upright1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 28 Aug 2019 23:39:18 GMT
access-control-request-method
*
access-control-allow-origin
*
x-powered-by
Phusion Passenger Enterprise 5.3.7
status
200, 200 OK
content-encoding
br
x-request-id
c8658f11-578a-45e3-8e4d-190cf65c4eae
x-runtime
0.009176
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOWALL
access-control-allow-methods
POST, GET
content-type
text/javascript; charset=utf-8
via
1.1 vegur
cache-control
no-cache, no-store, private
cf-ray
50da1fb23946cbd0-VIE
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-rack-cache
miss

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ps.popcash.net
URL
http://ps.popcash.net/ad/ad?p=216668&w=498903&d=6539fbfbca1ca848e9f4-1561026291498903&

Verdicts & Comments Add Verdict or Comment

275 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| createGUID function| toQueryString function| setCookie function| getCookie function| logError function| done function| recordUserEvent function| setCFMetaTagsFromCookies function| setCFMetaTagsFromQueryString function| getCFMetaTag function| writeCFMetaTag function| queryStringFromCFMetaTags function| recordPageview function| recordUniqueVisitor function| recordUniquePageview function| setClientWidth function| setForm function| fbq function| _fbq function| gtag object| dataLayer function| CFFacebookMessengerCheckbox string| CFAppDomain object| google_tag_manager string| GoogleAnalyticsObject function| ga function| ouibounce function| CFbuildAudioPlayer function| evsfix function| calcTax function| cfStripeTokenHandler function| cfCreateElements function| cfCreateStripeToken function| cfElementsFindFont function| AttachStripeElements function| prettyNotify function| start_firebase function| displayPageNotifier function| start_page_notifier function| start_firebase_quantity_limiter function| readCookie function| CFExtractPayPalButtonConfiguration function| CFPaySelectPaypalTransactions function| PaySelectInit function| recalcRoundUp function| addCharityToSummary function| addSaasRedirectClickHandler function| CFInfusionsoftTokenizationHandler function| webinarDelay function| cookieWebinarTime function| getWebinarLastTime function| reportWebinarTime function| periodicAutoWebinarCheck function| periodicLessonCheck function| reportLessonProgress function| CFSanitizeCountdownElement function| CFstartBPVideos function| CFprocessBPVideos function| CFcheckForVimeo function| CFhandleWistiaBPVideo function| CFhandleAllVimeoBPVideos function| CFhandleAllYouTubeBPVideos function| CFsetupSessionStarterBP function| CFsetupMutedVideos function| CFrenameVimeoURLAttribute undefined| checkPreview undefined| cookie_variable undefined| tag undefined| firstScriptTag undefined| elVideo_one undefined| elVideo_two undefined| elVideo_three undefined| elVideo_four undefined| elVideo_type undefined| elVideo_show undefined| elVideo_hide undefined| elVideo_numberofvideos undefined| gettheType_unlocker undefined| player undefined| playVideoText undefined| pauseVideoText undefined| playingVideoText undefined| lockedVideoText undefined| CFSurveyParticipantID boolean| cfpeorders function| recurlyNameHandler function| recurlyCountryHandler function| recurlyTokenHandler undefined| checkifPreview_randomCookie undefined| elCheckVideoEndType undefined| unlockVideoDate undefined| checkifUnlockableDate undefined| checkifUnlockableEverGreenDate undefined| everGreenDates undefined| onYouTubeIframeAPIReady undefined| elUnlocker_startVideo undefined| onPlayerReady undefined| elvideounlockerProgress undefined| elUnlocker_changeVideo undefined| onPlayerStateChange undefined| runAnimationFade undefined| runAnimationScale undefined| runAnimationLeft undefined| runAnimationRight undefined| runAnimationTop undefined| runAnimationBottom function| getURLParameter function| cfpeRebuildOrderSummary function| $ function| jQuery function| moment object| jQuery1810987569444757944 function| JQClass function| tinycolor function| generateUniqueId object| CFUtils object| ClickFunnels function| _ object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer function| KeenAsync function| videojs function| _V_ function| $d string| proc string| _image_path string| _ate_license boolean| _ate_mouse string| _ate_css string| _ate_callback string| _ate_dropdown string| _ate_lbl_outlook string| _ate_lbl_google string| _ate_lbl_yahoo string| _ate_lbl_hotmail string| _ate_lbl_ical string| _ate_lbl_fb_event boolean| _ate_show_outlook boolean| _ate_show_google boolean| _ate_show_yahoo boolean| _ate_show_hotmail boolean| _ate_show_ical boolean| _ate_show_facebook boolean| _d_rd boolean| _ate_btn_found boolean| _ate_btn_expo object| addthisevent function| postscribe undefined| cfStripeElementsCardElement function| Firebase function| ES6Promise object| cookieconsent object| cfFacebookInitOptions function| fbAsyncInit string| page_key string| fid string| fspos string| fvrs object| cf_tracker string| cf_key string| serverUrl object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Mailcheck object| ccTLDs string| ccTLD object| currentDefaultDomains string| defaultDomain number| j function| getURLParameterExact object| FB object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| __paypal_storage__ object| paypal object| PAYPAL object| ppxo function| callbackFunction object| _pcq object| $currTemplate object| cfpe object| getVars function| AttachClickPushListeners object| Clickfunnels object| $cfSurvey_outcome object| CFSurveyQueryOutcome string| target string| str undefined| checkVideoAttr undefined| showVideoBG string| $url object| $queries undefined| $utm_source string| $pID string| $rootID string| $variantcheck string| $userID undefined| $iframeCheck string| $requiredCheck object| SurveyMatcher undefined| $carContestProgress string| $todayYear string| $localTime string| $autoWebinarDay1 string| $autoWebinarDay1_raw string| $selectText string| $autoWebinarDay0 string| $autoWebinarDay0_raw string| $replayText string| $autoWebinarDay2 string| $autoWebinarDay2_raw string| $autoWebinarDay3 string| $autoWebinarDay3_raw undefined| date undefined| time object| webinar_datetime object| webinar_datetime_offset boolean| now object| now_offset number| webinar_delay object| webinar_delay_offset boolean| $removeSelectDateOnAutoWebinar object| buyButton object| paypalDDL number| funnel_stat boolean| ecookie function| loadScript function| jQueryCheck function| createCookie function| formatObject function| getFormData function| filteredMatch function| changeText boolean| replied object| sender object| cfUniqueVisitorID function| cfSetUniqueVisitorID function| SendData function| wait function| sleep function| checkresponse function| answered function| postpone object| formSubmitFunctions function| formAttach function| addEvent function| filtered_string object| url_params undefined| parts undefined| nv function| cf_load function| get_XmlHttp object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter string| root_url number| timeout undefined| $survey_ID string| $page_ID string| $survey_db_id

29 Cookies

Domain/Path Name / Value
.facebook.com/ Name: fr
Value: 0rR2j6b0xHPrEdtVX..BdZxCl...1.0.BdZxCl.
.paypal.com/ Name: X-PP-SILOVER
Value: name%3DLIVE5.WEB.1%26silo_version%3D880%26app%3Dhermesnodeweb%26TIME%3D2786092893%26HTTP_X_PP_AZ_LOCATOR%3Dccg23.lvs
.paypal.com/ Name: ts
Value: vr%3Dda99095416cac120001d3adeffff5dca%26vreXpYrS%3D1661706335%26vteXpYrS%3D1567037358%26vt%3Dda99095916cac120001d3adeffff5dc9
.paypal.com/ Name: x-csrf-jwt
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6Iks1bjMyX0FyQzdCbVdZb3hlMU5lTDlqZVRKcHQyMUdfSEhkVGFFeFl1OFF3VUpuMTQzTlZ0aW1FY3U3VU82UG16TmFSUlAyLVRCUTVCQzk2TFVWcVlwV0J2UnNXd2l3Y1N1enVzeXdNNklGOFRQMGNoRkNTMjdZREQ5cG9TUjhhZGViM19OTUUwWVg0bXg2WlF2Y0s0TXJzUHZacG5BVzkxWnlvekVsdENISTVZSFhLaFBROVNEbVdJVnkiLCJpYXQiOjE1NjcwMzU1NTgsImV4cCI6MTU2NzAzOTE1OH0.Saz2jFprJX-1Qma-437zlSDWUZwWjSGV4wR0UflKhaQ
.paypal.com/ Name: ts_c
Value: vr%3Dda99095616c0a1d31652dc90ffffffff%26vt%3Dda99095616c0a1d31652dc90fffffffe
www.roundx.one/ Name: cf:MzEyNTY2OTY
Value: :visited=true
www.paypal.com/ Name: AKDC
Value: ccg11-origin-www-2.paypal.com
.paypal.com/ Name: LANG
Value: en_US%3BUS
www.roundx.one/ Name: cf:term
Value:
www.roundx.one/ Name: cf:name
Value:
www.roundx.one/ Name: cf:medium
Value:
.www.paypal.com/ Name: akavpau_ppsd
Value: 1567036158~id=03ef61a025f78f5fdd2d858cf930575d
.roundx.one/ Name: _gid
Value: GA1.2.476568247.1567035558
www.roundx.one/ Name: cf:aff_sub
Value:
www.roundx.one/ Name: cf:content
Value:
www.roundx.one/ Name: cf:cf_affiliate_id
Value:
www.roundx.one/ Name: cf:affiliate_id
Value:
www.paypal.com/ Name: nsid
Value: s%3A0iqWv8zwNfErMvtLS4C-UOrp0umsxyYI.Cembpt5cyxLBKkXxZrEDcIqJPt2Ch6gTpNLJ09Y2Qg4
www.roundx.one/ Name: cf:visitor_id
Value: 50ad14c8-3c98-456c-b7c6-1e516b2a10fa
www.roundx.one/ Name: cf:source
Value:
www.roundx.one/ Name: cf:aff_sub2
Value:
.paypal.com/ Name: tsrce
Value: hermesnodeweb
.roundx.one/ Name: _fbp
Value: fb.1.1567035557951.223505750
.www.roundx.one/ Name: __cfduid
Value: d20297b184ddcb5d9b959f9c2be06f9b41567035557
www.roundx.one/ Name: cf:aff_sub3
Value:
.roundx.one/ Name: _gat_gtag_UA_146587441_1
Value: 1
.roundx.one/ Name: _ga
Value: GA1.2.826268042.1567035558
.www.roundx.one/ Name: __cf_bm
Value: 698d1d613367c388116e67fc5e5ee5cd1d0e2571-1567035557-1800-AYiear7fYxmf2hGyjDNPLTG0wnYjXiismyvUuCjh8gNb3FAKaxxwt8rey4Uf/cNSoDyJug+wh4M7WDCIZK2nHcU=
www.roundx.one/ Name: addevent_track_cookie
Value: 9b3e69ad-57ea-415d-23b8-af90191dd0cd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alloutlife.host
app.clickfunnels.com
assets.clickfunnels.com
best.prizedeal0819.info
best9266.toptiptrack45.life
cdnjs.cloudflare.com
connect.facebook.net
d26b395fwzu5fz.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
images.clickfunnels.com
laitalcni.ml
logicalgold.club
minently.com
ps.popcash.net
realcenter-mobileapps2.com
s.ytimg.com
staticxx.facebook.com
t.paypal.com
track.addevent.com
up.trkgenius.com
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
www.roundx.one
www.youtube.com
ps.popcash.net
107.6.174.196
108.128.217.130
13.35.254.66
185.50.248.98
2.21.38.79
213.227.130.45
23.111.9.35
2606:4700:30::681b:9934
2606:4700:30::681b:b76c
2606:4700:30::681c:f17
2606:4700::6810:cc2
2606:4700::6810:fc2
2606:4700::6813:c597
2a00:1450:4001:814::2003
2a00:1450:4001:81a::2008
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.201.158.191
79.110.23.98
99.198.108.198
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
3c5f03d924f263f75a0c4e1742de744b509357fc5cedeb7188904df0ba52dcf7
42e04ccda935ca22c4b14b70bdd6ba74b5f2e9c6496ab4a9df42a56fe17b099e
4ba24b3b0893a8ee74bc043ece4c52e17f4b1a4574ee36545821ac7e4f91711c
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
529e77ee17cf48e9ccbb5a64a0e59a1bbda0d9c011ee061f40b1aa189e8fabb8
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
58ab89db6daef9fda9c980babf92906f79786afe766c15f84792a2e4399fb5c4
59f43716cabcb5cf8e918fe857f49e517e41b5eb608e92cb17a2b7e95579ad0d
5d0db4c3b3fc0d36adc7d2a495db5a8ac11a08afa5037a84a6b094cb088e73bb
5d91dad67589c1078f9b1bed2b13dd2bbad438fc15718cb026aa2498088fe2a4
6511d3ad702754443affd6f1d2d76e5344ea5ea4de527567f5419d90674d94de
66091826fdccc97d4f15b39ca296317d4b74d0b1f313d847eb3cfd18806c1061
679fd38c34e06f58bfbce3fbb1afa52fbb961b94fc172c6c4a556a5012bad552
6d57d2d342b40fbf41f907ff7f041cf8fc7cf842919c7a4bda785ce520a4dde5
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
736ba7dd6beddd2101be1be87706a3b9c1cc68c85127e207561615c16c988c1a
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
743cc926a4314f25d09ad7fa042ddc4dbbb81c7f28fa11be70af367ee3015ecd
74d05ed4a7d8aa5c8ab349ddefd1399bca2887e2ae8986afc546dfbe9f9ee3ac
77627ae6d65d8980bba4577917e1ab03cef2377cfd93f8418d0774860523d176
7b2a7879e56cd1919e162792f0e5ba9d425bf8d22f2e83e2410f8a9320ee984d
7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
864f0a475b63bdb277e14b44c2e6a84d08a9b81962e334bfc4733f77decd2b0c
8dcb9d50a46f42a6e79ce50661d7b280d187cd798fd181c5e35c73b4c5a3f932
90a8f1ad844ccf9f45d879314c3f9ef2308bbfc385f1757fc04dff1c4cb2079a
969120fcfbd39914a5e73208e24420bedd03238c32c53b0ed80a0558658133d4
98a9a4c336dccdb7ea1812edd2b575b2b4a08b5782654ceb300824544f2c1b0c
9dd6e56f76541aeddf06fd9ea32e75125a7ff4e110b43033c80e14aa8d7bb43e
9fb0184026d1e48b8e906880346069f784a453170a7dee240a5f71d17432b426
a1a4e1a7345895223984cc81e794fc5b18d85363b235f8995e88b3d032e28600
a489c7d7e194d4d49023fc220ee92d375aad55a845d1f8d02d6619b7f48b0525
a7bae1c42dc7bbd0783d5fa483075b3ca30c47f7b83bbd0fa3816407cb6161d6
ac7c72ee816c3710ead8db87f98d1cc6ff765cd79a24584766d9ad199ac16750
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
bb253d3392f7ffb457fbd371b2d1beadea6c798764639e4b0b77940e988c4cce
c3551a75936077de738fa814761a357e4616685f20b8b4c7b80ca565eb6c7b3a
c8fbd44351b2040cbd911e73aa17794cfd00261d0f10a6881fd48ca8a1d880b3
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d69182fae9ab3261fb315c27f4c678da0bff12d11a315c0cdf95c2f896e5f06c
d9bab1251f87550e489899194eb6f0053dafeb8ba939e571024efcb0f0612989
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
fbff3295eccfd044f2ab4c3ab1bcaf85731f9e9b5f38634baa137bc3ba5ff3c5