urlscan.io logo urlscan.io
SecurityTrails logo

rdp.rundot.com Open in urlscan Pro
35.202.21.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link.mail.beehiiv.com/ls/click?upn=u001.y62PhXpouEUBQQu2Aiek78Eom3xegl8uOjIN6qgAG3IHpXtdZANuYUW22HJvO47nm3n3bo-2B8gCGZ...
Effective URL: https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&utm_content=V2-r4854-...
Submission: On August 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 1 countries across 14 domains to perform 19 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is rdp.rundot.com.
TLS certificate: Issued by R11 on June 11th 2024. Valid for: 3 months.
This is the only time rdp.rundot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 44.225.133.216 16509 (AMAZON-02)
1 1 52.205.36.237 14618 (AMAZON-AES)
1 35.202.21.90 396982 (GOOGLE-CL...)
2 34.107.203.240 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 13.226.34.40 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 35.192.151.63 396982 (GOOGLE-CL...)
1 2600:1f13:c4e... 16509 (AMAZON-02)
2 2a03:2880:f10... 32934 (FACEBOOK)
19 13
1    2606:4700::6812:4528 (United States)

ASN13335 (CLOUDFLARENET, US)
link.mail.beehiiv.com
1    44.225.133.216 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-133-216.us-west-2.compute.amazonaws.com
www.clkmg.com
1    52.205.36.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-36-237.compute-1.amazonaws.com
wellput.go2cloud.org
1    35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com
rdp.rundot.com
2    34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com
static.leadpages.net
1    2607:f8b0:400d:c0f::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:400d:c0e::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)
js.center.io
2    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.226.34.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-40.ewr53.r.cloudfront.net
js.go2sdk.com
3    2607:f8b0:400d:c00::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)
js.center.io
2    35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com
api.leadpages.io
1    2600:1f13:c4e:b002:f771:ac77:92b9:f7d9 (Boardman, United States)

ASN16509 (AMAZON-02, US)
fb.tridot.com
2    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
3 gstatic.com
fonts.gstatic.com
84 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 leadpages.io
api.leadpages.io — Cisco Umbrella Rank: 76565
1021 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
153 KB
2 center.io
js.center.io — Cisco Umbrella Rank: 85223
12 KB
2 leadpages.net
static.leadpages.net — Cisco Umbrella Rank: 82238
29 KB
1 go2sdk.com
js.go2sdk.com — Cisco Umbrella Rank: 42504
4 KB
1 tridot.com
h.tridot.com Failed
fb.tridot.com
313 B
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 129
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 rundot.com
rdp.rundot.com
19 KB
1 go2cloud.org
wellput.go2cloud.org
2 KB
1 clkmg.com
www.clkmg.com — Cisco Umbrella Rank: 382626
1 KB
1 beehiiv.com
link.mail.beehiiv.com — Cisco Umbrella Rank: 93950
749 B
19 14
Domain Requested by
3 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com rdp.rundot.com
2 api.leadpages.io js.center.io
2 connect.facebook.net rdp.rundot.com
connect.facebook.net
2 js.center.io rdp.rundot.com
js.center.io
2 static.leadpages.net rdp.rundot.com
1 fb.tridot.com connect.facebook.net
1 js.go2sdk.com rdp.rundot.com
1 lh3.googleusercontent.com rdp.rundot.com
1 fonts.googleapis.com rdp.rundot.com
1 rdp.rundot.com
1 wellput.go2cloud.org 1 redirects
1 www.clkmg.com 1 redirects
1 link.mail.beehiiv.com 1 redirects
0 h.tridot.com Failed rdp.rundot.com
19 15

This site contains links to these domains. Also see Links.

Domain
www.research.net
Subject Issuer Validity Valid
rdp.rundot.com
R11		 2024-06-11 -
2024-09-09		 3 months crt.sh
static.leadpages.net
WR3		 2024-08-02 -
2024-11-01		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
js.center.io
WR3		 2024-06-23 -
2024-09-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-19 -
2024-08-17		 3 months crt.sh
js.go2sdk.com
Amazon RSA 2048 M02		 2024-07-05 -
2025-08-01		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.leadpages.io
E5		 2024-08-08 -
2024-11-06		 3 months crt.sh
fb.tridot.com
Amazon RSA 2048 M02		 2023-12-09 -
2025-01-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&utm_content=V2-r4854-p142417-c1140&transaction_id=1024897a8bdc5fe1256c19b9aa0b49
Frame ID: 83AD31F066CC96CFC7DAF9FFCDA0AD8B
Requests: 18 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 9921BC5B6400E822472D94000F93F267
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The RunDot Project Application

Page URL History Show full URLs

  1. https://link.mail.beehiiv.com/ls/click?upn=u001.y62PhXpouEUBQQu2Aiek78Eom3xegl8uOjIN6qgAG3IHpXtdZANuYUW22H... HTTP 302
    https://www.clkmg.com/wellput-io/142417lz36dccj/V2-r4854-p142417-c1140////?utm_medium=advance_indu... HTTP 302
    https://wellput.go2cloud.org/aff_c?&aff_id=1&source=cm&aff_sub=V2-r4854-p142417-c1140&aff_sub2=advance_in... HTTP 302
    https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

95 %
HTTPS

60 %
IPv6

14
Domains

15
Subdomains

13
IPs

1
Countries

322 kB
Transfer

881 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.mail.beehiiv.com/ls/click?upn=u001.y62PhXpouEUBQQu2Aiek78Eom3xegl8uOjIN6qgAG3IHpXtdZANuYUW22HJvO47nm3n3bo-2B8gCGZCgH6jgvDPnDPFdA9k0uWwDET76p1dHBHCtmoFt6ZtRI1JU0k3eQqpKuFfskIMk9toiOFa3-2Flpn2W5CeAsb5yNB0DRiYzj9IsMMtAfV65eJ1wvayB1VWWdUrjvZYphZkaJORR8Rle7Oo-2BZ9blvqmeGjhF7gnvAEDB9DJfMHYFpEgz5MtSOgmSF9E-2BQX5tlUcdCS2EX0TaxLsM8qUw19VLfTEI-2FETWC8M-3DF7om_5OOxTcJtQ1F0AGWxzbhLCgZu2lCjx40L5w4DpyTUaG9qBY9zh1XKPNVkxHWJzdBTOP-2Fcp8N1bgIvtPsGnyWvrpfvMDC0fUEIwIfb1U7Fu68YQbxRXhDfGsLqm2x1jhV-2BarAOvdzwnlXPB1xqumKh2xk2UorDGwWVclH4vPqqZfu9Hx8R8EpOvOZwweTQooiw4fMvkG2yA-2FI58kFIwg1AZngf31FvBuuW14G1DP9rKdjjRdOusY2ZX1IJwR-2Bd9FmnwRW-2FUK1311MmvGgjNTjAnC6Hk-2FjcIwCZ8fbHN-2FqV4B9PhCy7si18d79qnnWLC43yNGo4SJtFyO7ho7d-2BJ-2BhKhlbnVMPX2qDfeBngtCl-2BKpGje-2FA59UQzJwYAq0wwQSkjLTUmawWAmSEOJO8-2FSqta-2F2vAqLpfvF-2BKsOhPYQL2awZ9t0NkNZS7Qw3o1uh9nUKB HTTP 302
    https://www.clkmg.com/wellput-io/142417lz36dccj/V2-r4854-p142417-c1140////?utm_medium=advance_industries&_bhiiv=opp_cea691a5-3eff-47d6-82ba-f97a0dfe33d2_ffad3c3a&_bhlid=85db45243a5aa02b84e9b578c4f8412121c4a176 HTTP 302
    https://wellput.go2cloud.org/aff_c?&aff_id=1&source=cm&aff_sub=V2-r4854-p142417-c1140&aff_sub2=advance_industries&aff_sub3=&aff_sub4=&aff_sub5=&aff_click_id=&offer_id=103 HTTP 302
    https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&utm_content=V2-r4854-p142417-c1140&transaction_id=1024897a8bdc5fe1256c19b9aa0b49 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rdp.rundot.com/rdpwp/
Redirect Chain
  • https://link.mail.beehiiv.com/ls/click?upn=u001.y62PhXpouEUBQQu2Aiek78Eom3xegl8uOjIN6qgAG3IHpXtdZANuYUW22HJvO47nm3n3bo-2B8gCGZCgH6jgvDPnDPFdA9k0uWwDET76p1dHBHCtmoFt6ZtRI1JU0k3eQqpKuFfskIMk9toiOFa3-...
  • https://www.clkmg.com/wellput-io/142417lz36dccj/V2-r4854-p142417-c1140////?utm_medium=advance_industries&_bhiiv=opp_cea691a5-3eff-47d6-82ba-f97a0dfe33d2_ffad3c3a&_bhlid=85db45243a5aa02b84e9b578c4f8...
  • https://wellput.go2cloud.org/aff_c?&aff_id=1&source=cm&aff_sub=V2-r4854-p142417-c1140&aff_sub2=advance_industries&aff_sub3=&aff_sub4=&aff_sub5=&aff_click_id=&offer_id=103
  • https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&utm_content=V2-r4854-p142417-c1140&transaction_id=1024897a8bdc5fe1256c19b9aa0b49
93 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&utm_content=V2-r4854-p142417-c1140&transaction_id=1024897a8bdc5fe1256c19b9aa0b49
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
2b1bc92a9452ec27521d7acaaf249baca2351c42c39e0fbd23e0f5257c3b31ae
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Fri, 09 Aug 2024 19:37:36 GMT
etag
W/"3484d609257f6a42d20ee55fff90eb09"
last-modified
Fri, 19 Apr 2024 13:58:50 GMT
server
Leadpages
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-cache
MISS, HIT

Redirect headers

Accept-CH
Sec-CH-UA-Model, Sec-CH-DPR, DPR
Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
378
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 09 Aug 2024 19:37:36 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&utm_content=V2-r4854-p142417-c1140&transaction_id=1024897a8bdc5fe1256c19b9aa0b49
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
1024897a8bdc5fe1256c19b9aa0b49
X-Request-Id
081a3fd76f8588fc0c9d8fb7f93770cc
all.min.css
static.leadpages.net/fonts/font-awesome/6.4.2/css/ 		100 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css
Requested by
Host: rdp.rundot.com
URL: https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&utm_content=V2-r4854-p142417-c1140&transaction_id=1024897a8bdc5fe1256c19b9aa0b49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 03:35:26 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
1699330
etag
"-6uIpg"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
090aaaf02916e1c58d884815670bbcae
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26836
expires
Mon, 21 Jul 2025 03:35:26 GMT
css
fonts.googleapis.com/ 		30 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Open+Sans:300,400,500,700
Requested by
Host: rdp.rundot.com
URL: https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&utm_content=V2-r4854-p142417-c1140&transaction_id=1024897a8bdc5fe1256c19b9aa0b49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7450ff997c60ff8113664c1934f474193ecaf0f1057499f04e0799a877873f56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rdp.rundot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 09 Aug 2024 19:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 09 Aug 2024 19:37:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Aug 2024 19:37:36 GMT
aRv-43kSX7o2ORoo5K6A9KiXnLTsIYL978-c6hiVgBYpyVlYOsL3QJhv5Hd27IsQ0rseKF2xztJOIcS4DLz0BkYt5QaRGbYI7w=s0
lh3.googleusercontent.com/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/aRv-43kSX7o2ORoo5K6A9KiXnLTsIYL978-c6hiVgBYpyVlYOsL3QJhv5Hd27IsQ0rseKF2xztJOIcS4DLz0BkYt5QaRGbYI7w=s0
Requested by
Host: rdp.rundot.com
URL: https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&utm_content=V2-r4854-p142417-c1140&transaction_id=1024897a8bdc5fe1256c19b9aa0b49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
699f6a2989460a88f095046416343b9e90c10ab5b0a07a3d7bac8e2fe5370e3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rdp.rundot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 19:37:36 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12650
x-xss-protection
0
expires
Sat, 10 Aug 2024 19:37:36 GMT
center.js
js.center.io/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.center.io/center.js
Requested by
Host: rdp.rundot.com
URL: https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&utm_content=V2-r4854-p142417-c1140&transaction_id=1024897a8bdc5fe1256c19b9aa0b49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

Referer
https://rdp.rundot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 19:34:09 GMT
server
Google Frontend
age
208
etag
"OMWYXg"
content-type
application/javascript
x-cloud-trace-context
13a42df7800779d764d39973042c417c
cache-control
public, max-age=300
content-length
12555
expires
Fri, 09 Aug 2024 19:39:09 GMT
universal-script
h.tridot.com/v1/lst/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rdp.rundot.com
URL: https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&utm_content=V2-r4854-p142417-c1140&transaction_id=1024897a8bdc5fe1256c19b9aa0b49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://rdp.rundot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 09 Aug 2024 19:37:37 GMT
document-policy
force-load-at-top
x-fb-server-load
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=118, rtx=0, c=12, mss=1297, tbw=2780, tp=-1, tpl=-1, uplat=2, ullat=-1
pragma
public
x-fb-debug
pOeN2094ko5IA22fy/UyaTSb3lncH+1pKIC8HyWQyZ/s78LfucupQake04kknHRgLABrvvo18+LHBg7JrDkLDw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tune.js
js.go2sdk.com/v2/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.go2sdk.com/v2/tune.js
Requested by
Host: rdp.rundot.com
URL: https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&utm_content=V2-r4854-p142417-c1140&transaction_id=1024897a8bdc5fe1256c19b9aa0b49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-40.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
688ea52c7291b980af811cab2dfc8af5ebb15a01555ddc0f3f312db77b059b74

Request headers

Referer
https://rdp.rundot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 22:08:49 GMT
x-amz-version-id
null
via
1.1 08e4533f506df09f2c978ceaed6e2310.cloudfront.net (CloudFront)
last-modified
Mon, 04 Mar 2024 18:55:58 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
77329
etag
"3301ce2b9ef7fa3f72c5ae2b296d4ceb"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4142
x-amz-cf-id
ef4zhDOy6TdFGgVPyzVCWgZ6iLIEqDY8pUMDggbte4CFtZek-iSkXw==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rdp.rundot.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 15:18:41 GMT
x-content-type-options
nosniff
age
15536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Aug 2025 15:18:41 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rdp.rundot.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 18:46:36 GMT
x-content-type-options
nosniff
age
175861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 18:46:36 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Open+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rdp.rundot.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 08 Aug 2024 20:58:09 GMT
x-content-type-options
nosniff
age
81568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Aug 2025 20:58:09 GMT
identify.html
js.center.io/ Frame 9921 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Referer
https://rdp.rundot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
211
cache-control
public, max-age=300
content-encoding
gzip
content-length
2016
content-type
text/html
date
Fri, 09 Aug 2024 19:34:06 GMT
etag
"OMWYXg"
expires
Fri, 09 Aug 2024 19:39:06 GMT
server
Google Frontend
x-cloud-trace-context
7d6c890410208e0877081c81987ad909
capture
api.leadpages.io/analytics/v1/events/ 		35 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=YqJJ7tPEukXjrEaKmXNSiR&v=&e=&st=&lc=en-US&pid=9g77qRVsfJRAmdMgCELEQC&uid=PG8ux7LrYLN3RrKmUfVfVM&sid=m5fJYH9gzbhYcArLRAQY3f&cid=lp-YqJJ7tPEukXjrEaKmXNSiR&uri=https%3A%2F%2Frdp.rundot.com%2Frdpwp%2F%3Futm_source%3Dwellput%26utm_medium%3Demail%26utm_campaign%3Dadvance_industries%26utm_content%3DV2-r4854-p142417-c1140%26transaction_id%3D1024897a8bdc5fe1256c19b9aa0b49&rf=&rx=1600&ry=1200&tz=-10%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rdp.rundot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 19:37:37 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://rdp.rundot.com
X-Forwarded-For
162.245.206.246
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00sbiq7fqkd4tjrsbpo0
333918373446957
connect.facebook.net/signals/config/ 		306 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/333918373446957?v=2.9.164&r=stable&domain=rdp.rundot.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1ad233c048ae90e5df9762116743bed35babaaaa1cf3bdc169748e7c1200e339
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://rdp.rundot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 09 Aug 2024 19:37:38 GMT
document-policy
force-load-at-top
x-fb-server-load
26
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=123, rtx=0, c=65, mss=1297, tbw=64370, tp=-1, tpl=-1, uplat=480, ullat=0
pragma
public
x-fb-debug
nCsgu6d7A3yXaxXea1qPTfVwynk6IXbkcCWRBNJqeAt7MwGjzWzEr8hBPKi4+uZifp0IV8oxKZcKCeXYxTILGA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bd109ead027c86cb7ff114610eeb20ef238bab41b3559f1a552c5bc98914314a
fb.tridot.com/events/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fb.tridot.com/events/bd109ead027c86cb7ff114610eeb20ef238bab41b3559f1a552c5bc98914314a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/333918373446957?v=2.9.164&r=stable&domain=rdp.rundot.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:c4e:b002:f771:ac77:92b9:f7d9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rdp.rundot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rdp.rundot.com
date
Fri, 09 Aug 2024 19:37:38 GMT
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=333918373446957&ev=PageView&dl=https%3A%2F%2Frdp.rundot.com%2Frdpwp%2F%3Futm_source%3Dwellput%26utm_medium%3Demail%26utm_campaign%3Dadvance_industries%26utm_content%3DV2-r4854-p142417-c1140%26transaction_id%3D1024897a8bdc5fe1256c19b9aa0b49&rl=&if=false&ts=1723232258405&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723232258401.485183177299919819&eid=ob3_plugin-set_048d6a43f18f5a3eced32b0a8f16fd291883c5657b851ac7cb65b85f96dd8313&cs_est=true&ler=empty&cdl=API_unavailable&it=1723232257607&coo=false&rqm=GET
Requested by
Host: rdp.rundot.com
URL: https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&utm_content=V2-r4854-p142417-c1140&transaction_id=1024897a8bdc5fe1256c19b9aa0b49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://rdp.rundot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 09 Aug 2024 19:37:38 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=333918373446957&ev=PageView&dl=https%3A%2F%2Frdp.rundot.com%2Frdpwp%2F%3Futm_source%3Dwellput%26utm_medium%3Demail%26utm_campaign%3Dadvance_industries%26utm_content%3DV2-r4854-p142417-c1140%26transaction_id%3D1024897a8bdc5fe1256c19b9aa0b49&rl=&if=false&ts=1723232258405&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723232258401.485183177299919819&eid=ob3_plugin-set_048d6a43f18f5a3eced32b0a8f16fd291883c5657b851ac7cb65b85f96dd8313&cs_est=true&ler=empty&cdl=API_unavailable&it=1723232257607&coo=false&rqm=FGET
Requested by
Host: rdp.rundot.com
URL: https://rdp.rundot.com/rdpwp/?utm_source=wellput&utm_medium=email&utm_campaign=advance_industries&utm_content=V2-r4854-p142417-c1140&transaction_id=1024897a8bdc5fe1256c19b9aa0b49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://rdp.rundot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Fri, 09 Aug 2024 19:37:38 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401226192038979021", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=118, rtx=0, c=10, mss=1297, tbw=3099, tp=-1, tpl=-1, uplat=69, ullat=0
pragma
no-cache
x-fb-debug
gg54D18cKj5tuOHi5hkz1PSelkRscwpuRuflOdYtUvcuKKILmQmr4oaicfszt7I324WIV5CBBiAnFN1OalkLYg==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401226192038979021"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,237,225,510,4,544,861,862,2746,2746
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rdp.rundot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 09 Aug 2024 19:37:38 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
162.245.206.246
Content-Type
image/gif
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00sbiqg6tdpjg9t0g6l0
favicon.ico
static.leadpages.net/images/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
76da9be859d0d9cd9ffa30b9aa9d07a34164acba1ec512c61bd1b7854c1fab7b

Request headers

Referer
https://rdp.rundot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 19:37:33 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
5
etag
"-6uIpg"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
x-cloud-trace-context
34c66c7f6a8dc03b66ebf7fb9c336653
cache-control
public, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2594
expires
Fri, 09 Aug 2024 19:42:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
h.tridot.com
URL
https://h.tridot.com/v1/lst/universal-script?ph=d9a7abad27048bd2b87d716829d0d1d7c6d2b8b056423b525bd564289b6d2f1d&tag=!clicked

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| LeadPagesCenterObject function| center object| head object| script function| fbq function| _fbq object| tdl object| sup object| regeneratorRuntime

9 Cookies

Domain/Path Name / Value
.fb.tridot.com/events/bd109ead027c86cb7ff114610eeb20ef238bab41b3559f1a552c5bc98914314a Name: cee
Value: E3%2FNatQojyPcsgqlE2auAvVEyH6xhnLP6NExCBgFDWc%3D.%7B%7D
.api.leadpages.io/analytics/v1/events/capture Name: view.9g77qRVsfJRAmdMgCELEQC.YqJJ7tPEukXjrEaKmXNSiR
Value: 1723232258000
.beehiiv.com/ Name: __cf_bm
Value: pgSjwoVsP0ewAKYmuyIMP4ZmFM8Cq_t6DRK0yzq_bic-1723232255-1.0.1.1-RsRdgGsGZQIeZPAUE6N760y6L4mQOyhHqAmYkismmWkJGOjuGjjUQLjbVmbbrNvglSXra6BLmSOceP_YakfsGw
.clkmg.com/ Name: vid
Value: 1058563417
wellput.go2cloud.org/ Name: enc_aff_session_103
Value: ENC03e7e41bee714c603c7de9f3bf3288635b47587ea2ec37e6daaa8adcb23aa0db18919c6842a408c2fe366d9496e286f1ffa85499c01e88326921e23a7c1179519d7c85373e339b3de40acfdb6717a548549327df0a7126fd3cafa72c3e69930a71170e930d0fcb140b649904e4c1ae58b012f218e638c32e1faf60cb73995a2751b9f9aa5edce0082a9bd3e91ae52b0332e2f60e5539fd5608327cb8c69285c835084c0b91
wellput.go2cloud.org/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjciLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.rundot.com/ Name: tunesdktest
Value: test
.rundot.com/ Name: tdl_default
Value: 1024897a8bdc5fe1256c19b9aa0b49
.rundot.com/ Name: _fbp
Value: fb.1.1723232258401.485183177299919819

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
connect.facebook.net
fb.tridot.com
fonts.googleapis.com
fonts.gstatic.com
h.tridot.com
js.center.io
js.go2sdk.com
lh3.googleusercontent.com
link.mail.beehiiv.com
rdp.rundot.com
static.leadpages.net
wellput.go2cloud.org
www.clkmg.com
www.facebook.com
h.tridot.com
13.226.34.40
2001:4860:4802:34::15
2001:4860:4802:38::15
2600:1f13:c4e:b002:f771:ac77:92b9:f7d9
2606:4700::6812:4528
2607:f8b0:400d:c00::5e
2607:f8b0:400d:c0e::84
2607:f8b0:400d:c0f::5f
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
34.107.203.240
35.192.151.63
35.202.21.90
44.225.133.216
52.205.36.237
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
1ad233c048ae90e5df9762116743bed35babaaaa1cf3bdc169748e7c1200e339
2b1bc92a9452ec27521d7acaaf249baca2351c42c39e0fbd23e0f5257c3b31ae
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
688ea52c7291b980af811cab2dfc8af5ebb15a01555ddc0f3f312db77b059b74
699f6a2989460a88f095046416343b9e90c10ab5b0a07a3d7bac8e2fe5370e3f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7450ff997c60ff8113664c1934f474193ecaf0f1057499f04e0799a877873f56
76da9be859d0d9cd9ffa30b9aa9d07a34164acba1ec512c61bd1b7854c1fab7b
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855