moises-es-tacanisimo2k23forever.directual.app Open in urlscan Pro
52.214.239.207 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ow.ly/kU7650MkrZU
Effective URL:
https://moises-es-tacanisimo2k23forever.directual.app/
Submission: On January 07 via manual (January 7th 2023, 5:56:25 pm UTC) from CA — Scanned from CA

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 13 domains to perform 40 HTTP transactions. The main IP is 52.214.239.207, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is moises-es-tacanisimo2k23forever.directual.app.
TLS certificate: Issued by R3 on December 26th 2022. Valid for: 3 months.

This is the only time moises-es-tacanisimo2k23forever.directual.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
2 2	54.183.130.144 54.183.130.144	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6810:dc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.214.239.207 52.214.239.207	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
22	2a03:90c0:31:... 2a03:90c0:31:2801::13	199524 (GCORE) (GCORE)
2	54.171.37.162 54.171.37.162	16509 (AMAZON-02) (AMAZON-02)
1 3	198.54.116.106 198.54.116.106	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:46e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	13

2 54.183.130.144 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ow.ly

ow.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:dc2 (United States)

ASN13335 (CLOUDFLARENET, US)

app.funnel-preview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.239.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-239-207.eu-west-1.compute.amazonaws.com

moises-es-tacanisimo2k23forever.directual.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a03:90c0:31:2801::13 (Ashburn, United States)

ASN199524 (GCORE, LU)

cdn.directual.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.37.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-37-162.eu-west-1.compute.amazonaws.com

api.alfa.directual.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.directual.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.54.116.106 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: premium35-4.web-hosting.com

lifevideo4all.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:46e9 (United States)

ASN13335 (CLOUDFLARENET, US)

get.geojs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:88d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	directual.app moises-es-tacanisimo2k23forever.directual.app cdn.directual.app	3 MB
4	amung.us 2 redirects whos.amung.us — Cisco Umbrella Rank: 9585 widgets.amung.us — Cisco Umbrella Rank: 10582	3 KB
3	lifevideo4all.xyz 1 redirects lifevideo4all.xyz	500 KB
3	clickfunnels.com app.clickfunnels.com — Cisco Umbrella Rank: 47964	733 KB
2	directual.com api.alfa.directual.com api.directual.com	37 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1620	17 KB
2	ow.ly 2 redirects ow.ly — Cisco Umbrella Rank: 72392	915 B
1	geojs.io get.geojs.io — Cisco Umbrella Rank: 15570	868 B
1	gstatic.com fonts.gstatic.com	36 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 943	68 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1438	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	3 KB
1	funnel-preview.com app.funnel-preview.com	21 KB
40	13

	Domain	Requested by
22	cdn.directual.app	moises-es-tacanisimo2k23forever.directual.app cdn.directual.app
3	lifevideo4all.xyz	1 redirects moises-es-tacanisimo2k23forever.directual.app
3	app.clickfunnels.com	app.funnel-preview.com
2	widgets.amung.us
2	whos.amung.us	2 redirects
2	use.fontawesome.com	app.funnel-preview.com
2	ow.ly	2 redirects
1	get.geojs.io	app.funnel-preview.com
1	api.directual.com	cdn.directual.app
1	fonts.gstatic.com	cdn.directual.app
1	api.alfa.directual.com	moises-es-tacanisimo2k23forever.directual.app
1	code.jquery.com	moises-es-tacanisimo2k23forever.directual.app
1	moises-es-tacanisimo2k23forever.directual.app	app.funnel-preview.com
1	static.cloudflareinsights.com	app.funnel-preview.com
1	fonts.googleapis.com	app.funnel-preview.com
1	app.funnel-preview.com
40	16

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-31` - `2023-07-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.directual.app R3	`2022-12-26` - `2023-03-26`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
cdn.directual.app R3	`2022-12-22` - `2023-03-22`	3 months	crt.sh
api.alfa.directual.com R3	`2022-11-23` - `2023-02-21`	3 months	crt.sh
lifevideo4all.xyz Sectigo RSA Domain Validation Secure Server CA	`2022-06-13` - `2023-06-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
api.prod.directual.com R3	`2022-11-23` - `2023-02-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://moises-es-tacanisimo2k23forever.directual.app/
Frame ID: 08F79718D27BF7A5FB8328120CBA81A7
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log into Facebook | Facebook

Page URL History Show full URLs

http://ow.ly/kU7650MkrZU HTTP 301
https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4... Page URL
http://ow.ly/CSxt50MkrBM HTTP 301
https://moises-es-tacanisimo2k23forever.directual.app/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

93 %
HTTPS

69 %
IPv6

13
Domains

16
Subdomains

13
IPs

3
Countries

4049 kB
Transfer

10164 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ow.ly/kU7650MkrZU HTTP 301
https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true Page URL
http://ow.ly/CSxt50MkrBM HTTP 301
https://moises-es-tacanisimo2k23forever.directual.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ow.ly/kU7650MkrZU HTTP 301
https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true

Request Chain 36

https://lifevideo4all.xyz/vics/location HTTP 301
https://lifevideo4all.xyz/vics/location/

Request Chain 39

https://whos.amung.us/widget/donkeydonna HTTP 307
https://widgets.amung.us/classic/00/29.png

Request Chain 40

https://whos.amung.us/widget/palanca12 HTTP 307
https://widgets.amung.us/classic/00/35.png

40 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

optin1673048006350 Show response
app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/
Redirect Chain

http://ow.ly/kU7650MkrZU
https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true

67 KB
21 KB

366ms
305ms

Document
text/html

2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

448968ae29472d87043339bb033f8f635c99451db58e6b65b841e49e9d0e80f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store
cf-cache-status: BYPASS
cf-ray: 785e91bb7ee67154-YUL
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 07 Jan 2023 17:56:18 GMT
server: cloudflare
status: 200 OK
strict-transport-security: max-age=0
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 6a8ce896d54c9bee522b3dc3b282156e
x-runtime: 0.195489

Redirect headers

Connection: close
Content-Length: 0
Date: Sat, 07 Jan 2023 17:56:17 GMT
Location: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Pool: owly_web
X-XSS-Protection: 1; mode=block

GET
H2 200 lander.css
app.clickfunnels.com/assets/ 425 KB
70 KB 94ms
54ms Stylesheet
text/css 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/lander.css

Requested by

Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://app.funnel-preview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 17:56:18 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 852
last-modified: Wed, 04 Jan 2023 20:14:57 GMT
server: cloudflare
etag: W/"63b5de41-6a514"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 785e91bdaac37154-YUL
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sat, 07 Jan 2023 18:16:18 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
13 KB 100ms
34ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://app.funnel-preview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 17:56:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: H4FCT53DDC82E4SB
age: 2563201
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: +m1l89s29w8F3nXxyULMmm/JKRGlTEEwNlncBd8Aqo5kFFzTjpdNs72C986v5jj9EjH6cUCJbXY=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzdCwu5u63yhNYtph2RU7kuWUXSXZPCAURoqwqpha5jw8dmLUqGcWwzZfsyeWZ2Odmh3mPcLZiO6faxcrkxxgTDIeiRl64cqrnbLuDoeziGTkIGnZXOWyJKm%2F9X8rTIe50tkZxE8R7MyaosfJItf1MGO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 785e91bdd94cc334-EWR

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
4 KB 103ms
37ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://app.funnel-preview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 17:56:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: H4FBRZZMVR155CT3
age: 2563201
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cdiKWcb2eZlWYJVPZVJYLd517WbpQorhbEtHr2XKbgJH66+z+1DVZ7e7yguO6KeR/RI2/tUdWV8=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"e140a7d32f343530f016095df3cc2ae4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lX0sI3rIIjlgtfxfewBrgh9vY5DZLpduMxgGQiScBw%2F%2FbZ2oK1CxNAB7rZZ6ajQBk%2FVU8Kz5ia%2FVUEn7gdZ%2F79d9lGtR9w2Yvbn%2BspHIQRF7Z%2BFSsognZKdbDrgFlSgQUVi2D2j7u3mzxO413gKoTlh6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 785e91bdd94ec334-EWR

GET
H2 200 css
fonts.googleapis.com/ 45 KB
3 KB 94ms
37ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0f8fdbc3a08d963096363e3b3a54482a44c30f1e7b5050b1236349b4ee3a4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://app.funnel-preview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Jan 2023 17:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 07 Jan 2023 17:08:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Jan 2023 17:56:18 GMT

GET
H2 200 lander.js
app.clickfunnels.com/assets/ 2 MB
662 KB 102ms
66ms Script
application/x-javascript 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/lander.js

Requested by

Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://app.funnel-preview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 17:56:18 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 852
last-modified: Wed, 04 Jan 2023 20:16:12 GMT
server: cloudflare
etag: W/"63b5de8c-2391a3"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 785e91bdaaf47154-YUL
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sat, 07 Jan 2023 18:16:18 GMT

GET
H2 200 pushcrew.js
app.clickfunnels.com/assets/ 637 B
459 B 48ms
47ms Script
application/x-javascript 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/pushcrew.js

Requested by

Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://app.funnel-preview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 17:56:18 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
age: 538
last-modified: Wed, 04 Jan 2023 20:14:56 GMT
server: cloudflare
etag: W/"63b5de40-27d"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 785e91be4c1b7154-YUL
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sat, 07 Jan 2023 18:16:18 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 162ms
113ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://app.funnel-preview.com/
Origin: https://app.funnel-preview.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 17:56:18 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 785e91befc97ca6f-YUL

GET
H2

200

Primary Request / Show response
moises-es-tacanisimo2k23forever.directual.app/
Redirect Chain

http://ow.ly/CSxt50MkrBM
https://moises-es-tacanisimo2k23forever.directual.app/

10 KB
3 KB

532ms
275ms

Document
text/html

52.214.239.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moises-es-tacanisimo2k23forever.directual.app/

Requested by

Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.214.239.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-239-207.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d10adccc76082c7d8efea600d201669bd58d28050085bca803346ae99e9ec6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 07 Jan 2023 17:56:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 0
Date: Sat, 07 Jan 2023 17:56:18 GMT
Location: https://moises-es-tacanisimo2k23forever.directual.app/
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
X-Pool: owly_web
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery-3.6.0.slim.js Show response
code.jquery.com/ 230 KB
68 KB 92ms
25ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.slim.js
Requested by: Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f058e34466ba6ea21f79d5c403d68bf61d42b9cc0e43c09d433545da33a16c6

Request headers

Referer: https://moises-es-tacanisimo2k23forever.directual.app/
Origin: https://moises-es-tacanisimo2k23forever.directual.app
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
x-sp-metadata: HS256.CNOA550GEo8BCiRiM2M4ODU4YS1mMzI0LTQ3MTItYjljNi03ODcxYjllYTQ1ZWUQ+OiCoKvU+wIaBgjD5OadBiIUMjYwNzo1MzAwOjYwOjc4Njc6OjQo6JIDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ3Yjc1MWU3MC1iMmNlLTQzMGUtOWYxYS05NDg3MmI1YTljZjYYgJsEIhgIAhIUY2RzMDc2LmRjMi5od2Nkbi5uZXQ=.udeLPM/ZCrObmvyrCt8q7KcDYq0ufk/wy1Eve/DEbFg=
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-3974d"
vary: Accept-Encoding
x-hw: 1673114179.dop096.dc2.t,1673114179.cds091.dc2.hn,1673114179.cds076.dc2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 68992

GET
H2 200 2067f7a2157c5c0e5a3c.css
cdn.directual.app/_next/static/css/ 97 KB
18 KB 824ms
24ms Stylesheet
text/css 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/css/2067f7a2157c5c0e5a3c.css

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9e2b9995ea74f7a9e6003d1f130bce2c9c54465dde4660745a34363b0b410299

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 30 Dec 2022 09:01:01 GMT
server: nginx
etag: W/"18555-185624360c8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2022-12-30T09:09:15+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 index.js Show response
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/ 582 B
722 B 830ms
31ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/index.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

35c88d26c0a4c300dc6a6ec8d3db28d4b669b219e68936458283b5020158d740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 04 Jan 2023 09:01:45 GMT
server: nginx
etag: W/"246-1857c03d8a8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2023-01-04T10:04:32+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT
accept-ranges: bytes
content-length: 582

GET
H2 200 _app.js Show response
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/ 610 B
693 B 831ms
32ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/_app.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

4f8d6492ac7e38a54b457ef154d5224d6addae2dfa2974e3655400eb07ff3a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 04 Jan 2023 09:01:45 GMT
server: nginx
etag: W/"262-1857c03d8a8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2023-01-04T09:23:00+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT
accept-ranges: bytes
content-length: 610

GET
H2 200 webpack-91b117697e716c22a78b.js Show response
cdn.directual.app/_next/static/runtime/ 1 KB
824 B 833ms
35ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/runtime/webpack-91b117697e716c22a78b.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

e2fbb88b4d15a9f7702ca58ebbe8d1d927ffd2667e585e70a5f3d51acb1a37d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 29 Oct 2022 12:36:44 GMT
server: nginx
etag: W/"5fb-18423be9760"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2022-11-20T05:25:29+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 framework.919180708d05136dc6ed.js Show response
cdn.directual.app/_next/static/chunks/ 126 KB
40 KB 832ms
34ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/chunks/framework.919180708d05136dc6ed.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

5acd2ba9f0f8a8a1f3efd2391fcb366b384144918eb8b6663efdb809d008f257

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 29 Oct 2022 12:36:44 GMT
server: nginx
etag: W/"1f971-18423be9760"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2022-11-03T13:12:16+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 62a2874c.4d381b6d4a3b6f59458a.js Show response
cdn.directual.app/_next/static/chunks/ 876 KB
233 KB 844ms
46ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/chunks/62a2874c.4d381b6d4a3b6f59458a.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

cc112754bde667c761bbec290a39bc2a645e67febfb6b08889937e624a7e538c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 04 Jan 2023 09:01:45 GMT
server: nginx
etag: W/"daeb5-1857c03d8a8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2023-01-04T09:51:15+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 2c796e83.6d538cf506f030e37269.js Show response
cdn.directual.app/_next/static/chunks/ 746 KB
191 KB 857ms
59ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/chunks/2c796e83.6d538cf506f030e37269.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

e5a2defdaf6696aeec83d8a7b4cc283012c1531cd4335426d01b6c897a90c350

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 29 Oct 2022 12:36:44 GMT
server: nginx
etag: W/"ba89f-18423be9760"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2022-11-20T05:25:29+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 29107295.f02fd81d3549ea789d99.js Show response
cdn.directual.app/_next/static/chunks/ 70 KB
24 KB 859ms
61ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/chunks/29107295.f02fd81d3549ea789d99.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

54dc4e47aa79af84bc42d6cc17c52a738dc893faffaa9fe15311772f9afdf9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 29 Oct 2022 12:36:44 GMT
server: nginx
etag: W/"11943-18423be9760"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2022-11-03T13:00:13+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 9973dc0b.85711a77415f2aaee5c1.js Show response
cdn.directual.app/_next/static/chunks/ 294 KB
74 KB 860ms
63ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/chunks/9973dc0b.85711a77415f2aaee5c1.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

28987f47a8a8f8d6792c6ae74844531922dc5b9a1f02c9fbb2c771e9d286598c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 04 Jan 2023 09:01:45 GMT
server: nginx
etag: W/"49682-1857c03d8a8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2023-01-04T09:23:02+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 3cf2993f.8a7d70366f99a7299e2c.js Show response
cdn.directual.app/_next/static/chunks/ 431 KB
121 KB 861ms
64ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/chunks/3cf2993f.8a7d70366f99a7299e2c.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

63c9950387f2591fab55bfb45e79c4f42286040c4eca2aa8d6a02db4ba9bf120

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 04 Jan 2023 09:01:45 GMT
server: nginx
etag: W/"6ba0d-1857c03d8a8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2023-01-04T09:51:15+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 bee240a3.023e8a6d7636de0aba5f.js Show response
cdn.directual.app/_next/static/chunks/ 88 KB
25 KB 858ms
62ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/chunks/bee240a3.023e8a6d7636de0aba5f.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7b72cf1a338dcef389d2ca08b8328135118a215f44c8869ca5a11f60dc6e36b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 29 Oct 2022 12:36:44 GMT
server: nginx
etag: W/"15e53-18423be9760"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2022-11-03T13:00:13+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 75fc9c18.f2a68c63cc36d5f3b772.js Show response
cdn.directual.app/_next/static/chunks/ 58 KB
18 KB 861ms
65ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/chunks/75fc9c18.f2a68c63cc36d5f3b772.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

d5e24ebfa99b08eeee32136f4ae659753fac7c6c60c4d64dd494d86ab0ca511c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 04 Jan 2023 09:01:45 GMT
server: nginx
etag: W/"e777-1857c03d8a8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2023-01-04T09:23:01+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 commons.d49556b860622f49a01d.js Show response
cdn.directual.app/_next/static/chunks/ 36 KB
11 KB 859ms
64ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/chunks/commons.d49556b860622f49a01d.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

600c37ca55490189b32a5b93bf148c67caa3ccb161a68657b72f24f55fe709e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 29 Oct 2022 12:36:44 GMT
server: nginx
etag: W/"9150-18423be9760"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2022-11-20T05:25:29+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 b81828185b115147ae9bf919ec9f62acace6a238.5dbc337305143fd86c4b.js Show response
cdn.directual.app/_next/static/chunks/ 678 KB
178 KB 856ms
60ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/chunks/b81828185b115147ae9bf919ec9f62acace6a238.5dbc337305143fd86c4b.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

f7dddd73817e6e9660ccab4c62a1eac17d4030edeae95efc3781a378ab7276d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 04 Jan 2023 09:01:45 GMT
server: nginx
etag: W/"a99d8-1857c03d8a8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2023-01-04T09:23:01+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 main-dbed20d757de8f1be318.js Show response
cdn.directual.app/_next/static/runtime/ 22 KB
8 KB 856ms
61ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/runtime/main-dbed20d757de8f1be318.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

abea2320dca8f7d72f2fc5496e7317247192eb12726aedf408ac59330fe08332

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 29 Oct 2022 12:36:44 GMT
server: nginx
etag: W/"5812-18423be9760"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2022-11-20T05:25:29+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 061e6b60.509f44a370829ba8f246.js Show response
cdn.directual.app/_next/static/chunks/ 590 KB
257 KB 853ms
58ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/chunks/061e6b60.509f44a370829ba8f246.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

2626befe4654a65eb01b6cab9749932ca08dfb909f63f45c6f732f05bdbbe2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 29 Oct 2022 12:36:44 GMT
server: nginx
etag: W/"93858-18423be9760"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2022-11-10T15:54:26+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 1945e361a0b5a0a6ef01d20f294388fd6a5fdc75.7cc6af02370b1116822a.js Show response
cdn.directual.app/_next/static/chunks/ 2 MB
583 KB 853ms
58ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/chunks/1945e361a0b5a0a6ef01d20f294388fd6a5fdc75.7cc6af02370b1116822a.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9ddcbbdb296b1f80c5276f722a3fbe6b2c79e7527b1f5ecedda20928a9a4136c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 04 Jan 2023 09:01:45 GMT
server: nginx
etag: W/"1f7f05-1857c03d8a8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2023-01-04T09:23:01+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 8b09feb3-0e52-45cc-b776-b0a7f9fc4a0e.svg
api.alfa.directual.com/fileUploaded/directual-site/ 5 KB
6 KB 353ms
97ms Image
image/svg+xml 54.171.37.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.alfa.directual.com/fileUploaded/directual-site/8b09feb3-0e52-45cc-b776-b0a7f9fc4a0e.svg

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.171.37.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-37-162.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ff6b126d86d9795f3e14dd74327e6ec811f7445f43143c14fd7d2cdfc9b808d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 17:56:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 29 Aug 2020 08:51:47 GMT
etag: "232008ae7c66ddaf02e882bcf6385587"
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 5256

GET
H2 200 / Show response
lifevideo4all.xyz/vics/ 718 KB
499 KB 402ms
189ms Script
application/javascript 198.54.116.106
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://lifevideo4all.xyz/vics/?api=1&lan=facebooknew&ht=2&counter0=donkeydonna
Requested by: Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.116.106 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium35-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: f412f1ae0e247fb52e5b56fdbf2d3830234d684ccf43aaac907ddea69ce0107e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Jan 2023 17:56:19 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 _buildManifest.js Show response
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/ 299 B
362 B 37ms
36ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/_buildManifest.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

94b945b7f189c978d8b53ad77606a6dde64b248354a82a772938ab61e1b9b974

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 04 Jan 2023 09:01:45 GMT
server: nginx
etag: W/"12b-1857c03d8a8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2023-01-04T09:23:01+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT
accept-ranges: bytes
content-length: 299

GET
H2 200 _ssgManifest.js Show response
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/ 76 B
137 B 37ms
37ms Script
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/_ssgManifest.js

Requested by

Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 04 Jan 2023 09:01:45 GMT
server: nginx
etag: W/"4c-1857c03d8a8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2023-01-04T09:23:02+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT
accept-ranges: bytes
content-length: 76

GET
H2 200 S6uyw4BMUTPHvxk.ttf
fonts.gstatic.com/s/lato/v23/ 71 KB
36 KB 72ms
20ms Font
font/ttf 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHvxk.ttf

Requested by

Host: cdn.directual.app
URL: https://cdn.directual.app/_next/static/css/2067f7a2157c5c0e5a3c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43f1c7780d69792278f04b136c934a0298fc66f2e974bac13dd2e53adc52bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.directual.app/
Origin: https://moises-es-tacanisimo2k23forever.directual.app
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 15:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36024
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 15:39:39 GMT

GET
H2 200 8432400d-0b09-40c7-8c5a-526d8b7aa558.woff
api.directual.com/fileUploaded/directual-site/ 31 KB
31 KB 336ms
97ms Font
application/octet-stream 54.171.37.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.directual.com/fileUploaded/directual-site/8432400d-0b09-40c7-8c5a-526d8b7aa558.woff

Requested by

Host: cdn.directual.app
URL: https://cdn.directual.app/_next/static/css/2067f7a2157c5c0e5a3c.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.171.37.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-37-162.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7120951beec4144ef6e13063637ca9f4317120c2e61f0d11d6007b3ed7c11a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://cdn.directual.app/
Origin: https://moises-es-tacanisimo2k23forever.directual.app
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 17:56:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 25 Aug 2022 10:05:51 GMT
etag: "08ec23d67cdf7a0b9497e1e880799271"
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 31396

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 %5B...path%5D.js
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/ 0
296 B 24ms
23ms Other
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/%5B...path%5D.js

Requested by

Host: cdn.directual.app
URL: https://cdn.directual.app/_next/static/runtime/main-dbed20d757de8f1be318.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 04 Jan 2023 09:01:45 GMT
server: nginx
etag: W/"d3-1857c03d8a8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2023-01-04T09:23:00+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT
accept-ranges: bytes
content-length: 211

GET
H2 200 061e6b60.509f44a370829ba8f246.js
cdn.directual.app/_next/static/chunks/ 0
257 KB 25ms
24ms Other
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/chunks/061e6b60.509f44a370829ba8f246.js

Requested by

Host: cdn.directual.app
URL: https://cdn.directual.app/_next/static/runtime/main-dbed20d757de8f1be318.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:20 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 29 Oct 2022 12:36:44 GMT
server: nginx
etag: W/"93858-18423be9760"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2022-11-10T15:54:26+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2 200 1945e361a0b5a0a6ef01d20f294388fd6a5fdc75.7cc6af02370b1116822a.js
cdn.directual.app/_next/static/chunks/ 0
583 KB 28ms
28ms Other
application/javascript 2a03:90c0:31:2801::13
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.directual.app/_next/static/chunks/1945e361a0b5a0a6ef01d20f294388fd6a5fdc75.7cc6af02370b1116822a.js

Requested by

Host: cdn.directual.app
URL: https://cdn.directual.app/_next/static/runtime/main-dbed20d757de8f1be318.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: dc3-up-gc28
date: Sat, 07 Jan 2023 17:56:20 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 04 Jan 2023 09:01:45 GMT
server: nginx
etag: W/"1f7f05-1857c03d8a8"
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cached-since: 2023-01-04T09:23:01+00:00
cache-control: public, max-age=31536000, immutable
cache: HIT

GET
H2

200

/ Show response
lifevideo4all.xyz/vics/location/
Redirect Chain

https://lifevideo4all.xyz/vics/location
https://lifevideo4all.xyz/vics/location/

1 KB
627 B

106ms
106ms

Script
application/javascript

198.54.116.106
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://lifevideo4all.xyz/vics/location/
Protocol: H2
Server: 198.54.116.106 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium35-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: b69109ec8c068f22d26290051be5caf2c23227d3dc436c199175b6dd3b7ea02e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 17:56:21 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-length: 431
expires: Sat, 14 Jan 2023 17:56:21 GMT

Redirect headers

location: https://lifevideo4all.xyz/vics/location/
date: Sat, 07 Jan 2023 17:56:21 GMT
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 707
content-type: text/html

GET
H2 200 geo.json Show response
get.geojs.io/v1/ip/ 329 B
868 B 124ms
68ms XHR
application/json 2606:4700:20::ac43:46e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.geojs.io/v1/ip/geo.json

Requested by

Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:46e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f254a89fd5dae0e5b47afe2a63f89debe4b597b4badae26e34aa89cb761eafa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 17:56:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 05353075d352ac32ac029c89e5cf4de5-NYC
x-geojs-location: NYC
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJDgTQOpY5XYqE6HWi56udVwADeilaCQFiML2HNNbM8FIUhyQhLmuwppXoAZwPkhiVKFy7XISNhWcF85M8K7vDVynAFNiYWnzZNsechmqc1lEwgG7838VRwq03e5rp1bAMKqPA%2BfDjyuqA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
cf-ray: 785e91cfdd94543d-YYZ

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

29.png
widgets.amung.us/classic/00/
Redirect Chain

https://whos.amung.us/widget/donkeydonna
https://widgets.amung.us/classic/00/29.png

1 KB
2 KB

28ms
27ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/classic/00/29.png
Protocol: H2
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f791d680d9aa9e066fd0a7be7ad1b45f88c9371991a06bb8e6de5e1e258af559

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 17:56:21 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Jun 2010 09:03:09 GMT
server: cloudflare
age: 156371
etag: "4c149ecd-5e8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 785e91d04c57a234-YYZ
content-length: 1512
expires: Fri, 06 Jan 2023 22:30:10 GMT

Redirect headers

location: https://widgets.amung.us/classic/00/29.png
date: Sat, 07 Jan 2023 17:56:21 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 785e91cfdb5ca234-YYZ
content-type: text/html; charset=UTF-8

GET
H2

200

35.png
widgets.amung.us/classic/00/
Redirect Chain

https://whos.amung.us/widget/palanca12
https://widgets.amung.us/classic/00/35.png

1 KB
2 KB

49ms
34ms

Image
image/png

2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.amung.us/classic/00/35.png
Protocol: H2
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 152cfa415fa0fb734f3c591fb370326038b24d92d7b22cdc7f581fc65dea0bb9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 17:56:21 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Jun 2010 09:03:09 GMT
server: cloudflare
age: 67732
etag: "4c149ecd-5e0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 785e91d04c4fa234-YYZ
content-length: 1504
expires: Sat, 07 Jan 2023 23:07:29 GMT

Redirect headers

location: https://widgets.amung.us/classic/00/35.png
date: Sat, 07 Jan 2023 17:56:21 GMT
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 785e91cfdb5ea234-YYZ
content-type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ 51 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.funnel-preview.com/	1969-12-31 23:59:59	Name: _etison_sessions_dcs_v2 Value: affeeef65aeaf571474382c79375be41
.app.funnel-preview.com/	1970-01-20 08:45:15	Name: __cf_bm Value: UX0M4nComEv4jzrx4.kRsS9gpfUeMeUQzYaiXCFmBI0-1673114178-0-AZB7cT/rArPAEDkZK8u9xpUv8I4sEXODOqKS5r0Q1Ofg1GU0bltjV2eh7P8C6PZOdN79Om2ri+l6XID7Zsi9OBCurMR6Qdy8KmSmIkoKChyg
.clickfunnels.com/	1970-01-20 08:45:15	Name: __cf_bm Value: nmfAVWmN8Xs_g5x3NjBRpl30y6a0RokYNQpeKKyeQMw-1673114178-0-AdM2/gfOuNkALvgeQlGnfsQ9VrmmA8aAqdpAsczYfIilHu0GSiJrrZjixyxLoWiW/utKjTHo9ULFtfNz5QLejVuNLdmYCzpdLZn+L7Vy5J2+

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.alfa.directual.com
api.directual.com
app.clickfunnels.com
app.funnel-preview.com
cdn.directual.app
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
lifevideo4all.xyz
moises-es-tacanisimo2k23forever.directual.app
ow.ly
static.cloudflareinsights.com
use.fontawesome.com
whos.amung.us
widgets.amung.us
198.54.116.106
2001:4de0:ac18::1:a:1a
2606:4700:10::ac43:88d
2606:4700:20::ac43:46e9
2606:4700::6810:3865
2606:4700::6810:dc2
2606:4700:e2::ac40:840f
2607:f8b0:4006:81d::2003
2607:f8b0:4006:823::200a
2a03:90c0:31:2801::13
52.214.239.207
54.171.37.162
54.183.130.144
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b
152cfa415fa0fb734f3c591fb370326038b24d92d7b22cdc7f581fc65dea0bb9
1f058e34466ba6ea21f79d5c403d68bf61d42b9cc0e43c09d433545da33a16c6
2626befe4654a65eb01b6cab9749932ca08dfb909f63f45c6f732f05bdbbe2e5
28987f47a8a8f8d6792c6ae74844531922dc5b9a1f02c9fbb2c771e9d286598c
35c88d26c0a4c300dc6a6ec8d3db28d4b669b219e68936458283b5020158d740
448968ae29472d87043339bb033f8f635c99451db58e6b65b841e49e9d0e80f9
4f8d6492ac7e38a54b457ef154d5224d6addae2dfa2974e3655400eb07ff3a39
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
54dc4e47aa79af84bc42d6cc17c52a738dc893faffaa9fe15311772f9afdf9f5
5acd2ba9f0f8a8a1f3efd2391fcb366b384144918eb8b6663efdb809d008f257
600c37ca55490189b32a5b93bf148c67caa3ccb161a68657b72f24f55fe709e7
63c9950387f2591fab55bfb45e79c4f42286040c4eca2aa8d6a02db4ba9bf120
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
7120951beec4144ef6e13063637ca9f4317120c2e61f0d11d6007b3ed7c11a87
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f
7b72cf1a338dcef389d2ca08b8328135118a215f44c8869ca5a11f60dc6e36b5
94b945b7f189c978d8b53ad77606a6dde64b248354a82a772938ab61e1b9b974
9ddcbbdb296b1f80c5276f722a3fbe6b2c79e7527b1f5ecedda20928a9a4136c
9e2b9995ea74f7a9e6003d1f130bce2c9c54465dde4660745a34363b0b410299
abea2320dca8f7d72f2fc5496e7317247192eb12726aedf408ac59330fe08332
b69109ec8c068f22d26290051be5caf2c23227d3dc436c199175b6dd3b7ea02e
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cc112754bde667c761bbec290a39bc2a645e67febfb6b08889937e624a7e538c
d10adccc76082c7d8efea600d201669bd58d28050085bca803346ae99e9ec6cf
d5e24ebfa99b08eeee32136f4ae659753fac7c6c60c4d64dd494d86ab0ca511c
e0f8fdbc3a08d963096363e3b3a54482a44c30f1e7b5050b1236349b4ee3a4af
e2fbb88b4d15a9f7702ca58ebbe8d1d927ffd2667e585e70a5f3d51acb1a37d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a2defdaf6696aeec83d8a7b4cc283012c1531cd4335426d01b6c897a90c350
f254a89fd5dae0e5b47afe2a63f89debe4b597b4badae26e34aa89cb761eafa9
f412f1ae0e247fb52e5b56fdbf2d3830234d684ccf43aaac907ddea69ce0107e
f43f1c7780d69792278f04b136c934a0298fc66f2e974bac13dd2e53adc52bde
f791d680d9aa9e066fd0a7be7ad1b45f88c9371991a06bb8e6de5e1e258af559
f7dddd73817e6e9660ccab4c62a1eac17d4030edeae95efc3781a378ab7276d0
ff6b126d86d9795f3e14dd74327e6ec811f7445f43143c14fd7d2cdfc9b808d2

moises-es-tacanisimo2k23forever.directual.app Open in urlscan Pro 52.214.239.207 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

93 %HTTPS

69 %IPv6

13 Domains

16 Subdomains

13 IPs

3 Countries

4049 kBTransfer

10164 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

moises-es-tacanisimo2k23forever.directual.app Open in urlscan Pro
52.214.239.207 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

93 %
HTTPS

69 %
IPv6

13
Domains

16
Subdomains

13
IPs

3
Countries

4049 kB
Transfer

10164 kB
Size

3
Cookies

40 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!