moises-es-tacanisimo2k23forever.directual.app Open in urlscan Pro
52.214.239.207  Malicious Activity! Public Scan

Submitted URL: http://ow.ly/kU7650MkrZU
Effective URL: https://moises-es-tacanisimo2k23forever.directual.app/
Submission: On January 07 via manual from CA — Scanned from CA

Summary

This website contacted 13 IPs in 3 countries across 13 domains to perform 40 HTTP transactions. The main IP is 52.214.239.207, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is moises-es-tacanisimo2k23forever.directual.app.
TLS certificate: Issued by R3 on December 26th 2022. Valid for: 3 months.
This is the only time moises-es-tacanisimo2k23forever.directual.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
2 2 54.183.130.144 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.214.239.207 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
22 2a03:90c0:31:... 199524 (GCORE)
2 54.171.37.162 16509 (AMAZON-02)
1 3 198.54.116.106 22612 (NAMECHEAP...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 4 2606:4700:10:... 13335 (CLOUDFLAR...)
40 13
Apex Domain
Subdomains
Transfer
23 directual.app
moises-es-tacanisimo2k23forever.directual.app
cdn.directual.app
3 MB
4 amung.us
whos.amung.us — Cisco Umbrella Rank: 9585
widgets.amung.us — Cisco Umbrella Rank: 10582
3 KB
3 lifevideo4all.xyz
lifevideo4all.xyz
500 KB
3 clickfunnels.com
app.clickfunnels.com — Cisco Umbrella Rank: 47964
733 KB
2 directual.com
api.alfa.directual.com
api.directual.com
37 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1620
17 KB
2 ow.ly
ow.ly — Cisco Umbrella Rank: 72392
915 B
1 geojs.io
get.geojs.io — Cisco Umbrella Rank: 15570
868 B
1 gstatic.com
fonts.gstatic.com
36 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 943
68 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1438
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
3 KB
1 funnel-preview.com
app.funnel-preview.com
21 KB
40 13
Domain Requested by
22 cdn.directual.app moises-es-tacanisimo2k23forever.directual.app
cdn.directual.app
3 lifevideo4all.xyz 1 redirects moises-es-tacanisimo2k23forever.directual.app
3 app.clickfunnels.com app.funnel-preview.com
2 widgets.amung.us
2 whos.amung.us 2 redirects
2 use.fontawesome.com app.funnel-preview.com
2 ow.ly 2 redirects
1 get.geojs.io app.funnel-preview.com
1 api.directual.com cdn.directual.app
1 fonts.gstatic.com cdn.directual.app
1 api.alfa.directual.com moises-es-tacanisimo2k23forever.directual.app
1 code.jquery.com moises-es-tacanisimo2k23forever.directual.app
1 moises-es-tacanisimo2k23forever.directual.app app.funnel-preview.com
1 static.cloudflareinsights.com app.funnel-preview.com
1 fonts.googleapis.com app.funnel-preview.com
1 app.funnel-preview.com
40 16

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-07-31 -
2023-07-31
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.directual.app
R3
2022-12-26 -
2023-03-26
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
cdn.directual.app
R3
2022-12-22 -
2023-03-22
3 months crt.sh
api.alfa.directual.com
R3
2022-11-23 -
2023-02-21
3 months crt.sh
lifevideo4all.xyz
Sectigo RSA Domain Validation Secure Server CA
2022-06-13 -
2023-06-13
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
api.prod.directual.com
R3
2022-11-23 -
2023-02-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://moises-es-tacanisimo2k23forever.directual.app/
Frame ID: 08F79718D27BF7A5FB8328120CBA81A7
Requests: 43 HTTP requests in this frame

Screenshot

Page Title

Log into Facebook | Facebook

Page URL History Show full URLs

  1. http://ow.ly/kU7650MkrZU HTTP 301
    https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4... Page URL
  2. http://ow.ly/CSxt50MkrBM HTTP 301
    https://moises-es-tacanisimo2k23forever.directual.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

93 %
HTTPS

69 %
IPv6

13
Domains

16
Subdomains

13
IPs

3
Countries

4049 kB
Transfer

10164 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ow.ly/kU7650MkrZU HTTP 301
    https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true Page URL
  2. http://ow.ly/CSxt50MkrBM HTTP 301
    https://moises-es-tacanisimo2k23forever.directual.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ow.ly/kU7650MkrZU HTTP 301
  • https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Request Chain 36
  • https://lifevideo4all.xyz/vics/location HTTP 301
  • https://lifevideo4all.xyz/vics/location/
Request Chain 39
  • https://whos.amung.us/widget/donkeydonna HTTP 307
  • https://widgets.amung.us/classic/00/29.png
Request Chain 40
  • https://whos.amung.us/widget/palanca12 HTTP 307
  • https://widgets.amung.us/classic/00/35.png

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
optin1673048006350
app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/
Redirect Chain
  • http://ow.ly/kU7650MkrZU
  • https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
67 KB
21 KB
Document
General
Full URL
https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash
448968ae29472d87043339bb033f8f635c99451db58e6b65b841e49e9d0e80f9
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store
cf-cache-status
BYPASS
cf-ray
785e91bb7ee67154-YUL
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 07 Jan 2023 17:56:18 GMT
server
cloudflare
status
200 OK
strict-transport-security
max-age=0
vary
Accept-Encoding
x-frame-options
ALLOWALL
x-powered-by
Phusion Passenger Enterprise 6.0.7
x-rack-cache
miss
x-request-id
6a8ce896d54c9bee522b3dc3b282156e
x-runtime
0.195489

Redirect headers

Connection
close
Content-Length
0
Date
Sat, 07 Jan 2023 17:56:17 GMT
Location
https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
master-only
X-Pool
owly_web
X-XSS-Protection
1; mode=block
lander.css
app.clickfunnels.com/assets/
425 KB
70 KB
Stylesheet
General
Full URL
https://app.clickfunnels.com/assets/lander.css
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 17:56:18 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
age
852
last-modified
Wed, 04 Jan 2023 20:14:57 GMT
server
cloudflare
etag
W/"63b5de41-6a514"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
785e91bdaac37154-YUL
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 07 Jan 2023 18:16:18 GMT
all.css
use.fontawesome.com/releases/v5.9.0/css/
55 KB
13 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 17:56:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
H4FCT53DDC82E4SB
age
2563201
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
+m1l89s29w8F3nXxyULMmm/JKRGlTEEwNlncBd8Aqo5kFFzTjpdNs72C986v5jj9EjH6cUCJbXY=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzdCwu5u63yhNYtph2RU7kuWUXSXZPCAURoqwqpha5jw8dmLUqGcWwzZfsyeWZ2Odmh3mPcLZiO6faxcrkxxgTDIeiRl64cqrnbLuDoeziGTkIGnZXOWyJKm%2F9X8rTIe50tkZxE8R7MyaosfJItf1MGO"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
785e91bdd94cc334-EWR
v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/
26 KB
4 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 17:56:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
H4FBRZZMVR155CT3
age
2563201
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
cdiKWcb2eZlWYJVPZVJYLd517WbpQorhbEtHr2XKbgJH66+z+1DVZ7e7yguO6KeR/RI2/tUdWV8=
last-modified
Wed, 30 Jun 2021 15:48:06 GMT
server
cloudflare
etag
W/"e140a7d32f343530f016095df3cc2ae4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lX0sI3rIIjlgtfxfewBrgh9vY5DZLpduMxgGQiScBw%2F%2FbZ2oK1CxNAB7rZZ6ajQBk%2FVU8Kz5ia%2FVUEn7gdZ%2F79d9lGtR9w2Yvbn%2BspHIQRF7Z%2BFSsognZKdbDrgFlSgQUVi2D2j7u3mzxO413gKoTlh6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
785e91bdd94ec334-EWR
css
fonts.googleapis.com/
45 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0f8fdbc3a08d963096363e3b3a54482a44c30f1e7b5050b1236349b4ee3a4af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 07 Jan 2023 17:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 Jan 2023 17:08:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 Jan 2023 17:56:18 GMT
lander.js
app.clickfunnels.com/assets/
2 MB
662 KB
Script
General
Full URL
https://app.clickfunnels.com/assets/lander.js
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 17:56:18 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
age
852
last-modified
Wed, 04 Jan 2023 20:16:12 GMT
server
cloudflare
etag
W/"63b5de8c-2391a3"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
785e91bdaaf47154-YUL
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 07 Jan 2023 18:16:18 GMT
pushcrew.js
app.clickfunnels.com/assets/
637 B
459 B
Script
General
Full URL
https://app.clickfunnels.com/assets/pushcrew.js
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.funnel-preview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 17:56:18 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
age
538
last-modified
Wed, 04 Jan 2023 20:14:56 GMT
server
cloudflare
etag
W/"63b5de40-27d"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
785e91be4c1b7154-YUL
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 07 Jan 2023 18:16:18 GMT
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/
17 KB
6 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://app.funnel-preview.com/
Origin
https://app.funnel-preview.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 17:56:18 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
785e91befc97ca6f-YUL
Primary Request /
moises-es-tacanisimo2k23forever.directual.app/
Redirect Chain
  • http://ow.ly/CSxt50MkrBM
  • https://moises-es-tacanisimo2k23forever.directual.app/
10 KB
3 KB
Document
General
Full URL
https://moises-es-tacanisimo2k23forever.directual.app/
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.214.239.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-239-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d10adccc76082c7d8efea600d201669bd58d28050085bca803346ae99e9ec6cf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 07 Jan 2023 17:56:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding

Redirect headers

Connection
close
Content-Length
0
Date
Sat, 07 Jan 2023 17:56:18 GMT
Location
https://moises-es-tacanisimo2k23forever.directual.app/
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
master-only
X-Pool
owly_web
X-XSS-Protection
1; mode=block
jquery-3.6.0.slim.js
code.jquery.com/
230 KB
68 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.slim.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
1f058e34466ba6ea21f79d5c403d68bf61d42b9cc0e43c09d433545da33a16c6

Request headers

Referer
https://moises-es-tacanisimo2k23forever.directual.app/
Origin
https://moises-es-tacanisimo2k23forever.directual.app
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
x-sp-metadata
HS256.CNOA550GEo8BCiRiM2M4ODU4YS1mMzI0LTQ3MTItYjljNi03ODcxYjllYTQ1ZWUQ+OiCoKvU+wIaBgjD5OadBiIUMjYwNzo1MzAwOjYwOjc4Njc6OjQo6JIDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ3Yjc1MWU3MC1iMmNlLTQzMGUtOWYxYS05NDg3MmI1YTljZjYYgJsEIhgIAhIUY2RzMDc2LmRjMi5od2Nkbi5uZXQ=.udeLPM/ZCrObmvyrCt8q7KcDYq0ufk/wy1Eve/DEbFg=
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-3974d"
vary
Accept-Encoding
x-hw
1673114179.dop096.dc2.t,1673114179.cds091.dc2.hn,1673114179.cds076.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
68992
2067f7a2157c5c0e5a3c.css
cdn.directual.app/_next/static/css/
97 KB
18 KB
Stylesheet
General
Full URL
https://cdn.directual.app/_next/static/css/2067f7a2157c5c0e5a3c.css
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9e2b9995ea74f7a9e6003d1f130bce2c9c54465dde4660745a34363b0b410299
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 30 Dec 2022 09:01:01 GMT
server
nginx
etag
W/"18555-185624360c8"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2022-12-30T09:09:15+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
index.js
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/
582 B
722 B
Script
General
Full URL
https://cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/index.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
35c88d26c0a4c300dc6a6ec8d3db28d4b669b219e68936458283b5020158d740
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 04 Jan 2023 09:01:45 GMT
server
nginx
etag
W/"246-1857c03d8a8"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2023-01-04T10:04:32+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
accept-ranges
bytes
content-length
582
_app.js
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/
610 B
693 B
Script
General
Full URL
https://cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/_app.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4f8d6492ac7e38a54b457ef154d5224d6addae2dfa2974e3655400eb07ff3a39
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 04 Jan 2023 09:01:45 GMT
server
nginx
etag
W/"262-1857c03d8a8"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2023-01-04T09:23:00+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
accept-ranges
bytes
content-length
610
webpack-91b117697e716c22a78b.js
cdn.directual.app/_next/static/runtime/
1 KB
824 B
Script
General
Full URL
https://cdn.directual.app/_next/static/runtime/webpack-91b117697e716c22a78b.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e2fbb88b4d15a9f7702ca58ebbe8d1d927ffd2667e585e70a5f3d51acb1a37d2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 29 Oct 2022 12:36:44 GMT
server
nginx
etag
W/"5fb-18423be9760"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2022-11-20T05:25:29+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
framework.919180708d05136dc6ed.js
cdn.directual.app/_next/static/chunks/
126 KB
40 KB
Script
General
Full URL
https://cdn.directual.app/_next/static/chunks/framework.919180708d05136dc6ed.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
5acd2ba9f0f8a8a1f3efd2391fcb366b384144918eb8b6663efdb809d008f257
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 29 Oct 2022 12:36:44 GMT
server
nginx
etag
W/"1f971-18423be9760"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2022-11-03T13:12:16+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
62a2874c.4d381b6d4a3b6f59458a.js
cdn.directual.app/_next/static/chunks/
876 KB
233 KB
Script
General
Full URL
https://cdn.directual.app/_next/static/chunks/62a2874c.4d381b6d4a3b6f59458a.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
cc112754bde667c761bbec290a39bc2a645e67febfb6b08889937e624a7e538c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 04 Jan 2023 09:01:45 GMT
server
nginx
etag
W/"daeb5-1857c03d8a8"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2023-01-04T09:51:15+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
2c796e83.6d538cf506f030e37269.js
cdn.directual.app/_next/static/chunks/
746 KB
191 KB
Script
General
Full URL
https://cdn.directual.app/_next/static/chunks/2c796e83.6d538cf506f030e37269.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e5a2defdaf6696aeec83d8a7b4cc283012c1531cd4335426d01b6c897a90c350
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 29 Oct 2022 12:36:44 GMT
server
nginx
etag
W/"ba89f-18423be9760"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2022-11-20T05:25:29+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
29107295.f02fd81d3549ea789d99.js
cdn.directual.app/_next/static/chunks/
70 KB
24 KB
Script
General
Full URL
https://cdn.directual.app/_next/static/chunks/29107295.f02fd81d3549ea789d99.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
54dc4e47aa79af84bc42d6cc17c52a738dc893faffaa9fe15311772f9afdf9f5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 29 Oct 2022 12:36:44 GMT
server
nginx
etag
W/"11943-18423be9760"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2022-11-03T13:00:13+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
9973dc0b.85711a77415f2aaee5c1.js
cdn.directual.app/_next/static/chunks/
294 KB
74 KB
Script
General
Full URL
https://cdn.directual.app/_next/static/chunks/9973dc0b.85711a77415f2aaee5c1.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
28987f47a8a8f8d6792c6ae74844531922dc5b9a1f02c9fbb2c771e9d286598c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 04 Jan 2023 09:01:45 GMT
server
nginx
etag
W/"49682-1857c03d8a8"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2023-01-04T09:23:02+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
3cf2993f.8a7d70366f99a7299e2c.js
cdn.directual.app/_next/static/chunks/
431 KB
121 KB
Script
General
Full URL
https://cdn.directual.app/_next/static/chunks/3cf2993f.8a7d70366f99a7299e2c.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
63c9950387f2591fab55bfb45e79c4f42286040c4eca2aa8d6a02db4ba9bf120
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 04 Jan 2023 09:01:45 GMT
server
nginx
etag
W/"6ba0d-1857c03d8a8"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2023-01-04T09:51:15+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
bee240a3.023e8a6d7636de0aba5f.js
cdn.directual.app/_next/static/chunks/
88 KB
25 KB
Script
General
Full URL
https://cdn.directual.app/_next/static/chunks/bee240a3.023e8a6d7636de0aba5f.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7b72cf1a338dcef389d2ca08b8328135118a215f44c8869ca5a11f60dc6e36b5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 29 Oct 2022 12:36:44 GMT
server
nginx
etag
W/"15e53-18423be9760"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2022-11-03T13:00:13+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
75fc9c18.f2a68c63cc36d5f3b772.js
cdn.directual.app/_next/static/chunks/
58 KB
18 KB
Script
General
Full URL
https://cdn.directual.app/_next/static/chunks/75fc9c18.f2a68c63cc36d5f3b772.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d5e24ebfa99b08eeee32136f4ae659753fac7c6c60c4d64dd494d86ab0ca511c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 04 Jan 2023 09:01:45 GMT
server
nginx
etag
W/"e777-1857c03d8a8"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2023-01-04T09:23:01+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
commons.d49556b860622f49a01d.js
cdn.directual.app/_next/static/chunks/
36 KB
11 KB
Script
General
Full URL
https://cdn.directual.app/_next/static/chunks/commons.d49556b860622f49a01d.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
600c37ca55490189b32a5b93bf148c67caa3ccb161a68657b72f24f55fe709e7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 29 Oct 2022 12:36:44 GMT
server
nginx
etag
W/"9150-18423be9760"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2022-11-20T05:25:29+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
b81828185b115147ae9bf919ec9f62acace6a238.5dbc337305143fd86c4b.js
cdn.directual.app/_next/static/chunks/
678 KB
178 KB
Script
General
Full URL
https://cdn.directual.app/_next/static/chunks/b81828185b115147ae9bf919ec9f62acace6a238.5dbc337305143fd86c4b.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f7dddd73817e6e9660ccab4c62a1eac17d4030edeae95efc3781a378ab7276d0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 04 Jan 2023 09:01:45 GMT
server
nginx
etag
W/"a99d8-1857c03d8a8"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2023-01-04T09:23:01+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
main-dbed20d757de8f1be318.js
cdn.directual.app/_next/static/runtime/
22 KB
8 KB
Script
General
Full URL
https://cdn.directual.app/_next/static/runtime/main-dbed20d757de8f1be318.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
abea2320dca8f7d72f2fc5496e7317247192eb12726aedf408ac59330fe08332
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 29 Oct 2022 12:36:44 GMT
server
nginx
etag
W/"5812-18423be9760"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2022-11-20T05:25:29+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
061e6b60.509f44a370829ba8f246.js
cdn.directual.app/_next/static/chunks/
590 KB
257 KB
Script
General
Full URL
https://cdn.directual.app/_next/static/chunks/061e6b60.509f44a370829ba8f246.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2626befe4654a65eb01b6cab9749932ca08dfb909f63f45c6f732f05bdbbe2e5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 29 Oct 2022 12:36:44 GMT
server
nginx
etag
W/"93858-18423be9760"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2022-11-10T15:54:26+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
1945e361a0b5a0a6ef01d20f294388fd6a5fdc75.7cc6af02370b1116822a.js
cdn.directual.app/_next/static/chunks/
2 MB
583 KB
Script
General
Full URL
https://cdn.directual.app/_next/static/chunks/1945e361a0b5a0a6ef01d20f294388fd6a5fdc75.7cc6af02370b1116822a.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9ddcbbdb296b1f80c5276f722a3fbe6b2c79e7527b1f5ecedda20928a9a4136c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 04 Jan 2023 09:01:45 GMT
server
nginx
etag
W/"1f7f05-1857c03d8a8"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2023-01-04T09:23:01+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
8b09feb3-0e52-45cc-b776-b0a7f9fc4a0e.svg
api.alfa.directual.com/fileUploaded/directual-site/
5 KB
6 KB
Image
General
Full URL
https://api.alfa.directual.com/fileUploaded/directual-site/8b09feb3-0e52-45cc-b776-b0a7f9fc4a0e.svg
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.171.37.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-37-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ff6b126d86d9795f3e14dd74327e6ec811f7445f43143c14fd7d2cdfc9b808d2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 17:56:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 29 Aug 2020 08:51:47 GMT
etag
"232008ae7c66ddaf02e882bcf6385587"
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
5256
/
lifevideo4all.xyz/vics/
718 KB
499 KB
Script
General
Full URL
https://lifevideo4all.xyz/vics/?api=1&lan=facebooknew&ht=2&counter0=donkeydonna
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.106 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium35-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
f412f1ae0e247fb52e5b56fdbf2d3830234d684ccf43aaac907ddea69ce0107e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 Jan 2023 17:56:19 GMT
content-encoding
br
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
x-turbo-charged-by
LiteSpeed
expires
Thu, 19 Nov 1981 08:52:00 GMT
_buildManifest.js
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/
299 B
362 B
Script
General
Full URL
https://cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/_buildManifest.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
94b945b7f189c978d8b53ad77606a6dde64b248354a82a772938ab61e1b9b974
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 04 Jan 2023 09:01:45 GMT
server
nginx
etag
W/"12b-1857c03d8a8"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2023-01-04T09:23:01+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
accept-ranges
bytes
content-length
299
_ssgManifest.js
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/
76 B
137 B
Script
General
Full URL
https://cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/_ssgManifest.js
Requested by
Host: moises-es-tacanisimo2k23forever.directual.app
URL: https://moises-es-tacanisimo2k23forever.directual.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 04 Jan 2023 09:01:45 GMT
server
nginx
etag
W/"4c-1857c03d8a8"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2023-01-04T09:23:02+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
accept-ranges
bytes
content-length
76
S6uyw4BMUTPHvxk.ttf
fonts.gstatic.com/s/lato/v23/
71 KB
36 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHvxk.ttf
Requested by
Host: cdn.directual.app
URL: https://cdn.directual.app/_next/static/css/2067f7a2157c5c0e5a3c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43f1c7780d69792278f04b136c934a0298fc66f2e974bac13dd2e53adc52bde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.directual.app/
Origin
https://moises-es-tacanisimo2k23forever.directual.app
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 15:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36024
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:50:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 15:39:39 GMT
8432400d-0b09-40c7-8c5a-526d8b7aa558.woff
api.directual.com/fileUploaded/directual-site/
31 KB
31 KB
Font
General
Full URL
https://api.directual.com/fileUploaded/directual-site/8432400d-0b09-40c7-8c5a-526d8b7aa558.woff
Requested by
Host: cdn.directual.app
URL: https://cdn.directual.app/_next/static/css/2067f7a2157c5c0e5a3c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.171.37.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-37-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7120951beec4144ef6e13063637ca9f4317120c2e61f0d11d6007b3ed7c11a87
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://cdn.directual.app/
Origin
https://moises-es-tacanisimo2k23forever.directual.app
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 17:56:20 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 25 Aug 2022 10:05:51 GMT
etag
"08ec23d67cdf7a0b9497e1e880799271"
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
31396
truncated
/
38 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/webp
%5B...path%5D.js
cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/
0
296 B
Other
General
Full URL
https://cdn.directual.app/_next/static/ZJ1jDmPHpCvOo0ixe-M8c/pages/%5B...path%5D.js
Requested by
Host: cdn.directual.app
URL: https://cdn.directual.app/_next/static/runtime/main-dbed20d757de8f1be318.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:20 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 04 Jan 2023 09:01:45 GMT
server
nginx
etag
W/"d3-1857c03d8a8"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2023-01-04T09:23:00+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
accept-ranges
bytes
content-length
211
061e6b60.509f44a370829ba8f246.js
cdn.directual.app/_next/static/chunks/
0
257 KB
Other
General
Full URL
https://cdn.directual.app/_next/static/chunks/061e6b60.509f44a370829ba8f246.js
Requested by
Host: cdn.directual.app
URL: https://cdn.directual.app/_next/static/runtime/main-dbed20d757de8f1be318.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 29 Oct 2022 12:36:44 GMT
server
nginx
etag
W/"93858-18423be9760"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2022-11-10T15:54:26+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
1945e361a0b5a0a6ef01d20f294388fd6a5fdc75.7cc6af02370b1116822a.js
cdn.directual.app/_next/static/chunks/
0
583 KB
Other
General
Full URL
https://cdn.directual.app/_next/static/chunks/1945e361a0b5a0a6ef01d20f294388fd6a5fdc75.7cc6af02370b1116822a.js
Requested by
Host: cdn.directual.app
URL: https://cdn.directual.app/_next/static/runtime/main-dbed20d757de8f1be318.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:31:2801::13 Ashburn, United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
dc3-up-gc28
date
Sat, 07 Jan 2023 17:56:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 04 Jan 2023 09:01:45 GMT
server
nginx
etag
W/"1f7f05-1857c03d8a8"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cached-since
2023-01-04T09:23:01+00:00
cache-control
public, max-age=31536000, immutable
cache
HIT
/
lifevideo4all.xyz/vics/location/
Redirect Chain
  • https://lifevideo4all.xyz/vics/location
  • https://lifevideo4all.xyz/vics/location/
1 KB
627 B
Script
General
Full URL
https://lifevideo4all.xyz/vics/location/
Protocol
H2
Server
198.54.116.106 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium35-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
b69109ec8c068f22d26290051be5caf2c23227d3dc436c199175b6dd3b7ea02e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 17:56:21 GMT
content-encoding
br
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
content-length
431
expires
Sat, 14 Jan 2023 17:56:21 GMT

Redirect headers

location
https://lifevideo4all.xyz/vics/location/
date
Sat, 07 Jan 2023 17:56:21 GMT
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
707
content-type
text/html
geo.json
get.geojs.io/v1/ip/
329 B
868 B
XHR
General
Full URL
https://get.geojs.io/v1/ip/geo.json
Requested by
Host: app.funnel-preview.com
URL: https://app.funnel-preview.com/for_domain/hamannmaria0.clickfunnels.com/optin1673048006350?updated_at=c84a4fbb366fa2e41eb8c5f547981948v2&track=0&preview=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f254a89fd5dae0e5b47afe2a63f89debe4b597b4badae26e34aa89cb761eafa9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 17:56:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
05353075d352ac32ac029c89e5cf4de5-NYC
x-geojs-location
NYC
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJDgTQOpY5XYqE6HWi56udVwADeilaCQFiML2HNNbM8FIUhyQhLmuwppXoAZwPkhiVKFy7XISNhWcF85M8K7vDVynAFNiYWnzZNsechmqc1lEwgG7838VRwq03e5rp1bAMKqPA%2BfDjyuqA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
785e91cfdd94543d-YYZ
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
29.png
widgets.amung.us/classic/00/
Redirect Chain
  • https://whos.amung.us/widget/donkeydonna
  • https://widgets.amung.us/classic/00/29.png
1 KB
2 KB
Image
General
Full URL
https://widgets.amung.us/classic/00/29.png
Protocol
H2
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f791d680d9aa9e066fd0a7be7ad1b45f88c9371991a06bb8e6de5e1e258af559

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 17:56:21 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:03:09 GMT
server
cloudflare
age
156371
etag
"4c149ecd-5e8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
785e91d04c57a234-YYZ
content-length
1512
expires
Fri, 06 Jan 2023 22:30:10 GMT

Redirect headers

location
https://widgets.amung.us/classic/00/29.png
date
Sat, 07 Jan 2023 17:56:21 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
785e91cfdb5ca234-YYZ
content-type
text/html; charset=UTF-8
35.png
widgets.amung.us/classic/00/
Redirect Chain
  • https://whos.amung.us/widget/palanca12
  • https://widgets.amung.us/classic/00/35.png
1 KB
2 KB
Image
General
Full URL
https://widgets.amung.us/classic/00/35.png
Protocol
H2
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
152cfa415fa0fb734f3c591fb370326038b24d92d7b22cdc7f581fc65dea0bb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://moises-es-tacanisimo2k23forever.directual.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 17:56:21 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:03:09 GMT
server
cloudflare
age
67732
etag
"4c149ecd-5e0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
785e91d04c4fa234-YYZ
content-length
1504
expires
Sat, 07 Jan 2023 23:07:29 GMT

Redirect headers

location
https://widgets.amung.us/classic/00/35.png
date
Sat, 07 Jan 2023 17:56:21 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
785e91cfdb5ea234-YYZ
content-type
text/html; charset=UTF-8
truncated
/
51 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery object| webpackJsonp object| __NEXT_DATA__ function| __BUILD_MANIFEST_CB function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| __BUILD_MANIFEST object| __SSG_MANIFEST function| _ function| Hammer function| sh boolean| IS_MOBILE number| limit_bot string| object string| type string| OUTPUT object| ___ object| params number| tt undefined| to_object string| a function| checking function| creatingInput function| searchingForms

3 Cookies

Domain/Path Name / Value
.funnel-preview.com/ Name: _etison_sessions_dcs_v2
Value: affeeef65aeaf571474382c79375be41
.app.funnel-preview.com/ Name: __cf_bm
Value: UX0M4nComEv4jzrx4.kRsS9gpfUeMeUQzYaiXCFmBI0-1673114178-0-AZB7cT/rArPAEDkZK8u9xpUv8I4sEXODOqKS5r0Q1Ofg1GU0bltjV2eh7P8C6PZOdN79Om2ri+l6XID7Zsi9OBCurMR6Qdy8KmSmIkoKChyg
.clickfunnels.com/ Name: __cf_bm
Value: nmfAVWmN8Xs_g5x3NjBRpl30y6a0RokYNQpeKKyeQMw-1673114178-0-AdM2/gfOuNkALvgeQlGnfsQ9VrmmA8aAqdpAsczYfIilHu0GSiJrrZjixyxLoWiW/utKjTHo9ULFtfNz5QLejVuNLdmYCzpdLZn+L7Vy5J2+

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Frame-Options ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.alfa.directual.com
api.directual.com
app.clickfunnels.com
app.funnel-preview.com
cdn.directual.app
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
lifevideo4all.xyz
moises-es-tacanisimo2k23forever.directual.app
ow.ly
static.cloudflareinsights.com
use.fontawesome.com
whos.amung.us
widgets.amung.us
198.54.116.106
2001:4de0:ac18::1:a:1a
2606:4700:10::ac43:88d
2606:4700:20::ac43:46e9
2606:4700::6810:3865
2606:4700::6810:dc2
2606:4700:e2::ac40:840f
2607:f8b0:4006:81d::2003
2607:f8b0:4006:823::200a
2a03:90c0:31:2801::13
52.214.239.207
54.171.37.162
54.183.130.144
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b
152cfa415fa0fb734f3c591fb370326038b24d92d7b22cdc7f581fc65dea0bb9
1f058e34466ba6ea21f79d5c403d68bf61d42b9cc0e43c09d433545da33a16c6
2626befe4654a65eb01b6cab9749932ca08dfb909f63f45c6f732f05bdbbe2e5
28987f47a8a8f8d6792c6ae74844531922dc5b9a1f02c9fbb2c771e9d286598c
35c88d26c0a4c300dc6a6ec8d3db28d4b669b219e68936458283b5020158d740
448968ae29472d87043339bb033f8f635c99451db58e6b65b841e49e9d0e80f9
4f8d6492ac7e38a54b457ef154d5224d6addae2dfa2974e3655400eb07ff3a39
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
54dc4e47aa79af84bc42d6cc17c52a738dc893faffaa9fe15311772f9afdf9f5
5acd2ba9f0f8a8a1f3efd2391fcb366b384144918eb8b6663efdb809d008f257
600c37ca55490189b32a5b93bf148c67caa3ccb161a68657b72f24f55fe709e7
63c9950387f2591fab55bfb45e79c4f42286040c4eca2aa8d6a02db4ba9bf120
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
7120951beec4144ef6e13063637ca9f4317120c2e61f0d11d6007b3ed7c11a87
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f
7b72cf1a338dcef389d2ca08b8328135118a215f44c8869ca5a11f60dc6e36b5
94b945b7f189c978d8b53ad77606a6dde64b248354a82a772938ab61e1b9b974
9ddcbbdb296b1f80c5276f722a3fbe6b2c79e7527b1f5ecedda20928a9a4136c
9e2b9995ea74f7a9e6003d1f130bce2c9c54465dde4660745a34363b0b410299
abea2320dca8f7d72f2fc5496e7317247192eb12726aedf408ac59330fe08332
b69109ec8c068f22d26290051be5caf2c23227d3dc436c199175b6dd3b7ea02e
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cc112754bde667c761bbec290a39bc2a645e67febfb6b08889937e624a7e538c
d10adccc76082c7d8efea600d201669bd58d28050085bca803346ae99e9ec6cf
d5e24ebfa99b08eeee32136f4ae659753fac7c6c60c4d64dd494d86ab0ca511c
e0f8fdbc3a08d963096363e3b3a54482a44c30f1e7b5050b1236349b4ee3a4af
e2fbb88b4d15a9f7702ca58ebbe8d1d927ffd2667e585e70a5f3d51acb1a37d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a2defdaf6696aeec83d8a7b4cc283012c1531cd4335426d01b6c897a90c350
f254a89fd5dae0e5b47afe2a63f89debe4b597b4badae26e34aa89cb761eafa9
f412f1ae0e247fb52e5b56fdbf2d3830234d684ccf43aaac907ddea69ce0107e
f43f1c7780d69792278f04b136c934a0298fc66f2e974bac13dd2e53adc52bde
f791d680d9aa9e066fd0a7be7ad1b45f88c9371991a06bb8e6de5e1e258af559
f7dddd73817e6e9660ccab4c62a1eac17d4030edeae95efc3781a378ab7276d0
ff6b126d86d9795f3e14dd74327e6ec811f7445f43143c14fd7d2cdfc9b808d2