Report - frani.clickfunnels.com/optinq77wbgg

Report Overview

Submitted URL
frani.clickfunnels.com/optinq77wbgg
IP
104.16.12.194
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-03 11:11:35
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
bam.nr-data.net	630	2015-02-10T01:06:27Z	2023-03-13T05:22:57Z	1.6 kB	917 B	162.247.241.14
scambinance.com	unknown	2020-08-19T08:51:23Z	2023-02-27T12:26:23Z	548 B	648 B	188.114.96.1
js-agent.newrelic.com	378	2018-06-22T06:15:37Z	2023-03-13T05:22:57Z	1.2 kB	7.7 kB	151.101.66.137
frani.clickfunnels.com	unknown			5.3 kB	1.9 kB	104.16.16.194
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	62 kB	34.120.237.76
app.clickfunnels.com	34727	2015-03-12T09:40:23Z	2023-03-13T06:48:47Z	10 kB	21 kB	104.16.16.194
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.4 kB	4.2 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	343 B	699 B	142.250.74.131
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.42.147.182
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	694 B	630 B	142.250.74.106
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.77.32
images.clickfunnels.com	95357	2014-10-08T22:00:42Z	2023-03-13T06:48:47Z	1.6 kB	6.6 kB	104.16.16.194
classic.clickfunnels.com	unknown	2022-10-26T20:44:01Z	2023-03-13T06:48:47Z	1.6 kB	1.5 kB	104.16.16.194
cadrfadr.studiolegaledorianapesce.it	unknown	2023-02-02T22:37:57Z	2023-02-03T09:47:36Z	1.5 kB	5.5 kB	185.56.218.4
use.fontawesome.com	942	2017-01-30T05:43:25Z	2023-03-13T05:09:17Z	1.7 kB	50 kB	172.64.132.15
static.cloudflareinsights.com	1294	2019-09-24T16:34:56Z	2023-03-13T05:15:33Z	469 B	393 B	104.16.57.101
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	cadrfadr.studiolegaledorianapesce.it/dafe1/gardv/pasclao	Phishing
2023-02-03	medium	scambinance.com/go.php?url=https://cadrfadr.studiolegaledorianapesce.it/dafe1/gardv/pasclao	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	frani.clickfunnels.com/optin1675348668626	403 B	2023-03-07	2024-02-27
Pretty URL frani.clickfunnels.com/optin1675348668626 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:06 Last Seen2024-02-27 15:49:53 Times Seen73 Hash 8ab8d200539fab50897027c62c96d314 0197d4ac02e1e98d7e1d9badcbd7a89428eb03b8 b7a571a3f2b65d773034e6d559fde9ea980c86414a2b485c88cbac7c0456b9de Loading...

	frani.clickfunnels.com/optin1675348668626	101 B	2023-03-07	2024-03-20
Pretty URL frani.clickfunnels.com/optin1675348668626 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1072 Hash 58d9451139b4d777d43d7c3e074a944a 58dbf64854e67993dd579ecc78d1a32fea9266ed 85f043b5d0590f154a02cf29f549340485f0e6dd78c70ab8746555092fc9d493 Loading...

	js-agent.newrelic.com/823.215647de-1223.js	3.1 kB	2023-03-13	2023-04-05
Pretty URL js-agent.newrelic.com/823.215647de-1223.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:06:18 Last Seen2023-04-05 02:10:55 Times Seen8 Hash ce7762cf4b6665f79c15503dbccd6c68 aef64bd2f3a95b12cdb8b3abfc4102e663ac26de cf2b7b8c9c5756454079e4eb012128b38f569bcc9d32a5b895df5396ae5052b2 Loading...

	frani.clickfunnels.com/optin1675348668626	280 B	2023-03-13	2023-03-13
Pretty URL frani.clickfunnels.com/optin1675348668626 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:45:44 Last Seen2023-03-13 15:45:44 Times Seen1 Hash 18781e082df377e00861a946e10798cf 026d41b2e6d14dd09e21e362885080f1c7cf728e 33b03186be0dbf5bd2b34764020484d86215e9959468d81282c4e034fb9e1bd6 Loading...

	frani.clickfunnels.com/optin1675348668626	395 B	2023-03-07	2024-03-20
Pretty URL frani.clickfunnels.com/optin1675348668626 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1083 Hash b2c93212afb38693d023d97f822acd42 a971c75819436a7c7d9c3b388b8be10f1286fdcb dbde09f9e5cc2ecdeffe30752eac8756ca637e0c524bdbd5b1c7e5704aae004f Loading...

	frani.clickfunnels.com/optin1675348668626	65 B	2023-03-07	2024-03-18
Pretty URL frani.clickfunnels.com/optin1675348668626 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:26 Last Seen2024-03-18 15:34:47 Times Seen305 Hash fd58a4b54ab146df950e11f1c456d75d e7838ec007afb3db8ba2f719f3abdaba531bc554 f83c7974af97a55f1ac8034a88f07f1ab1c45ccb34071de2962dfa6d969fe303 Loading...

	frani.clickfunnels.com/optin1675348668626	591 B	2023-03-13	2023-03-13
Pretty URL frani.clickfunnels.com/optin1675348668626 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:45:44 Last Seen2023-03-13 15:46:32 Times Seen1 Hash 0e782d0664c19820ae4cc5da3923b8fd 0de39ce6beac8bab077279f49724b19acdf95d17 7da826108d21917caa3b09780affec2fd3a4eb89e49d5462870dd535974b737f Loading...

	frani.clickfunnels.com/optin1675348668626	271 B	2023-03-07	2024-03-20
Pretty URL frani.clickfunnels.com/optin1675348668626 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1079 Hash c0d8faa83b4d63e92f56614251d001d4 4377d94b43b83ca010c78aa4c482d86ca19a9593 1d35b00811c224b9c83537f23634d9e7b07f75841c3d99e6ded3c759571f45a7 Loading...

	js-agent.newrelic.com/779.215647de-1223.js	8.3 kB	2023-03-13	2023-04-05
Pretty URL js-agent.newrelic.com/779.215647de-1223.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:06:19 Last Seen2023-04-05 02:10:55 Times Seen8 Hash 1f9dc6167676d6db728e844d20a97ad5 8403dd8856f165a7fa66132cdec57b7eceafd717 226b38d4dd6197b2d2989ef529f69e83ee3ff816b601033ee5ad3ba07fa76307 Loading...

	frani.clickfunnels.com/optin1675348668626	104 B	2023-03-07	2024-03-20
Pretty URL frani.clickfunnels.com/optin1675348668626 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1184 Hash 00b5ba65cbf82b44301e01048b806055 3be24afc94edb8de2099ccafa2bfcdbfbef301cd 699e1188e23d8be696d8ca3b45d7eba8c1c97f6ce4e9da4051cce63907ea8442 Loading...

	frani.clickfunnels.com/optin1675348668626	1.6 kB	2023-03-07	2024-03-20
Pretty URL frani.clickfunnels.com/optin1675348668626 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1072 Hash 9695240da93eaffb74ee6d46ae6ea5da f545f6cec4b5da6fb0a50a17ee0bc878030c5047 88533b116813899d4cf0751961b7568763677a97033cfb35180d523e2cf2cfd1 Loading...

	bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1223.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=1839&ck=0&s=37d9c18e0c8eeed5&ref=https://frani.clickfunnels.com/optin1675348668626&ap=275&be=635&fe=862&dc=673&perf=%7B%22timing%22:%7B%22of%22:1675422715090,%22n%22:0,%22r%22:-6,%22re%22:432,%22f%22:432,%22dn%22:432,%22dne%22:432,%22c%22:432,%22s%22:432,%22ce%22:432,%22rq%22:439,%22rp%22:605,%22rpe%22:607,%22dl%22:617,%22di%22:1292,%22ds%22:1307,%22de%22:1387,%22dc%22:1494,%22l%22:1494,%22le%22:1607%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=973&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1223.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=1839&ck=0&s=37d9c18e0c8eeed5&ref=https://frani.clickfunnels.com/optin1675348668626&ap=275&be=635&fe=862&dc=673&perf=%7B%22timing%22:%7B%22of%22:1675422715090,%22n%22:0,%22r%22:-6,%22re%22:432,%22f%22:432,%22dn%22:432,%22dne%22:432,%22c%22:432,%22s%22:432,%22ce%22:432,%22rq%22:439,%22rp%22:605,%22rpe%22:607,%22dl%22:617,%22di%22:1292,%22ds%22:1307,%22de%22:1387,%22dc%22:1494,%22l%22:1494,%22le%22:1607%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=973&jsonp=NREUM.setToken IP 162.247.241.14 ASN #23467 NEWRELIC-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	frani.clickfunnels.com/optin1675348668626	33 kB	2023-03-13	2023-03-13
Pretty URL frani.clickfunnels.com/optin1675348668626 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:45:44 Last Seen2023-03-13 23:18:05 Times Seen1 Hash a50f3a160eda89da550d12faeaa326b6 80471519912152fd3e176729cc2f98859ab6cc29 3efa076fe413aaead9b34d2202c1a8449612d390758e8824eab4265f631378bf Loading...

	app.clickfunnels.com/assets/userevents/application.js	5.2 kB	2023-03-08	2024-03-20
Pretty URL app.clickfunnels.com/assets/userevents/application.js IP 104.16.16.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:42 Last Seen2024-03-20 16:33:23 Times Seen1321 Hash 4849819314b7c1be4146a39b52c5c502 3e09f90cb42c04ff19f66dbbd83e3dbb544b50bf a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b Loading...

	static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993	17 kB	2023-03-08	2024-02-28
Pretty URL static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP 104.16.57.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:00 Last Seen2024-02-28 12:44:37 Times Seen1362 Hash 33100f2355611b2375f05486299abf05 0b2d1b75f6695e67b884bee2eb72165d6e881a26 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Loading...

	app.clickfunnels.com/assets/lander.js	2.3 MB	2023-03-13	2023-03-14
Pretty URL app.clickfunnels.com/assets/lander.js IP 104.16.16.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:45:44 Last Seen2023-03-14 01:04:17 Times Seen1 Hash 64e385bd7ee5f59206f1905e54862025 d7db33bf8c420665a43d27db435a675820db2b8d d8ded164ba646931d248a38c34118e778aef0737e888cda3131db84c76ed44e8 Loading...

	frani.clickfunnels.com/optin1675348668626	1.0 kB	2023-03-07	2024-03-20
Pretty URL frani.clickfunnels.com/optin1675348668626 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1073 Hash 7e04d8a0aac6ab1ec08163bd215a5711 f425cd8bab39529985cf2a9cf866a877b4fca17a 4e3d5220213c311337410362a4654f5ea226e71707a85229385cec6d871cc05a Loading...

	app.clickfunnels.com/assets/pushcrew.js	637 B	2023-03-07	2024-03-20
Pretty URL app.clickfunnels.com/assets/pushcrew.js IP 104.16.16.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1405 Hash 0a67c27615e7d2202f261dcc0a82d744 0fa0a8ca56efded583bd4201821015a63c623d44 f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422 Loading...

	app.clickfunnels.com/cf.js	18 kB	2023-03-07	2024-03-20
Pretty URL app.clickfunnels.com/cf.js IP 104.16.16.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1309 Hash bf2a8a168c0be1544c34f363c276586e 581e49c9b7bdd06dab54c00931f4256b223e620e 7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d Loading...

	js-agent.newrelic.com/785.215647de-1223.js	5.1 kB	2023-03-13	2023-04-05
Pretty URL js-agent.newrelic.com/785.215647de-1223.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:06:19 Last Seen2023-04-05 02:10:55 Times Seen8 Hash 85340359c90104ea511047eb2b57ebb5 2c0e150864fcf808ddf2d57f14866e9148753991 e87e201d3ac066d6522dc7a17d02df52163ae9e47173244f017d23476f9e1eda Loading...

	js-agent.newrelic.com/692.215647de-1223.js	2.0 kB	2023-03-13	2023-04-05
Pretty URL js-agent.newrelic.com/692.215647de-1223.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:06:19 Last Seen2023-04-05 02:10:55 Times Seen8 Hash 2a9c8457fef96067bf92a4ec54fb10b8 54e20b8e3b123584526a1074d89e7198b8709a78 a757f891e9f4a002a7aecb7fcf4e1d74e3e43cc2dc74c3a1fe3812fe7c9a3545 Loading...

	js-agent.newrelic.com/325.215647de-1223.js	1.1 kB	2023-03-13	2023-04-05
Pretty URL js-agent.newrelic.com/325.215647de-1223.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:06:19 Last Seen2023-04-05 02:10:55 Times Seen8 Hash 8bfb1318203f2143642fa7f2620e90b9 489ae7db044c1f9e693ca0e6bbe595c7dcc5b66c b1ffa703af97cbc8af57a71d2ba52caf7f68d6d34b50190aa9b7d0cb53233e9a Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2aa74ac3a264c3e10ae463a262aaf72c	20 kB	2023-03-07	2024-03-20
Pretty Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-20 16:33:23 Times Seen1092 Hash 2aa74ac3a264c3e10ae463a262aaf72c c5ff579cf0cc2ba1d98711b366ec148152abbaf5 9c1ea695852f01d2fc6027d572b126b740a9c4634540fb0d39ea3656377eef77 Loading...

	#2 Eval - abe742c2f5eaa67e41dd0c3c3d121d4c	190 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 15:45:44 Last Seen2023-03-13 15:45:44 Times Seen1 Hash abe742c2f5eaa67e41dd0c3c3d121d4c 7b471a884e925e1a41b03a7ab06ef321a6748a1e eb5ba2729125289718c2c0b50489c4d92a80fe13ac51638d5b5d0767039827ea Loading...

	#3 Eval - f5559b185d6ad5459fdac6367116e9a2	119 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 15:45:44 Last Seen2023-03-13 15:46:32 Times Seen1 Hash f5559b185d6ad5459fdac6367116e9a2 ac54f46b16c207c4d0d7e35f33a4b8edf7dbcea6 844565c74e046c348520a8f0851fd2b8e8279dc5f867df86db0dae4d2cbaebe1 Loading...

HTTP Transactions (54)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8275
Expires: Fri, 03 Feb 2023 13:29:19 GMT
Date: Fri, 03 Feb 2023 11:11:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2289
Expires: Fri, 03 Feb 2023 11:49:33 GMT
Date: Fri, 03 Feb 2023 11:11:24 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8686b201029f94a4f6cfba25537fa6c5
b6046c7e22fc031a58d742b957b484ba6b1560e6
0bcde1f5eb4caf3f298f8c0bde139a1578c03d9a82959b17f62f6eac22e0bbaf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4961
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:24 GMT
Last-Modified: Fri, 03 Feb 2023 09:48:43 GMT
Server: ECS (amb/6BB9)
X-Cache: HIT
Content-Length: 279

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 10:43:35 GMT
content-type: application/json
age: 1669
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4324
Expires: Fri, 03 Feb 2023 12:23:28 GMT
Date: Fri, 03 Feb 2023 11:11:24 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: poA7oJ3/LWEN0iDwBtFcODNCxw+VlOoQVrrumOClQ5GEVnICpY+G9MKjOY4U+nq8DOUcYjmo9UvJHeKS9CE7jg==
x-amz-request-id: HYQK3Z0TNX6VPFPG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 10:52:23 GMT
age: 1141
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 11:11:24 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 10:49:06 GMT
age: 1339
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5adf2c0a4b0cb0102bb2a801db222019
987b0d000fef5f238e256af039503019a60bb4f3
bc1467d19e8dea3983161468af524eb7c479b9e9e4f30df5f971f6816a8f4f85

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3025
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:25 GMT
Last-Modified: Fri, 03 Feb 2023 10:21:00 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8812
Expires: Fri, 03 Feb 2023 13:38:17 GMT
Date: Fri, 03 Feb 2023 11:11:25 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png

104.16.16.194

200 OK

5.3 kB

URL HTTP/2
images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.3 kB (5276 bytes)
Hash
d99a10ef5010513b3d30f7cf51614b5f
d60c1da11f05540f39632c7357c22b76c9ee1ed7
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474

HTTP Headers

GET /3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png HTTP/1.1
Host: images.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: image/webp
content-length: 5276
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9030
content-disposition: inline; filename="ClickfunnelsTag.webp"
etag: "a633777156a5ffeb58c92d3d59fa4e34"
last-modified: Fri, 03 Jan 2020 17:41:49 GMT
vary: Accept
x-amz-id-2: Hh4NJsW1+rFnk00tFupVCmWzNvth3KadcueXQ43CVRibqS0RaBkvvUvHN5n346JiS6ZjIYRGGiM=
x-amz-request-id: 2TPBMCTCCZAYA68E
cf-cache-status: HIT
age: 2046
expires: Mon, 27 Feb 2023 11:11:25 GMT
cache-control: public, max-age=2073600
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=i1weNxwNLc8PfnY_ZYvKDK3pBSUszpRgjmpDJDFc7jQ-1675422685-0-AQzPmu7NdYisLQJ3MGkUUDu_px0WRoLAszv1vIOIxdWsbVIKX_8xXwSJ4hhhNtfG98ukVPBzg0g0YcTrDU1YbvcOvAnAkhGQi0Xk7uez-g6y"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=i1weNxwNLc8PfnY_ZYvKDK3pBSUszpRgjmpDJDFc7jQ-1675422685-0-AQzPmu7NdYisLQJ3MGkUUDu_px0WRoLAszv1vIOIxdWsbVIKX_8xXwSJ4hhhNtfG98ukVPBzg0g0YcTrDU1YbvcOvAnAkhGQi0Xk7uez-g6y; report-to cf-csp-endpoint
server: cloudflare
cf-ray: 793ab9c7dd071c02-OSL
X-Firefox-Spdy: h2

app.clickfunnels.com/assets/pushcrew.js

104.16.16.194

200 OK

818 B

URL HTTP/2
app.clickfunnels.com/assets/pushcrew.js
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (637), with no line terminators
Size
818 B (818 bytes)
Hash
f1cb1bc2647a9695dcdb5b2141451c7e
5166dcf1a483c1feefef0ebdd4ccf354e57d5b8e
21f862a246e5c48fbfa9dd0708bb08ff87b93cd317ce9af7cad0c441b1022b77

HTTP Headers

GET /assets/pushcrew.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: application/x-javascript
cf-ray: 793ab9c6cc081c02-OSL
access-control-allow-origin: *
age: 431
cache-control: public, max-age=1200
etag: W/"63dbd64e-27d"
expires: Fri, 03 Feb 2023 11:31:25 GMT
last-modified: Thu, 02 Feb 2023 15:27:10 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.42.147.182

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.147.182:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wVoGm5FbtwEzZS676/8Miw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AVI8xqDDVXWwnLoEF/ksi8AWZK4=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
b1bbf406e5d473071d96311ed8c8dd33
bab2d439cc487bf682273fc2efc9a50bcbc9096f
7e5341915ce1bd9cc013d1804930d4947f57aa0f926235e6e7fbd89c6eb54b3d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4565
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:25 GMT
Last-Modified: Fri, 03 Feb 2023 09:55:20 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
b1bbf406e5d473071d96311ed8c8dd33
bab2d439cc487bf682273fc2efc9a50bcbc9096f
7e5341915ce1bd9cc013d1804930d4947f57aa0f926235e6e7fbd89c6eb54b3d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4566
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:26 GMT
Last-Modified: Fri, 03 Feb 2023 09:55:20 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279

app.clickfunnels.com/cf.js

104.16.16.194

301 Moved Permanently

14 kB

URL HTTP/2
app.clickfunnels.com/cf.js
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
14 kB (13565 bytes)
Hash
a965f9d639f4c44c2a35b76d99f58fb5
9238ef031bb01f79fa08bd46e6099003219e441b
c2c8559d5240e688552cee537aba3f7db09ab2040a50372ca15192f80619ec7f

HTTP Headers

GET /cf.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: text/html
location: https://www.clickfunnels.com/cf.js
cf-ray: 793ab9ca6fcb1c02-OSL
age: 1067
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2

frani.clickfunnels.com/cdn-cgi/rum?

104.16.16.194

204 No Content

0 B

URL HTTP/2
frani.clickfunnels.com/cdn-cgi/rum?
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: frani.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 7440
Origin: https://frani.clickfunnels.com
Connection: keep-alive
Referer: https://frani.clickfunnels.com/optin1675348668626
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTgxNDc2NTU=:visited=true; cf:visitor_id=7a68e219-1f48-44ab-8011-bd629332a799; addevent_track_cookie=56def5c5-12d0-4975-aa79-dc41a934c7be
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
date: Fri, 03 Feb 2023 11:11:26 GMT
access-control-allow-origin: https://frani.clickfunnels.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 793ab9cc79d71c02-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=Si8waTVxR1BYR0EzMjcvRTV3c3Q2QT09LS04L1VGSVNIaUtVNVl6VVBBL1ovZlJ3PT0%3D--18852a59004be87e22815faa21ae4a1a0d077d36&page_id=UHVML2R2ZjIvSDhvdk56ejNXS0U2dz09LS02Qmd4M2NnRG41NGU3akxUNE9Dck13PT0%3D--3c94f23b73d4e0f7353c63262270fdb57d733c12&funnel_step_id=Q1ljWmdTaTVFMFpXa293aFphejM0QT09LS1WS2lKM25xeWhzWFRKZlIwOS9ENFlRPT0%3D--1134c72751207ea35d560ffaca56f061de0c306c&user_id=YThQSlR4bmdNdUlHcUI3WmtDZjhPQT09LS1QUlBnRGV0VW9PQ3BYOGpIOXI1NllBPT0%3D--ec34caa1fe752e2f4310024a293aaca05919648e&account_id=QVVuMXY2ZEl6UDBLanp1VTJDNGtHZz09LS1kd3FEcmEwYTdHVTdCUFZKZllXNXpBPT0%3D--0b2f133bf6907b62dcbcf89a0e04dd7ee13c73fb&page_code=NTgxNDc2NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=0c822337-970b-43d6-9d5a-f90d6ca20eae&url=https%3A%2F%2Ffrani.clickfunnels.com%2Foptin1675348668626

104.16.16.194

202 Accepted

1.2 kB

URL HTTP/2
app.clickfunnels.com/userevents/?funnel_id=Si8waTVxR1BYR0EzMjcvRTV3c3Q2QT09LS04L1VGSVNIaUtVNVl6VVBBL1ovZlJ3PT0%3D--18852a59004be87e22815faa21ae4a1a0d077d36&page_id=UHVML2R2ZjIvSDhvdk56ejNXS0U2dz09LS02Qmd4M2NnRG41NGU3akxUNE9Dck13PT0%3D--3c94f23b73d4e0f7353c63262270fdb57d733c12&funnel_step_id=Q1ljWmdTaTVFMFpXa293aFphejM0QT09LS1WS2lKM25xeWhzWFRKZlIwOS9ENFlRPT0%3D--1134c72751207ea35d560ffaca56f061de0c306c&user_id=YThQSlR4bmdNdUlHcUI3WmtDZjhPQT09LS1QUlBnRGV0VW9PQ3BYOGpIOXI1NllBPT0%3D--ec34caa1fe752e2f4310024a293aaca05919648e&account_id=QVVuMXY2ZEl6UDBLanp1VTJDNGtHZz09LS1kd3FEcmEwYTdHVTdCUFZKZllXNXpBPT0%3D--0b2f133bf6907b62dcbcf89a0e04dd7ee13c73fb&page_code=NTgxNDc2NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=0c822337-970b-43d6-9d5a-f90d6ca20eae&url=https%3A%2F%2Ffrani.clickfunnels.com%2Foptin1675348668626
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.2 kB (1177 bytes)
Hash
943530898af28ff47cbdacc86af21486
64b7acbd72e28a5fcae49db377a1efba487aad1e
59d3ffc1c08b929dd093afaec60120111e885012ce25b31b0e55c99828f27eea

HTTP Headers

GET /userevents/?funnel_id=Si8waTVxR1BYR0EzMjcvRTV3c3Q2QT09LS04L1VGSVNIaUtVNVl6VVBBL1ovZlJ3PT0%3D--18852a59004be87e22815faa21ae4a1a0d077d36&page_id=UHVML2R2ZjIvSDhvdk56ejNXS0U2dz09LS02Qmd4M2NnRG41NGU3akxUNE9Dck13PT0%3D--3c94f23b73d4e0f7353c63262270fdb57d733c12&funnel_step_id=Q1ljWmdTaTVFMFpXa293aFphejM0QT09LS1WS2lKM25xeWhzWFRKZlIwOS9ENFlRPT0%3D--1134c72751207ea35d560ffaca56f061de0c306c&user_id=YThQSlR4bmdNdUlHcUI3WmtDZjhPQT09LS1QUlBnRGV0VW9PQ3BYOGpIOXI1NllBPT0%3D--ec34caa1fe752e2f4310024a293aaca05919648e&account_id=QVVuMXY2ZEl6UDBLanp1VTJDNGtHZz09LS1kd3FEcmEwYTdHVTdCUFZKZllXNXpBPT0%3D--0b2f133bf6907b62dcbcf89a0e04dd7ee13c73fb&page_code=NTgxNDc2NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=0c822337-970b-43d6-9d5a-f90d6ca20eae&url=https%3A%2F%2Ffrani.clickfunnels.com%2Foptin1675348668626 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://frani.clickfunnels.com
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 202 Accepted
date: Fri, 03 Feb 2023 11:11:26 GMT
content-type: text/html
cf-ray: 793ab9ca8fff1c02-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: e0226ce295b640600523d37097faa876
x-runtime: 0.023529
set-cookie: __cf_bm=HGMoCYmN0FG_aUXlAkAgjQS3eaw05EkIdtcE4BpxQI4-1675422686-0-Ab/DYWW632EQXOuTtJuD2V9tlPpY6fU91AZh1CNVoWZCn6eywDVTSdy2Y6XYWgNGTvShh7DCtxH1PLuwDpF/QVXMKZqD3y64wQYXA67Vqur1; path=/; expires=Fri, 03-Feb-23 11:41:26 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

js-agent.newrelic.com/779.215647de-1223.js

151.101.66.137

200 OK

3.5 kB

URL HTTP/2
js-agent.newrelic.com/779.215647de-1223.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (8307), with no line terminators
Size
3.5 kB (3516 bytes)
Hash
411c3ac790a3a8f8f71906adf57df690
ceef347ad1356a868f3c371ffc84c205958aed6d
59a8f0bcbad548fd487a595f4a2c3642268a19437d80096f1f0e3a67301132ac

HTTP Headers

GET /779.215647de-1223.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: oJiVqgUxxXTGlb3WHfPODQ+0hnRNaK4Wu3C5q0qzLW1Wy1zUCv3lJDvZMbOZXlmpWlVHYmT68X8=
x-amz-request-id: 29B6GFQJDW5ETZPK
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
etag: "1f9dc6167676d6db728e844d20a97ad5"
x-amz-version-id: d0hMUd3mWD9ItciiSIXCSy8OWToOTtsf
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 03 Feb 2023 11:11:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 323
x-timer: S1675422686.299380,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3516
X-Firefox-Spdy: h2

js-agent.newrelic.com/823.215647de-1223.js

151.101.66.137

200 OK

1.4 kB

URL HTTP/2
js-agent.newrelic.com/823.215647de-1223.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (3147), with no line terminators
Size
1.4 kB (1365 bytes)
Hash
87de67cddb1db12fc7ee256669fcd9ba
5c882b5cc4bff34d8f4c603d6077f424b442a0df
42e88e7da2ca5f5fbd6fb461147d562a317c22508508c937cc57ad65c04e5986

HTTP Headers

GET /823.215647de-1223.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: 5Fb4P8xJczd5vSJcDjiJeEIdldSbkECuaWyErtMTeAtEHKfdyrVuRuzSrltAg1+Dqn5ZyguqAlc=
x-amz-request-id: 29B2ND18W5AQM0T8
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
etag: "ce7762cf4b6665f79c15503dbccd6c68"
x-amz-version-id: W2tA0gkaWp6JlPnYeFhc2plzNBl_myPN
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 03 Feb 2023 11:11:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 327
x-timer: S1675422686.299643,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1365
X-Firefox-Spdy: h2

js-agent.newrelic.com/325.215647de-1223.js

151.101.66.137

200 OK

560 B

URL HTTP/2
js-agent.newrelic.com/325.215647de-1223.js
IP
151.101.66.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (1119), with no line terminators
Size
560 B (560 bytes)
Hash
dbb8514b0fe73ed1c9a3bb94d6bd624b
083e321a63d3e24555e87c564d3b52588ed49ae1
10a720318922a38e6bf41921f3adc6f56bc61f215e251be7f5f37ec991d9b852

HTTP Headers

GET /325.215647de-1223.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: y2K+rpeLF3Ym/3l6sNpa29RWC/g7TNS9+AlxD2Yrljl995Eo6bNRqMUpU5PNsi1SzBJybaX6onw=
x-amz-request-id: 5D6X5R0HEXVCYE0Y
last-modified: Fri, 27 Jan 2023 21:42:05 GMT
etag: "8bfb1318203f2143642fa7f2620e90b9"
x-amz-version-id: TZXfN40R6cv9QsF3fTfxRxppzwQ_LugL
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 03 Feb 2023 11:11:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 323
x-timer: S1675422686.299873,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 560
X-Firefox-Spdy: h2

classic.clickfunnels.com/images/closemodal.png

104.16.16.194

200 OK

672 B

URL HTTP/2
classic.clickfunnels.com/images/closemodal.png
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
672 B (672 bytes)
Hash
19754ed4d508cf576c80cf36e0db8c50
f459beac714e5be68aa75349fa806a5642af456a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

HTTP Headers

GET /images/closemodal.png HTTP/1.1
Host: classic.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://frani.clickfunnels.com/
Connection: keep-alive
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:26 GMT
content-type: image/webp
content-length: 672
cf-ray: 793ab9cdbb171c02-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 648225
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "63c939da-314"
expires: Mon, 06 Mar 2023 11:11:26 GMT
last-modified: Thu, 19 Jan 2023 12:38:50 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
server: cloudflare
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
282d6132e7d6e1c8aae030543ebb8ad4
3f0e12f89adeda9af0ae6065c810b216359b7581
6de5dfbdd3884f6505bebd5469c2cadc701bdee16ae542d87ea7204cf25be344

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2616
Cache-Control: max-age=131227
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:26 GMT
Etag: "63dc3f41-1d7"
Expires: Sat, 04 Feb 2023 23:38:33 GMT
Last-Modified: Thu, 02 Feb 2023 22:54:57 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1223.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=1839&ck=0&s=37d9c18e0c8eeed5&ref=https://frani.clickfunnels.com/optin1675348668626&ap=275&be=635&fe=862&dc=673&perf=%7B%22timing%22:%7B%22of%22:1675422715090,%22n%22:0,%22r%22:-6,%22re%22:432,%22f%22:432,%22dn%22:432,%22dne%22:432,%22c%22:432,%22s%22:432,%22ce%22:432,%22rq%22:439,%22rp%22:605,%22rpe%22:607,%22dl%22:617,%22di%22:1292,%22ds%22:1307,%22de%22:1387,%22dc%22:1494,%22l%22:1494,%22le%22:1607%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=973&jsonp=NREUM.setToken

162.247.241.14

200 OK

72 B

URL HTTP/1.1
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1223.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=1839&ck=0&s=37d9c18e0c8eeed5&ref=https://frani.clickfunnels.com/optin1675348668626&ap=275&be=635&fe=862&dc=673&perf=%7B%22timing%22:%7B%22of%22:1675422715090,%22n%22:0,%22r%22:-6,%22re%22:432,%22f%22:432,%22dn%22:432,%22dne%22:432,%22c%22:432,%22s%22:432,%22ce%22:432,%22rq%22:439,%22rp%22:605,%22rpe%22:607,%22dl%22:617,%22di%22:1292,%22ds%22:1307,%22de%22:1387,%22dc%22:1494,%22l%22:1494,%22le%22:1607%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=973&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937

HTTP Headers

GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1223.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=1839&ck=0&s=37d9c18e0c8eeed5&ref=https://frani.clickfunnels.com/optin1675348668626&ap=275&be=635&fe=862&dc=673&perf=%7B%22timing%22:%7B%22of%22:1675422715090,%22n%22:0,%22r%22:-6,%22re%22:432,%22f%22:432,%22dn%22:432,%22dne%22:432,%22c%22:432,%22s%22:432,%22ce%22:432,%22rq%22:439,%22rp%22:605,%22rpe%22:607,%22dl%22:617,%22di%22:1292,%22ds%22:1307,%22de%22:1387,%22dc%22:1494,%22l%22:1494,%22le%22:1607%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=973&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 11:11:26 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 793ab9ce5dc9b509-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2fb40e18172e1098e5754fa2501644c6
3810f7fc61314247576e9116a1d4962ff621628f
4c98ce5497be964a47e57aa78e3236039d219e502b657a9dafc9b5e2c0a45ac0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1151
Cache-Control: max-age=147066
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:26 GMT
Etag: "63dc82d9-117"
Expires: Sun, 05 Feb 2023 04:02:32 GMT
Last-Modified: Fri, 03 Feb 2023 03:43:21 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2573
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 11:11:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2573
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 11:11:27 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5641 bytes)
Hash
d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:49 GMT
age: 47618
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2573
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 11:11:27 GMT
Connection: keep-alive

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10796 bytes)
Hash
3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9130 bytes)
Hash
02123eef9faa8560ff66b058d4e13a28
decf26282993d7f0b14cf4112d14fa39c97fa89f
28889ff20f1b2fe0b73f8f97e6569f1d68d77fe436eeb47cc06ee4f0822ff239

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9130
x-amzn-requestid: 09ad3fbb-1e71-4455-82df-6e59f65239a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuxiYEkqIAMFVZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2fa8-1dca116e4317f9bd14f6d45a;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:48:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Bc2svrG-wX63DK9RPUyjh-n6AHVHaQe3QRmEL27L-amwCH2I_f_9g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:38 GMT
age: 47629
etag: "decf26282993d7f0b14cf4112d14fa39c97fa89f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e690e4c-e16d-49e9-ac12-24a092d6a60c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8543 bytes)
Hash
a1d6fa4715c4e78250b2f72ddd2706f1
be04ac3a50aa6f1b349a2410ad386d92de3222be
d1c3c1b7016428bf2a085b71ca0d1e215a64b3d31ff15b0ef8bf5a78f11d9ae5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e690e4c-e16d-49e9-ac12-24a092d6a60c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8543
x-amzn-requestid: 3dc0960e-97db-42c8-99ac-623a44e8bb3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuv0wGJhIAMFaTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ceb-5ad3ef033a62559762db42b9;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EKWOeGruQEm9HuSlJMiEEw_gN1p37qTTIhYqaiQ6bFaCF65kUfmMtA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:20 GMT
age: 47647
etag: "be04ac3a50aa6f1b349a2410ad386d92de3222be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10166 bytes)
Hash
2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hSyEfSDToqgfnFIW68Krz-ANYUNQoUPWhyb-8xDUarI6mnVLXriHDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:59:54 GMT
age: 47493
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
2fb40e18172e1098e5754fa2501644c6
3810f7fc61314247576e9116a1d4962ff621628f
4c98ce5497be964a47e57aa78e3236039d219e502b657a9dafc9b5e2c0a45ac0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1152
Cache-Control: max-age=147066
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 11:11:27 GMT
Etag: "63dc82d9-117"
Expires: Sun, 05 Feb 2023 04:02:33 GMT
Last-Modified: Fri, 03 Feb 2023 03:43:21 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 48206
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
070e8e907251bba55e86836eaac0a73c
2050e1babffe449d3add577c9ae024f4b2ae587f
2011018a3c392c7bbd7473f07b78208e7cbbcc9dcd3bc453aa1485e894b82248

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2011018A3C392C7BBD7473F07B78208E7CBBCC9DCD3BC453AA1485E894B82248"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Fri, 03 Feb 2023 17:11:02 GMT
Date: Fri, 03 Feb 2023 11:11:27 GMT
Connection: keep-alive

cadrfadr.studiolegaledorianapesce.it/dafe1/gardv/pasclao

185.56.218.4

302 Found

254 B

URL HTTP/2
cadrfadr.studiolegaledorianapesce.it/dafe1/gardv/pasclao
IP
185.56.218.4:0
ASN
#202675 Keliweb S.R.L

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
254 B (254 bytes)
Hash
e8c638c67170b3b4213749b482e81083
0e3148761fb5ee6d798abc5e6484d32c1fcf02ac
b485a7b75bbbd598961edbdb0416ff44436aba8900bf36c6b04850a39204f3b6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /dafe1/gardv/pasclao HTTP/1.1
Host: cadrfadr.studiolegaledorianapesce.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://frani.clickfunnels.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
strict-transport-security: max-age=300; includeSubDomains; preload
location: https://cadrfadr.studiolegaledorianapesce.it/cgi-sys/suspendedpage.cgi
content-length: 254
content-type: text/html; charset=iso-8859-1
date: Fri, 03 Feb 2023 11:11:26 GMT
server: Apache
X-Firefox-Spdy: h2

cadrfadr.studiolegaledorianapesce.it/cgi-sys/suspendedpage.cgi

185.56.218.4

200 OK

4.1 kB

URL HTTP/2
cadrfadr.studiolegaledorianapesce.it/cgi-sys/suspendedpage.cgi
IP
185.56.218.4:0
ASN
#202675 Keliweb S.R.L

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4070)
Size
4.1 kB (4137 bytes)
Hash
e06824c411c2049f5f9706f3cae8b5a3
8df5818519c19e71fafbde6847c57f8d9b82379b
473389886b76cefb5676737e2cfc9652c7c5cf473dbd55c86d2d7d8e0c3fea89

HTTP Headers

GET /cgi-sys/suspendedpage.cgi HTTP/1.1
Host: cadrfadr.studiolegaledorianapesce.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://frani.clickfunnels.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=300; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4137
content-type: text/html
date: Fri, 03 Feb 2023 11:11:26 GMT
server: Apache
X-Firefox-Spdy: h2

frani.clickfunnels.com/cdn-cgi/rum?

104.16.16.194

204 No Content

0 B

URL HTTP/2
frani.clickfunnels.com/cdn-cgi/rum?
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: frani.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 557
Origin: https://frani.clickfunnels.com
Connection: keep-alive
Referer: https://frani.clickfunnels.com/optin1675348668626
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTgxNDc2NTU=:visited=true; cf:visitor_id=7a68e219-1f48-44ab-8011-bd629332a799; addevent_track_cookie=56def5c5-12d0-4975-aa79-dc41a934c7be; is_eu=false; dexeti8fcicgn1di=true; 12773510_viewed_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
date: Fri, 03 Feb 2023 11:11:27 GMT
access-control-allow-origin: https://frani.clickfunnels.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 793ab9d70c071c02-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cadrfadr.studiolegaledorianapesce.it/favicon.ico

185.56.218.4

302 Found

254 B

URL HTTP/2
cadrfadr.studiolegaledorianapesce.it/favicon.ico
IP
185.56.218.4:0
ASN
#202675 Keliweb S.R.L

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
254 B (254 bytes)
Hash
e8c638c67170b3b4213749b482e81083
0e3148761fb5ee6d798abc5e6484d32c1fcf02ac
b485a7b75bbbd598961edbdb0416ff44436aba8900bf36c6b04850a39204f3b6

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cadrfadr.studiolegaledorianapesce.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cadrfadr.studiolegaledorianapesce.it/cgi-sys/suspendedpage.cgi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
strict-transport-security: max-age=300; includeSubDomains; preload
location: https://cadrfadr.studiolegaledorianapesce.it/cgi-sys/suspendedpage.cgi
content-length: 254
content-type: text/html; charset=iso-8859-1
date: Fri, 03 Feb 2023 11:11:27 GMT
server: Apache
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.woff2

172.64.132.15

200 OK

39 kB

URL HTTP/2
use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.woff2
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 38784, version 1.0\012- data
Size
39 kB (38784 bytes)
Hash
f9b85c9463af7103b9b24bbbf09a06ed
d28d7222bcbeb8ea701a771e85f7efe006e62fb1
62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56

HTTP Headers

GET /releases/v5.0.6/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cadrfadr.studiolegaledorianapesce.it
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:28 GMT
content-type: application/font-woff2
content-length: 38784
x-amz-id-2: Jb0BSD6DLB3ZRWC1sWzWm378adsT2ja18mKVSYDKRsX6xIxh6JXMCtV+pRG4JdfYKfE8TpH+qcI=
x-amz-request-id: J5CV3P0BA9XR5QYB
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:27:50 GMT
etag: "f9b85c9463af7103b9b24bbbf09a06ed"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxmrHyi%2Fr76tEkMxg2%2FKwVH1IibTo%2F2VuLQZ%2FAtOajyMGpALAJk6lY3EuBZaheC%2FK8Cqm8y761QUy9APOrO5v1COYghCpfnBck3K2AQDR4zsaAtlY%2FIxD%2FTWjamqE44yJnPfh1b6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793ab9d82aca75bd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

bam.nr-data.net/events/1/NRJS-fc902efb332119fff33?a=367981416&v=1223.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3263&ck=0&s=37d9c18e0c8eeed5&ref=https://frani.clickfunnels.com/optin1675348668626

162.247.241.14

200 OK

24 B

URL HTTP/1.1
bam.nr-data.net/events/1/NRJS-fc902efb332119fff33?a=367981416&v=1223.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3263&ck=0&s=37d9c18e0c8eeed5&ref=https://frani.clickfunnels.com/optin1675348668626
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
24 B (24 bytes)
Hash
bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

HTTP Headers

POST /events/1/NRJS-fc902efb332119fff33?a=367981416&v=1223.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3263&ck=0&s=37d9c18e0c8eeed5&ref=https://frani.clickfunnels.com/optin1675348668626 HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 61
Origin: https://frani.clickfunnels.com
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 11:11:28 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 793ab9da8fe1b509-OSL
Access-Control-Allow-Origin: https://frani.clickfunnels.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare

use.fontawesome.com/releases/v5.0.6/css/all.css

172.64.132.15

200 OK

7.7 kB

URL HTTP/2
use.fontawesome.com/releases/v5.0.6/css/all.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (34556)
Size
7.7 kB (7650 bytes)
Hash
ef2daa57f5579775ef192418d8d74979
ee609e28baca6f1f7c28b075707abb463ff7bc91
c20027e81c9df438f532da11d2ffb35012b74282c5e7b1f5180abc9aed86bce4

HTTP Headers

GET /releases/v5.0.6/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cadrfadr.studiolegaledorianapesce.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:27 GMT
content-type: text/css
x-amz-id-2: 56umF+a77quXuMRBbRGrVovXdjlppNym9DzH7SXlUXwvDx9VeiETFyCe6N3OrJYRZLocu7IVdew=
x-amz-request-id: ZZYT058DPX6EMV5N
last-modified: Wed, 30 Jun 2021 15:27:49 GMT
etag: W/"42eaa52604673b64d6b356c2fd7f87e3"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1739578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNC4rsvy2f8m8bONWr%2BkJ16SNOZy3EaJWX5m91jvq9kb1rKlNi75C7L7yrVplyNQY31nsK3Wgmkh2EXdNz0TdkCUMH8riubyQzFz8O2hdO%2BDOlF35Xp8LpWz%2BA4e6ZMJQa%2FPXj3n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793ab9d76d90776b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

app.clickfunnels.com/assets/lander.js

104.16.16.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/assets/lander.js
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/lander.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: application/x-javascript
cf-ray: 793ab9c6cc051c02-OSL
access-control-allow-origin: *
age: 886
cache-control: public, max-age=1200
etag: W/"63dbd6a4-239357"
expires: Fri, 03 Feb 2023 11:31:25 GMT
last-modified: Thu, 02 Feb 2023 15:28:36 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

104.16.57.101

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
104.16.57.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://frani.clickfunnels.com
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 793ab9c73cf1b4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/v4-shims.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: text/css
x-amz-id-2: HpuDfuJOnoRBIn1oGWh6kpnFISyPAhBcUuSh2sgaSOixf+diILYpFUsoF1uDkiR93wgKGECAn7k=
x-amz-request-id: F0PPGVAN5CXAHSGM
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 597574
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYBWQxp1oWhFVoHxfhJjoy%2BuOdBEfglh%2BnyhKfOCcnTi41a64Uu3UPTLM%2BcfsnwgqFIyQTpI89gH0VOGfzOqmoGPmxs8KSpK2a8XJN51thNAWxJUb82haJeBmmdiWfozhRsz0anc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793ab9c76e797324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/all.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.9.0/css/all.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: text/css
x-amz-id-2: vC8KBN503iyWKZzHxfJc5rs99Ocw4DSTaifdaL1SsWTbuhhIHZc4Cm+BPlh6dJ7ueugjQrc5cWE=
x-amz-request-id: F0PHW7H6699FG8TW
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 597576
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWkjlwJa1%2Fkc18KFdlfudMWtayQDVk8gjNKfBrCXVoF23wee%2BRG41xwmssCE0dqfp6D4hwFzdo1GdgFcQWlskGM5lUzQpGcRTJNHLrtPZI4YO2w0ikDR%2F%2FFq1bnuL1e69AfV1wmR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793ab9c77e7c7324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=Si8waTVxR1BYR0EzMjcvRTV3c3Q2QT09LS04L1VGSVNIaUtVNVl6VVBBL1ovZlJ3PT0%3D--18852a59004be87e22815faa21ae4a1a0d077d36&page_id=UHVML2R2ZjIvSDhvdk56ejNXS0U2dz09LS02Qmd4M2NnRG41NGU3akxUNE9Dck13PT0%3D--3c94f23b73d4e0f7353c63262270fdb57d733c12&funnel_step_id=Q1ljWmdTaTVFMFpXa293aFphejM0QT09LS1WS2lKM25xeWhzWFRKZlIwOS9ENFlRPT0%3D--1134c72751207ea35d560ffaca56f061de0c306c&user_id=YThQSlR4bmdNdUlHcUI3WmtDZjhPQT09LS1QUlBnRGV0VW9PQ3BYOGpIOXI1NllBPT0%3D--ec34caa1fe752e2f4310024a293aaca05919648e&account_id=QVVuMXY2ZEl6UDBLanp1VTJDNGtHZz09LS1kd3FEcmEwYTdHVTdCUFZKZllXNXpBPT0%3D--0b2f133bf6907b62dcbcf89a0e04dd7ee13c73fb&page_code=NTgxNDc2NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=ba028215-d04b-47aa-80fc-f5d4da41b024&url=https%3A%2F%2Ffrani.clickfunnels.com%2Foptin1675348668626

104.16.16.194

202 Accepted

0 B

URL HTTP/2
app.clickfunnels.com/userevents/?funnel_id=Si8waTVxR1BYR0EzMjcvRTV3c3Q2QT09LS04L1VGSVNIaUtVNVl6VVBBL1ovZlJ3PT0%3D--18852a59004be87e22815faa21ae4a1a0d077d36&page_id=UHVML2R2ZjIvSDhvdk56ejNXS0U2dz09LS02Qmd4M2NnRG41NGU3akxUNE9Dck13PT0%3D--3c94f23b73d4e0f7353c63262270fdb57d733c12&funnel_step_id=Q1ljWmdTaTVFMFpXa293aFphejM0QT09LS1WS2lKM25xeWhzWFRKZlIwOS9ENFlRPT0%3D--1134c72751207ea35d560ffaca56f061de0c306c&user_id=YThQSlR4bmdNdUlHcUI3WmtDZjhPQT09LS1QUlBnRGV0VW9PQ3BYOGpIOXI1NllBPT0%3D--ec34caa1fe752e2f4310024a293aaca05919648e&account_id=QVVuMXY2ZEl6UDBLanp1VTJDNGtHZz09LS1kd3FEcmEwYTdHVTdCUFZKZllXNXpBPT0%3D--0b2f133bf6907b62dcbcf89a0e04dd7ee13c73fb&page_code=NTgxNDc2NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=ba028215-d04b-47aa-80fc-f5d4da41b024&url=https%3A%2F%2Ffrani.clickfunnels.com%2Foptin1675348668626
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /userevents/?funnel_id=Si8waTVxR1BYR0EzMjcvRTV3c3Q2QT09LS04L1VGSVNIaUtVNVl6VVBBL1ovZlJ3PT0%3D--18852a59004be87e22815faa21ae4a1a0d077d36&page_id=UHVML2R2ZjIvSDhvdk56ejNXS0U2dz09LS02Qmd4M2NnRG41NGU3akxUNE9Dck13PT0%3D--3c94f23b73d4e0f7353c63262270fdb57d733c12&funnel_step_id=Q1ljWmdTaTVFMFpXa293aFphejM0QT09LS1WS2lKM25xeWhzWFRKZlIwOS9ENFlRPT0%3D--1134c72751207ea35d560ffaca56f061de0c306c&user_id=YThQSlR4bmdNdUlHcUI3WmtDZjhPQT09LS1QUlBnRGV0VW9PQ3BYOGpIOXI1NllBPT0%3D--ec34caa1fe752e2f4310024a293aaca05919648e&account_id=QVVuMXY2ZEl6UDBLanp1VTJDNGtHZz09LS1kd3FEcmEwYTdHVTdCUFZKZllXNXpBPT0%3D--0b2f133bf6907b62dcbcf89a0e04dd7ee13c73fb&page_code=NTgxNDc2NTU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=ba028215-d04b-47aa-80fc-f5d4da41b024&url=https%3A%2F%2Ffrani.clickfunnels.com%2Foptin1675348668626 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://frani.clickfunnels.com
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 202 Accepted
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: text/html
cf-ray: 793ab9ca88011c02-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 2e964669009f212a267f78341c83eef6
x-runtime: 0.017535
set-cookie: __cf_bm=uQHqr0043i.K3kNcGAaykHX8k9WZzZZqY1nwLOcKdUw-1675422685-0-ASntsouz68fUhzKCx6rCGS9Y6DWJtxAuglVRhcsCc/moK9Nurd+4pmOFqDRSNwBbpBhdbaTF1bV2C3j72TMGQeHJiDGoz+GoZrdIzBTTbtoz; path=/; expires=Fri, 03-Feb-23 11:41:25 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

frani.clickfunnels.com/optinq77wbgg

104.16.16.194

302 Found

0 B

URL HTTP/2
frani.clickfunnels.com/optinq77wbgg
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /optinq77wbgg HTTP/1.1
Host: frani.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Fri, 03 Feb 2023 11:11:24 GMT
content-type: text/html; charset=utf-8
location: https://frani.clickfunnels.com/optin1675348668626
cf-ray: 793ab9c3c8d71c02-OSL
access-control-allow-origin: *
cache-control: no-cache, private
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
status: 302 Found
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: f9f38013a44069c5a44c2919a05dabec
x-runtime: 0.066998
set-cookie: __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI; path=/; expires=Fri, 03-Feb-23 11:41:24 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

app.clickfunnels.com/assets/lander.css

104.16.16.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/assets/lander.css
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/lander.css HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: text/css
cf-ray: 793ab9c6cc0a1c02-OSL
access-control-allow-origin: *
age: 899
cache-control: public, max-age=1200
etag: W/"63dbd64f-6a514"
expires: Fri, 03 Feb 2023 11:31:25 GMT
last-modified: Thu, 02 Feb 2023 15:27:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

app.clickfunnels.com/assets/userevents/application.js

104.16.16.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/assets/userevents/application.js
IP
104.16.16.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/userevents/application.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Cookie: _vwo_uuid_v2=DE2F242DE08C6E2D89EA176F58E13751A|b7b8333a8e555dfc3a446a9f8fd908ee; _vis_opt_s=1%7C; _vwo_uuid=DE2F242DE08C6E2D89EA176F58E13751A; _vwo_ds=3%3At_0%2Ca_0%3A0%241675417908%3A70.78416874%3A%3A12_0%2C11_0%2C4_0%3A2_0%2C1_0%3A0; _gcl_au=1.1.314618171.1675417939; _vis_opt_exp_118_combi=2; _scid=8bf5ff10-1974-40cd-90d8-08fe87cd7f52; wickedfu=%7B%22url%22%3A%22https%3A%2F%2Fwww.clickfunnels.com%2F%3Faff_sub%3Ddomain_redirect%26utm_campaign%3Ddomain_redirect%22%2C%22time%22%3A1675417939461%2C%22c%22%3A4420%7D; _ga_XJMXXSCP9Q=GS1.1.1675417939.1.0.1675417946.53.0.0; _ga=GA1.2.2124445740.1675417940; _ga_WQ0X0WDQ6W=GS1.1.1675417939.1.0.1675417946.53.0.0; _fbp=fb.1.1675417939665.763835273; _tt_enable_cookie=1; _ttp=2s2sjKUqzKIjJQ816J0nEW-3x6q; _gid=GA1.2.159973857.1675417940; _uetsid=73279580a3a811ed9f3337808a07b965; _uetvid=7327de50a3a811ed90b2b78977e26f37; _pin_unauth=dWlkPVlqbGlOakUwWVdNdE4yWm1NeTAwTm1ZNExXSmtPR1F0TVRBeVpHSmtPREk0Tm1FMg; __cf_bm=AuqBS9kY4gY_AJuWAEpMgsMJZcnZrrGWhAk4D_TDcG0-1675422684-0-AUJmqBIMTvDUINJ/05zNS/VHoXR05oUx+W24yhn5/vLhX0lw+LPHJkc9jZb8QtiOh0i7Co7FwlQK84AGrJDl05ed1AmO8odupn1toCgDncaI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 03 Feb 2023 11:11:25 GMT
content-type: application/x-javascript
cf-ray: 793ab9c6cc0b1c02-OSL
access-control-allow-origin: *
age: 886
cache-control: public, max-age=1200
etag: W/"63dbd64f-147c"
expires: Fri, 03 Feb 2023 11:31:25 GMT
last-modified: Thu, 02 Feb 2023 15:27:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 11:11:25 GMT
date: Fri, 03 Feb 2023 11:11:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

scambinance.com/go.php?url=https://cadrfadr.studiolegaledorianapesce.it/dafe1/gardv/pasclao

188.114.96.1

302 Found

0 B

URL HTTP/2
scambinance.com/go.php?url=https://cadrfadr.studiolegaledorianapesce.it/dafe1/gardv/pasclao
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go.php?url=https://cadrfadr.studiolegaledorianapesce.it/dafe1/gardv/pasclao HTTP/1.1
Host: scambinance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://frani.clickfunnels.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 03 Feb 2023 11:11:27 GMT
content-type: text/html; charset=UTF-8
location: https://cadrfadr.studiolegaledorianapesce.it/dafe1/gardv/pasclao
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyGrgRvWtNQSKuB4QbAncAbRdGQhuMozDeQ%2FAFIT3O214I8MoWA%2BQJ9092YZ2foTHgk0KsSZauPtTEhVxn1pzNAn37pA8Ydkw3xk8%2F7ClE%2FFfMHtQ9AgwwZluPVU0SYWaJo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793ab9d1889ab521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML