Report - agdmarketing.com/

Report Overview

Submitted URL
agdmarketing.com/
IP
50.87.171.175
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-09-21 09:23:27
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	331 B	700 B	142.250.74.3
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	773 B	1.7 kB	172.64.132.15
www.clickfunnels.com	51002	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	573 B	627 B	104.16.12.194
agdmarketing.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	30 kB	50.87.171.175
images.clickfunnels.com	95357	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	15 kB	104.16.12.194
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	675 B	3.7 kB	216.58.211.10
app.clickfunnels.com	34727	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.5 kB	52 kB	104.16.12.194
bam.nr-data.net	630	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	834 B	602 B	162.247.241.14
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.200.107.47
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443 B	7.0 kB	172.64.156.26
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
assets.clickfunnels.com	64830	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	586 B	1.5 kB	104.16.12.194
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-21	medium	agdmarketing.com/	Phishing
2022-09-21	medium	agdmarketing.com/cdn-cgi/rum?	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	agdmarketing.com/	10 kB	2023-03-07	2023-03-17
Pretty URL agdmarketing.com/ IP 50.87.171.175 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-03-17 12:27:39 Times Seen1 Hash 61abdb73cf60f39fa1f99dbd202754ac 8d0f53cfd61600543702b775cccfdb6cff316a83 42f0f6e0965f466635a6785e94642889e31ade69c5d6c892182d03c91abd6082 Loading...

	static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194	14 kB	2023-03-07	2024-05-10
Pretty URL static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP 172.64.156.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-10 03:15:28 Times Seen1662 Hash 19514b1be5ee33b45d32c1fcd4c67ec2 bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5 fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Loading...

	app.clickfunnels.com/cf.js	18 kB	2023-03-07	2024-05-08
Pretty URL app.clickfunnels.com/cf.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-05-08 16:56:20 Times Seen1320 Hash bf2a8a168c0be1544c34f363c276586e 581e49c9b7bdd06dab54c00931f4256b223e620e 7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d Loading...

	agdmarketing.com/	1.0 kB	2023-03-07	2024-05-08
Pretty URL agdmarketing.com/ IP 50.87.171.175 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-05-08 16:56:20 Times Seen1081 Hash 7e04d8a0aac6ab1ec08163bd215a5711 f425cd8bab39529985cf2a9cf866a877b4fca17a 4e3d5220213c311337410362a4654f5ea226e71707a85229385cec6d871cc05a Loading...

	agdmarketing.com/	65 B	2023-03-07	2024-05-08
Pretty URL agdmarketing.com/ IP 50.87.171.175 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:26 Last Seen2024-05-08 16:56:20 Times Seen307 Hash fd58a4b54ab146df950e11f1c456d75d e7838ec007afb3db8ba2f719f3abdaba531bc554 f83c7974af97a55f1ac8034a88f07f1ab1c45ccb34071de2962dfa6d969fe303 Loading...

	agdmarketing.com/	104 B	2023-03-07	2024-05-08
Pretty URL agdmarketing.com/ IP 50.87.171.175 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-05-08 16:56:20 Times Seen1194 Hash 00b5ba65cbf82b44301e01048b806055 3be24afc94edb8de2099ccafa2bfcdbfbef301cd 699e1188e23d8be696d8ca3b45d7eba8c1c97f6ce4e9da4051cce63907ea8442 Loading...

	agdmarketing.com/	271 B	2023-03-07	2024-05-08
Pretty URL agdmarketing.com/ IP 50.87.171.175 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-05-08 16:56:20 Times Seen1087 Hash c0d8faa83b4d63e92f56614251d001d4 4377d94b43b83ca010c78aa4c482d86ca19a9593 1d35b00811c224b9c83537f23634d9e7b07f75841c3d99e6ded3c759571f45a7 Loading...

	app.clickfunnels.com/assets/pushcrew.js	637 B	2023-03-07	2024-05-08
Pretty URL app.clickfunnels.com/assets/pushcrew.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-05-08 16:56:20 Times Seen1415 Hash 0a67c27615e7d2202f261dcc0a82d744 0fa0a8ca56efded583bd4201821015a63c623d44 f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422 Loading...

	agdmarketing.com/	403 B	2023-03-07	2024-02-27
Pretty URL agdmarketing.com/ IP 50.87.171.175 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:06 Last Seen2024-02-27 15:49:53 Times Seen73 Hash 8ab8d200539fab50897027c62c96d314 0197d4ac02e1e98d7e1d9badcbd7a89428eb03b8 b7a571a3f2b65d773034e6d559fde9ea980c86414a2b485c88cbac7c0456b9de Loading...

	agdmarketing.com/	101 B	2023-03-07	2024-05-08
Pretty URL agdmarketing.com/ IP 50.87.171.175 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-05-08 16:56:20 Times Seen1080 Hash 58d9451139b4d777d43d7c3e074a944a 58dbf64854e67993dd579ecc78d1a32fea9266ed 85f043b5d0590f154a02cf29f549340485f0e6dd78c70ab8746555092fc9d493 Loading...

	app.clickfunnels.com/assets/lander.js	2.3 MB	2023-03-07	2023-03-17
Pretty URL app.clickfunnels.com/assets/lander.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:09 Last Seen2023-03-17 12:27:39 Times Seen1 Hash 55bfc8a713b8bec8d24b6400e8b67cc6 0b52f076ef067091cb0f78672c4a3409969e5ede 5824467254c4dff6cbb9de37d441170f9243287bba4380e206297e2f2c0ef7cd Loading...

	js-agent.newrelic.com/nr-1216.min.js	39 kB	2023-03-07	2023-12-02
Pretty URL js-agent.newrelic.com/nr-1216.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-12-02 09:02:29 Times Seen204 Hash 9f533d8cd24b2c5e3b4dc886ecbd43e8 4aaad79f222fbcf885679bb30ac0cb6c14ec06eb 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708 Loading...

	bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2869&ck=1&ref=agdmarketing.com/&ap=310&be=966&fe=2286&dc=2083&perf=%7B%22timing%22:%7B%22of%22:1663752196951,%22n%22:0,%22f%22:-12,%22dn%22:-12,%22dne%22:133,%22c%22:133,%22ce%22:293,%22rq%22:293,%22rp%22:920,%22rpe%22:920,%22dl%22:940,%22di%22:2062,%22ds%22:2082,%22de%22:2221,%22dc%22:2285,%22l%22:2285,%22le%22:2402%7D,%22navigation%22:%7B%7D%7D&fcp=1444&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2869&ck=1&ref=agdmarketing.com/&ap=310&be=966&fe=2286&dc=2083&perf=%7B%22timing%22:%7B%22of%22:1663752196951,%22n%22:0,%22f%22:-12,%22dn%22:-12,%22dne%22:133,%22c%22:133,%22ce%22:293,%22rq%22:293,%22rp%22:920,%22rpe%22:920,%22dl%22:940,%22di%22:2062,%22ds%22:2082,%22de%22:2221,%22dc%22:2285,%22l%22:2285,%22le%22:2402%7D,%22navigation%22:%7B%7D%7D&fcp=1444&jsonp=NREUM.setToken IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	agdmarketing.com/	280 B	2023-03-07	2023-03-12
Pretty URL agdmarketing.com/ IP 50.87.171.175 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:27:54 Last Seen2023-03-12 18:12:01 Times Seen1 Hash a20e1b837b54fdef298df0983cf61da3 fc9b070ef7b43fc5fee74df0c5d85b390d282dc8 a2eab43cb0b9aec8a5cf2bdbecea9801d907ed32ec24b26bfe6867249dd79c23 Loading...

	app.clickfunnels.com/assets/userevents/application.js	4.9 kB	2023-03-07	2023-03-17
Pretty URL app.clickfunnels.com/assets/userevents/application.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-03-17 12:27:39 Times Seen1 Hash 8c7a2fbb2ccf04e864c50ff46ff6975d 1f9e9ece9dd37561093248324faa202260eb616c 004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158 Loading...

	agdmarketing.com/	1.6 kB	2023-03-07	2024-05-08
Pretty URL agdmarketing.com/ IP 50.87.171.175 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-05-08 16:56:20 Times Seen1080 Hash 9695240da93eaffb74ee6d46ae6ea5da f545f6cec4b5da6fb0a50a17ee0bc878030c5047 88533b116813899d4cf0751961b7568763677a97033cfb35180d523e2cf2cfd1 Loading...

	app.clickfunnels.com/mailcheck.min.js	2.7 kB	2023-03-07	2024-05-04
Pretty URL app.clickfunnels.com/mailcheck.min.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-05-04 18:00:12 Times Seen1045 Hash 199756d42d03ff6741642748ea00028d b5c4f6fd1b0e5d1bac97870b3885d08ccb7d2ac1 e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982 Loading...

	agdmarketing.com/	395 B	2023-03-07	2024-05-08
Pretty URL agdmarketing.com/ IP 50.87.171.175 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-05-08 16:56:20 Times Seen1091 Hash b2c93212afb38693d023d97f822acd42 a971c75819436a7c7d9c3b388b8be10f1286fdcb dbde09f9e5cc2ecdeffe30752eac8756ca637e0c524bdbd5b1c7e5704aae004f Loading...

	agdmarketing.com/	591 B	2023-03-07	2023-03-11
Pretty URL agdmarketing.com/ IP 50.87.171.175 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:27:54 Last Seen2023-03-11 22:58:04 Times Seen1 Hash cef580bf9a6e75880733d4a05f7830ef 003d3246f81f302f149a2ef3c0861253a7027513 5cd4487c79bab9041e2cb822b5de3a777af057908473c3d5eaf0237a573a24a9 Loading...

	agdmarketing.com/	1.2 kB	2023-03-07	2024-05-04
Pretty URL agdmarketing.com/ IP 50.87.171.175 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-05-04 18:00:12 Times Seen719 Hash f53804c0abbd5d0ead0a41ca2dd89599 39d28f2df6171e4847aafb50cff964da0b33aef0 1dfb574d71b367cdf50909a035c1865d63381accb868b60d395d6ad71c426821 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9322d13945739a6b33fe847ed9733a48	119 B	2023-03-07	2023-03-11
Pretty Observations First Seen2023-03-07 22:27:54 Last Seen2023-03-11 22:58:04 Times Seen1 Hash 9322d13945739a6b33fe847ed9733a48 dcc07b2964c4286bda3f2e7aaf701536e4d9f4ef ed5d31094c286f506ce0d20aca4331bcad2cf419ee4fc6ababe958618468c650 Loading...

	#2 Eval - 2aa74ac3a264c3e10ae463a262aaf72c	20 kB	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 01:29:18 Last Seen2024-05-08 16:56:20 Times Seen1099 Hash 2aa74ac3a264c3e10ae463a262aaf72c c5ff579cf0cc2ba1d98711b366ec148152abbaf5 9c1ea695852f01d2fc6027d572b126b740a9c4634540fb0d39ea3656377eef77 Loading...

HTTP Transactions (41)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2799
Expires: Wed, 21 Sep 2022 10:09:56 GMT
Date: Wed, 21 Sep 2022 09:23:17 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
804f8bbb7f556d51a5f52d5ebd5b6eef
922cd7e06df278615a04abb81d811d14596c8180
ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 09:14:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZPgsE1unnhIZArpnX-IduHmTW8AP2qdyll6BWR2g49bcgisHD1z93w==
Age: 534

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4TkFwTG9nNpAttXAEb9ObNsyNadlZonuBuv9hFSeLJyzARFUmPA-pw==
age: 17284
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 09:23:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

agdmarketing.com/

50.87.171.175

200 OK

20 kB

URL HTTP/1.1
agdmarketing.com/
IP
50.87.171.175:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10200), with CRLF, LF line terminators
Size
20 kB (19843 bytes)
Hash
7c29bc68233cdf33b3cc40ebc2bedbff
6985d65ec6d4cbdb986dc5867c68b791a2548eda
d1bd8d2965e64e2a74361b5c64aaf3ac71364a1e406bab06ba9ebc7c379a31e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: agdmarketing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:23:17 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Accept-Ranges: none
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
X-Server-Cache: true
X-Proxy-Cache: MISS
Set-Cookie: PHPSESSID=d686e64d73990b69d4e76d2267a3f66c; path=/
__cf_bm=HU92qnu2t9VCUDuB4rOAWVvJ9oVVZGMs.qWZN22eIag-1663752197-0-AQQDYNzaG3rDd1AXZ708M1VBmQcr0IpvDqeeoaWoAoApM4S3Em6j6+D86OVOMwiI6atwylXENjxTLDAi1osbG35q+Q1Y/FTUnwTTXssY0FkO; path=/; expires=Wed, 21-Sep-22 09:53:17 GMT; domain=.clickfunnels.com; HttpOnly; Secure
Transfer-Encoding: chunked

images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png

104.16.12.194

200 OK

5.3 kB

URL HTTP/2
images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.3 kB (5276 bytes)
Hash
d99a10ef5010513b3d30f7cf51614b5f
d60c1da11f05540f39632c7357c22b76c9ee1ed7
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474

HTTP Headers

GET /3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png HTTP/1.1
Host: images.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agdmarketing.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:23:18 GMT
content-type: image/webp
content-length: 5276
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9030
content-disposition: inline; filename="ClickfunnelsTag.webp"
etag: "a633777156a5ffeb58c92d3d59fa4e34"
last-modified: Fri, 03 Jan 2020 17:41:49 GMT
vary: Accept
x-amz-id-2: yDQ4lWX/DNGyt7YNpk7GEhfR78bYc0+VDD0URlhGFtdycdY6Jqdci9bK+xUyRGtUazQ8facJvao=
x-amz-request-id: KMP0WXXNVQ62KDV3
cf-cache-status: HIT
age: 3098
expires: Sat, 15 Oct 2022 09:23:18 GMT
cache-control: public, max-age=2073600
accept-ranges: bytes
set-cookie: __cf_bm=1qkGw6jc8aqeYTJw7f8CM93IH1e_YFvBHfuJlGhpxRA-1663752198-0-AXUvD+OIQHDsvlWnRbxPlGR9xkiKAUrg8tZilp0u+S9AXPB+VbpM7M8ilA57zx2LrgCrhD4Y/jolo0ctMWtRrn/KopA/EjtqlrXxGHKTWdr4; path=/; expires=Wed, 21-Sep-22 09:53:18 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74e1bdc6ced5b509-OSL
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 09:40:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KOpfTC5JmdK0BppydNKz0xdT7gfA3bqNKvL077sJttPg3nhOGEOiwg==
Age: 1196

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:23:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5740
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:23:18 GMT
Last-Modified: Wed, 21 Sep 2022 07:47:38 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

216.58.211.10

200 OK

2.9 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
data
Size
2.9 kB (2920 bytes)
Hash
21f787e8d6450129e13c14e450aa9c3b
651054a749a82e1835c3d0698b017c8c8968224b
1c4f0bb2886669db9ac16309c758c3ac9b70c3c6b32b2f0dd025557c0225c0c6

HTTP Headers

GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agdmarketing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 09:23:18 GMT
date: Wed, 21 Sep 2022 09:23:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.200.107.47

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.200.107.47:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OtYHxMPPoYOreEps5EMi9w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cPIIPBNkXM+cu1eskQlKs5ef4gk=

app.clickfunnels.com/userevents/?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::PageviewsCreatedSummary&nonce=4f8796ce-eebb-46e1-a6ce-8a3710adfb6d&url=http%3A%2F%2Fagdmarketing.com%2F

104.16.12.194

301 Moved Permanently

1.4 kB

URL HTTP/1.1
app.clickfunnels.com/userevents/?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::PageviewsCreatedSummary&nonce=4f8796ce-eebb-46e1-a6ce-8a3710adfb6d&url=http%3A%2F%2Fagdmarketing.com%2F
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1422)
Size
1.4 kB (1437 bytes)
Hash
620913da00d0014eb2a79ad1793fb5ad
459e6dc8053cafb03a704b2f6ad22dc52718143f
87066c257b187b6f333f0489d23151140ab5d21a5e385361683ece26a19f90aa

HTTP Headers

GET /userevents/?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::PageviewsCreatedSummary&nonce=4f8796ce-eebb-46e1-a6ce-8a3710adfb6d&url=http%3A%2F%2Fagdmarketing.com%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://agdmarketing.com
Connection: keep-alive
Referer: http://agdmarketing.com/

HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 09:23:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://app.clickfunnels.com/userevents?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3APageviewsCreatedSummary&nonce=4f8796ce-eebb-46e1-a6ce-8a3710adfb6d&url=http%3A%2F%2Fagdmarketing.com%2F
CF-Ray: 74e1bdcc38abb4fa-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 301 Moved Permanently
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: fdcf749674659c2c9664bd619e56c75a
X-Runtime: 0.008079
Set-Cookie: __cf_bm=gwy0NrnuEUk.q_6Fic5JLnqLOh9iK4h1fPzCPIILVF0-1663752199-0-AQSkCTbp3tk/xN4E0kD5o2SI6tPMXJdwfZhq4lVU3oPMcKO8scJYkEd93VqUvHAFwDUlYP4swZnAf4W5Dv0gmqTu1iv+1yYuZmNghMiMegbG; path=/; expires=Wed, 21-Sep-22 09:53:19 GMT; domain=.clickfunnels.com; HttpOnly; SameSite=None
Report-To: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=wvNttnLixupNypclkd6fpDX1VL4B8p3dOiU5aXbr5vI-1663752199-0-AYodYt84Uil3ewLZt6DZsdD2vJNhyGTCmjvQm0xe4__0teVvIjmHqGEHdWDgt3kTD1C1EOmB-RGiyFrrvV1Nw5ndSoMQZz_TKC0p_I6gd29I"}],"group":"cf-csp-endpoint","max_age":86400}
Content-Security-Policy-Report-Only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=wvNttnLixupNypclkd6fpDX1VL4B8p3dOiU5aXbr5vI-1663752199-0-AYodYt84Uil3ewLZt6DZsdD2vJNhyGTCmjvQm0xe4__0teVvIjmHqGEHdWDgt3kTD1C1EOmB-RGiyFrrvV1Nw5ndSoMQZz_TKC0p_I6gd29I; report-to cf-csp-endpoint
Server: cloudflare
alt-svc: h2=":443"; ma=60

static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

172.64.156.26

200 OK

6.6 kB

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP
172.64.156.26:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
6.6 kB (6588 bytes)
Hash
a0ce14554d6bcbf1b24493c9c45e60f7
4b19143894832c82a854ee874400f5bb74ba1265
3ac38802425fea85240123c601eaa5760da0d413453e43551833ddeca189a572

HTTP Headers

GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://agdmarketing.com
Connection: keep-alive
Referer: http://agdmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:23:18 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1bdc74dd3b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=a0684001-1fab-4ae8-a8cb-91d69d10eae4&url=http%3A%2F%2Fagdmarketing.com%2F

104.16.12.194

301 Moved Permanently

1.4 kB

URL HTTP/1.1
app.clickfunnels.com/userevents/?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=a0684001-1fab-4ae8-a8cb-91d69d10eae4&url=http%3A%2F%2Fagdmarketing.com%2F
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1428)
Size
1.4 kB (1443 bytes)
Hash
b0f580d46eeeeb2a5bd8ad8eaf112545
6286650d0f5443656db1407cb2585eab2b1a1717
217f21ca3a60ec91d8ae28e541c1c48522ef0f180fc3a3965753f8ab7cbc6812

HTTP Headers

GET /userevents/?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=a0684001-1fab-4ae8-a8cb-91d69d10eae4&url=http%3A%2F%2Fagdmarketing.com%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://agdmarketing.com
Connection: keep-alive
Referer: http://agdmarketing.com/

HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 09:23:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://app.clickfunnels.com/userevents?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=a0684001-1fab-4ae8-a8cb-91d69d10eae4&url=http%3A%2F%2Fagdmarketing.com%2F
CF-Ray: 74e1bdcc3b1c0b31-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 301 Moved Permanently
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: 3e1819c4367dc82db05b6e0c51956a6b
X-Runtime: 0.011759
Set-Cookie: __cf_bm=EbXrIe1ZqaW5yQigaHHu55aXMdcUTli6C8kf05xu2Bo-1663752199-0-AeUjuYAasd22XMEWOxZbNIkvGZJZZdd2E7Mh1h23btHSv5jeZbziglifwDdR5YOjS04wFd4r5fu9zCDoQtIF/1UC7naeT70c7tdPNgnLGpW0; path=/; expires=Wed, 21-Sep-22 09:53:19 GMT; domain=.clickfunnels.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60

assets.clickfunnels.com/images/closemodal.png

104.16.12.194

200 OK

672 B

URL HTTP/2
assets.clickfunnels.com/images/closemodal.png
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
672 B (672 bytes)
Hash
19754ed4d508cf576c80cf36e0db8c50
f459beac714e5be68aa75349fa806a5642af456a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

HTTP Headers

GET /images/closemodal.png HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agdmarketing.com/
Cookie: __cf_bm=HbOiyd2vt.YZh.IoMy0VfFCcJy3HsA7zDQ7L_GAxvYw-1663752198-0-AR8jeoRSxx9TlBY0/KIJ0GSjyQGOT3s0PF26RgI1up5H3ErNI/vYhOmNlYBuyTj3oNZMSxgVcNhS8PZfX0WNaJnbCNnH5Y01v8BMuhnO82Tw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:23:19 GMT
content-type: image/webp
content-length: 672
cf-ray: 74e1bdcd7821b509-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 561241
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "630e9cfc-314"
expires: Sat, 22 Oct 2022 09:23:19 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
server: cloudflare
X-Firefox-Spdy: h2

images.clickfunnels.com/cdn-cgi/image/fit=scale-down,width=1150,quality=75/https://images.clickfunnels.com/10/5c6682c1ac48689d734c9d43790c92/steps123.png

104.16.12.194

200 OK

8.1 kB

URL HTTP/2
images.clickfunnels.com/cdn-cgi/image/fit=scale-down,width=1150,quality=75/https://images.clickfunnels.com/10/5c6682c1ac48689d734c9d43790c92/steps123.png
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 633x96, components 3\012- data
Size
8.1 kB (8105 bytes)
Hash
4382c50b983b0ebb2da1d1ef3e7fb270
db83bbc5e62b7702cb64ec28598abe1f54591466
dc488b1e29ef1814e0f2246de38268a742f8be636cc1374d8754d1f0ade4d019

HTTP Headers

GET /cdn-cgi/image/fit=scale-down,width=1150,quality=75/https://images.clickfunnels.com/10/5c6682c1ac48689d734c9d43790c92/steps123.png HTTP/1.1
Host: images.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agdmarketing.com/
Cookie: __cf_bm=HbOiyd2vt.YZh.IoMy0VfFCcJy3HsA7zDQ7L_GAxvYw-1663752198-0-AR8jeoRSxx9TlBY0/KIJ0GSjyQGOT3s0PF26RgI1up5H3ErNI/vYhOmNlYBuyTj3oNZMSxgVcNhS8PZfX0WNaJnbCNnH5Y01v8BMuhnO82Tw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:23:19 GMT
content-type: image/jpeg
content-length: 8105
cf-ray: 74e1bdcd7826b509-OSL
accept-ranges: bytes
cache-control: max-age=2073600
etag: "cfbtYqm2GA3ABb82RKbTKZ3Q:239a337af79a2433e2a49189c2ec6e7a"
last-modified: Fri, 14 Aug 2020 00:45:22 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:75,h2pri
cf-resized: internal=ok/h q=0 n=44 c=17 v=2022.9.4 l=8105
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2

app.clickfunnels.com/cf.js

104.16.12.194

301 Moved Permanently

20 kB

URL HTTP/2
app.clickfunnels.com/cf.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
20 kB (20506 bytes)
Hash
f8748d38c3c251a84f3463b1db1f5ddd
ebe587a74f14f92f26886946877cbc925a096c7d
e704332e2d8d5c79dd56f8c51708b61dd72f7ddc90fd6fa63f454bd9758a4769

HTTP Headers

GET /cf.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agdmarketing.com/
Cookie: __cf_bm=HbOiyd2vt.YZh.IoMy0VfFCcJy3HsA7zDQ7L_GAxvYw-1663752198-0-AR8jeoRSxx9TlBY0/KIJ0GSjyQGOT3s0PF26RgI1up5H3ErNI/vYhOmNlYBuyTj3oNZMSxgVcNhS8PZfX0WNaJnbCNnH5Y01v8BMuhnO82Tw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
date: Wed, 21 Sep 2022 09:23:19 GMT
content-type: text/html
location: https://www.clickfunnels.com/cf.js
cf-ray: 74e1bdcbfdd6b509-OSL
access-control-allow-origin: *
age: 463
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
X-Firefox-Spdy: h2

agdmarketing.com/cdn-cgi/rum?

50.87.171.175

404 Not Found

9.0 kB

URL HTTP/1.1
agdmarketing.com/cdn-cgi/rum?
IP
50.87.171.175:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9261)
Size
9.0 kB (9026 bytes)
Hash
c68a1a470f3183f2419ee4ff9f2beaa6
677710ff242fae03653c59294e24375fc5ac0f20
d54653fe3312f93c6d67173dba7c62703bbc0e2dcc03ce3f760ab0ff248488d5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: agdmarketing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/json
Content-Length: 4282
Origin: http://agdmarketing.com
Connection: keep-alive
Referer: http://agdmarketing.com/
Cookie: PHPSESSID=d686e64d73990b69d4e76d2267a3f66c; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTIwNzM2MTM=:visited=true; cf:visitor_id=cff664a5-49e6-491b-8345-60a3c1842c2f; addevent_track_cookie=96bd70fe-140b-41ee-a690-ffaef9bd0b4f

HTTP/1.1 404 Not Found
Date: Wed, 21 Sep 2022 09:23:19 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://agdmarketing.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 9026
Content-Type: text/html; charset=UTF-8

app.clickfunnels.com/userevents?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=a0684001-1fab-4ae8-a8cb-91d69d10eae4&url=http%3A%2F%2Fagdmarketing.com%2F

104.16.12.194

202 Accepted

14 kB

URL HTTP/2
app.clickfunnels.com/userevents?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=a0684001-1fab-4ae8-a8cb-91d69d10eae4&url=http%3A%2F%2Fagdmarketing.com%2F
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
14 kB (14391 bytes)
Hash
b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa

HTTP Headers

GET /userevents?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=a0684001-1fab-4ae8-a8cb-91d69d10eae4&url=http%3A%2F%2Fagdmarketing.com%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://agdmarketing.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Wed, 21 Sep 2022 09:23:19 GMT
content-type: text/html
cf-ray: 74e1bdcf7a73b509-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 0dc63d46d1dbd70af8f4954240a4bc5a
x-runtime: 0.030549
set-cookie: __cf_bm=ktHmfD2c878SAg3yi.qG_DcEoa7yw8iDIhY0VdjyKiI-1663752199-0-AYsXlmWzcnnTG2gDI4HNe1BA+aC2UKeoHVD2HIo8U2LnUr9e9BGd0tQo9zQ8EQn6v5LllMxwtQ5SaTSx81sTRxnY7vdeYr6b7ZGxqCpzFyBw; path=/; expires=Wed, 21-Sep-22 09:53:19 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
37b6097226b409c237ef99f1da688e60
71ab02ee2fd165ba99e9b964a1a3e5055c88224b
ab0e339aa9b34926c6fb4e1191e121febe026996f1cb0bc05ecb187a69653282

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6231
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:23:19 GMT
Last-Modified: Wed, 21 Sep 2022 07:39:28 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13881
Expires: Wed, 21 Sep 2022 13:14:41 GMT
Date: Wed, 21 Sep 2022 09:23:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13881
Expires: Wed, 21 Sep 2022 13:14:41 GMT
Date: Wed, 21 Sep 2022 09:23:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13881
Expires: Wed, 21 Sep 2022 13:14:41 GMT
Date: Wed, 21 Sep 2022 09:23:20 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10293 bytes)
Hash
285c04fe0904d41ab1c0259942fa26ec
3a5ad499b134a33e79d5fe00c7f5c7c098b3ee34
b91184725a4171202201b5478271a3ab361c54a8893b4dee70d941821a2e70a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10293
x-amzn-requestid: 0c8a78d5-44be-47f4-927a-f39b0d0dc86f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yvoh3GT2oAMFvig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63295472-73b322996216171a342783b7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 05:49:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: a7rPEaM9bqheTlQP1Hr5xwHgW8HenLAvoH95TTtGFu0169tsGnheFQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:29:09 GMT
age: 39251
etag: "3a5ad499b134a33e79d5fe00c7f5c7c098b3ee34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10244 bytes)
Hash
14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 14:38:21 GMT
age: 67499
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9201 bytes)
Hash
a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 42002
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8826 bytes)
Hash
4eb6d1b35f680bfec656941b6167fd23
344c6000dbdafdb5105edc93a082d640c3e95ddc
67fc85fa0f1a55d57ab9db6f4c723fb9116ef3b2c5282dbdd42d9c37396bd7b9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8826
x-amzn-requestid: cf0c711e-4ec9-4f87-a60f-41374262a114
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYweUHIyoAMFYQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202df5-17ad5d4e25a754586e531d05;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:15:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OEbpCQXLpTCDZH4OlzVvvsc-bSgbsIoXRgX6f-nKVwJTL5-SVTCHeA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:56:09 GMT
age: 41231
etag: "344c6000dbdafdb5105edc93a082d640c3e95ddc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29be3958-30ed-4b26-8320-662d71b90880.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7700 bytes)
Hash
34c353f713d6d470480fdeeb5175a123
f073fc7f24465b76b3681c462c60cd047ed67a6a
0449daa32ab4ec32fa999551cc9ab634c46e15891299162cbb4bbaad6ffa4753

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29be3958-30ed-4b26-8320-662d71b90880.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7700
x-amzn-requestid: 3cadae91-6101-4072-b654-9da834fe22e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YmPyvHj8oAMFjiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63259344-4f7c9a7a1aca7f89017897fa;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 09:28:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jFAPc59XciJX2cBI16W9NVIHtdS6pO3DYQLdZFNl_MPjoYBIsxoQGw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 13:32:50 GMT
age: 71430
etag: "f073fc7f24465b76b3681c462c60cd047ed67a6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7507 bytes)
Hash
4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:21:54 GMT
age: 39686
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2869&ck=1&ref=http://agdmarketing.com/&ap=310&be=966&fe=2286&dc=2083&perf=%7B%22timing%22:%7B%22of%22:1663752196951,%22n%22:0,%22f%22:-12,%22dn%22:-12,%22dne%22:133,%22c%22:133,%22ce%22:293,%22rq%22:293,%22rp%22:920,%22rpe%22:920,%22dl%22:940,%22di%22:2062,%22ds%22:2082,%22de%22:2221,%22dc%22:2285,%22l%22:2285,%22le%22:2402%7D,%22navigation%22:%7B%7D%7D&fcp=1444&jsonp=NREUM.setToken

162.247.241.14

200 OK

72 B

URL HTTP/1.1
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2869&ck=1&ref=http://agdmarketing.com/&ap=310&be=966&fe=2286&dc=2083&perf=%7B%22timing%22:%7B%22of%22:1663752196951,%22n%22:0,%22f%22:-12,%22dn%22:-12,%22dne%22:133,%22c%22:133,%22ce%22:293,%22rq%22:293,%22rp%22:920,%22rpe%22:920,%22dl%22:940,%22di%22:2062,%22ds%22:2082,%22de%22:2221,%22dc%22:2285,%22l%22:2285,%22le%22:2402%7D,%22navigation%22:%7B%7D%7D&fcp=1444&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937

HTTP Headers

GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2869&ck=1&ref=http://agdmarketing.com/&ap=310&be=966&fe=2286&dc=2083&perf=%7B%22timing%22:%7B%22of%22:1663752196951,%22n%22:0,%22f%22:-12,%22dn%22:-12,%22dne%22:133,%22c%22:133,%22ce%22:293,%22rq%22:293,%22rp%22:920,%22rpe%22:920,%22dl%22:940,%22di%22:2062,%22ds%22:2082,%22de%22:2221,%22dc%22:2285,%22l%22:2285,%22le%22:2402%7D,%22navigation%22:%7B%7D%7D&fcp=1444&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agdmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:23:20 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74e1bdd13b85b51d-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=b3119a090114d3bd; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

app.clickfunnels.com/assets/lander.css

104.16.12.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/assets/lander.css
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/lander.css HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agdmarketing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:23:18 GMT
content-type: text/css
cf-ray: 74e1bdc67e46b509-OSL
access-control-allow-origin: *
age: 207
cache-control: public, max-age=1200
etag: W/"632a4cc7-6a514"
expires: Wed, 21 Sep 2022 09:43:18 GMT
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=qIccGhuBS2o4CKNgKwT3eFvOkyEbwfWUgAixgHpI_xM-1663752198-0-AfWB07ar8yhCbCAH5WhTT0f9GNhUnlXsxy8H5hkXrd311lBhmDPTUdtHa1QwjmGHJYHu8BI3vGMxRMV8WNCoOqOO633xTVyYezeGlrszKbuU; path=/; expires=Wed, 21-Sep-22 09:53:18 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

app.clickfunnels.com/mailcheck.min.js

104.16.12.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/mailcheck.min.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agdmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:23:18 GMT
content-type: application/x-javascript
cf-ray: 74e1bdc6aeaeb509-OSL
access-control-allow-origin: *
age: 5506
etag: W/"632a4cc7-a8d"
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=NYvOiPYK8L4l1a3s8s8aXVvKt.67Xk0jw3b99zGP.U4-1663752198-0-Ac+kSKGqyPY/Nekhm0qb9yOaTNaRnhKHSeSwmBoboN9eQpdpY6d2VVcn/QjYpEMCteAD363B+gP4n+WzLzAXtTFHHKqdvT/TrKzl39emBVye; path=/; expires=Wed, 21-Sep-22 09:53:18 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=1b8ec8de-8c61-4a4a-bfb4-c54c29a1ba79&url=http%3A%2F%2Fagdmarketing.com%2F

104.16.12.194

202 Accepted

0 B

URL HTTP/2
app.clickfunnels.com/userevents?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=1b8ec8de-8c61-4a4a-bfb4-c54c29a1ba79&url=http%3A%2F%2Fagdmarketing.com%2F
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /userevents?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=1b8ec8de-8c61-4a4a-bfb4-c54c29a1ba79&url=http%3A%2F%2Fagdmarketing.com%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://agdmarketing.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Wed, 21 Sep 2022 09:23:19 GMT
content-type: text/html
cf-ray: 74e1bdcd5ff2b509-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: e592bc7e9567b93d317189693afbad32
x-runtime: 0.039987
set-cookie: __cf_bm=hUzo8Wp3AMOH4jhaDHURAZPueUEIGKjr2I5bw2DI8sc-1663752199-0-ARgrwnVzTxtVJQMA0GYM7jID/d1PQHOGnpM0VgSKvWP2QZwgf5asGfmsc9ObqySRtihaPxxTepKHTHYMfv84iSsUdcKrM0Q0y3lt1EDWIUOR; path=/; expires=Wed, 21-Sep-22 09:53:19 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

app.clickfunnels.com/assets/pushcrew.js

104.16.12.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/assets/pushcrew.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/pushcrew.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agdmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:23:18 GMT
content-type: application/x-javascript
cf-ray: 74e1bdc6beb4b509-OSL
access-control-allow-origin: *
age: 201
cache-control: public, max-age=1200
etag: W/"632a4cc6-27d"
expires: Wed, 21 Sep 2022 09:43:18 GMT
last-modified: Tue, 20 Sep 2022 23:29:10 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=d31t_g6XR0DmOx9HZu96EFmX4EaNTomDCVrTrgV..4M-1663752198-0-AUIflk4M+PI1QxzykgQlgajFRgX9y8GmMNlwIGW4rs7qWr0MQ01prqMSux4V3xgMRzXna/lDc3Fxh1aRRKGtedVn/iD/w7wE+DPu82hgaGDI; path=/; expires=Wed, 21-Sep-22 09:53:18 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/all.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.9.0/css/all.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agdmarketing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:23:18 GMT
content-type: text/css
x-amz-id-2: eDALjXs4h5JwODL8ovr/4umLPbaCelCJI3+jx3FuubhJSoknTWWFmQo6HJaW+Q0JCvePiWa75nI=
x-amz-request-id: WT4YSGCQ9TAEW3HE
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28490455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBZJPdk1D0OQ3Mh4%2Br7wp1ne8x66IU%2F16PkeeDgNDm8%2BCfTLtgwKLX%2FVcTwwoFI5xD%2BRtdMkNTtpdpJPJTp8%2B9G85i3wJPYXqEkSfBeWswQyXRIFcQbtIoAvV82L9GUwGFcXPiSB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1bdc6df627785-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/v4-shims.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agdmarketing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:23:18 GMT
content-type: text/css
x-amz-id-2: lj0FvMnfC9mptRM/Gd0lw9lT7Zj4wo+oaxaEYLcDnZaRJXq3Oc/kbTmcEwen2MxXaG9FhyIrGnI=
x-amz-request-id: 9D38DJ2PTJVFVSCR
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28490454
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=458V01A4DTBbYFuYot7lltnPql5ZqkHTx3LA9tXQEVzlhyQgVB8%2BVschHsuqMjm3s9ZC01AJmapIfCcEMvLz3NJB37iIe%2Fz9pTEjt1N1TTpJO%2BkrUQlSfd7hqDFz2GwX%2FuUzMU%2B0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e1bdc6df6a7785-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

app.clickfunnels.com/assets/lander.js

104.16.12.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/assets/lander.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/lander.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agdmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:23:18 GMT
content-type: application/x-javascript
cf-ray: 74e1bdc6bebab509-OSL
access-control-allow-origin: *
age: 206
cache-control: public, max-age=1200
etag: W/"632a4d03-238fd1"
expires: Wed, 21 Sep 2022 09:43:18 GMT
last-modified: Tue, 20 Sep 2022 23:30:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=6Zdtrth8r1CGOp2EuxLaTNvIow0.fVYuQhV.ARf6msA-1663752198-0-AWlr8U0+PrIXbJNNbjPChom8HX+Bwq/GJLHfna9/sEtJp1O/6hZChL9efEA8DN5sOfrYlMLKaxacDRlCe/Q7hEyCkurzdaYSpmQsApTC7K9S; path=/; expires=Wed, 21-Sep-22 09:53:18 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

app.clickfunnels.com/assets/userevents/application.js

104.16.12.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/assets/userevents/application.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/userevents/application.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agdmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:23:18 GMT
content-type: application/x-javascript
cf-ray: 74e1bdc6ef01b509-OSL
access-control-allow-origin: *
age: 207
cache-control: public, max-age=1200
etag: W/"632a4cc7-1353"
expires: Wed, 21 Sep 2022 09:43:18 GMT
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=HbOiyd2vt.YZh.IoMy0VfFCcJy3HsA7zDQ7L_GAxvYw-1663752198-0-AR8jeoRSxx9TlBY0/KIJ0GSjyQGOT3s0PF26RgI1up5H3ErNI/vYhOmNlYBuyTj3oNZMSxgVcNhS8PZfX0WNaJnbCNnH5Y01v8BMuhnO82Tw; path=/; expires=Wed, 21-Sep-22 09:53:18 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

app.clickfunnels.com/images/email2.png

104.16.12.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/images/email2.png
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/email2.png HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.clickfunnels.com/assets/lander.css
Cookie: __cf_bm=HbOiyd2vt.YZh.IoMy0VfFCcJy3HsA7zDQ7L_GAxvYw-1663752198-0-AR8jeoRSxx9TlBY0/KIJ0GSjyQGOT3s0PF26RgI1up5H3ErNI/vYhOmNlYBuyTj3oNZMSxgVcNhS8PZfX0WNaJnbCNnH5Y01v8BMuhnO82Tw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:23:18 GMT
content-type: image/webp
cf-ray: 74e1bdc7e834b509-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1085113
cache-control: public, max-age=2678400
content-disposition: inline; filename="email2.webp"
etag: "630e9cfc-c80"
expires: Sat, 22 Oct 2022 09:23:18 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3200
server: cloudflare
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3APageviewsCreatedSummary&nonce=4f8796ce-eebb-46e1-a6ce-8a3710adfb6d&url=http%3A%2F%2Fagdmarketing.com%2F

104.16.12.194

202 Accepted

0 B

URL HTTP/2
app.clickfunnels.com/userevents?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3APageviewsCreatedSummary&nonce=4f8796ce-eebb-46e1-a6ce-8a3710adfb6d&url=http%3A%2F%2Fagdmarketing.com%2F
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /userevents?funnel_id=VXRtTjhNM05wdVVJWlVUVkYrRzM1Zz09LS10K2xqSDNNdXNTdVphUDZZRk9nK1VnPT0%3D--f5ed302533b4847d374c25802b11b35a34d3054f&page_id=MkxQVzhZOW82ZVA2T25pVlBOZlVHQT09LS1TVGUyek90VzVEN0hTOXAvMTZrdUpnPT0%3D--95374f5b8bc0e4bbfddc3405a82059f5d6a02a59&funnel_step_id=RWRUMVM4Rk54WTRwekhkcDVXOUdOQT09LS1MK3RleTQ5UlNMNVQ5d2lvSEpaamlRPT0%3D--3f4de62c08eb96cd71182d497eeeb2644b7ffd40&user_id=RTUxdUZsOGZCeCtvWXcwdTFzMjV6QT09LS1wY01UcGNwNElSWit4K05BRWVNUWp3PT0%3D--74356658a6d31b34ae864eb95a13ebc6c71b64a4&account_id=b01TdW5kdUluRGhMVHFrem42ZkFRZz09LS1oZVVIakhLU3BnMmdwNjROVVVONmhnPT0%3D--59455c41343575a57141a56360f092c84ac93279&page_code=NTIwNzM2MTM%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3APageviewsCreatedSummary&nonce=4f8796ce-eebb-46e1-a6ce-8a3710adfb6d&url=http%3A%2F%2Fagdmarketing.com%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://agdmarketing.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Wed, 21 Sep 2022 09:23:19 GMT
content-type: text/html
cf-ray: 74e1bdcd2fb5b509-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 3f6211fa985fc454f1ee21846aebd840
x-runtime: 0.034321
set-cookie: __cf_bm=YPHNY6_hdgl.KxZ5cmxxtzmJELPgGA.dRbf4fYGgKkA-1663752199-0-AciNROTUKk0M0J4J68aTATsXL/KucpJlKTA2UitMpF9VRgZZaq8JwydcYZF20d2eD1E0E8rQem8SPg6FhkWeKjb30CKZU9THyXQTgqUQ2WsY; path=/; expires=Wed, 21-Sep-22 09:53:19 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

www.clickfunnels.com/favicon.ico

104.16.12.194

200 OK

0 B

URL HTTP/2
www.clickfunnels.com/favicon.ico
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agdmarketing.com/
Cookie: __cf_bm=HbOiyd2vt.YZh.IoMy0VfFCcJy3HsA7zDQ7L_GAxvYw-1663752198-0-AR8jeoRSxx9TlBY0/KIJ0GSjyQGOT3s0PF26RgI1up5H3ErNI/vYhOmNlYBuyTj3oNZMSxgVcNhS8PZfX0WNaJnbCNnH5Y01v8BMuhnO82Tw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:23:19 GMT
content-type: image/x-icon
cf-ray: 74e1bdd09c88b509-OSL
access-control-allow-origin: *
age: 1303
etag: W/"632a4cc7-3aee"
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations