Report - badassgroup.net/

Report Overview

Submitted URL
badassgroup.net/
IP
66.235.200.146
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-26 05:11:35
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
js-agent.newrelic.com	378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	15 kB	151.101.86.137
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	441 B	393 B	172.64.156.26
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29
badassgroup.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	17 kB	66.235.200.146
app.clickfunnels.com	34727	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	28 kB	104.16.12.194
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	771 B	1.7 kB	172.64.132.15
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	674 B	746 B	142.250.74.10
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.86.38.2
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	662 B	1.4 kB	142.250.74.3
www.clickfunnels.com	51002	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	15 kB	104.16.12.194
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	66 kB	34.120.237.76
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
images.clickfunnels.com	95357	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	6.2 kB	104.16.12.194
bam.nr-data.net	630	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	830 B	607 B	162.247.241.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-26	medium	badassgroup.net/	Phishing
2022-09-26	medium	badassgroup.net/cdn-cgi/rum?	Phishing
2022-09-26	medium	badassgroup.net/cdn-cgi/rum?	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	badassgroup.net/	591 B	2023-03-08	2023-03-08
Pretty URL badassgroup.net/ IP 66.235.200.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:29:42 Last Seen2023-03-08 02:14:29 Times Seen1 Hash 3f52a953d37e9fa887975151f3d0ee39 4f6a226d2912333f2e7c92f2c84145b48cb4d056 1a9401042c59034d010457cf4b80e12c1d325b8c1e6149978efdc8a3db6022cb Loading...

	badassgroup.net/	1.6 kB	2023-03-07	2024-04-21
Pretty URL badassgroup.net/ IP 66.235.200.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1073 Hash 9695240da93eaffb74ee6d46ae6ea5da f545f6cec4b5da6fb0a50a17ee0bc878030c5047 88533b116813899d4cf0751961b7568763677a97033cfb35180d523e2cf2cfd1 Loading...

	app.clickfunnels.com/assets/userevents/application.js	4.9 kB	2023-03-07	2023-03-17
Pretty URL app.clickfunnels.com/assets/userevents/application.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-03-17 12:27:39 Times Seen1 Hash 8c7a2fbb2ccf04e864c50ff46ff6975d 1f9e9ece9dd37561093248324faa202260eb616c 004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158 Loading...

	static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194	14 kB	2023-03-07	2024-04-23
Pretty URL static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP 172.64.156.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-23 06:45:22 Times Seen1630 Hash 19514b1be5ee33b45d32c1fcd4c67ec2 bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5 fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Loading...

	badassgroup.net/	395 B	2023-03-07	2024-04-21
Pretty URL badassgroup.net/ IP 66.235.200.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1084 Hash b2c93212afb38693d023d97f822acd42 a971c75819436a7c7d9c3b388b8be10f1286fdcb dbde09f9e5cc2ecdeffe30752eac8756ca637e0c524bdbd5b1c7e5704aae004f Loading...

	app.clickfunnels.com/cf.js	18 kB	2023-03-07	2024-04-21
Pretty URL app.clickfunnels.com/cf.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:03 Times Seen1311 Hash bf2a8a168c0be1544c34f363c276586e 581e49c9b7bdd06dab54c00931f4256b223e620e 7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d Loading...

	badassgroup.net/	101 B	2023-03-07	2024-04-21
Pretty URL badassgroup.net/ IP 66.235.200.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1073 Hash 58d9451139b4d777d43d7c3e074a944a 58dbf64854e67993dd579ecc78d1a32fea9266ed 85f043b5d0590f154a02cf29f549340485f0e6dd78c70ab8746555092fc9d493 Loading...

	badassgroup.net/	271 B	2023-03-07	2024-04-21
Pretty URL badassgroup.net/ IP 66.235.200.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1080 Hash c0d8faa83b4d63e92f56614251d001d4 4377d94b43b83ca010c78aa4c482d86ca19a9593 1d35b00811c224b9c83537f23634d9e7b07f75841c3d99e6ded3c759571f45a7 Loading...

	app.clickfunnels.com/mailcheck.min.js	2.7 kB	2023-03-07	2024-03-13
Pretty URL app.clickfunnels.com/mailcheck.min.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-13 20:33:05 Times Seen1044 Hash 199756d42d03ff6741642748ea00028d b5c4f6fd1b0e5d1bac97870b3885d08ccb7d2ac1 e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982 Loading...

	badassgroup.net/	104 B	2023-03-07	2024-04-21
Pretty URL badassgroup.net/ IP 66.235.200.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1185 Hash 00b5ba65cbf82b44301e01048b806055 3be24afc94edb8de2099ccafa2bfcdbfbef301cd 699e1188e23d8be696d8ca3b45d7eba8c1c97f6ce4e9da4051cce63907ea8442 Loading...

	app.clickfunnels.com/assets/pushcrew.js	637 B	2023-03-07	2024-04-21
Pretty URL app.clickfunnels.com/assets/pushcrew.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1406 Hash 0a67c27615e7d2202f261dcc0a82d744 0fa0a8ca56efded583bd4201821015a63c623d44 f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422 Loading...

	bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2647&ck=1&ref=badassgroup.net/&ap=255&be=1219&fe=2092&dc=1969&perf=%7B%22timing%22:%7B%22of%22:1664169082563,%22n%22:0,%22f%22:-6,%22dn%22:-6,%22dne%22:-4,%22c%22:-4,%22ce%22:-3,%22rq%22:90,%22rp%22:1045,%22rpe%22:1045,%22dl%22:1051,%22di%22:1955,%22ds%22:1968,%22de%22:2055,%22dc%22:2091,%22l%22:2091,%22le%22:2202%7D,%22navigation%22:%7B%7D%7D&fcp=1418&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2647&ck=1&ref=badassgroup.net/&ap=255&be=1219&fe=2092&dc=1969&perf=%7B%22timing%22:%7B%22of%22:1664169082563,%22n%22:0,%22f%22:-6,%22dn%22:-6,%22dne%22:-4,%22c%22:-4,%22ce%22:-3,%22rq%22:90,%22rp%22:1045,%22rpe%22:1045,%22dl%22:1051,%22di%22:1955,%22ds%22:1968,%22de%22:2055,%22dc%22:2091,%22l%22:2091,%22le%22:2202%7D,%22navigation%22:%7B%7D%7D&fcp=1418&jsonp=NREUM.setToken IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	badassgroup.net/	280 B	2023-03-08	2023-03-08
Pretty URL badassgroup.net/ IP 66.235.200.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:29:42 Last Seen2023-03-08 02:14:28 Times Seen1 Hash 4bd90d7c70e4be60ece6de0c8e4ec520 c373cd5302c2f30405bf38fd9f0b0a2c88482247 f2600334b4a67ebfbcfa2d2d6d853dd15996df76947d782768af62e66b2a95ac Loading...

	badassgroup.net/	403 B	2023-03-07	2024-02-27
Pretty URL badassgroup.net/ IP 66.235.200.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:06 Last Seen2024-02-27 15:49:53 Times Seen73 Hash 8ab8d200539fab50897027c62c96d314 0197d4ac02e1e98d7e1d9badcbd7a89428eb03b8 b7a571a3f2b65d773034e6d559fde9ea980c86414a2b485c88cbac7c0456b9de Loading...

	badassgroup.net/	1.0 kB	2023-03-07	2024-04-21
Pretty URL badassgroup.net/ IP 66.235.200.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:00 Times Seen1074 Hash 7e04d8a0aac6ab1ec08163bd215a5711 f425cd8bab39529985cf2a9cf866a877b4fca17a 4e3d5220213c311337410362a4654f5ea226e71707a85229385cec6d871cc05a Loading...

	badassgroup.net/	1.2 kB	2023-03-07	2024-03-13
Pretty URL badassgroup.net/ IP 66.235.200.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2024-03-13 20:33:05 Times Seen718 Hash f53804c0abbd5d0ead0a41ca2dd89599 39d28f2df6171e4847aafb50cff964da0b33aef0 1dfb574d71b367cdf50909a035c1865d63381accb868b60d395d6ad71c426821 Loading...

	js-agent.newrelic.com/nr-1216.min.js	39 kB	2023-03-07	2023-12-02
Pretty URL js-agent.newrelic.com/nr-1216.min.js IP 151.101.86.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-12-02 09:02:29 Times Seen204 Hash 9f533d8cd24b2c5e3b4dc886ecbd43e8 4aaad79f222fbcf885679bb30ac0cb6c14ec06eb 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708 Loading...

	badassgroup.net/	10 kB	2023-03-07	2023-03-17
Pretty URL badassgroup.net/ IP 66.235.200.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:18 Last Seen2023-03-17 12:27:39 Times Seen1 Hash 61abdb73cf60f39fa1f99dbd202754ac 8d0f53cfd61600543702b775cccfdb6cff316a83 42f0f6e0965f466635a6785e94642889e31ade69c5d6c892182d03c91abd6082 Loading...

	app.clickfunnels.com/assets/lander.js	2.3 MB	2023-03-07	2023-03-17
Pretty URL app.clickfunnels.com/assets/lander.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:09 Last Seen2023-03-17 12:27:39 Times Seen1 Hash 55bfc8a713b8bec8d24b6400e8b67cc6 0b52f076ef067091cb0f78672c4a3409969e5ede 5824467254c4dff6cbb9de37d441170f9243287bba4380e206297e2f2c0ef7cd Loading...

	badassgroup.net/	65 B	2023-03-07	2024-03-18
Pretty URL badassgroup.net/ IP 66.235.200.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:26 Last Seen2024-03-18 15:34:47 Times Seen305 Hash fd58a4b54ab146df950e11f1c456d75d e7838ec007afb3db8ba2f719f3abdaba531bc554 f83c7974af97a55f1ac8034a88f07f1ab1c45ccb34071de2962dfa6d969fe303 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2aa74ac3a264c3e10ae463a262aaf72c	20 kB	2023-03-07	2024-04-21
Pretty Observations First Seen2023-03-07 01:29:18 Last Seen2024-04-21 22:38:01 Times Seen1093 Hash 2aa74ac3a264c3e10ae463a262aaf72c c5ff579cf0cc2ba1d98711b366ec148152abbaf5 9c1ea695852f01d2fc6027d572b126b740a9c4634540fb0d39ea3656377eef77 Loading...

	#2 Eval - 2df755a45ec2477faf76c1c7dc5f39fb	119 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 01:29:42 Last Seen2023-03-08 02:14:29 Times Seen1 Hash 2df755a45ec2477faf76c1c7dc5f39fb 77d579d137d7dc7a23921150f1d702c6cc3981c5 b7388517aef7fe3820829cbea6e6b607460c790aac2293f38fa2cf3576c91701 Loading...

HTTP Transactions (47)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 04:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qIyLhUa1DTIL6bavNrG46V6msxaWNWbFjDLZ3AsavgAvsRXoTh-vtQ==
Age: 3366

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4364
Expires: Mon, 26 Sep 2022 06:24:08 GMT
Date: Mon, 26 Sep 2022 05:11:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b3e81b5bd7bd8e12288a8159e44ceb3f
977945964ffcbf49ac78f840db9da822c50c82f0
4721814da286852318f7ebf9857bd4bf01f0beea2c9eb7ddb9f290e3fa472232

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20545
Expires: Mon, 26 Sep 2022 10:53:49 GMT
Date: Mon, 26 Sep 2022 05:11:24 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: LTxsVAMIr+VZ76r0RRTNiWiLeV6lxy35SBpVl7r16hqptFNn1feoXdrFBmT7O/uBrgs9bhHU8cI=
x-amz-request-id: ZPZ80BK1M84YXJE5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Sep 2022 04:48:34 GMT
age: 1370
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 05:11:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 26 Sep 2022 05:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 26 Sep 2022 05:22:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aoiPe9O6o537xH7I3UxVfzze11gBUaBUzMAS7-fJ62sPBc73hlAo_g==
Age: 845

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6124
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:11:25 GMT
Last-Modified: Mon, 26 Sep 2022 03:29:22 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

badassgroup.net/

66.235.200.146

200 OK

16 kB

URL HTTP/1.1
badassgroup.net/
IP
66.235.200.146:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10200), with CRLF, LF line terminators
Size
16 kB (15749 bytes)
Hash
171a76f8dbac2423d461d7a54fd9f507
f72046482fb1500270b0f6be12b34147651cd050
1b3f9b74e2955280d8776a37e09f6a733090c180b694c098f9593ab56d20bad1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: badassgroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 05:11:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-UA-Compatible: IE=edge
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Last-Modified: Mon, 26 Sep 2022 05:11:25 GMT
Set-Cookie: PHPSESSID=484f6ce1f6a640510eab0a177bc02875; path=/
__cf_bm=sOdoWyWi30QnXm7fK9ezY0.nJXzAfgm3nCmjKi4jkRg-1664169085-0-AaOHPzP96Jc83uyru+T0lzEVG2bBxWJuUG7M1+PqDe+xO8yCAfGKzTlukDs2oMKfvgoLMIw8GsIPxQ071wnAStOm5uktrbDw7bbMdauEE43J; path=/; expires=Mon, 26-Sep-22 05:41:25 GMT; domain=.clickfunnels.com; HttpOnly; Secure
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 75097fa91b210b4d-OSL
Content-Encoding: gzip

images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png

104.16.12.194

200 OK

5.3 kB

URL HTTP/2
images.clickfunnels.com/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.3 kB (5276 bytes)
Hash
d99a10ef5010513b3d30f7cf51614b5f
d60c1da11f05540f39632c7357c22b76c9ee1ed7
5dfa88a4dc8b6c0b834a62e45daee28a8dc37ed6ae7eb1545e4ed8b6382c0474

HTTP Headers

GET /3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png HTTP/1.1
Host: images.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://badassgroup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:11:25 GMT
content-type: image/webp
content-length: 5276
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9030
content-disposition: inline; filename="ClickfunnelsTag.webp"
etag: "a633777156a5ffeb58c92d3d59fa4e34"
last-modified: Fri, 03 Jan 2020 17:41:49 GMT
vary: Accept
x-amz-id-2: yDQ4lWX/DNGyt7YNpk7GEhfR78bYc0+VDD0URlhGFtdycdY6Jqdci9bK+xUyRGtUazQ8facJvao=
x-amz-request-id: KMP0WXXNVQ62KDV3
cf-cache-status: HIT
age: 5250
expires: Thu, 20 Oct 2022 05:11:25 GMT
cache-control: public, max-age=2073600
accept-ranges: bytes
set-cookie: __cf_bm=VVqc10shjn_gIpC6BqaeL7XXJpW47Hc9ObOIkQv.cQc-1664169085-0-AVRopb37JHTxKQ7tlcUsROu7CqTrV+hk42tYcwelpU/VDem3wc9mLw7AFhT9w8MCPrZJAtjov9/o3Mj5FT5JXDL4KjSxn8BXk487szaRPFmY; path=/; expires=Mon, 26-Sep-22 05:41:25 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75097fb06dfbb524-OSL
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.86.38.2

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.86.38.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ugdrd3J/eMLYKI9E3jsEmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 36Oj1xv3MFsyvhr3XdcpeCBP4/Y=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:11:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app.clickfunnels.com/cf.js

104.16.12.194

301 Moved Permanently

6.7 kB

URL HTTP/2
app.clickfunnels.com/cf.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
6.7 kB (6703 bytes)
Hash
c29e85cfa566a85d1548283609f1a69a
59185e6f4d498e0c0b11a5fb68349f031ef1b10c
10766b08bfc05a2917460388a306bda1b55b49bebf740c9470fc5cf52a082cfa

HTTP Headers

GET /cf.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://badassgroup.net/
Cookie: __cf_bm=Tbz8lyVb557qQ9R2hebSmYp78B0oyVtlzswitS.pEDo-1664169085-0-AezcrlcmbpKNW5A9Zi2c4uxtHgr2Gr7fLHW3oOKsY2jlUzHbmiA8Nj/lYnMhwqstUqy6eOqakEmjXquGTMol99EvX/j9wauHUenoQa06UmAn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
date: Mon, 26 Sep 2022 05:11:26 GMT
content-type: text/html
location: https://www.clickfunnels.com/cf.js
cf-ray: 75097fb4c993b524-OSL
access-control-allow-origin: *
age: 874
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::PageviewsCreatedSummary&nonce=c0e754ba-01ca-485e-ab7e-ae36332eb895&url=http%3A%2F%2Fbadassgroup.net%2F

104.16.12.194

301 Moved Permanently

1.4 kB

URL HTTP/1.1
app.clickfunnels.com/userevents/?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::PageviewsCreatedSummary&nonce=c0e754ba-01ca-485e-ab7e-ae36332eb895&url=http%3A%2F%2Fbadassgroup.net%2F
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1422)
Size
1.4 kB (1437 bytes)
Hash
792e63bc7578df3b3160c8b6b878d3bd
80a53c1a883d4061b591eae1e7225ded671a07d0
a1509846d759b33264a0818e7e8ee77d4a5497580088aff69c5dbe518a0d76b5

HTTP Headers

GET /userevents/?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::PageviewsCreatedSummary&nonce=c0e754ba-01ca-485e-ab7e-ae36332eb895&url=http%3A%2F%2Fbadassgroup.net%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://badassgroup.net
Connection: keep-alive
Referer: http://badassgroup.net/

HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Sep 2022 05:11:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://app.clickfunnels.com/userevents?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3APageviewsCreatedSummary&nonce=c0e754ba-01ca-485e-ab7e-ae36332eb895&url=http%3A%2F%2Fbadassgroup.net%2F
CF-Ray: 75097fb4ee8ab511-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 301 Moved Permanently
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: fde377a72c23c475eb5f6a5f0589037f
X-Runtime: 0.008751
Set-Cookie: __cf_bm=ODYwVAs88WSIEUEAbknDrh8Hb5Z8myhk_LVTrWYZJO8-1664169086-0-AQiiAQz6a7497kdblnN5CHcrZqEOoQ9rslo+jOPGln7DYJQ893QkPULvTCZbbE++9RHPhvtkla7QPVVh86dtl0prSb6dM0DDgr4KWHDFIUaT; path=/; expires=Mon, 26-Sep-22 05:41:26 GMT; domain=.clickfunnels.com; HttpOnly; SameSite=None
Report-To: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Q0_iZ0cPaeECtNIXUkZtig8pmHTGeZ8e4I6yJm8LXFw-1664169086-0-AYFXhfLK0HcSVhAg7yNOpqij0Op7po0E7oJKgOL4tb2rlgLdtU_iOTlYSEjcJNDBkp1pkH2a8CPK6gisIyEeFj0NrTPP3yC3tmssx38PgPZO"}],"group":"cf-csp-endpoint","max_age":86400}
Content-Security-Policy-Report-Only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Q0_iZ0cPaeECtNIXUkZtig8pmHTGeZ8e4I6yJm8LXFw-1664169086-0-AYFXhfLK0HcSVhAg7yNOpqij0Op7po0E7oJKgOL4tb2rlgLdtU_iOTlYSEjcJNDBkp1pkH2a8CPK6gisIyEeFj0NrTPP3yC3tmssx38PgPZO; report-to cf-csp-endpoint
Server: cloudflare
alt-svc: h2=":443"; ma=60

app.clickfunnels.com/userevents/?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=46009123-87ac-4d61-b46c-2182e8a0e466&url=http%3A%2F%2Fbadassgroup.net%2F

104.16.12.194

301 Moved Permanently

1.4 kB

URL HTTP/1.1
app.clickfunnels.com/userevents/?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=46009123-87ac-4d61-b46c-2182e8a0e466&url=http%3A%2F%2Fbadassgroup.net%2F
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1428)
Size
1.4 kB (1443 bytes)
Hash
aeb01969dbff32e1b5cde19daebc0503
384c7a0208e6e4e3e5f0fb67675fe0a8ddca2db4
a3d4965399e0cc3f82229af3617ba188b8ffc57656a9c054335ced98ec251b67

HTTP Headers

GET /userevents/?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=46009123-87ac-4d61-b46c-2182e8a0e466&url=http%3A%2F%2Fbadassgroup.net%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://badassgroup.net
Connection: keep-alive
Referer: http://badassgroup.net/

HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Sep 2022 05:11:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://app.clickfunnels.com/userevents?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=46009123-87ac-4d61-b46c-2182e8a0e466&url=http%3A%2F%2Fbadassgroup.net%2F
CF-Ray: 75097fb4ecf6b4fa-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 301 Moved Permanently
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: 31c2e876d885c5273cb09a1f254b5cbe
X-Runtime: 0.007896
Set-Cookie: __cf_bm=3jhdPSl6dDNSgAmn9.502BrGPQmZMtP.LgrmIiNq0XI-1664169086-0-AQ5fgqzoSogISkxia3G4FyWo0TsKVeZAQcJ56rIz5YImK8gcKdBSt+U1jNlPyPqP6m+h2GLAJr68ceDgRaz9IJG+hbXTsohnbBbcWgNRtmP8; path=/; expires=Mon, 26-Sep-22 05:41:26 GMT; domain=.clickfunnels.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60

app.clickfunnels.com/userevents/?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=5742f482-109b-45cd-b09f-45da82ef22b6&url=http%3A%2F%2Fbadassgroup.net%2F

104.16.12.194

301 Moved Permanently

1.4 kB

URL HTTP/1.1
app.clickfunnels.com/userevents/?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=5742f482-109b-45cd-b09f-45da82ef22b6&url=http%3A%2F%2Fbadassgroup.net%2F
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1427)
Size
1.4 kB (1442 bytes)
Hash
fc8695098c1eceb98df8be1927aacdbe
7f09f06a7db2b941da19a5babaf4e49e1f6930d2
84057732c3f642d8c817d9bf49757b35445e8d4db5111015a0f5c423f80ee15e

HTTP Headers

GET /userevents/?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=5742f482-109b-45cd-b09f-45da82ef22b6&url=http%3A%2F%2Fbadassgroup.net%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://badassgroup.net
Connection: keep-alive
Referer: http://badassgroup.net/

HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Sep 2022 05:11:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://app.clickfunnels.com/userevents?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=5742f482-109b-45cd-b09f-45da82ef22b6&url=http%3A%2F%2Fbadassgroup.net%2F
CF-Ray: 75097fb4fcf8b4fa-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 301 Moved Permanently
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: 8345dd692fd65a7e137ebd4afb3724ee
X-Runtime: 0.010651
Set-Cookie: __cf_bm=aS7b8LuawC_vFh62emx.uQX6njDyvvL.nAYbKf6u7go-1664169086-0-AY5t+iOeTUPrPgRlHDRlJpE/NhWLtseNdt2/YautKaLyGN72a/ZqhUQveoKDzK/R3Qz5pb14IVdf9F/A7nVzv0zJ78/vZb411dapu9xJq7DC; path=/; expires=Mon, 26-Sep-22 05:41:26 GMT; domain=.clickfunnels.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60

badassgroup.net/cdn-cgi/rum?

66.235.200.146

200 OK

0 B

URL HTTP/1.1
badassgroup.net/cdn-cgi/rum?
IP
66.235.200.146:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: badassgroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/json
Content-Length: 4282
Origin: http://badassgroup.net
Connection: keep-alive
Referer: http://badassgroup.net/
Cookie: PHPSESSID=484f6ce1f6a640510eab0a177bc02875; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYyMzY3NTY=:visited=true; cf:visitor_id=2fcffaf7-49d9-4852-9185-9d54471e3a44; addevent_track_cookie=b19d9faf-9901-4656-ca2e-e09e9ad05826

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 05:11:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: cloudflare
CF-RAY: 75097fb66ad00b4d-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff

www.clickfunnels.com/cf.js

104.16.12.194

200 OK

14 kB

URL HTTP/2
www.clickfunnels.com/cf.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text
Size
14 kB (13554 bytes)
Hash
4a34ed406a759ea0bbdc157ad9afdfb5
fe19da2f527a9167261e8687a35ed82bea583da6
403d4e46d120a7bac2849e78190023c2faacdf45e10a3c2e07bab28d34372dbd

HTTP Headers

GET /cf.js HTTP/1.1
Host: www.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://badassgroup.net/
Connection: keep-alive
Cookie: __cf_bm=Tbz8lyVb557qQ9R2hebSmYp78B0oyVtlzswitS.pEDo-1664169085-0-AezcrlcmbpKNW5A9Zi2c4uxtHgr2Gr7fLHW3oOKsY2jlUzHbmiA8Nj/lYnMhwqstUqy6eOqakEmjXquGTMol99EvX/j9wauHUenoQa06UmAn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:11:26 GMT
content-type: application/x-javascript
cf-ray: 75097fb57a22b524-OSL
access-control-allow-origin: *
age: 332
etag: W/"632b3357-476a"
last-modified: Wed, 21 Sep 2022 15:52:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 05:11:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 05:11:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 05:11:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 05:11:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 05:11:26 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7185 bytes)
Hash
6d79a3a5bd7dc7aa6cab306176fafd11
0d5cb1f3e3ea510308034a5e569c0e65fae30835
57979dfcf6fdc76f04e4790c2b94b876e188ac780aa49d9bfc8a58c498dc4203

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: e7b997d7-f9ce-40c6-b9bb-372ee10d8ad0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTAfEX5oAMFcHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb9c-31e295e33ead940f381121a1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:43:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YW8Pk1qXdq3DBNRDO3abND1HGTqhUInN2Wo3N8Uzb0zzyXrsKPCvYg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 26554
etag: "0d5cb1f3e3ea510308034a5e569c0e65fae30835"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11728 bytes)
Hash
968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
age: 22890
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8637 bytes)
Hash
d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 24646
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa675e34b-7ee1-4318-a6a3-b49bce6a4ca4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10944 bytes)
Hash
b6e43e36ae283d6ec12fb5c9c692fa83
a3b3a4396da5beac2430e8facdb4d4b799621c9d
49ed7dccf0fe8abb7b0bfdc34ff89b30ef719288571bb1d89d29a1cb8857310e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa675e34b-7ee1-4318-a6a3-b49bce6a4ca4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10944
x-amzn-requestid: 2711886c-e022-4a77-862e-9d7bbd0db02e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvxHsSIAMF8Pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-6b464e2e489825b51447d74d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-nUwIxG9TDPRBSt8-RuITSg0nVZIMMidfKme75OXsqDXJ-vcXA41Q==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:25:00 GMT
age: 24386
etag: "a3b3a4396da5beac2430e8facdb4d4b799621c9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size
13 kB (12826 bytes)
Hash
b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:35 GMT
age: 27231
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20fede81-e065-476d-b8c9-466c4d80f419.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7998 bytes)
Hash
27d324b1fb661c318aced98468501b3c
5c4ee294c98e8fc9312a7d481b6ec165494cf852
937296b5da48df0495ebd0cb3509b7c00059725c00c5b97f475ba2382a0e5437

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20fede81-e065-476d-b8c9-466c4d80f419.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7998
x-amzn-requestid: beedf4d8-29c0-43c6-92d0-40af6b9ee9f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTibE5LoAMFXLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cc75-1be97f2a525b9a5e3146d4be;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:47:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: i8BwIohBNqfEavPXBqSWshg7G-WF9UkBBScnDcyH4qEYV9TzreLXWA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:03:29 GMT
age: 25677
etag: "5c4ee294c98e8fc9312a7d481b6ec165494cf852"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

js-agent.newrelic.com/nr-1216.min.js

151.101.86.137

200 OK

14 kB

URL HTTP/2
js-agent.newrelic.com/nr-1216.min.js
IP
151.101.86.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32022)
Size
14 kB (14391 bytes)
Hash
b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa

HTTP Headers

GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://badassgroup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 05:11:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 2339
x-timer: S1664169087.876263,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8cdaef8da493054ab3fa357f852661e3
48b40047919c85c7baa65b896158125c758d9f1a
f85aaa88b1325317a2cd62bc8d144518dca545d941a0589f8ec22eca07264a2d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2917
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:11:26 GMT
Last-Modified: Mon, 26 Sep 2022 04:22:50 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2647&ck=1&ref=http://badassgroup.net/&ap=255&be=1219&fe=2092&dc=1969&perf=%7B%22timing%22:%7B%22of%22:1664169082563,%22n%22:0,%22f%22:-6,%22dn%22:-6,%22dne%22:-4,%22c%22:-4,%22ce%22:-3,%22rq%22:90,%22rp%22:1045,%22rpe%22:1045,%22dl%22:1051,%22di%22:1955,%22ds%22:1968,%22de%22:2055,%22dc%22:2091,%22l%22:2091,%22le%22:2202%7D,%22navigation%22:%7B%7D%7D&fcp=1418&jsonp=NREUM.setToken

162.247.241.14

200 OK

77 B

URL HTTP/1.1
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2647&ck=1&ref=http://badassgroup.net/&ap=255&be=1219&fe=2092&dc=1969&perf=%7B%22timing%22:%7B%22of%22:1664169082563,%22n%22:0,%22f%22:-6,%22dn%22:-6,%22dne%22:-4,%22c%22:-4,%22ce%22:-3,%22rq%22:90,%22rp%22:1045,%22rpe%22:1045,%22dl%22:1051,%22di%22:1955,%22ds%22:1968,%22de%22:2055,%22dc%22:2091,%22l%22:2091,%22le%22:2202%7D,%22navigation%22:%7B%7D%7D&fcp=1418&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef

HTTP Headers

GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2647&ck=1&ref=http://badassgroup.net/&ap=255&be=1219&fe=2092&dc=1969&perf=%7B%22timing%22:%7B%22of%22:1664169082563,%22n%22:0,%22f%22:-6,%22dn%22:-6,%22dne%22:-4,%22c%22:-4,%22ce%22:-3,%22rq%22:90,%22rp%22:1045,%22rpe%22:1045,%22dl%22:1051,%22di%22:1955,%22ds%22:1968,%22de%22:2055,%22dc%22:2091,%22l%22:2091,%22le%22:2202%7D,%22navigation%22:%7B%7D%7D&fcp=1418&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://badassgroup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 05:11:27 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75097fb93d93fab8-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=483790b527691b12; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

badassgroup.net/cdn-cgi/rum?

66.235.200.146

200 OK

0 B

URL HTTP/1.1
badassgroup.net/cdn-cgi/rum?
IP
66.235.200.146:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: badassgroup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Content-Length: 372
Origin: http://badassgroup.net
Connection: keep-alive
Referer: http://badassgroup.net/
Cookie: PHPSESSID=484f6ce1f6a640510eab0a177bc02875; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYyMzY3NTY=:visited=true; cf:visitor_id=2fcffaf7-49d9-4852-9185-9d54471e3a44; addevent_track_cookie=b19d9faf-9901-4656-ca2e-e09e9ad05826; is_eu=false; kknzutuie63omu6r=true; 12421229_viewed_1=1

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 05:11:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: cloudflare
CF-RAY: 75097fe1aea10b4d-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff

app.clickfunnels.com/assets/lander.js

104.16.12.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/assets/lander.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/lander.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://badassgroup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:11:25 GMT
content-type: application/x-javascript
cf-ray: 75097fb07e0fb524-OSL
access-control-allow-origin: *
age: 707
cache-control: public, max-age=1200
etag: W/"632b33c5-238fd1"
expires: Mon, 26 Sep 2022 05:31:25 GMT
last-modified: Wed, 21 Sep 2022 15:54:45 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=Tbz8lyVb557qQ9R2hebSmYp78B0oyVtlzswitS.pEDo-1664169085-0-AezcrlcmbpKNW5A9Zi2c4uxtHgr2Gr7fLHW3oOKsY2jlUzHbmiA8Nj/lYnMhwqstUqy6eOqakEmjXquGTMol99EvX/j9wauHUenoQa06UmAn; path=/; expires=Mon, 26-Sep-22 05:41:25 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/all.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.9.0/css/all.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://badassgroup.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:11:25 GMT
content-type: text/css
x-amz-id-2: DZrzPe4HQ8kJFNqEOBC9htpm0WJQlY1n+eS/0BGsXOAs08NE646zlmtSapTKvY5HRzt62dmBhyM=
x-amz-request-id: KPC19QY4EQRR3ZJA
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 163174
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEfwAdiY1SesvxbtwaT%2Fs0qnZb75Dl9ix7XqOGLfzeo54FQDwuDM%2F4%2BoSakov8cu9Hh6pMPLkfphs3wFxYCQZCCU8FQr2ZRRHicTkkhi1wQMY4HRiAwFfwCp1HQFnSTjnyNyvXDB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75097fb0cac1bbc7-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=5742f482-109b-45cd-b09f-45da82ef22b6&url=http%3A%2F%2Fbadassgroup.net%2F

104.16.12.194

202 Accepted

0 B

URL HTTP/2
app.clickfunnels.com/userevents?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=5742f482-109b-45cd-b09f-45da82ef22b6&url=http%3A%2F%2Fbadassgroup.net%2F
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /userevents?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniqueVisitorsCreatedSummary&nonce=5742f482-109b-45cd-b09f-45da82ef22b6&url=http%3A%2F%2Fbadassgroup.net%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://badassgroup.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Mon, 26 Sep 2022 05:11:26 GMT
content-type: text/html
cf-ray: 75097fb7bc3ab524-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 6ca09d7c52768c5dd913d4d5a4b1dd4b
x-runtime: 0.035295
set-cookie: __cf_bm=CT3X4r1WLCh5bE.0Py.1dJ.HBqB__skdovRQE8Uvj74-1664169086-0-AQ5XADB68ns5TssSkao6R+OpypoHbrsf7sQaiqXirF2AEsvQgGxE1gkK0PVSu/6w/Dc8UziPANmewD/V8CSbGOAXCy7/8GMwVp7tdj/8DIF8; path=/; expires=Mon, 26-Sep-22 05:41:26 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

www.clickfunnels.com/favicon.ico

104.16.12.194

200 OK

0 B

URL HTTP/2
www.clickfunnels.com/favicon.ico
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://badassgroup.net/
Cookie: __cf_bm=Tbz8lyVb557qQ9R2hebSmYp78B0oyVtlzswitS.pEDo-1664169085-0-AezcrlcmbpKNW5A9Zi2c4uxtHgr2Gr7fLHW3oOKsY2jlUzHbmiA8Nj/lYnMhwqstUqy6eOqakEmjXquGTMol99EvX/j9wauHUenoQa06UmAn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:11:26 GMT
content-type: image/x-icon
cf-ray: 75097fb8cd6fb524-OSL
access-control-allow-origin: *
etag: W/"632b3357-3aee"
last-modified: Wed, 21 Sep 2022 15:52:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

app.clickfunnels.com/mailcheck.min.js

104.16.12.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/mailcheck.min.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://badassgroup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:11:25 GMT
content-type: application/x-javascript
cf-ray: 75097fb06df0b524-OSL
access-control-allow-origin: *
age: 3592
etag: W/"632b3357-a8d"
last-modified: Wed, 21 Sep 2022 15:52:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=l6q02PhzQBLWPtSvIy3pEuQ2f7wTTZKXAc0BZqGgzzk-1664169085-0-ATF2/hUxQJvPxRM/Y653cYbkwtfCCuCHAULdhpZ5xH3TrAzkyZ73y9ceudeUkHdDFLnZ+Lovjn07oIgt/XizpnSGkfoU3BZGn4PupW5m+PyX; path=/; expires=Mon, 26-Sep-22 05:41:25 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/v4-shims.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://badassgroup.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:11:25 GMT
content-type: text/css
x-amz-id-2: 1z3SjVlzwCj4buU+iZX1i9l3bHBEkoJXF3gMzQpNsR3QhqKLbXKjLOq9SVzUn/sZehkE6nLM3r0=
x-amz-request-id: FTPN7MFPDPTGYVP7
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 21074805
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrrzjXkYpO8jRqG8ayZcIBYyzsuMnIjci4GJUvgUpmlQN0uGD06HCgPWdausNihLHpAZYx2Cu2%2B%2BXwwzcyxh7ckYMFt%2BX2%2BY95thzTaeaSjfveERXvd7EmRWMK3uqclNHZ9LUXja"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75097fb0bab3bbc7-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

172.64.156.26

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP
172.64.156.26:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://badassgroup.net
Connection: keep-alive
Referer: http://badassgroup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:11:25 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 75097fb0ad4ab4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

app.clickfunnels.com/images/email2.png

104.16.12.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/images/email2.png
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/email2.png HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app.clickfunnels.com/assets/lander.css
Cookie: __cf_bm=Tbz8lyVb557qQ9R2hebSmYp78B0oyVtlzswitS.pEDo-1664169085-0-AezcrlcmbpKNW5A9Zi2c4uxtHgr2Gr7fLHW3oOKsY2jlUzHbmiA8Nj/lYnMhwqstUqy6eOqakEmjXquGTMol99EvX/j9wauHUenoQa06UmAn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:11:25 GMT
content-type: image/webp
cf-ray: 75097fb13ed9b524-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1502000
cache-control: public, max-age=2678400
content-disposition: inline; filename="email2.webp"
etag: "630e9cfc-c80"
expires: Thu, 27 Oct 2022 05:11:25 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3200
server: cloudflare
X-Firefox-Spdy: h2

app.clickfunnels.com/assets/lander.css

104.16.12.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/assets/lander.css
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/lander.css HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://badassgroup.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:11:25 GMT
content-type: text/css
cf-ray: 75097fb06deeb524-OSL
access-control-allow-origin: *
age: 708
cache-control: public, max-age=1200
etag: W/"632b3357-6a514"
expires: Mon, 26 Sep 2022 05:31:25 GMT
last-modified: Wed, 21 Sep 2022 15:52:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=sJ0odh2Wx_pvo.KU7IV87_4RapNrYrHzMbwUhORGSpA-1664169085-0-AYgyMLrZx2QGGmCC5fceYIbf+ZQ5QaTegdvilUTBJjSqLJumoJhvr3wXihoBntPtoPFXqFla30vwR61WoquxlzmYSHnAqV3pWZUH27c7EXuJ; path=/; expires=Mon, 26-Sep-22 05:41:25 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=46009123-87ac-4d61-b46c-2182e8a0e466&url=http%3A%2F%2Fbadassgroup.net%2F

104.16.12.194

202 Accepted

0 B

URL HTTP/2
app.clickfunnels.com/userevents?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=46009123-87ac-4d61-b46c-2182e8a0e466&url=http%3A%2F%2Fbadassgroup.net%2F
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /userevents?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3AUniquePageviewsCreatedSummary&nonce=46009123-87ac-4d61-b46c-2182e8a0e466&url=http%3A%2F%2Fbadassgroup.net%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://badassgroup.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Mon, 26 Sep 2022 05:11:26 GMT
content-type: text/html
cf-ray: 75097fb7bc37b524-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 3016f3db57d5cc09cb50b70b01ea124b
x-runtime: 0.032355
set-cookie: __cf_bm=YosDTViTjf1sd1Z2HnSWlKX8ABFXqqhoDkbcESwYzpo-1664169086-0-AXB/sRZqc3MTrSIDgyjXGv5Ffx4HoiOvpHvUglklXz62Y+zkhKMwfrBkZ/UwYB8OZE7TZ6AKWxQqiteiEqDvqtWaWMTwARcLfVJmUTvzzctG; path=/; expires=Mon, 26-Sep-22 05:41:26 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

app.clickfunnels.com/assets/userevents/application.js

104.16.12.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/assets/userevents/application.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/userevents/application.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://badassgroup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:11:25 GMT
content-type: application/x-javascript
cf-ray: 75097fb06e00b524-OSL
access-control-allow-origin: *
age: 708
cache-control: public, max-age=1200
etag: W/"632b3357-1353"
expires: Mon, 26 Sep 2022 05:31:25 GMT
last-modified: Wed, 21 Sep 2022 15:52:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=DTkMxbDl5VMt9bMHYpX3EREWWizlE5cnDBp22lEdew0-1664169085-0-AVxPUara9hVgTaucRbFoEzgSYDeaBOy9kH7bmDquGWqoSvWmKu2Dmcikf2QQAKDF3tGusllrO1TR0AOFabWGw/cxzZv03shu6MCBn5rgzqCy; path=/; expires=Mon, 26-Sep-22 05:41:25 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://badassgroup.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 05:11:25 GMT
date: Mon, 26 Sep 2022 05:11:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3APageviewsCreatedSummary&nonce=c0e754ba-01ca-485e-ab7e-ae36332eb895&url=http%3A%2F%2Fbadassgroup.net%2F

104.16.12.194

202 Accepted

0 B

URL HTTP/2
app.clickfunnels.com/userevents?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3APageviewsCreatedSummary&nonce=c0e754ba-01ca-485e-ab7e-ae36332eb895&url=http%3A%2F%2Fbadassgroup.net%2F
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /userevents?funnel_id=eFpYb25pTG92L0lqbE5YbG1meGdpQT09LS1PZXZzTHFjSkdSN0QyMkFtbGg0MFJBPT0%3D--c506de95956d640d1aa9a420ec1180392866d2fb&page_id=YkhFb3FFQWhpMlgvRDVyYzljT0k0UT09LS1KN2RBRU1YQWJsUTBTRkovNWxDc0N3PT0%3D--51430f7a9f4b319e8f6da3c4e738afad69f52be2&funnel_step_id=c3lyZkFrb2hBVWUxbW8yQWVGQzlwZz09LS1paWF6RGYzcWpJRTBZVTlqZHRORWRnPT0%3D--cdf8e0340abed5a7c8f99238686e9b6ad9475675&user_id=cnVOOUZ4MTAyUnJqZS9zQ01hYnZ4UT09LS1sWWRsc01LSXc3V0pxejN4RWZKTllnPT0%3D--c918ac70509b33ffb12f1de1062fd8eb7e63f729&account_id=LzFZa1A0QjkydCs3Uy9QSUZGVG5jdz09LS1GdGxVSjhwcjFPc1NaajAvYTFHT2lnPT0%3D--2a13ae5b4ad988940598c7c0552e2ac82a0f9ae1&page_code=NTYyMzY3NTY%3D&mode_id=1&time_zone=America%2FNew_York&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents%3A%3APageviewsCreatedSummary&nonce=c0e754ba-01ca-485e-ab7e-ae36332eb895&url=http%3A%2F%2Fbadassgroup.net%2F HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://badassgroup.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
date: Mon, 26 Sep 2022 05:11:26 GMT
content-type: text/html
cf-ray: 75097fb7ac2ab524-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: a8d690892e0591d52530099d6c4eed32
x-runtime: 0.028617
set-cookie: __cf_bm=WMqmMVNZtouMFg.fI8kSPDCMXGZRMbIsqVCrXoD1CU8-1664169086-0-ASJBS9ePGkYxr+LPTPn6VB7QxkPSd6HLvKux3ANEScNQ62kbtjwfm4sDogbTrq7kTaqRRbawJDxNAGUg+fboK0F//jCsYuURntayHu7iXKf4; path=/; expires=Mon, 26-Sep-22 05:41:26 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

app.clickfunnels.com/assets/pushcrew.js

104.16.12.194

200 OK

0 B

URL HTTP/2
app.clickfunnels.com/assets/pushcrew.js
IP
104.16.12.194:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/pushcrew.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://badassgroup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:11:25 GMT
content-type: application/x-javascript
cf-ray: 75097fb06defb524-OSL
access-control-allow-origin: *
age: 427
cache-control: public, max-age=1200
etag: W/"632b3356-27d"
expires: Mon, 26 Sep 2022 05:31:25 GMT
last-modified: Wed, 21 Sep 2022 15:52:54 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=B0OvU6Z5TJ5W8oJAC8Hy3HmyVsiiyFjKNp48r.frrlQ-1664169085-0-AXZ0Mkb74msK1cuCqilBYfy4YNjrRzaasw+XzVP+NmWencOlX15QO5XcutHXyFERR9dL4IbI+0LUxxwg+aGB72a+CFfqGg+Zv2aYN/ZDBbv6; path=/; expires=Mon, 26-Sep-22 05:41:25 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations