Report - trk.perfectprofitplanacademy.com/?xtl=nu7lgebda0afi74nl8whjjwvzjbe2k0cu5e6cr45lf0wj7xcqoripqd5fnkfppryzdkrms24xn4nc057gkmcy8w8ravfwcdtjjvdlnr8xa0mxzgm6x9qxjiyfwqpr082tpzxumoyrvopj01d40q2xcs35cbiusu890lz3oadkpd6g6d0wtf1t371p&eih=111anvxl8uravbzdcpz886q6jt09t8c7kx19aatq9b

Report Overview

Visited public
2023-12-05 15:13:06
Tags
URL
trk.perfectprofitplanacademy.com/?xtl=nu7lgebda0afi74nl8whjjwvzjbe2k0cu5e6cr45lf0wj7xcqoripqd5fnkfppryzdkrms24xn4nc057gkmcy8w8ravfwcdtjjvdlnr8xa0mxzgm6x9qxjiyfwqpr082tpzxumoyrvopj01d40q2xcs35cbiusu890lz3oadkpd6g6d0wtf1t371p&eih=111anvxl8uravbzdcpz886q6jt09t8c7kx19aatq9b
Finishing URL
view.perfectprofitplanacademy.com/pppa-privacy1
IP / ASN
18.214.171.162
#14618 AMAZON-AES
Title
Privacy Policy

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
go.perfectprofitplanacademy.com	unknown	2020-08-10	2023-07-15 17:41:52	2023-11-27 05:56:57	517 B	156 kB	104.21.74.150
assets.clickfunnels.com	64830	2013-10-02	2014-10-08 22:00:20	2023-12-05 09:31:39	484 B	1.6 kB	104.16.14.194
app.clickfunnels.com	34727	2013-10-02	2015-03-12 09:40:23	2023-12-05 06:54:16	4.8 kB	6.2 kB	104.16.14.194
trk.perfectprofitplanacademy.com	unknown	2020-08-10	2023-06-13 10:02:37	2023-11-15 18:59:16	652 B	423 B	3.94.176.246
view.perfectprofitplanacademy.com	unknown	2020-08-10	2022-01-23 13:42:15	2023-11-08 06:19:42	14 kB	3.2 MB	104.16.12.194
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24 16:34:56	2023-12-05 08:16:24	542 B	7.7 kB	104.16.57.101
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2023-12-05 05:14:35	937 B	41 kB	172.64.141.13
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-05 07:37:50	1.4 kB	5.3 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-05 06:14:20	1.7 kB	69 kB	216.58.207.227
track.addevent.com	31058	2005-11-12	2015-06-24 23:38:08	2022-02-05 17:57:24	602 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed
2023-12-05	medium	perfectprofitplanacademy.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (18)

	URL	From	Size	First Seen	Last Seen
	view.perfectprofitplanacademy.com/pppa-privacy1	ScriptElement	101 B	2023-03-07	2025-05-08
Pretty URL view.perfectprofitplanacademy.com/pppa-privacy1 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29 Last Seen2025-05-08 13:22 Times Seen2542 Hash 58d9451139b4d777d43d7c3e074a944a 58dbf64854e67993dd579ecc78d1a32fea9266ed 85f043b5d0590f154a02cf29f549340485f0e6dd78c70ab8746555092fc9d493 Loading...

	static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317	ScriptElement	20 kB	2023-10-13	2025-05-09
Pretty URL static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 IP 104.16.57.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 06:51 Last Seen2025-05-09 03:38 Times Seen17151 Hash dd1d068fdb5fe90b6c05a5b3940e088c 0d96f9df8772633a9df4c81cf323a4ef8998ba59 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Loading...

	unknown	DomTimer	46 B	2023-04-10	2025-05-08
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-04-10 17:52 Last Seen2025-05-08 21:51 Times Seen2453 Hash 302233ab771b191786dda09414a0ccee 06a14ff1a7f44155116a02e635bc8f6ad2b424cf 2e62d7a825d79e21f6b1ef3a5b397a05462b90e525e96abbb05deed19e7fb917 Loading...

	view.perfectprofitplanacademy.com/pppa-privacy1	ScriptElement	395 B	2023-03-07	2025-05-08
Pretty URL view.perfectprofitplanacademy.com/pppa-privacy1 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29 Last Seen2025-05-08 13:22 Times Seen2539 Hash b2c93212afb38693d023d97f822acd42 a971c75819436a7c7d9c3b388b8be10f1286fdcb dbde09f9e5cc2ecdeffe30752eac8756ca637e0c524bdbd5b1c7e5704aae004f Loading...

	app.clickfunnels.com/mailcheck.min.js	ScriptElement	2.7 kB	2023-03-07	2025-04-17
Pretty URL app.clickfunnels.com/mailcheck.min.js IP 104.16.14.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29 Last Seen2025-04-17 17:03 Times Seen1771 Hash 199756d42d03ff6741642748ea00028d b5c4f6fd1b0e5d1bac97870b3885d08ccb7d2ac1 e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982 Loading...

	view.perfectprofitplanacademy.com/assets/userevents/application.js	ScriptElement	5.2 kB	2023-03-08	2025-05-08
Pretty URL view.perfectprofitplanacademy.com/assets/userevents/application.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28 Last Seen2025-05-08 21:51 Times Seen2474 Hash 4849819314b7c1be4146a39b52c5c502 3e09f90cb42c04ff19f66dbbd83e3dbb544b50bf a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b Loading...

	view.perfectprofitplanacademy.com/pppa-privacy1	ScriptElement	1.0 kB	2023-03-07	2025-05-08
Pretty URL view.perfectprofitplanacademy.com/pppa-privacy1 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29 Last Seen2025-05-08 13:22 Times Seen2531 Hash 7e04d8a0aac6ab1ec08163bd215a5711 f425cd8bab39529985cf2a9cf866a877b4fca17a 4e3d5220213c311337410362a4654f5ea226e71707a85229385cec6d871cc05a Loading...

	view.perfectprofitplanacademy.com/pppa-privacy1	ScriptElement	3 B	2023-03-07	2025-05-09
Pretty URL view.perfectprofitplanacademy.com/pppa-privacy1 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 02:44 Times Seen2424 Hash f67be96ce768fb5b40aecf0438f97886 d27fecd03a022cc6f670ca42ef1b99d5f5bcc74c 3441b5696d6abf2bd959d18bcb31dde8239a6ad8185bfa659af60bc764c238a8 Loading...

	view.perfectprofitplanacademy.com/pppa-privacy1	ScriptElement	104 B	2023-03-07	2025-05-08
Pretty URL view.perfectprofitplanacademy.com/pppa-privacy1 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29 Last Seen2025-05-08 13:22 Times Seen2713 Hash 00b5ba65cbf82b44301e01048b806055 3be24afc94edb8de2099ccafa2bfcdbfbef301cd 699e1188e23d8be696d8ca3b45d7eba8c1c97f6ce4e9da4051cce63907ea8442 Loading...

	view.perfectprofitplanacademy.com/vendor.js	ScriptElement	18 kB	2023-03-07	2025-05-08
Pretty URL view.perfectprofitplanacademy.com/vendor.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29 Last Seen2025-05-08 21:51 Times Seen2532 Hash bf2a8a168c0be1544c34f363c276586e 581e49c9b7bdd06dab54c00931f4256b223e620e 7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d Loading...

	view.perfectprofitplanacademy.com/assets/pushcrew.js	ScriptElement	637 B	2023-03-07	2025-05-08
Pretty URL view.perfectprofitplanacademy.com/assets/pushcrew.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29 Last Seen2025-05-08 21:51 Times Seen2594 Hash 0a67c27615e7d2202f261dcc0a82d744 0fa0a8ca56efded583bd4201821015a63c623d44 f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422 Loading...

	view.perfectprofitplanacademy.com/assets/lander.js	ScriptElement	2.3 MB	2023-11-30	2024-08-20
Pretty URL view.perfectprofitplanacademy.com/assets/lander.js IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 12:49 Last Seen2024-08-20 17:21 Times Seen25 Hash b94c0fd0b9b33ced77944b1cfc913b53 9b953d4220801321369d0adacdf7f7963fb755ed 712b174df95f5434e984bb02ed2c223402406c5ab5eeef3c11d0937a0aa09194 Loading...

	view.perfectprofitplanacademy.com/pppa-privacy1	ScriptElement	622 B	2023-11-08	2024-08-20
Pretty URL view.perfectprofitplanacademy.com/pppa-privacy1 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 06:20 Last Seen2024-08-20 20:27 Times Seen2 Hash 9b8e19b8c37d9aae78a430da08595fac e445aaa8ad88766f64d4bf467072393047389cbe 1fab9c5677f14d9540362a9f209554e39124c0025b4c995a3e84a136d008be99 Loading...

	view.perfectprofitplanacademy.com/pppa-privacy1	ScriptElement	1.2 kB	2023-03-07	2025-05-03
Pretty URL view.perfectprofitplanacademy.com/pppa-privacy1 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29 Last Seen2025-05-03 11:41 Times Seen1737 Hash f53804c0abbd5d0ead0a41ca2dd89599 39d28f2df6171e4847aafb50cff964da0b33aef0 1dfb574d71b367cdf50909a035c1865d63381accb868b60d395d6ad71c426821 Loading...

	view.perfectprofitplanacademy.com/pppa-privacy1	ScriptElement	271 B	2023-03-07	2025-05-08
Pretty URL view.perfectprofitplanacademy.com/pppa-privacy1 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29 Last Seen2025-05-08 13:22 Times Seen2509 Hash c0d8faa83b4d63e92f56614251d001d4 4377d94b43b83ca010c78aa4c482d86ca19a9593 1d35b00811c224b9c83537f23634d9e7b07f75841c3d99e6ded3c759571f45a7 Loading...

	view.perfectprofitplanacademy.com/pppa-privacy1	ScriptElement	1.6 kB	2023-03-07	2025-05-08
Pretty URL view.perfectprofitplanacademy.com/pppa-privacy1 IP 104.16.12.194 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29 Last Seen2025-05-08 13:22 Times Seen2489 Hash 9695240da93eaffb74ee6d46ae6ea5da f545f6cec4b5da6fb0a50a17ee0bc878030c5047 88533b116813899d4cf0751961b7568763677a97033cfb35180d523e2cf2cfd1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - ea78eb95e28e8fe354344fe9232e38ab	119 B	2023-11-08 06:20	2023-12-05 16:13
Pretty Observations First Seen2023-11-08 06:20 Last Seen2023-12-05 16:13 Times Seen2 Hash ea78eb95e28e8fe354344fe9232e38ab 4c0c3e3d2c49d0e52a133e379dbfe772f5df9f59 03b356820fbb59cc11a53e55197418b242a999ccd44d544194d2d8d69325e2d9 Loading...

	#2 Eval - 2aa74ac3a264c3e10ae463a262aaf72c	20 kB	2023-03-07 01:29	2025-03-01 21:19
Pretty Observations First Seen2023-03-07 01:29 Last Seen2025-03-01 21:19 Times Seen1935 Hash 2aa74ac3a264c3e10ae463a262aaf72c c5ff579cf0cc2ba1d98711b366ec148152abbaf5 9c1ea695852f01d2fc6027d572b126b740a9c4634540fb0d39ea3656377eef77 Loading...

HTTP Transactions (33)

URL IP Response Size

trk.perfectprofitplanacademy.com/?xtl=nu7lgebda0afi74nl8whjjwvzjbe2k0cu5e6cr45lf0wj7xcqoripqd5fnkfppryzdkrms24xn4nc057gkmcy8w8ravfwcdtjjvdlnr8xa0mxzgm6x9qxjiyfwqpr082tpzxumoyrvopj01d40q2xcs35cbiusu890lz3oadkpd6g6d0wtf1t371p&eih=111anvxl8uravbzdcpz886q6jt09t8c7kx19aatq9b

3.94.176.246

0 B

URL User Request GET
trk.perfectprofitplanacademy.com/?xtl=nu7lgebda0afi74nl8whjjwvzjbe2k0cu5e6cr45lf0wj7xcqoripqd5fnkfppryzdkrms24xn4nc057gkmcy8w8ravfwcdtjjvdlnr8xa0mxzgm6x9qxjiyfwqpr082tpzxumoyrvopj01d40q2xcs35cbiusu890lz3oadkpd6g6d0wtf1t371p&eih=111anvxl8uravbzdcpz886q6jt09t8c7kx19aatq9b
IP
3.94.176.246:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?xtl=nu7lgebda0afi74nl8whjjwvzjbe2k0cu5e6cr45lf0wj7xcqoripqd5fnkfppryzdkrms24xn4nc057gkmcy8w8ravfwcdtjjvdlnr8xa0mxzgm6x9qxjiyfwqpr082tpzxumoyrvopj01d40q2xcs35cbiusu890lz3oadkpd6g6d0wtf1t371p&eih=111anvxl8uravbzdcpz886q6jt09t8c7kx19aatq9b HTTP/1.1
Host: trk.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Date: Tue, 05 Dec 2023 15:12:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
X-Powered-By: PHP/5.6.40
Location: https://go.perfectprofitplanacademy.com/pppa-privacy-policy
X-Permitted-Cross-Domain-Policies: None
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;

go.perfectprofitplanacademy.com/pppa-privacy-policy

104.21.74.150

302 Found

155 kB

URL User Request GET HTTP/2
go.perfectprofitplanacademy.com/pppa-privacy-policy
IP
104.21.74.150:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectperfectprofitplanacademy.com
Fingerprint8F:D8:35:13:E1:65:D1:89:52:DC:DC:B6:E4:8E:5C:7A:C4:86:15:52
ValidityWed, 11 Oct 2023 11:58:08 GMT - Tue, 09 Jan 2024 11:58:07 GMT

File type
PNG image data, 431 x 537, 8-bit/color RGBA, non-interlaced\012- data
Size
155 kB (155288 bytes)
Hash
e63c22e39e451e81e05acdc0309269ba
00e82bdb6bd041fbf9e37e780174bf2509669bf3
b05c29ea16961b20892e83dfb9cbee6bc550bff10b2ae638f837bc6e55492cc6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pppa-privacy-policy HTTP/1.1
Host: go.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 05 Dec 2023 15:12:48 GMT
content-type: text/html; charset=UTF-8
location: https://view.perfectprofitplanacademy.com/pppa-privacy
cache-control: max-age=600
expires: Tue, 05 Dec 2023 15:22:47 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGiupQYQz5tjvqGxANBoyAmoCBIfZ85PDGzNh9UzsFftq%2BFXmLZC%2B6i35UvqGC7ACgk%2Fql3Y%2BElsnaKCnQKiZ%2FZ5ATy0iV1gME6aTTOQW3ZDqV9IXWf8YSBEHpq2LRHEBUetxcjyKOioirG9NLZvHeJM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d3ab9bc807128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/hosted/images/49/c6faf4cd8b4d01acffd3f83e65bd9a/james-from-JA_com2.png

104.16.12.194

200 OK

200 kB

URL GET HTTP/2
view.perfectprofitplanacademy.com/hosted/images/49/c6faf4cd8b4d01acffd3f83e65bd9a/james-from-JA_com2.png
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type
PNG image data, 401 x 359, 8-bit/color RGB, non-interlaced\012- data
Size
200 kB (200251 bytes)
Hash
1787976d9508c598ab01c2957c243c87
e2e316956095ac4dc40675fdbeb01a58259fc589
1637cd6ad9cd921eb5c70831d4aafd95b30c442960cfa18e6007576ff83e7959

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hosted/images/49/c6faf4cd8b4d01acffd3f83e65bd9a/james-from-JA_com2.png HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: image/png
content-length: 200251
cf-ray: 830d3ac44e6e5699-OSL
cf-cache-status: HIT
accept-ranges: bytes
age: 2923
cache-control: max-age=31536000
etag: "75c95d6f4815613fcd076ec5a6fea09c"
last-modified: Mon, 17 Feb 2020 15:21:42 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:85,h2pri
cf-polished: origSize=200486
x-amz-cf-pop: ARN56-P1
server: cloudflare
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/hosted/images/aa/b1101a0a55491cb0ecf0f3d46e1b77/ALN_CANNAWHEATON_CHARTS_TINYCO_122019.png

104.16.12.194

200 OK

29 kB

URL GET HTTP/2
view.perfectprofitplanacademy.com/hosted/images/aa/b1101a0a55491cb0ecf0f3d46e1b77/ALN_CANNAWHEATON_CHARTS_TINYCO_122019.png
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type
PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced\012- data
Size
29 kB (29254 bytes)
Hash
5364abfc0efe27f678c92a0c777f5307
1740cda728e40bfe7b327ec703e754c30b64a558
870742e796c56162e18feb49ca03e387a8ff8d7d6e18c64c668297a9acd08176

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hosted/images/aa/b1101a0a55491cb0ecf0f3d46e1b77/ALN_CANNAWHEATON_CHARTS_TINYCO_122019.png HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: image/png
content-length: 29254
cf-ray: 830d3ac44e745699-OSL
cf-cache-status: HIT
accept-ranges: bytes
age: 2923
cache-control: max-age=31536000
etag: "d234598891faf2edcd5fc8b513769d3b"
last-modified: Sat, 15 Feb 2020 22:35:33 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:85,h2pri
cf-polished: origSize=29426
x-amz-cf-pop: CPH50-C2
server: cloudflare
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/hosted/images/7e/8a3ebcaaf9475a9758ebe553d9c467/image-1-.png

104.16.12.194

200 OK

1.3 MB

URL GET HTTP/2
view.perfectprofitplanacademy.com/hosted/images/7e/8a3ebcaaf9475a9758ebe553d9c467/image-1-.png
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type
PNG image data, 900 x 1200, 8-bit/color RGB, non-interlaced\012- data
Size
1.3 MB (1255224 bytes)
Hash
f57f8b031c20e68c7ae8cf51b0f36efd
033f59cb3bab2f0bb7b8bcae949d5a17d2d3fb71
6cde21e0de9c54bea21e582482ba92be16d84640f4f5e91e5b87f0c8d0e57740

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hosted/images/7e/8a3ebcaaf9475a9758ebe553d9c467/image-1-.png HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: image/png
content-length: 1255224
cf-ray: 830d3ac43e665699-OSL
cf-cache-status: HIT
accept-ranges: bytes
age: 2923
cache-control: max-age=31536000
etag: "a5d3825c101f66de5e0a80be5c94ade2"
last-modified: Mon, 17 Feb 2020 17:10:22 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1256130
x-amz-cf-pop: ARN56-P1
server: cloudflare
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/hosted/images/31/d8d022ba0a414cb5cb010487ccfda7/Side-hustle.png

104.16.12.194

200 OK

89 kB

URL GET HTTP/2
view.perfectprofitplanacademy.com/hosted/images/31/d8d022ba0a414cb5cb010487ccfda7/Side-hustle.png
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type
PNG image data, 352 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
89 kB (88692 bytes)
Hash
2baf34b737841f8580af605b2c8aad64
f9a4a062058eda2699d2998150751161b6a6708b
80bc2826d90e1104f20dcac63af8507410ac6262313bd8a9e4f7210bb38eb298

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hosted/images/31/d8d022ba0a414cb5cb010487ccfda7/Side-hustle.png HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: image/png
content-length: 88692
cf-ray: 830d3ac43e6b5699-OSL
cf-cache-status: REVALIDATED
accept-ranges: bytes
cache-control: max-age=31536000
etag: "80db9e1c4de826fafdc719e1affac9f2"
last-modified: Mon, 17 Feb 2020 15:21:34 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:85,h2pri
cf-polished: origSize=89017
x-amz-cf-pop: HEL50-C1
server: cloudflare
X-Firefox-Spdy: h2

assets.clickfunnels.com/images/closemodal.png

104.16.14.194

200 OK

672 B

URL GET HTTP/2
assets.clickfunnels.com/images/closemodal.png
IP
104.16.14.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0F:11:99:51:23:44:BB:CA:C4:97:58:4E:AE:B2:84:92:53:23:12:E2
ValidityFri, 23 Jun 2023 00:00:00 GMT - Sat, 22 Jun 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
672 B (672 bytes)
Hash
19754ed4d508cf576c80cf36e0db8c50
f459beac714e5be68aa75349fa806a5642af456a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

HTTP Headers

GET /images/closemodal.png HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: image/webp
content-length: 672
cf-ray: 830d3ac468197129-OSL
cf-cache-status: HIT
accept-ranges: bytes
age: 906148
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "65393c32-314"
expires: Fri, 05 Jan 2024 15:12:49 GMT
last-modified: Wed, 25 Oct 2023 16:02:58 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=VwCrVbMyv4ZeKGHK0bNG3K.dmvl2yzoy3cXsa5a2_mY-1701789169-0-Aei7DMt0Grhm1WcxSbK3oe5Hi8Gm/MMteUQGHkuETc3ZRyuNYP195jrceIZVktXBChfTAo53N0mNmT7mdg2AIGT2qHXt8N1/g/tLpWMXnC0M; path=/; expires=Tue, 05-Dec-23 15:42:49 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
_cfuvid=wvPc9N8kuGXvGH3hUDw_zz32QVxAkCU_NlyJDCHR84k-1701789169410-0-604800000; path=/; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/hosted/images/fc/05a3b09d334977a4d77e8c304fb136/ALN_WEEDTIREMENT_ADS-06.png

104.16.12.194

200 OK

73 kB

URL GET HTTP/2
view.perfectprofitplanacademy.com/hosted/images/fc/05a3b09d334977a4d77e8c304fb136/ALN_WEEDTIREMENT_ADS-06.png
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGB, non-interlaced\012- data
Size
73 kB (73150 bytes)
Hash
b3e765ef2ef6929b98474952e4fc8080
375170a7013ec57ac0476e3d24c144beff8f07d7
534e97d4cd479f341f02b36a136b2bc9e0191c3338cdeddb907d8ba74032285a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hosted/images/fc/05a3b09d334977a4d77e8c304fb136/ALN_WEEDTIREMENT_ADS-06.png HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: image/png
content-length: 73150
cf-ray: 830d3ac43e675699-OSL
cf-cache-status: REVALIDATED
accept-ranges: bytes
cache-control: max-age=31536000
etag: "f1196409fc764fb551d3cadf0ce756d9"
last-modified: Sat, 15 Feb 2020 21:51:07 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:85,h2pri
cf-polished: origSize=73378
x-amz-cf-pop: ARN56-P1
server: cloudflare
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/hosted/images/36/b33961355045e2b02dab7cd86cac3b/ALN_CannaWheaton_300x250_04.jpg

104.16.12.194

200 OK

20 kB

URL GET HTTP/2
view.perfectprofitplanacademy.com/hosted/images/36/b33961355045e2b02dab7cd86cac3b/ALN_CannaWheaton_300x250_04.jpg
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Size
20 kB (19861 bytes)
Hash
abfad37f5f6c3e202396ec5c113ec62b
37e64e0202863e53e0104616b5410848d8b70265
1a1874f506e81f514f6a3ea3b31df0a920eccf80cb8071ab3a739922e7182fa2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hosted/images/36/b33961355045e2b02dab7cd86cac3b/ALN_CannaWheaton_300x250_04.jpg HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: image/jpeg
content-length: 19861
cf-ray: 830d3ac43e685699-OSL
cf-cache-status: REVALIDATED
accept-ranges: bytes
cache-control: max-age=31536000
etag: "5ad41f397af4f8c599b009711bca9a96"
last-modified: Sat, 15 Feb 2020 21:40:34 GMT
vary: Accept-Encoding
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=22531, status=webp_bigger
x-amz-cf-pop: HEL50-C1
server: cloudflare
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/assets/pushcrew.js

104.16.12.194

200 OK

819 B

URL GET HTTP/2
view.perfectprofitplanacademy.com/assets/pushcrew.js
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (637), with no line terminators
Size
819 B (819 bytes)
Hash
0a67c27615e7d2202f261dcc0a82d744
0fa0a8ca56efded583bd4201821015a63c623d44
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/pushcrew.js HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: application/x-javascript
cf-ray: 830d3ac44e795699-OSL
cf-cache-status: HIT
age: 557
cache-control: public, max-age=1200
etag: W/"656e3210-27d"
expires: Tue, 05 Dec 2023 15:32:49 GMT
last-modified: Mon, 04 Dec 2023 20:09:52 GMT
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/assets/lander.js

104.16.12.194

200 OK

675 kB

URL GET HTTP/2
view.perfectprofitplanacademy.com/assets/lander.js
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32752)
Size
675 kB (675239 bytes)
Hash
b94c0fd0b9b33ced77944b1cfc913b53
9b953d4220801321369d0adacdf7f7963fb755ed
712b174df95f5434e984bb02ed2c223402406c5ab5eeef3c11d0937a0aa09194

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/lander.js HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: application/x-javascript
cf-ray: 830d3ac44e775699-OSL
cf-cache-status: HIT
age: 210
cache-control: public, max-age=1200
etag: W/"656e325e-237376"
expires: Tue, 05 Dec 2023 15:32:49 GMT
last-modified: Mon, 04 Dec 2023 20:11:10 GMT
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

104.16.57.101

200 OK

7.3 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
IP
104.16.57.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
7.3 kB (7326 bytes)
Hash
9a1c7da9a0de9a39ef8d4ffcd59358c4
e75229aca0dc0357dfebaef311242eb57b98cb41
c28a845ebd52fcb48a1237f18df30e5b88699e2d74ca0046502dea5ffe58b634

HTTP Headers

GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://view.perfectprofitplanacademy.com
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2023.10.0"
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 830d3ac54dafb517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/all.css

172.64.141.13

200 OK

13 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.9.0/css/all.css
IP
172.64.141.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (55782)
Size
13 kB (12668 bytes)
Hash
dbf9d822cefe851ba6f66e1ad57e8987
2c43148f7df780e8b40a3ab09c770f03adbf11af
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

HTTP Headers

GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
last-modified: Fri, 22 Sep 2023 01:46:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1843130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMGQRM%2BUJ%2FvTpanlCkOInn%2BejNkbI3FLkZhqtDM%2FGKtHjL83VJRCV7mzmlwKfPJg%2Fli6Sdc2Vqe5A4CQWAw2vq1bkFsdK%2BbRkrVuM9pf2m1p4M0IuRexWZbycAttdmg3QOODMcRJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d3ac65c1f640c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

142.250.74.106

200 OK

2.9 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
2.9 kB (2923 bytes)
Hash
2df775b7320327ef7278cd1437e66247
0fd27f3e3a4685f626cbea7f235672b805da19a7
fe42f57d31cee4b860a6f990b55e5c03d6a111e88788b1759527bde85569501b

HTTP Headers

GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 05 Dec 2023 15:12:49 GMT
date: Tue, 05 Dec 2023 15:12:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22476, version 1.0\012- data
Size
22 kB (22476 bytes)
Hash
c221fd7b9d189773de5e54745a6dc28c
9a58a6bd08f6cda6acbfaaa160375d3e1c5c93f0
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0

HTTP Headers

GET /s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://view.perfectprofitplanacademy.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22476
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 19:09:22 GMT
expires: Tue, 03 Dec 2024 19:09:22 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 19:19:08 GMT
content-type: font/woff2
age: 72207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22376, version 1.0\012- data
Size
22 kB (22376 bytes)
Hash
e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216

HTTP Headers

GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://view.perfectprofitplanacademy.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 21:59:03 GMT
expires: Tue, 03 Dec 2024 21:59:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
content-type: font/woff2
age: 62026
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

216.58.207.227

200 OK

21 kB

URL GET HTTP/2
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21224, version 1.0\012- data
Size
21 kB (21224 bytes)
Hash
13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

HTTP Headers

GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://view.perfectprofitplanacademy.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:03:27 GMT
expires: Fri, 29 Nov 2024 05:03:27 GMT
cache-control: public, max-age=31536000
age: 468562
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/cdn-cgi/rum?

104.16.12.194

204 No Content

0 B

URL POST HTTP/2
view.perfectprofitplanacademy.com/cdn-cgi/rum?
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 7647
Origin: https://view.perfectprofitplanacademy.com
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTMxODM0Mzk=:visited=true; cf:visitor_id=071c733f-72b1-4c9d-ad71-1d1f49f45949; addevent_track_cookie=c91686c8-ebef-49f4-1df9-9c5d3ae7162b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 05 Dec 2023 15:12:50 GMT
access-control-allow-origin: https://view.perfectprofitplanacademy.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 830d3acb0ecf5699-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/pppa-privacy

104.16.12.194

302 Found

108 kB

URL User Request GET HTTP/2
view.perfectprofitplanacademy.com/pppa-privacy
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type

Size
108 kB (107842 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pppa-privacy HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 05 Dec 2023 15:12:48 GMT
content-type: text/html; charset=utf-8
location: https://view.perfectprofitplanacademy.com/pppa-privacy1
cf-ray: 830d3abe7ff55699-OSL
cf-cache-status: EXPIRED
cache-control: no-cache
vary: Accept-Encoding
status: 302 Found
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 74b4378c51257e9d047e06b29bb9020e
x-runtime: 0.079871
set-cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; path=/; expires=Tue, 05-Dec-23 15:42:48 GMT; domain=.view.perfectprofitplanacademy.com; HttpOnly; Secure; SameSite=None
_cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000; path=/; domain=.view.perfectprofitplanacademy.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.9.0/css/v4-shims.css

172.64.141.13

200 OK

27 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP
172.64.141.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (26440)
Size
27 kB (26625 bytes)
Hash
e140a7d32f343530f016095df3cc2ae4
1a5f9ba089085f9e44292a6344b9364c489bcd49
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

HTTP Headers

GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"e140a7d32f343530f016095df3cc2ae4"
last-modified: Fri, 22 Sep 2023 01:46:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 386894
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3TAoALegB6GnWmx71gLUauCcorp12OrlsFZ9tLZM0pEHEJVv30eVLFMEyvWeP9fkznXNw%2BEZlWBz3l6mF5eTJNWvo8WfEhQPizsQPSmHIORn%2BS8ZlZUeRyIAyse8dW47Lvxxxea"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830d3ac65c12640c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

app.clickfunnels.com/mailcheck.min.js

104.16.14.194

200 OK

2.7 kB

URL GET HTTP/2
app.clickfunnels.com/mailcheck.min.js
IP
104.16.14.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0F:11:99:51:23:44:BB:CA:C4:97:58:4E:AE:B2:84:92:53:23:12:E2
ValidityFri, 23 Jun 2023 00:00:00 GMT - Sat, 22 Jun 2024 23:59:59 GMT

File type
C source, ASCII text, with very long lines (2763), with no line terminators
Size
2.7 kB (2701 bytes)
Hash
acf84f6eef8f64d8d041df0a0e531144
fcdeedb5223bd8710d80a3605120a06865517697
1c15178d5d14bd4a116adfafa3497ee592ee4300f3661140da902b484cccb31c

HTTP Headers

GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: application/x-javascript
cf-ray: 830d3ac508d97129-OSL
cf-cache-status: HIT
age: 3284
etag: W/"656e3211-a8d"
last-modified: Mon, 04 Dec 2023 20:09:53 GMT
vary: Accept-Encoding
set-cookie: __cf_bm=6VsIh1KkPeu2Auz2XL5Z1zst.Dxazw.IrMYtcaH_LWI-1701789169-0-AVNCY+joHbYAvhYN9Dl9Gnzc06xYqvkbjTEeCo12z1GYYKwm12S2FMxSIRm7NPlC9ie1tUqn3eHf3xs6481mis+RIoo3QSt6SMfGWZtfGSS8; path=/; expires=Tue, 05-Dec-23 15:42:49 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
_cfuvid=ZlZdK9EZAnVylC7ptKzswOROLFma5wfiz8iHaxe3.Ww-1701789169502-0-604800000; path=/; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/hosted/images/5f/33c524576e415c85252ffba1bf21b5/income-cover-stack-med.png

104.16.12.194

200 OK

155 kB

URL GET HTTP/2
view.perfectprofitplanacademy.com/hosted/images/5f/33c524576e415c85252ffba1bf21b5/income-cover-stack-med.png
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type
PNG image data, 431 x 537, 8-bit/color RGBA, non-interlaced\012- data
Size
155 kB (155288 bytes)
Hash
e63c22e39e451e81e05acdc0309269ba
00e82bdb6bd041fbf9e37e780174bf2509669bf3
b05c29ea16961b20892e83dfb9cbee6bc550bff10b2ae638f837bc6e55492cc6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hosted/images/5f/33c524576e415c85252ffba1bf21b5/income-cover-stack-med.png HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: image/png
content-length: 155288
cf-ray: 830d3ac43e635699-OSL
cf-cache-status: HIT
accept-ranges: bytes
age: 2923
cache-control: max-age=31536000
etag: "8e538596881d26dccbb92d879f99e8c1"
last-modified: Wed, 05 Feb 2020 00:00:33 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:85,h2pri
cf-polished: origSize=168331
x-amz-cf-pop: ARN56-P1
server: cloudflare
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/images/background.png?_unique=0.783512297750542&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//view.perfectprofitplanacademy.com/pppa-privacy1&_title=Privacy%20Policy&_key=xfhq92xu&_page_key=xqwz7qboymj8kwit&_fid=11845888&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://view.perfectprofitplanacademy.com/pppa-privacy1&_referrer=

104.16.12.194

200 OK

119 B

URL GET HTTP/2
view.perfectprofitplanacademy.com/images/background.png?_unique=0.783512297750542&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//view.perfectprofitplanacademy.com/pppa-privacy1&_title=Privacy%20Policy&_key=xfhq92xu&_page_key=xqwz7qboymj8kwit&_fid=11845888&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://view.perfectprofitplanacademy.com/pppa-privacy1&_referrer=
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
119 B (119 bytes)
Hash
ea78eb95e28e8fe354344fe9232e38ab
4c0c3e3d2c49d0e52a133e379dbfe772f5df9f59
03b356820fbb59cc11a53e55197418b242a999ccd44d544194d2d8d69325e2d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/background.png?_unique=0.783512297750542&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//view.perfectprofitplanacademy.com/pppa-privacy1&_title=Privacy%20Policy&_key=xfhq92xu&_page_key=xqwz7qboymj8kwit&_fid=11845888&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://view.perfectprofitplanacademy.com/pppa-privacy1&_referrer= HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTMxODM0Mzk=:visited=true; cf:visitor_id=071c733f-72b1-4c9d-ad71-1d1f49f45949; addevent_track_cookie=c91686c8-ebef-49f4-1df9-9c5d3ae7162b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:50 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 830d3aca5e175699-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: no-cache, no-store, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: POST, GET
access-control-request-method: *
status: 200 OK
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: f1b96f9c9955ccac45042fd706229e49
x-runtime: 0.016009
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/assets/userevents/application.js

104.16.12.194

200 OK

5.2 kB

URL GET HTTP/2
view.perfectprofitplanacademy.com/assets/userevents/application.js
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5430), with no line terminators
Size
5.2 kB (5244 bytes)
Hash
888865608bac1cfe7a65571ce8de3306
875178efadce00eafd89522e25171e0eac662b11
444e7ce8446b1bc3f37f89194aab92e12bc9e6757fc122482f36392c8bdbd43f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/userevents/application.js HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: application/x-javascript
cf-ray: 830d3ac43e625699-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 271
cache-control: public, max-age=1200
etag: W/"656e3211-147c"
expires: Tue, 05 Dec 2023 15:32:49 GMT
last-modified: Mon, 04 Dec 2023 20:09:53 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=TXF5c09Uc2FteWR5OWlUOGdaWkwrZz09LS1ybXhwRmVxbHp0YjZqNTZiRitSU3J3PT0%3D--e3a4a6bcc2eee39a125db0faf04e14120fd399df&page_id=RGNaZkdPbmFCd3B3SDRhS1NRdTNjZz09LS1CV01FMXozYVpUeFJPOTAyOWJLWnRnPT0%3D--54047e4af7447da49945ab171a39168420300587&funnel_step_id=REtRWmNNaCtuZTFUanAwbXlFMFVSZz09LS15Z0tZZ3I1djQ1WjR0Mktka0tISmhRPT0%3D--1682e8dbe329f34933e38af133e4ee29f38d4fbf&user_id=L3hCZGhzdkYzeFJnWHR0ZWs3K1Ftdz09LS00OVYzZ1NHT2dzKzJtVWhtblB6TC9RPT0%3D--84451d488c4c7910d49df7d39fe2552d2818e0b9&account_id=Ui9DREE2cFJaRWc4K0dUYU42N2FMZz09LS1JRHdHa1VVdVVLRmJ0RE1YOGI2YVN3PT0%3D--e210fda224fb24927f14af5f380a984bca9e2a1e&page_code=NTMxODM0Mzk%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::PageviewsCreatedSummary&nonce=5db7796a-6eaa-4c2e-a301-938614072108&url=https%3A%2F%2Fview.perfectprofitplanacademy.com%2Fpppa-privacy1

104.16.14.194

202 Accepted

0 B

URL GET HTTP/2
app.clickfunnels.com/userevents/?funnel_id=TXF5c09Uc2FteWR5OWlUOGdaWkwrZz09LS1ybXhwRmVxbHp0YjZqNTZiRitSU3J3PT0%3D--e3a4a6bcc2eee39a125db0faf04e14120fd399df&page_id=RGNaZkdPbmFCd3B3SDRhS1NRdTNjZz09LS1CV01FMXozYVpUeFJPOTAyOWJLWnRnPT0%3D--54047e4af7447da49945ab171a39168420300587&funnel_step_id=REtRWmNNaCtuZTFUanAwbXlFMFVSZz09LS15Z0tZZ3I1djQ1WjR0Mktka0tISmhRPT0%3D--1682e8dbe329f34933e38af133e4ee29f38d4fbf&user_id=L3hCZGhzdkYzeFJnWHR0ZWs3K1Ftdz09LS00OVYzZ1NHT2dzKzJtVWhtblB6TC9RPT0%3D--84451d488c4c7910d49df7d39fe2552d2818e0b9&account_id=Ui9DREE2cFJaRWc4K0dUYU42N2FMZz09LS1JRHdHa1VVdVVLRmJ0RE1YOGI2YVN3PT0%3D--e210fda224fb24927f14af5f380a984bca9e2a1e&page_code=NTMxODM0Mzk%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::PageviewsCreatedSummary&nonce=5db7796a-6eaa-4c2e-a301-938614072108&url=https%3A%2F%2Fview.perfectprofitplanacademy.com%2Fpppa-privacy1
IP
104.16.14.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0F:11:99:51:23:44:BB:CA:C4:97:58:4E:AE:B2:84:92:53:23:12:E2
ValidityFri, 23 Jun 2023 00:00:00 GMT - Sat, 22 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userevents/?funnel_id=TXF5c09Uc2FteWR5OWlUOGdaWkwrZz09LS1ybXhwRmVxbHp0YjZqNTZiRitSU3J3PT0%3D--e3a4a6bcc2eee39a125db0faf04e14120fd399df&page_id=RGNaZkdPbmFCd3B3SDRhS1NRdTNjZz09LS1CV01FMXozYVpUeFJPOTAyOWJLWnRnPT0%3D--54047e4af7447da49945ab171a39168420300587&funnel_step_id=REtRWmNNaCtuZTFUanAwbXlFMFVSZz09LS15Z0tZZ3I1djQ1WjR0Mktka0tISmhRPT0%3D--1682e8dbe329f34933e38af133e4ee29f38d4fbf&user_id=L3hCZGhzdkYzeFJnWHR0ZWs3K1Ftdz09LS00OVYzZ1NHT2dzKzJtVWhtblB6TC9RPT0%3D--84451d488c4c7910d49df7d39fe2552d2818e0b9&account_id=Ui9DREE2cFJaRWc4K0dUYU42N2FMZz09LS1JRHdHa1VVdVVLRmJ0RE1YOGI2YVN3PT0%3D--e210fda224fb24927f14af5f380a984bca9e2a1e&page_code=NTMxODM0Mzk%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::PageviewsCreatedSummary&nonce=5db7796a-6eaa-4c2e-a301-938614072108&url=https%3A%2F%2Fview.perfectprofitplanacademy.com%2Fpppa-privacy1 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://view.perfectprofitplanacademy.com
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 202 Accepted
date: Tue, 05 Dec 2023 15:12:50 GMT
content-type: text/html
cf-ray: 830d3ac90cc87129-OSL
cf-cache-status: BYPASS
access-control-allow-origin: *
cache-control: no-cache, no-store
vary: Accept-Encoding
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 1ba3d0bdef2779a2f25ce657753ff4e5
x-runtime: 0.031214
set-cookie: __cf_bm=F02Ga_nPUW6uUZpDiJBIGvHdt0bjP34NQGRIG6qFw0g-1701789170-0-AbTjdoHSKRc19Tt8qYpXig2xtjtAbW3m9arBOb0pwFBxhEjRV99FgpZqBtMqYSodUcOdAYJv5jwFOyNIq74FmoeK3qIPtoe25Een4AIgNGxP; path=/; expires=Tue, 05-Dec-23 15:42:50 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
_cfuvid=WyfDsUHiY4ZPYsxmiAMnzRwUfWmobvfBN7wScNzU5KY-1701789170322-0-604800000; path=/; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=TXF5c09Uc2FteWR5OWlUOGdaWkwrZz09LS1ybXhwRmVxbHp0YjZqNTZiRitSU3J3PT0%3D--e3a4a6bcc2eee39a125db0faf04e14120fd399df&page_id=RGNaZkdPbmFCd3B3SDRhS1NRdTNjZz09LS1CV01FMXozYVpUeFJPOTAyOWJLWnRnPT0%3D--54047e4af7447da49945ab171a39168420300587&funnel_step_id=REtRWmNNaCtuZTFUanAwbXlFMFVSZz09LS15Z0tZZ3I1djQ1WjR0Mktka0tISmhRPT0%3D--1682e8dbe329f34933e38af133e4ee29f38d4fbf&user_id=L3hCZGhzdkYzeFJnWHR0ZWs3K1Ftdz09LS00OVYzZ1NHT2dzKzJtVWhtblB6TC9RPT0%3D--84451d488c4c7910d49df7d39fe2552d2818e0b9&account_id=Ui9DREE2cFJaRWc4K0dUYU42N2FMZz09LS1JRHdHa1VVdVVLRmJ0RE1YOGI2YVN3PT0%3D--e210fda224fb24927f14af5f380a984bca9e2a1e&page_code=NTMxODM0Mzk%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=068e5fc5-22dc-49f5-88ae-b3fdff96027c&url=https%3A%2F%2Fview.perfectprofitplanacademy.com%2Fpppa-privacy1

104.16.14.194

202 Accepted

0 B

URL GET HTTP/2
app.clickfunnels.com/userevents/?funnel_id=TXF5c09Uc2FteWR5OWlUOGdaWkwrZz09LS1ybXhwRmVxbHp0YjZqNTZiRitSU3J3PT0%3D--e3a4a6bcc2eee39a125db0faf04e14120fd399df&page_id=RGNaZkdPbmFCd3B3SDRhS1NRdTNjZz09LS1CV01FMXozYVpUeFJPOTAyOWJLWnRnPT0%3D--54047e4af7447da49945ab171a39168420300587&funnel_step_id=REtRWmNNaCtuZTFUanAwbXlFMFVSZz09LS15Z0tZZ3I1djQ1WjR0Mktka0tISmhRPT0%3D--1682e8dbe329f34933e38af133e4ee29f38d4fbf&user_id=L3hCZGhzdkYzeFJnWHR0ZWs3K1Ftdz09LS00OVYzZ1NHT2dzKzJtVWhtblB6TC9RPT0%3D--84451d488c4c7910d49df7d39fe2552d2818e0b9&account_id=Ui9DREE2cFJaRWc4K0dUYU42N2FMZz09LS1JRHdHa1VVdVVLRmJ0RE1YOGI2YVN3PT0%3D--e210fda224fb24927f14af5f380a984bca9e2a1e&page_code=NTMxODM0Mzk%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=068e5fc5-22dc-49f5-88ae-b3fdff96027c&url=https%3A%2F%2Fview.perfectprofitplanacademy.com%2Fpppa-privacy1
IP
104.16.14.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0F:11:99:51:23:44:BB:CA:C4:97:58:4E:AE:B2:84:92:53:23:12:E2
ValidityFri, 23 Jun 2023 00:00:00 GMT - Sat, 22 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userevents/?funnel_id=TXF5c09Uc2FteWR5OWlUOGdaWkwrZz09LS1ybXhwRmVxbHp0YjZqNTZiRitSU3J3PT0%3D--e3a4a6bcc2eee39a125db0faf04e14120fd399df&page_id=RGNaZkdPbmFCd3B3SDRhS1NRdTNjZz09LS1CV01FMXozYVpUeFJPOTAyOWJLWnRnPT0%3D--54047e4af7447da49945ab171a39168420300587&funnel_step_id=REtRWmNNaCtuZTFUanAwbXlFMFVSZz09LS15Z0tZZ3I1djQ1WjR0Mktka0tISmhRPT0%3D--1682e8dbe329f34933e38af133e4ee29f38d4fbf&user_id=L3hCZGhzdkYzeFJnWHR0ZWs3K1Ftdz09LS00OVYzZ1NHT2dzKzJtVWhtblB6TC9RPT0%3D--84451d488c4c7910d49df7d39fe2552d2818e0b9&account_id=Ui9DREE2cFJaRWc4K0dUYU42N2FMZz09LS1JRHdHa1VVdVVLRmJ0RE1YOGI2YVN3PT0%3D--e210fda224fb24927f14af5f380a984bca9e2a1e&page_code=NTMxODM0Mzk%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniquePageviewsCreatedSummary&nonce=068e5fc5-22dc-49f5-88ae-b3fdff96027c&url=https%3A%2F%2Fview.perfectprofitplanacademy.com%2Fpppa-privacy1 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://view.perfectprofitplanacademy.com
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 202 Accepted
date: Tue, 05 Dec 2023 15:12:50 GMT
content-type: text/html
cf-ray: 830d3ac90cca7129-OSL
cf-cache-status: BYPASS
access-control-allow-origin: *
cache-control: no-cache, no-store
vary: Accept-Encoding
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: cbc3b635cc996c2a11ee7d67da352347
x-runtime: 0.029314
set-cookie: __cf_bm=ozujztMJN1Dv_NdVCJd9ZU5VZDnzLeADf58M5hnHpSI-1701789170-0-Aa0O+FDEf+w7VqzgfcdghRv9nLgx6m1Sc+jhGNOpq9uLm9bE/OzhTkMM8PYiQe8wFJrFC7ajMKrNrMHX5Zs+887n90tALyKYquklRvJJT3f2; path=/; expires=Tue, 05-Dec-23 15:42:50 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
_cfuvid=F.ocbRy2iWR5gH.8N4pLYx0MlVdeW.vxpH0R.Pyt73I-1701789170541-0-604800000; path=/; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/pppa-privacy1

104.16.12.194

200 OK

108 kB

URL User Request GET HTTP/2
view.perfectprofitplanacademy.com/pppa-privacy1
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type

Size
108 kB (107842 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pppa-privacy1 HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:48 GMT
content-type: text/html; charset=utf-8
cf-ray: 830d3ac06a2f5699-OSL
cf-cache-status: HIT
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Sun, 29 Oct 2023 13:54:28 GMT
vary: Accept-Encoding
status: 200 OK
x-content-digest: ee30708c2fe1c0f9efb636e2541cdc938c1e7d59
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: 257488be736d33a92561c950501d2f04
x-runtime: 0.540058
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/favicon.ico

104.16.12.194

200 OK

15 kB

URL GET HTTP/2
view.perfectprofitplanacademy.com/favicon.ico
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15086 bytes)
Hash
e460dcc46d592f0cd6ce8daefbef8cd6
c32a8f11f238eee65a558125e6f43fcf0e8a2666
14650f04d0b722914611f2fb2d49cd1c94b912bef073b8f28923060bc17774d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTMxODM0Mzk=:visited=true; cf:visitor_id=071c733f-72b1-4c9d-ad71-1d1f49f45949; addevent_track_cookie=c91686c8-ebef-49f4-1df9-9c5d3ae7162b; is_eu=false; xqwz7qboymj8kwit=true; 11845888_viewed_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:50 GMT
content-type: image/x-icon
cf-ray: 830d3acc88bd5699-OSL
cf-cache-status: HIT
etag: W/"656e3211-3aee"
last-modified: Mon, 04 Dec 2023 20:09:53 GMT
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Droid+Serif+serif%7CLato%7CDroid+Sans%7CDroid+Serif+serif%7CDroid+Sans%7CDroid+Serif+serif%7CLato%7CDroid+Serif+serif%7CLato%7CDroid+Serif+serif%7CLato%7CDroid+Sans%7C%7C

142.250.74.106

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Droid+Serif+serif%7CLato%7CDroid+Sans%7CDroid+Serif+serif%7CDroid+Sans%7CDroid+Serif+serif%7CLato%7CDroid+Serif+serif%7CLato%7CDroid+Serif+serif%7CLato%7CDroid+Sans%7C%7C
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1140), with no line terminators
Size
1.1 kB (1116 bytes)
Hash
27f12e7186a7ca9580e8b21d90c33290
ace215be20170b38f33e2488c0c0c9bb5c30b6aa
2b99ae6a91621a0f4b4a0fb60c4573befed0c6f9ef63e146e6e9eefbd9acad63

HTTP Headers

GET /css?family=Droid+Serif+serif%7CLato%7CDroid+Sans%7CDroid+Serif+serif%7CDroid+Sans%7CDroid+Serif+serif%7CLato%7CDroid+Serif+serif%7CLato%7CDroid+Serif+serif%7CLato%7CDroid+Sans%7C%7C HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 05 Dec 2023 15:12:49 GMT
date: Tue, 05 Dec 2023 15:12:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.clickfunnels.com/userevents/?funnel_id=TXF5c09Uc2FteWR5OWlUOGdaWkwrZz09LS1ybXhwRmVxbHp0YjZqNTZiRitSU3J3PT0%3D--e3a4a6bcc2eee39a125db0faf04e14120fd399df&page_id=RGNaZkdPbmFCd3B3SDRhS1NRdTNjZz09LS1CV01FMXozYVpUeFJPOTAyOWJLWnRnPT0%3D--54047e4af7447da49945ab171a39168420300587&funnel_step_id=REtRWmNNaCtuZTFUanAwbXlFMFVSZz09LS15Z0tZZ3I1djQ1WjR0Mktka0tISmhRPT0%3D--1682e8dbe329f34933e38af133e4ee29f38d4fbf&user_id=L3hCZGhzdkYzeFJnWHR0ZWs3K1Ftdz09LS00OVYzZ1NHT2dzKzJtVWhtblB6TC9RPT0%3D--84451d488c4c7910d49df7d39fe2552d2818e0b9&account_id=Ui9DREE2cFJaRWc4K0dUYU42N2FMZz09LS1JRHdHa1VVdVVLRmJ0RE1YOGI2YVN3PT0%3D--e210fda224fb24927f14af5f380a984bca9e2a1e&page_code=NTMxODM0Mzk%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=0d25a42d-b111-4d61-9ede-272e57d96c40&url=https%3A%2F%2Fview.perfectprofitplanacademy.com%2Fpppa-privacy1

104.16.14.194

202 Accepted

0 B

URL GET HTTP/2
app.clickfunnels.com/userevents/?funnel_id=TXF5c09Uc2FteWR5OWlUOGdaWkwrZz09LS1ybXhwRmVxbHp0YjZqNTZiRitSU3J3PT0%3D--e3a4a6bcc2eee39a125db0faf04e14120fd399df&page_id=RGNaZkdPbmFCd3B3SDRhS1NRdTNjZz09LS1CV01FMXozYVpUeFJPOTAyOWJLWnRnPT0%3D--54047e4af7447da49945ab171a39168420300587&funnel_step_id=REtRWmNNaCtuZTFUanAwbXlFMFVSZz09LS15Z0tZZ3I1djQ1WjR0Mktka0tISmhRPT0%3D--1682e8dbe329f34933e38af133e4ee29f38d4fbf&user_id=L3hCZGhzdkYzeFJnWHR0ZWs3K1Ftdz09LS00OVYzZ1NHT2dzKzJtVWhtblB6TC9RPT0%3D--84451d488c4c7910d49df7d39fe2552d2818e0b9&account_id=Ui9DREE2cFJaRWc4K0dUYU42N2FMZz09LS1JRHdHa1VVdVVLRmJ0RE1YOGI2YVN3PT0%3D--e210fda224fb24927f14af5f380a984bca9e2a1e&page_code=NTMxODM0Mzk%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=0d25a42d-b111-4d61-9ede-272e57d96c40&url=https%3A%2F%2Fview.perfectprofitplanacademy.com%2Fpppa-privacy1
IP
104.16.14.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint0F:11:99:51:23:44:BB:CA:C4:97:58:4E:AE:B2:84:92:53:23:12:E2
ValidityFri, 23 Jun 2023 00:00:00 GMT - Sat, 22 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userevents/?funnel_id=TXF5c09Uc2FteWR5OWlUOGdaWkwrZz09LS1ybXhwRmVxbHp0YjZqNTZiRitSU3J3PT0%3D--e3a4a6bcc2eee39a125db0faf04e14120fd399df&page_id=RGNaZkdPbmFCd3B3SDRhS1NRdTNjZz09LS1CV01FMXozYVpUeFJPOTAyOWJLWnRnPT0%3D--54047e4af7447da49945ab171a39168420300587&funnel_step_id=REtRWmNNaCtuZTFUanAwbXlFMFVSZz09LS15Z0tZZ3I1djQ1WjR0Mktka0tISmhRPT0%3D--1682e8dbe329f34933e38af133e4ee29f38d4fbf&user_id=L3hCZGhzdkYzeFJnWHR0ZWs3K1Ftdz09LS00OVYzZ1NHT2dzKzJtVWhtblB6TC9RPT0%3D--84451d488c4c7910d49df7d39fe2552d2818e0b9&account_id=Ui9DREE2cFJaRWc4K0dUYU42N2FMZz09LS1JRHdHa1VVdVVLRmJ0RE1YOGI2YVN3PT0%3D--e210fda224fb24927f14af5f380a984bca9e2a1e&page_code=NTMxODM0Mzk%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1280&type=Userevents::UniqueVisitorsCreatedSummary&nonce=0d25a42d-b111-4d61-9ede-272e57d96c40&url=https%3A%2F%2Fview.perfectprofitplanacademy.com%2Fpppa-privacy1 HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://view.perfectprofitplanacademy.com
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 202 Accepted
date: Tue, 05 Dec 2023 15:12:50 GMT
content-type: text/html
cf-ray: 830d3ac90ce07129-OSL
cf-cache-status: BYPASS
access-control-allow-origin: *
cache-control: no-cache, no-store
vary: Accept-Encoding
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 004e5036671f55779f7d9e9b5f423ed1
x-runtime: 0.035027
set-cookie: __cf_bm=Ogf71zLW1vF5rjHxvwBgLALHi_4VM_wodWifM2GXb.o-1701789170-0-AW3iUbnKtgIjVzEP94l9FnJgc24S4rxJ+qgKaWt18eB+Bl21MDJtRGJbEfo4X7L10q6NS5gF1vcImZFMf5J7tRsBkpffTX5McpysnRslawdr; path=/; expires=Tue, 05-Dec-23 15:42:50 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
_cfuvid=AjAMCmZEjIzF0ylc1ZukNQK96UM.FVO8LmQbWlH4618-1701789170872-0-604800000; path=/; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

view.perfectprofitplanacademy.com/vendor.js

104.16.12.194

200 OK

18 kB

URL GET HTTP/2
view.perfectprofitplanacademy.com/vendor.js
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type

Size
18 kB (18282 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vendor.js HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:50 GMT
content-type: application/javascript
cf-ray: 830d3ac8cc035699-OSL
cf-cache-status: REVALIDATED
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
vary: Accept-Encoding
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: ebc9368b1a7e7ba398cc303357962ef3
x-runtime: 0.010362
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=c91686c8-ebef-49f4-1df9-9c5d3ae7162b&url=https%3A%2F%2Fview.perfectprofitplanacademy.com%2Fpppa-privacy1&cache=1701789176115

0.0.0.0

0 B

URL GET
track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=c91686c8-ebef-49f4-1df9-9c5d3ae7162b&url=https%3A%2F%2Fview.perfectprofitplanacademy.com%2Fpppa-privacy1&cache=1701789176115
IP
0.0.0.0:0
ASN
#0

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /atc/?trktyp=jsinit&trkcal=&guid=c91686c8-ebef-49f4-1df9-9c5d3ae7162b&url=https%3A%2F%2Fview.perfectprofitplanacademy.com%2Fpppa-privacy1&cache=1701789176115 HTTP/1.1
Host: track.addevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

view.perfectprofitplanacademy.com/assets/lander.css

104.16.12.194

200 OK

436 kB

URL GET HTTP/2
view.perfectprofitplanacademy.com/assets/lander.css
IP
104.16.12.194:443
ASN
#13335 CLOUDFLARENET

Requested by
https://view.perfectprofitplanacademy.com/pppa-privacy1
Certificate
IssuerCloudflare, Inc.
Subjectview.perfectprofitplanacademy.com
Fingerprint8F:03:68:DC:5B:6D:41:BE:96:F5:B1:C6:5E:7D:22:61:6E:AD:0B:57
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT

File type

Size
436 kB (435476 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/lander.css HTTP/1.1
Host: view.perfectprofitplanacademy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://view.perfectprofitplanacademy.com/pppa-privacy1
Cookie: __cf_bm=g6mQFkKuz4A.hqf0g8eJuJGUUkhXvYrFqU7rnQiKzWY-1701789168-0-AdsnD6+yk0ioFbnHqQWQa5S3nj2AGmDPT0Pdg0+0pofZnUka/JBsR569ge5P2tsT8NDXT86aTdNFYCfohgiN9LmhX9zqrynNAKOnUcRDmXh3; _cfuvid=4GXdm61Y3l_LSVuf1TxPXAcA1MVUPUh9BmwMME_eOJ4-1701789168700-0-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 15:12:49 GMT
content-type: text/css
cf-ray: 830d3ac43e5d5699-OSL
cf-cache-status: HIT
age: 271
cache-control: public, max-age=1200
etag: W/"656e3211-6a514"
expires: Tue, 05 Dec 2023 15:32:49 GMT
last-modified: Mon, 04 Dec 2023 20:09:53 GMT
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash