insider-report.pages.ontraport.net Open in urlscan Pro
209.170.211.182 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B2zC0SH4M...
Effective URL:
https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Submission: On November 18 via api (November 18th 2024, 1:20:00 pm UTC) from BE — Scanned from DE

Summary HTTP 57 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 20 domains to perform 57 HTTP transactions. The main IP is 209.170.211.182, located in Las Vegas, United States and belongs to ASN-FLEXENTIAL, US. The main domain is insider-report.pages.ontraport.net.
TLS certificate: Issued by E5 on October 24th 2024. Valid for: 3 months.

This is the only time insider-report.pages.ontraport.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:296e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	2606:4700:310... 2606:4700:3108::ac42:2b0e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a091	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.111.223 104.17.111.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::681a:ce3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.34.52.85 52.34.52.85	16509 (AMAZON-02) (AMAZON-02)
1 1	34.196.122.89 34.196.122.89	14618 (AMAZON-AES) (AMAZON-AES)
1	209.170.211.182 209.170.211.182	13649 (ASN-FLEXE...) (ASN-FLEXENTIAL)
3	18.172.112.117 18.172.112.117	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:9d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	172.64.155.120 172.64.155.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	52.40.91.67 52.40.91.67	16509 (AMAZON-02) (AMAZON-02)
2	172.67.10.172 172.67.10.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.204.244.124 54.204.244.124	14618 (AMAZON-AES) (AMAZON-AES)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
1	209.170.211.179 209.170.211.179	13649 (ASN-FLEXE...) (ASN-FLEXENTIAL)
1	104.18.32.136 104.18.32.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
57	23

1 2606:4700:10::6816:296e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

email.analystratings.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3108::ac42:2b0e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.marketbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a091 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ce3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

2.markettradersdaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.34.52.85 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-52-85.us-west-2.compute.amazonaws.com

www.clkmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.122.89 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: forextradersdaily.com

insider-report.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.170.211.182 (Las Vegas, United States)

ASN13649 (ASN-FLEXENTIAL, US)

insider-report.pages.ontraport.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.172.112.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-117.fra60.r.cloudfront.net

widget.wickedreports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:9d7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.clkmc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.64.155.120 (None, )

ASN13335 (CLOUDFLARENET, US)

optassets.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.91.67 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-91-67.us-west-2.compute.amazonaws.com

www.clkmc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.10.172 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.inspectlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hn.inspectlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.244.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-244-124.compute-1.amazonaws.com

track.wickedreports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

capig.insiders-exposed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.170.211.179 (Las Vegas, United States)

ASN13649 (ASN-FLEXENTIAL, US)
PTR: mail9.ontramail.com

signupforex.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.32.136 (None, )

ASN13335 (CLOUDFLARENET, US)

i.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	marketbeat.com 1 redirects www.marketbeat.com — Cisco Umbrella Rank: 82779	235 KB
12	ontraport.com optassets.ontraport.com — Cisco Umbrella Rank: 144517 app.ontraport.com — Cisco Umbrella Rank: 200733 signupforex.ontraport.com i.ontraport.com — Cisco Umbrella Rank: 173552	338 KB
5	wickedreports.com widget.wickedreports.com — Cisco Umbrella Rank: 59637 track.wickedreports.com — Cisco Umbrella Rank: 88165	11 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	423 B
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 5669 onesignal.com — Cisco Umbrella Rank: 1761	74 KB
2	insiders-exposed.com capig.insiders-exposed.com	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	156 KB
2	inspectlet.com cdn.inspectlet.com — Cisco Umbrella Rank: 13784 hn.inspectlet.com — Cisco Umbrella Rank: 13863	66 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	211 KB
2	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2102	12 KB
2	clkmc.com cdn.clkmc.com — Cisco Umbrella Rank: 148674 www.clkmc.com — Cisco Umbrella Rank: 162788	22 KB
1	google.de www.google.de — Cisco Umbrella Rank: 10745	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	567 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4108
1	ontraport.net insider-report.pages.ontraport.net	13 KB
1	insider-report.com 1 redirects insider-report.com	762 B
1	clkmg.com 1 redirects www.clkmg.com — Cisco Umbrella Rank: 498614	1 KB
1	markettradersdaily.com 1 redirects 2.markettradersdaily.com	1 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415	31 KB
1	analystratings.net 1 redirects email.analystratings.net — Cisco Umbrella Rank: 289291	599 B
57	20

	Domain	Requested by
16	www.marketbeat.com	1 redirects www.marketbeat.com
9	optassets.ontraport.com	insider-report.pages.ontraport.net optassets.ontraport.com
4	www.facebook.com	insider-report.pages.ontraport.net
3	widget.wickedreports.com	insider-report.pages.ontraport.net widget.wickedreports.com www.googletagmanager.com
2	capig.insiders-exposed.com	cdn.inspectlet.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	track.wickedreports.com	widget.wickedreports.com
2	www.googletagmanager.com	insider-report.pages.ontraport.net www.googletagmanager.com
2	player.vimeo.com	insider-report.pages.ontraport.net
2	cdn.onesignal.com	www.marketbeat.com cdn.onesignal.com
1	i.ontraport.com
1	signupforex.ontraport.com	optassets.ontraport.com
1	hn.inspectlet.com	cdn.inspectlet.com
1	www.google.de	insider-report.pages.ontraport.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.inspectlet.com	insider-report.pages.ontraport.net
1	www.clkmc.com	cdn.clkmc.com
1	app.ontraport.com	insider-report.pages.ontraport.net
1	cdn.clkmc.com	insider-report.pages.ontraport.net
1	onesignal.com	cdn.onesignal.com
1	insider-report.pages.ontraport.net	www.marketbeat.com
1	insider-report.com	1 redirects
1	www.clkmg.com	1 redirects
1	2.markettradersdaily.com	1 redirects
1	ajax.googleapis.com	www.marketbeat.com
1	email.analystratings.net	1 redirects
57	27

This site contains links to these domains. Also see Links.

Domain
www.insider-report.com
www.markettradersdaily.com

Subject Issuer	Validity	Valid
marketbeat.com WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.onesignal.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
insider-report.pages.ontraport.net E5	`2024-10-24` - `2025-01-22`	3 months	crt.sh
onesignal.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
widget.wickedreports.com Amazon RSA 2048 M02	`2024-07-02` - `2025-07-31`	a year	crt.sh
clkmc.com WE1	`2024-10-30` - `2025-01-28`	3 months	crt.sh
optassets.ontraport.com WE1	`2024-10-28` - `2025-01-26`	3 months	crt.sh
player.vimeo.com WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
app.ontraport.com WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.clkmc.com AlphaSSL CA - SHA256 - G4	`2023-11-27` - `2024-12-28`	a year	crt.sh
inspectlet.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
track.wickedreports.com Amazon RSA 2048 M03	`2024-01-23` - `2025-02-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-27` - `2024-11-25`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
capig.insiders-exposed.com WE1	`2024-11-15` - `2025-02-13`	3 months	crt.sh
signupforex.ontraport.com E6	`2024-10-21` - `2025-01-19`	3 months	crt.sh
i.ontraport.com WE1	`2024-10-16` - `2025-01-14`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Frame ID: E6F7DDA8CECD271B0FAEABF34EEF3D53
Requests: 56 HTTP requests in this frame

Frame: https://player.vimeo.com/video/856434580
Frame ID: 723E3E3200A78614C667970BE2E7B09E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

621 trades, zero losses

Page URL History Show full URLs

https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dR... HTTP 302
https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Has... Page URL
https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&Hash=54155C44E1BA5... HTTP 301
https://2.markettradersdaily.com/mkb-aff-ir/verdacht@safeonweb.be HTTP 302
https://www.clkmg.com/Dustinpass25/mkb-aff-ir/verdacht@safeonweb.be HTTP 302
https://insider-report.com/IR-3click.php?email=verdacht@safeonweb.be&utm_campaign=IR-Steve&utm_medium=e... HTTP 302
https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Inspectlet (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.inspectlet\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

98 %
HTTPS

35 %
IPv6

20
Domains

27
Subdomains

23
IPs

5
Countries

1171 kB
Transfer

3428 kB
Size

28
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.insider-report.com/go?cmc_vid=cmc2377530054
Title: settings Click To Get started Today

Search URL Search Domain Scan URL

URL: https://www.markettradersdaily.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.markettradersdaily.com/tos
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.markettradersdaily.com/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B2zC0SH4Mls8R2zMABk0bcFX-2FH-2FvjIQQq5brUAZK7vLL3rmmaOuNnT9lRh-2FXghD1i6NIgiNFYL97PBJrJpHEaHZI3XtFr5hhM00UStkpLk1xmuwmAi87KZUKLfg0dNjhJbGFzKSUtbZLLf8hPChozsPxtbwTpUo18gxPp8XaRd10mWJPeValvrRzbaZvahVCGHmu6g4ibH-2FCwVJj26AanCEOCkApcSFKP2WPnBc14Hf2dD4vfT-2Ba3cqyeTBmu5xwXMPn-_SqbCKX6aHEKYVZ41h-2BYp89Y9IvddAHi0odnd-2B4IzEhqS4zl-2BT84L9X6bsJ-2BGrnH0fRMZPk1L4rvjnm5Z4qd24LkqZJxBg3RMX-2FFXYwbUwK2WT1i9xXBQNdFiusMjHOnfZp8ZdK0vN12x3wmUxTUWDKls7hW1sfQY6WwjevF059SddIQIoGIwaXah926FxOIBTsL7q2UPhcarzKJJf6oQzMMaePri6iO948cq4j0Sd-2Bbv27HMmQoMQ035EE3-2BxEfm HTTP 302
https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51 Page URL
https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51 HTTP 301
https://2.markettradersdaily.com/mkb-aff-ir/verdacht@safeonweb.be HTTP 302
https://www.clkmg.com/Dustinpass25/mkb-aff-ir/verdacht@safeonweb.be HTTP 302
https://insider-report.com/IR-3click.php?email=verdacht@safeonweb.be&utm_campaign=IR-Steve&utm_medium=email&utm_source=marketbeat&utm_content=ir-webinar-page&utm_term=affiliate&op=gpsi&orid=1251779&opid=112&ref=1251779 HTTP 302
https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B2zC0SH4Mls8R2zMABk0bcFX-2FH-2FvjIQQq5brUAZK7vLL3rmmaOuNnT9lRh-2FXghD1i6NIgiNFYL97PBJrJpHEaHZI3XtFr5hhM00UStkpLk1xmuwmAi87KZUKLfg0dNjhJbGFzKSUtbZLLf8hPChozsPxtbwTpUo18gxPp8XaRd10mWJPeValvrRzbaZvahVCGHmu6g4ibH-2FCwVJj26AanCEOCkApcSFKP2WPnBc14Hf2dD4vfT-2Ba3cqyeTBmu5xwXMPn-_SqbCKX6aHEKYVZ41h-2BYp89Y9IvddAHi0odnd-2B4IzEhqS4zl-2BT84L9X6bsJ-2BGrnH0fRMZPk1L4rvjnm5Z4qd24LkqZJxBg3RMX-2FFXYwbUwK2WT1i9xXBQNdFiusMjHOnfZp8ZdK0vN12x3wmUxTUWDKls7hW1sfQY6WwjevF059SddIQIoGIwaXah926FxOIBTsL7q2UPhcarzKJJf6oQzMMaePri6iO948cq4j0Sd-2Bbv27HMmQoMQ035EE3-2BxEfm HTTP 302
https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

redirect.aspx Show response
www.marketbeat.com/scripts/
Redirect Chain

https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B2zC0SH4Mls8R2zMABk0bcFX-2FH-2FvjIQQq5brUAZK7vLL3rmmaOuNnT9lRh-2FXghD1i6NIgiN...
https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F...

5 KB
3 KB

536ms
254ms

Document
text/html

2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

af7d1fff18bef11595c6f2455d75bfe10e9ddcfbecfa1095ac65500b81cf1f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8e4841115f4e5c4a-FRA
content-encoding: gzip
content-length: 2680
content-type: text/html; charset=utf-8
date: Mon, 18 Nov 2024 13:19:47 GMT
server: cloudflare
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8e48410d8887d392-FRA
content-type: text/html; charset=utf-8
date: Mon, 18 Nov 2024 13:19:47 GMT
location: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51
server: cloudflare
x-robots-tag: noindex, nofollow

GET
H2 200 Barlow-400.woff2
www.marketbeat.com/Style/fonts/ 21 KB
21 KB 177ms
169ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fonts/Barlow-400.woff2

Requested by

Host: www.marketbeat.com
URL: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Response headers

cf-cache-status: HIT
etag: "d19c7d65175da1:0"
age: 23333
date: Mon, 18 Nov 2024 13:19:47 GMT
content-type: application/font-woff2
last-modified: Wed, 13 Mar 2024 14:16:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e48411318575c4a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21144
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 Barlow-500.woff2
www.marketbeat.com/Style/fonts/ 20 KB
21 KB 182ms
175ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fonts/Barlow-500.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Response headers

cf-cache-status: HIT
etag: "3039a889788bda1:0"
age: 34574
date: Mon, 18 Nov 2024 13:19:47 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Apr 2024 18:54:38 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e48411318585c4a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20960
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 Barlow-600.woff2
www.marketbeat.com/Style/fonts/ 21 KB
21 KB 179ms
172ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fonts/Barlow-600.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Response headers

cf-cache-status: HIT
etag: "7f1ed89788bda1:0"
age: 20118
date: Mon, 18 Nov 2024 13:19:47 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Apr 2024 18:54:38 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e48411318595c4a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21796
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 Barlow-700.woff2
www.marketbeat.com/Style/fonts/ 21 KB
21 KB 177ms
170ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fonts/Barlow-700.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Response headers

cf-cache-status: HIT
etag: "54672e8a788bda1:0"
age: 59111
date: Mon, 18 Nov 2024 13:19:47 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Apr 2024 18:54:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e484113185b5c4a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21724
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 Barlow-Condensed-500.woff2
www.marketbeat.com/Style/fonts/ 20 KB
20 KB 179ms
172ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fonts/Barlow-Condensed-500.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Response headers

cf-cache-status: HIT
etag: "62fb8c55175da1:0"
age: 41811
date: Mon, 18 Nov 2024 13:19:47 GMT
content-type: application/font-woff2
last-modified: Wed, 13 Mar 2024 14:16:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e484113185c5c4a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20432
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 Barlow-Condensed-600.woff2
www.marketbeat.com/Style/fonts/ 21 KB
21 KB 175ms
169ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fonts/Barlow-Condensed-600.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Response headers

cf-cache-status: HIT
etag: "f1d0478b788bda1:0"
age: 38314
date: Mon, 18 Nov 2024 13:19:47 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Apr 2024 18:54:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e484113185d5c4a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21352
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 fa-regular-400.woff2
www.marketbeat.com/Style/fontawesome/webfonts/ 15 KB
15 KB 177ms
171ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fontawesome/webfonts/fa-regular-400.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ab2f779b241fd51e4c0356c96edc743e3937e6c9c501080e536a33fd703922ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Response headers

cf-cache-status: HIT
etag: "48275f59fd3da1:0"
age: 20644
date: Mon, 18 Nov 2024 13:19:47 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Jul 2024 21:23:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e484113185e5c4a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15516
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 fa-solid-900.woff2
www.marketbeat.com/Style/fontawesome/webfonts/ 2 KB
2 KB 181ms
175ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fontawesome/webfonts/fa-solid-900.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

771350bc6fdd297030acb2cdc64e3d06c9e2ebb1fe38ab88bdd53c3add83dbf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Response headers

cf-cache-status: HIT
etag: "72a79459fd3da1:0"
age: 32812
date: Mon, 18 Nov 2024 13:19:47 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Jul 2024 21:23:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e48411338705c4a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1584
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 fa-brands-400.woff2
www.marketbeat.com/Style/fontawesome/webfonts/ 5 KB
5 KB 181ms
174ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fontawesome/webfonts/fa-brands-400.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d15aea2408195a5da3a49875fac7e584f3068dfe7fdb262f48a6fc05c9c48c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Response headers

cf-cache-status: HIT
etag: "162a3659fd3da1:0"
age: 32723
date: Mon, 18 Nov 2024 13:19:47 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Jul 2024 21:23:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e48411338715c4a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4764
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 custom-icons.woff2
www.marketbeat.com/Style/fontawesome/webfonts/ 11 KB
11 KB 179ms
173ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fontawesome/webfonts/custom-icons.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

98d16230356b70fd7563c3b57822a33519101d5ff8408e06778371a436c35c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Response headers

cf-cache-status: HIT
etag: "a8af559fd3da1:0"
age: 30191
date: Mon, 18 Nov 2024 13:19:47 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Jul 2024 21:23:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e48411338725c4a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11472
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 fonts.css
www.marketbeat.com/Style/fonts/ 5 KB
691 B 67ms
61ms Stylesheet
text/css 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fonts/fonts.css?v=20240710

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4e289765f35b5ba01042d13c1a6d0e325b233f91552b8092f53b47f9dd8ad825

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "7edecb5efd3da1:0"
age: 25417
date: Mon, 18 Nov 2024 13:19:47 GMT
content-type: text/css
last-modified: Wed, 10 Jul 2024 21:23:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e48411318535c4a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 552
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 all.min.css
www.marketbeat.com/Style/fontawesome/css/ 27 KB
6 KB 162ms
157ms Stylesheet
text/css 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fontawesome/css/all.min.css?v=20240710

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

54ae92531c5cb4a7e8c8f7240035894921a898c615e812ac4dd9ff6e0b5213a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "b62d2f5afd3da1:0"
age: 33671
date: Mon, 18 Nov 2024 13:19:47 GMT
content-type: text/css
last-modified: Wed, 10 Jul 2024 21:23:05 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e48411318555c4a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5886
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 allstyles10.css
www.marketbeat.com/Style/ 252 KB
65 KB 67ms
62ms Stylesheet
text/css 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/allstyles10.css?v=202411

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

132d8a44fa30ee1840095c4fcf4235886104a9e2f335ad99903744afba43a499

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Response headers

strict-transport-security: max-age=2592000
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: "d1282e55131db1:0"
age: 55627
cf-ray: 8e48411318565c4a-FRA
access-control-allow-origin: *
date: Mon, 18 Nov 2024 13:19:47 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Thu, 07 Nov 2024 20:16:15 GMT
vary: Accept-Encoding
server: cloudflare
x-powered-by: ASP.NET

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 361ms
44ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/

Response headers

content-encoding: gzip
age: 373273
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 05:38:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 05:38:35 GMT
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31017
x-xss-protection: 0
server: sffe

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 114ms
39ms Script
application/javascript 2606:4700::6810:a091
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
content-encoding: br
cf-cache-status: HIT
etag: W/"09282956186c8515ef0d208902803581"
age: 2494
via: 1.1 google
cf-ray: 8e4841138db62be9-FRA
expires: Thu, 21 Nov 2024 13:19:47 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 13:19:47 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: OneSignal-Subscription-Id

GET
H2 200 MarketBeat-logo-r-white.svg
www.marketbeat.com/images/master/ 4 KB
2 KB 179ms
175ms Image
image/svg+xml 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marketbeat.com/images/master/MarketBeat-logo-r-white.svg?v=2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f1c1b8cf0ccef4a39fe24c6d1f5f49dff7c54e5c1755047fb021b8747f1f9fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51

Response headers

strict-transport-security: max-age=2592000
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"366bc23b4daad61:0"
age: 502776
cf-ray: 8e48411338745c4a-FRA
access-control-allow-origin: *
date: Mon, 18 Nov 2024 13:19:47 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Sat, 24 Oct 2020 21:32:54 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H3 200 OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 284 KB
68 KB 104ms
103ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
content-encoding: br
cf-cache-status: HIT
etag: W/"7e91359b46e1da637080a03b759164fa"
age: 348
via: 1.1 google
cf-ray: 8e48411588e15d81-FRA
expires: Thu, 21 Nov 2024 13:19:48 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 13:19:48 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: OneSignal-Subscription-Id

GET
H/1.1

200
OK

Primary Request training Show response
insider-report.pages.ontraport.net/
Redirect Chain

https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F7...
https://2.markettradersdaily.com/mkb-aff-ir/verdacht@safeonweb.be
https://www.clkmg.com/Dustinpass25/mkb-aff-ir/verdacht@safeonweb.be
https://insider-report.com/IR-3click.php?email=verdacht@safeonweb.be&utm_campaign=IR-Steve&utm_medium=email&utm_source=marketbeat&utm_content=ir-webinar-page&utm_term=affiliate&op=gpsi&orid=1251779...
https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be

54 KB
13 KB

2908ms
2044ms

Document
text/html

209.170.211.182
ASN-FLEXENTIAL

General

Check archive.org

Show headers Download Go to

Full URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Requested by: Host: www.marketbeat.com
URL: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 209.170.211.182 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
Software: Ontraport /
Resource Hash: 6b97e7529737a09deb27afbf9a316f4f8d382a3ba0ed6085f1ee2be1024b4dac

Request headers

Referer: https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82184&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Nov 2024 13:19:52 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server: Ontraport
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding Accept-Encoding
X-op-ca: 81.95.5.44

Redirect headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 18 Nov 2024 13:19:50 GMT
location: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
server: nginx/1.26.2
strict-transport-security: max-age=63072000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H3 200 web
onesignal.com/api/v1/sync/92d0557c-79b3-4742-9ab4-9155a42d6a49/ 3 KB
2 KB 408ms
37ms Script
text/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/92d0557c-79b3-4742-9ab4-9155a42d6a49/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/

Response headers

x-request-id: 1356bfdf-6e53-49c8-a515-fbde8090a6db
content-encoding: br
cf-cache-status: HIT
etag: W/"6515b3d0fd055d678fbfe78cb9a074ed"
age: 1506
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 14:19:48 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 13:19:48 GMT
content-type: text/javascript; charset=utf-8
vary: Origin, Accept-Encoding
x-runtime: 0.046532
access-control-allow-headers: SDK-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=3600
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 google
cf-ray: 8e48411a0b25d286-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 trackfu.js Show response
widget.wickedreports.com/GlobalProfitSystemsInternational/ 422 B
800 B 79ms
26ms Script
text/javascript 18.172.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/GlobalProfitSystemsInternational/trackfu.js
Requested by: Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-117.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0011caa87105379dd3c7b19f0a5671dc75de6e10ff84d6cacf214ff5495760f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

vary: accept-encoding
etag: "b29408317c74a493f73f8f09bcff864a"
age: 32510
via: 1.1 65f647a85e0d39dc9a468588d0d66886.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 422
x-amz-cf-id: Skpzl8HB-pCuxbg3Wdi88GxrvKsc3KvCS-zCqlRpSH4kzCpI2um8Ig==
date: Mon, 18 Nov 2024 04:18:05 GMT
content-type: text/javascript
last-modified: Tue, 03 Oct 2023 14:31:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H2 200 cmc.js Show response
cdn.clkmc.com/ 21 KB
21 KB 78ms
29ms Script
application/javascript 2606:4700:10::6816:9d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.clkmc.com/cmc.js
Requested by: Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:9d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5da274ce6310d42174fbf8369e8737ad5a2db661802d7aeb09ee13da863d7843

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

access-control-max-age: 300
cf-cache-status: HIT
etag: "66e1cc81-527f"
age: 311060
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 14 Dec 2024 22:55:34 GMT
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 16:59:45 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: public, max-age=2592000, no-transform
pragma: public
access-control-allow-credentials: true
cf-ray: 8e48413b3baad2c7-FRA
accept-ranges: bytes
content-length: 21119
server: cloudflare

GET
H2 200 opt-styles.min.css
optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/ 472 KB
58 KB 131ms
62ms Stylesheet
text/css 172.64.155.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1731779811
Requested by: Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412846d92d01817e002a0061b56b7def493632c96628b7fd342f93e4bec38383

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6738dbfe-761a2"
x-op-ca: 172.69.40.213
age: 3636
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 18 Nov 2024 21:19:54 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sat, 16 Nov 2024 17:53:02 GMT
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8e48413b5b7f046e-FRA
access-control-allow-origin: *
server: cloudflare

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 204ms
155ms Script
application/javascript 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

498a41eab15456686643b139ae2c289c961bb02da852aaad698540831d0e9bb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Age: 0
x-backend-server: player-backend-edge-entry
expires: Mon, 18 Nov 2024 08:49:54 GMT
x-player-backend: g
x-cache: MISS
Date: Mon, 18 Nov 2024 13:19:54 GMT
Content-Type: application/javascript;charset=utf-8
x-bapp-server
x-served-by: cache-fra-eddf8230151-FRA
x-cache-hits: 0
vary: Origin, Referer, Accept-Encoding
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
Cache-Control: max-age=1800
x-timer: S1731935994.131364,VS0,VE119
Connection: keep-alive
via: 1.1 varnish
CF-RAY: 8e48413b4e92d3ae-FRA
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 11437
Server: cloudflare

GET
H2 200 opt_default_image.png
app.ontraport.com/images/ 2 KB
2 KB 114ms
34ms Image
image/webp 172.64.155.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.ontraport.com/images/opt_default_image.png
Requested by: Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e52dfee8b8ea50c75794e755848a3b03f69f871832c8764f8e406e3f81104bfe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

cf-bgj: imgq:100,h2pri
etag: "6738dac7-1703"
x-op-ca: 172.69.33.153
cf-cache-status: HIT
age: 115
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 18 Nov 2024 13:39:54 GMT
cf-polished: origFmt=png, origSize=5891
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: image/webp
content-disposition: inline; filename="opt_default_image.webp"
vary: Accept
last-modified: Sat, 16 Nov 2024 17:47:51 GMT
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 8e48413b6c1ad29a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2058
server: cloudflare

GET
H2 200 anime.js Show response
optassets.ontraport.com/opt_assets/static/js/ 16 KB
7 KB 130ms
62ms Script
application/javascript 172.64.155.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/static/js/anime.js
Requested by: Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c2348bbc056a14a9cd62dadb8d461800a192e8ba636f803d0ffddd753977976

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6738dacd-4170"
x-op-ca: 172.69.33.181
age: 1953
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 18 Nov 2024 13:49:54 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sat, 16 Nov 2024 17:47:57 GMT
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 8e48413b6b81046e-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 jquery-3.2.1.min.js Show response
optassets.ontraport.com/opt_assets/static/js/ 85 KB
33 KB 47ms
42ms Script
application/javascript 172.64.155.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/static/js/jquery-3.2.1.min.js
Requested by: Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6738dacd-15285"
x-op-ca: 172.71.144.134
age: 3627
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 18 Nov 2024 13:49:54 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sat, 16 Nov 2024 17:47:57 GMT
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 8e48413bcbd2046e-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 opt-assets.js Show response
optassets.ontraport.com/opt_assets/static/js/ 369 KB
123 KB 39ms
37ms Script
application/javascript 172.64.155.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1731779811
Requested by: Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85dd7090bc8b73a3a62f84ab73a37330b1088542c7d0f4a652357adc862cd0f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6738dbe9-5c40e"
x-op-ca: 172.69.40.170
age: 3627
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 18 Nov 2024 13:49:54 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sat, 16 Nov 2024 17:52:41 GMT
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 8e48413bdbe4046e-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 custom-elements.min.js Show response
optassets.ontraport.com/opt_assets/static/js/ 18 KB
6 KB 54ms
53ms Script
application/javascript 172.64.155.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/static/js/custom-elements.min.js
Requested by: Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6738dacd-47a8"
x-op-ca: 172.69.34.35
age: 3961
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 18 Nov 2024 13:49:54 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sat, 16 Nov 2024 17:47:57 GMT
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 8e48413c0c0b046e-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 tracking.js Show response
optassets.ontraport.com/ 12 KB
4 KB 27ms
26ms Script
application/javascript 172.64.155.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/tracking.js
Requested by: Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bb63eb5f4841d00e086da04ab89a586470114a49c7e07b4a1b03bc6a41fe01d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6738dac4-2f4b"
x-op-ca: 172.69.33.138
age: 2723
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 18 Nov 2024 21:19:54 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sat, 16 Nov 2024 17:47:48 GMT
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8e48413c0c0d046e-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 236 KB
82 KB 298ms
34ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MGL2B6P

Requested by

Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d035c41ad9ed28c89858bdbd1d19bc2b2265f5b98359f43d3e72e6075c7ec1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 18 Nov 2024 13:19:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 18 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83331
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 widget.js Show response
widget.wickedreports.com/ 26 KB
9 KB 16ms
15ms Script
application/javascript 18.172.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/widget.js
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/GlobalProfitSystemsInternational/trackfu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-117.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b74487af8761c9be10987f564aca761a5202c43ab28309c5cf8d2ea81d677d73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

x-amz-cf-pop: FRA60-P8
content-encoding: gzip
etag: W/"5512ee0e9bca9fbad6c56f558c98ec26"
age: 11501
via: 1.1 65f647a85e0d39dc9a468588d0d66886.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: F_d70_WbhY5aKLIriCpJ1zkmyKamWKsiSh6vWzYtPyH0eCZJDQ8Dtg==
date: Mon, 18 Nov 2024 10:08:14 GMT
content-type: application/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Tue, 12 Nov 2024 15:13:45 GMT
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK / Show response
www.clkmc.com/api/ 26 B
711 B 922ms
284ms XHR
text/plain 52.40.91.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clkmc.com/api/?uid=101868&vid=2377530054&hid=4159344535&vid_info=on&utm_source=organic&cmc_ref=webinar%2Bpage&version=2.42.01&utm_medium=organic&utm_campaign=www.marketbeat.com&disabled=0&cmc_project=Insider%20Report&cmclid=2722A6D6E2D6A6871606A696E6C7F4B776C6E6B6D7A69722A322362247&page_url=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining

Requested by

Host: cdn.clkmc.com
URL: https://cdn.clkmc.com/cmc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.91.67 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-91-67.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2cf9b5ba7fd801d61e8a891c8234031c824ac2aabc42dc8399ec9e5debf018f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

Content-Length: 26
Access-Control-Max-Age: 300
X-Permitted-Cross-Domain-Policies: none
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Content-Type-Options: nosniff
Connection: keep-alive
Access-Control-Allow-Origin: https://insider-report.pages.ontraport.net
P3P: CP="This is not a P3P policy! See http://www.clkmc.com for more info."
X-CM-FE: httpfe-1
Date: Mon, 18 Nov 2024 13:19:55 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/plain; charset=UTF-8
Server: nginx
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 inspectlet.js Show response
cdn.inspectlet.com/ 188 KB
65 KB 654ms
416ms Script
text/javascript 172.67.10.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inspectlet.com/inspectlet.js?wid=36371617&r=481093
Requested by: Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.10.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

content-encoding: br
cf-cache-status: MISS
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731935994&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=xUYvizPkf4L6LFv86EVXXWDceqjGp0TaDfFxVmb2MYw%3D"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Mon, 18 Nov 2024 13:19:54 GMT
vary: Accept-Encoding
priority: u=3,i=?0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1731935994&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=xUYvizPkf4L6LFv86EVXXWDceqjGp0TaDfFxVmb2MYw%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control: s-maxage=60, max-age=14400
via: 1.1 vegur
cf-ray: 8e48413d8965dcad-FRA
server: cloudflare

GET
H/1.1 200
OK 856434580
player.vimeo.com/video/ Frame 723E 0
0 489ms
422ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/856434580

Requested by

Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://insider-report.pages.ontraport.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

CF-Cache-Status: DYNAMIC
CF-Ray: 8e48413de98bd364-FRA
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Nov 2024 13:19:54 GMT
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Origin, Referer, Accept-Encoding
Via: 1.1 varnish
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-74bb94fb4d-jwr5p
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-host: player-backend-74bb94fb4d-jwr5p
x-player-backend: g
x-served-by: cache-fra-eddf8230151-FRA
x-timer: S1731935995.560138,VS0,VE384
x-xss-protection: 1; mode=block

GET
H2 200 roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/ 49 KB
50 KB 323ms
267ms Font
application/octet-stream 172.64.155.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
Requested by: Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1731779811
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4d175f498b00516c629ce8af152cbe745d73932fa58cc9fdfc8e4b49c0da368

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://insider-report.pages.ontraport.net
Referer: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1731779811

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"6738dacd-c52c"
x-op-ca: 172.69.34.127
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 18 Nov 2024 21:19:54 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: application/octet-stream
vary: Accept-Encoding, Accept-Encoding
last-modified: Sat, 16 Nov 2024 17:47:57 GMT
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8e48413caf15d34e-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/ 49 KB
49 KB 280ms
279ms Font
application/octet-stream 172.64.155.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
Requested by: Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1731779811
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34ccd21cf8cc2a2bdcd7dbe6bef05246067ff849bf71308e207bf525f581763d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://insider-report.pages.ontraport.net
Referer: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1731779811

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"6738dacd-c428"
x-op-ca: 172.71.148.115
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 18 Nov 2024 21:19:54 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: application/octet-stream
vary: Accept-Encoding, Accept-Encoding
last-modified: Sat, 16 Nov 2024 17:47:57 GMT
cache-control: public, max-age=28800
access-control-allow-credentials: true
cf-ray: 8e48413ccf4fd34e-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 logging.js Show response
optassets.ontraport.com/opt_assets/static/js/ 2 KB
776 B 31ms
30ms Script
application/javascript 172.64.155.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/static/js/logging.js
Requested by: Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1731779811
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b81adfb26d280f078c88f6ca927f39d4b06800287b943dfe0b8c078a4f4fd662

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6738dacd-783"
x-op-ca: 162.158.182.126
age: 6402
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 18 Nov 2024 13:49:54 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sat, 16 Nov 2024 17:47:57 GMT
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 8e48413cbc91046e-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 f.php Show response
track.wickedreports.com/ 118 B
341 B 405ms
179ms XHR
text/html 54.204.244.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.wickedreports.com/f.php?WickedClientID=602&WickedEmail=verdacht%40safeonweb.be&fbp=fb.1.1731935994.7058459537.282795&fbc=&WickedURL=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&WickedReferrerURL=https%3A%2F%2Fwww.marketbeat.com%2F&WickedTrackingDate=1731935994486
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.244.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-244-124.compute-1.amazonaws.com
Software: nginx / PHP/8.1.26
Resource Hash: e9f52c199dc4a45699a1797aa4ecb859ad7a1a56fdb216bba251697f31257085

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://insider-report.pages.ontraport.net/

Response headers

access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin: *
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.26
server: nginx
access-control-allow-headers: *

GET
H2 200 index.php Show response
track.wickedreports.com/ 118 B
342 B 380ms
160ms XHR
text/html 54.204.244.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.wickedreports.com/index.php?WickedClientID=602&WickedEmail=verdacht%40safeonweb.be&WickedTrackingDate=1731935994486&WickedURL=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&WickedReferrerURL=https%3A%2F%2Fwww.marketbeat.com%2F
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.244.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-244-124.compute-1.amazonaws.com
Software: nginx / PHP/8.1.26
Resource Hash: 6645251daf984086bca8f97904746fc4a96dbbb7385664fb7d7570d5ed9253dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://insider-report.pages.ontraport.net/

Response headers

access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin: *
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.26
server: nginx
access-control-allow-headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 402 KB
129 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c&gtm=45He4bc0v870991869za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGL2B6P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d92ec1ba85164aa8c9b1cc4b683af6b9c929b4a88b9f748642333afaf5983a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 18 Nov 2024 13:19:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 132167
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 60ms
37ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGL2B6P

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-fZfD5hiM' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 13:19:54 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-fZfD5hiM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=23, mss=1232, tbw=4444, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: uLgXZMFd34mvhvedHt+TDqWGbmGsixy20cqER1+mZAJyQAigf3iHyxdkbs4pa4MWd9PfpwmZgY4JjnHB/JlRvg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62152
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js Show response
widget.wickedreports.com/v2/602/ 422 B
799 B 18ms
15ms Script
text/javascript 18.172.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/v2/602/wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGL2B6P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-117.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0011caa87105379dd3c7b19f0a5671dc75de6e10ff84d6cacf214ff5495760f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

vary: accept-encoding
etag: "b29408317c74a493f73f8f09bcff864a"
age: 32508
via: 1.1 65f647a85e0d39dc9a468588d0d66886.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 422
x-amz-cf-id: fRoohCwrcV8Q7GHnRb6tWtC-xewBFgqxBrDRlQWNRZaX5591diTDlA==
date: Mon, 18 Nov 2024 04:18:07 GMT
content-type: text/javascript
last-modified: Tue, 03 Oct 2023 14:31:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H3 200 1357489168502278 Show response
connect.facebook.net/signals/config/ 312 KB
95 KB 286ms
285ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1357489168502278?v=2.9.177&r=stable&domain=insider-report.pages.ontraport.net&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

f6299afe31070c7c1f4f89116e599fe131cb43ae163ee4cd143cc5ba815ebddf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-fp3qCYXW' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 13:19:55 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-fp3qCYXW' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=77, mss=1232, tbw=71000, tp=68, tpl=0, uplat=267, ullat=0
pragma: public
x-fb-debug: PzC2QO0FuV8fSgiorj0hMaaWVAkbz9ZzS0ZzlQCsLYazwgISZTTTQPVvmIDyvNxA8M7gfkRaGiB5bVvpOA7PBw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 98ms
27ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8SJNWV4ZSP&gtm=45je4bc0v878195527z8870991869za200zb870991869&_p=1731935994091&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=114409198.1731935995&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731935994&sct=1&seg=0&dl=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&dr=https%3A%2F%2Fwww.marketbeat.com%2F&dt=621%20trades%2C%20zero%20losses&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=6865
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c&gtm=45He4bc0v870991869za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://insider-report.pages.ontraport.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 13:19:55 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
567 B 175ms
29ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8SJNWV4ZSP&cid=114409198.1731935995&gtm=45je4bc0v878195527z8870991869za200zb870991869&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c&gtm=45He4bc0v870991869za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://insider-report.pages.ontraport.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 13:19:55 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 100ms
53ms Image
image/gif 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8SJNWV4ZSP&cid=114409198.1731935995&gtm=45je4bc0v878195527z8870991869za200zb870991869&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855&tag_exp=101925629~102067555~102067808~102077855&z=941173796

Requested by

Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 18 Nov 2024 13:19:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 200 36371617 Show response
hn.inspectlet.com/ginit/ 213 B
851 B 276ms
259ms XHR
application/json 172.67.10.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hn.inspectlet.com/ginit/36371617
Requested by: Host: cdn.inspectlet.com
URL: https://cdn.inspectlet.com/inspectlet.js?wid=36371617&r=481093
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.10.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 128ca0f26ee3a8968b5a7d8231c8e6def7ff08da364d25877a07391bae9cce08

Request headers

Referer: https://insider-report.pages.ontraport.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"d5-3e17BXz06uFzurkVS9yQrw"
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1731935995&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=q%2Fw%2FVE8xaEpviIUfpvehVjF0FMXB42qj4XYgbnAAhEs%3D"}]}
access-control-allow-methods: GET, POST
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 18 Nov 2024 13:19:55 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: X-Requested-With, Content-Type
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1731935995&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=q%2Fw%2FVE8xaEpviIUfpvehVjF0FMXB42qj4XYgbnAAhEs%3D
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 vegur
cf-ray: 8e4841413a0cdcad-FRA
access-control-allow-origin: https://insider-report.pages.ontraport.net
x-powered-by: Express
server: cloudflare

POST
H3 200 f998de276671077aa170eec8f688b5923c76d54ad4033274ab484770b1af4713 Show response
capig.insiders-exposed.com/events/ 0
875 B 404ms
213ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.insiders-exposed.com/events/f998de276671077aa170eec8f688b5923c76d54ad4033274ab484770b1af4713
Requested by: Host: cdn.inspectlet.com
URL: https://cdn.inspectlet.com/inspectlet.js?wid=36371617&r=481093
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://insider-report.pages.ontraport.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kjyD8rEEpIZeq3zy2KhSWLgE%2Ff3whcIDkE%2Bio8yeK0SY%2BYK3VzRRtgaXSJJrnG6ufMY4PTuyEcvPM1avBiqP5oVLcuk0XSPaUrSxew7Ef7QnvQwjreYODgYhQI%2BIe7mVIiESeBchdfD04BiQIA%3D%3D"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 8e484143afc15d40-FRA
access-control-allow-origin: https://insider-report.pages.ontraport.net
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=33336&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4202&recv_bytes=5936&delivery_rate=587&cwnd=12000&unsent_bytes=0&cid=05bebfd3a539d0cf&ts=267&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 13:19:55 GMT
vary: origin
server: cloudflare
priority: u=1,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 52ms
15ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1357489168502278&ev=CompleteRegistration&dl=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&rl=https%3A%2F%2Fwww.marketbeat.com%2F&if=false&ts=1731935995203&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1731935995201.886559608807288063&eid=ob3_plugin-set_c1f840114b893df78325352cd4da37c135b773313a0cf4bce1a23572aa2955a2&ler=other&cdl=API_unavailable&it=1731935994807&coo=false&tm=1&rqm=GET

Requested by

Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4877, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 18 Nov 2024 13:19:55 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 240ms
204ms Image
image/png 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1357489168502278&ev=CompleteRegistration&dl=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&rl=https%3A%2F%2Fwww.marketbeat.com%2F&if=false&ts=1731935995203&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1731935995201.886559608807288063&eid=ob3_plugin-set_c1f840114b893df78325352cd4da37c135b773313a0cf4bce1a23572aa2955a2&ler=other&cdl=API_unavailable&it=1731935994807&coo=false&tm=1&rqm=FGET

Requested by

Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438608459377847684"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x095ee5f79f9e9231","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["6737475819643744","6749724648451104"]},"debug_reporting":true,"debug_key":"3417779141338365561"}
date: Mon, 18 Nov 2024 13:19:55 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: gagruQ5LRevzj1Hzt+w+OZE2+duWMqte24gklVSw2X9Qcd3lqCBx8zxemKgJYKsSwJPwIALFIuF+jRag70WN1Q==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438608459377847684", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=24, mss=1232, tbw=7853, tp=20, tpl=0, uplat=137, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 f998de276671077aa170eec8f688b5923c76d54ad4033274ab484770b1af4713 Show response
capig.insiders-exposed.com/events/ 0
841 B 401ms
218ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capig.insiders-exposed.com/events/f998de276671077aa170eec8f688b5923c76d54ad4033274ab484770b1af4713
Requested by: Host: cdn.inspectlet.com
URL: https://cdn.inspectlet.com/inspectlet.js?wid=36371617&r=481093
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://insider-report.pages.ontraport.net/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GALEAjMLxYyLliEd6iBKjemzwKZF1GOHhh9iajNVbNNqesVxLXHO%2FY7rMnX%2BKqFBZ3AnGKmmXrUWh4MvMkAXKatL96XECg8%2FMMJuhiCwOw33YyVgoy%2F1XbD%2BhPrAranX5biUfzt3JpiBZosiLA%3D%3D"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 8e4841434f815d40-FRA
access-control-allow-origin: https://insider-report.pages.ontraport.net
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=33336&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5100&recv_bytes=5936&delivery_rate=587&cwnd=12000&unsent_bytes=0&cid=05bebfd3a539d0cf&ts=268&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 18 Nov 2024 13:19:55 GMT
vary: origin
server: cloudflare
priority: u=1,i

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 47ms
15ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1357489168502278&ev=PageView&dl=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&rl=https%3A%2F%2Fwww.marketbeat.com%2F&if=false&ts=1731935995208&cd[source]=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmgoogletagmanager&ec=1&o=12318&fbp=fb.1.1731935995201.886559608807288063&eid=ob3_plugin-set_0fd98df3bb7fc596bcea7f19b1036571f1cb96a423b6b6d42bb55e5767cf3dd0&cs_est=true&ler=other&cdl=API_unavailable&it=1731935994807&coo=false&rqm=GET

Requested by

Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4557, tp=12, tpl=0, uplat=1, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 18 Nov 2024 13:19:55 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 235ms
204ms Image
image/png 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1357489168502278&ev=PageView&dl=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&rl=https%3A%2F%2Fwww.marketbeat.com%2F&if=false&ts=1731935995208&cd[source]=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmgoogletagmanager&ec=1&o=12318&fbp=fb.1.1731935995201.886559608807288063&eid=ob3_plugin-set_0fd98df3bb7fc596bcea7f19b1036571f1cb96a423b6b6d42bb55e5767cf3dd0&cs_est=true&ler=other&cdl=API_unavailable&it=1731935994807&coo=false&rqm=FGET

Requested by

Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438608457711944172"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 13:19:55 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: c1VUMTs670aj4LfZ86fkmomnUzWDspbs8VLxHcg06u5FDGl2tZxsn1/BrmvRN5QGZc5aFQ969TNhZjW+JVqEYg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438608457711944172", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=24, mss=1232, tbw=5117, tp=17, tpl=0, uplat=137, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK track.php Show response
signupforex.ontraport.com/ 774 B
1 KB 835ms
448ms Script
text/html 209.170.211.179
ASN-FLEXENTIAL

General

Check archive.org

Show headers Download Go to

Full URL: https://signupforex.ontraport.com/track.php?mid=21828_lp494.0_2&llc=https%253A%252F%252Finsider-report.pages.ontraport.net%252Ftraining%253Femail%253Dverdacht%2540safeonweb.be&first_visit=1&referral_page=https%253A%252F%252Fwww.marketbeat.com%252F&s=80brq17chyb70mkg4ftx&l=insider-report.pages.ontraport.net/training&ti=621%20trades,%20zero%20losses&is_unique=1
Requested by: Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 209.170.211.179 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS: mail9.ontramail.com
Software: ONTRAport /
Resource Hash: 6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
X-op-ca: 81.95.5.44
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-op-class: hosted
X-op-release: 3
Access-Control-Allow-Origin: *
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Mon, 18 Nov 2024 13:19:56 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Server: ONTRAport

GET
H2 200 21828.4e6f9a78450702f72c635bac30364871.PNG
i.ontraport.com/ 3 KB
4 KB 133ms
48ms Other
image/webp 104.18.32.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ontraport.com/21828.4e6f9a78450702f72c635bac30364871.PNG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c13b8d2eddbe9424f591fc1057be9f979e320421ab5a7c6e25f44c94ddbd752

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://insider-report.pages.ontraport.net/

Response headers

cf-bgj: imgq:85,h2pri
etag: "06d8be5a82b6779e4fc604a9197eda78"
age: 298720
cf-cache-status: HIT
access-control-allow-methods: GET
expires: Thu, 19 Dec 2024 13:19:55 GMT
cf-polished: origFmt=png, origSize=5039
x-cache: RefreshHit from cloudfront
x-amz-cf-id: mCpClwkrz1Qu5QlhatH1z1ScKyPuk7v3zQNw6FDOAHTX4dEIhRIYbQ==
date: Mon, 18 Nov 2024 13:19:55 GMT
content-type: image/webp
content-disposition: inline; filename="21828.webp"
vary: Accept
last-modified: Tue, 10 Oct 2023 13:05:55 GMT
x-amz-id-2: HyOIDkUGI65Db5SjC40iMbfUoXrlcyvLTr0yRL80d6Z31keWP/ZNO4GPvXsa3zrFJubdD+tKGX4=
cache-control: public, max-age=2678400
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-amz-request-id: GMBANJSN875ZBSFZ
cf-ray: 8e484144386ed365-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3432
x-amz-cf-pop: FRA60-P9
server: cloudflare
x-amz-server-side-encryption: AES256

POST collect
region1.analytics.google.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8SJNWV4ZSP&gtm=45je4bc0v878195527za200zb870991869&_p=1731935994091&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=114409198.1731935995&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731935994&sct=1&seg=0&dl=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&dr=https%3A%2F%2Fwww.marketbeat.com%2F&dt=621%20trades%2C%20zero%20losses&en=scroll&epn.percent_scrolled=90&_et=9&tfd=11880

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capig.insiders-exposed.com/events/f998de276671077aa170eec8f688b5923c76d54ad4033274ab484770b1af4713	1970-01-21 03:15:11	Name: cee Value: RcKP2hBCHAyLiUF1JGKX4lqn0KTZ8KjkyI3mYi2Q2O0%3D.%7B%7D
insider-report.pages.ontraport.net/training	1969-12-31 23:59:59	Name: lpsplt_494 Value: 0
.onesignal.com/	1970-01-21 01:05:37	Name: __cf_bm Value: hnrkx2o3wY2kRTOnFrPQrZ3MQ1GSFia3wmmdYF1zZsw-1731935988-1.0.1.1-NtFJ6dA8Cj_Krbcz7oCqtRG_vqxmx4jQIXnMla6CcMUK9dxvomZa.O6Lc9vqek58yunnlrXY50oacGQYm1D7yg
www.marketbeat.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value:
.clkmg.com/	1970-01-21 09:51:11	Name: vid Value: 1094663549
.ontraport.net/	1970-01-21 09:51:11	Name: cmc_vid Value: cmc2377530054
insider-report.pages.ontraport.net/	1970-01-21 10:41:35	Name: sess_ Value: 80brq17chyb70mkg4ftx
insider-report.pages.ontraport.net/	1970-01-21 10:41:35	Name: referral_page Value: https://www.marketbeat.com/
insider-report.pages.ontraport.net/	1970-01-21 10:41:35	Name: vid Value:
insider-report.pages.ontraport.net/	1970-01-21 10:41:35	Name: lastvisit Value: 1731935994
.ontraport.net/	1970-01-21 01:05:36	Name: wickedEmails1720964790 Value: verdacht%40safeonweb.be
.ontraport.net/	1970-01-21 10:41:35	Name: _ga Value: GA1.1.114409198.1731935995
.ontraport.net/	1970-01-21 10:41:35	Name: _ga_8SJNWV4ZSP Value: GS1.1.1731935994.1.0.1731935994.60.0.0
.ontraport.net/	1970-01-21 09:51:11	Name: __insp_wid Value: 36371617
.ontraport.net/	1970-01-21 09:51:11	Name: __insp_slim Value: 1731935995042
.ontraport.net/	1970-01-21 09:51:11	Name: __insp_nv Value: true
.ontraport.net/	1970-01-21 09:51:11	Name: __insp_targlpu Value: aHR0cHM6Ly9pbnNpZGVyLXJlcG9ydC5wYWdlcy5vbnRyYXBvcnQubmV0L3RyYWluaW5nP2VtYWlsPXZlcmRhY2h0QHNhZmVvbndlYi5iZQ%3D%3D
.ontraport.net/	1970-01-21 09:51:11	Name: __insp_targlpt Value: NjIxIHRyYWRlcywgemVybyBsb3NzZXM%3D
.ontraport.net/	1970-01-21 03:15:11	Name: _fbp Value: fb.1.1731935995201.886559608807288063
.ontraport.net/	1970-01-21 09:51:11	Name: __insp_pad Value: 1
.ontraport.net/	1970-01-21 09:51:11	Name: __insp_sid Value: 2357661629
.ontraport.net/	1970-01-21 09:51:11	Name: __insp_uid Value: 2301558246
.vimeo.com/	1970-01-21 10:41:35	Name: vuid Value: pl1492811053.1919926922
.vimeo.com/	1970-01-21 01:05:37	Name: __cf_bm Value: MHNamh64YMzEKKbvTH.m_Hxxt8.cpdaC5IqQE58YB4g-1731935995-1.0.1.1-1Xt3BGc7Xoos485V7O36t.kcGdTE7psrDHpTXXuPSxKve03a60JftAVUU3tqLJ8D
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Y9L8yUNKyaFMyqmzW0AVcloYFXbPVITiIDUf0b3LKus-1731935995676-0.0.1.1-604800000
signupforex.ontraport.com/	1970-01-21 05:24:47	Name: sess_ Value: 80brq17chyb70mkg4ftx
signupforex.ontraport.com/	1970-01-21 05:24:47	Name: mr_src Value: lp494
signupforex.ontraport.com/	1970-01-21 05:24:47	Name: referral_page Value: https%3A%2F%2Fwww.marketbeat.com%2F

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.markettradersdaily.com
ajax.googleapis.com
app.ontraport.com
capig.insiders-exposed.com
cdn.clkmc.com
cdn.inspectlet.com
cdn.onesignal.com
connect.facebook.net
email.analystratings.net
hn.inspectlet.com
i.ontraport.com
insider-report.com
insider-report.pages.ontraport.net
onesignal.com
optassets.ontraport.com
player.vimeo.com
region1.analytics.google.com
signupforex.ontraport.com
stats.g.doubleclick.net
track.wickedreports.com
widget.wickedreports.com
www.clkmc.com
www.clkmg.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.marketbeat.com
region1.analytics.google.com
104.17.111.223
104.18.32.136
157.240.251.35
157.240.251.9
162.159.128.61
162.159.138.60
172.217.18.99
172.64.155.120
172.67.10.172
18.172.112.117
188.114.96.3
2001:4860:4802:32::36
209.170.211.179
209.170.211.182
2606:4700:10::6816:296e
2606:4700:10::6816:9d7
2606:4700:20::681a:ce3
2606:4700:3108::ac42:2b0e
2606:4700::6810:a091
2a00:1450:4001:812::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9a
34.196.122.89
52.34.52.85
52.40.91.67
54.204.244.124
0011caa87105379dd3c7b19f0a5671dc75de6e10ff84d6cacf214ff5495760f6
0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb
128ca0f26ee3a8968b5a7d8231c8e6def7ff08da364d25877a07391bae9cce08
132d8a44fa30ee1840095c4fcf4235886104a9e2f335ad99903744afba43a499
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2c2348bbc056a14a9cd62dadb8d461800a192e8ba636f803d0ffddd753977976
2cf9b5ba7fd801d61e8a891c8234031c824ac2aabc42dc8399ec9e5debf018f8
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
34ccd21cf8cc2a2bdcd7dbe6bef05246067ff849bf71308e207bf525f581763d
412846d92d01817e002a0061b56b7def493632c96628b7fd342f93e4bec38383
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
498a41eab15456686643b139ae2c289c961bb02da852aaad698540831d0e9bb5
4e289765f35b5ba01042d13c1a6d0e325b233f91552b8092f53b47f9dd8ad825
54ae92531c5cb4a7e8c8f7240035894921a898c615e812ac4dd9ff6e0b5213a7
5bb63eb5f4841d00e086da04ab89a586470114a49c7e07b4a1b03bc6a41fe01d
5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5
5da274ce6310d42174fbf8369e8737ad5a2db661802d7aeb09ee13da863d7843
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
6645251daf984086bca8f97904746fc4a96dbbb7385664fb7d7570d5ed9253dd
6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48
6b97e7529737a09deb27afbf9a316f4f8d382a3ba0ed6085f1ee2be1024b4dac
73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08
771350bc6fdd297030acb2cdc64e3d06c9e2ebb1fe38ab88bdd53c3add83dbf9
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
85dd7090bc8b73a3a62f84ab73a37330b1088542c7d0f4a652357adc862cd0f6
98d16230356b70fd7563c3b57822a33519101d5ff8408e06778371a436c35c75
9c13b8d2eddbe9424f591fc1057be9f979e320421ab5a7c6e25f44c94ddbd752
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab2f779b241fd51e4c0356c96edc743e3937e6c9c501080e536a33fd703922ed
af7d1fff18bef11595c6f2455d75bfe10e9ddcfbecfa1095ac65500b81cf1f33
b74487af8761c9be10987f564aca761a5202c43ab28309c5cf8d2ea81d677d73
b81adfb26d280f078c88f6ca927f39d4b06800287b943dfe0b8c078a4f4fd662
d035c41ad9ed28c89858bdbd1d19bc2b2265f5b98359f43d3e72e6075c7ec1de
d15aea2408195a5da3a49875fac7e584f3068dfe7fdb262f48a6fc05c9c48c76
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
d4d175f498b00516c629ce8af152cbe745d73932fa58cc9fdfc8e4b49c0da368
d92ec1ba85164aa8c9b1cc4b683af6b9c929b4a88b9f748642333afaf5983a04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52dfee8b8ea50c75794e755848a3b03f69f871832c8764f8e406e3f81104bfe
e9f52c199dc4a45699a1797aa4ecb859ad7a1a56fdb216bba251697f31257085
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c1b8cf0ccef4a39fe24c6d1f5f49dff7c54e5c1755047fb021b8747f1f9fcd
f6299afe31070c7c1f4f89116e599fe131cb43ae163ee4cd143cc5ba815ebddf

insider-report.pages.ontraport.net Open in urlscan Pro 209.170.211.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

35 %IPv6

20 Domains

27 Subdomains

23 IPs

5 Countries

1171 kBTransfer

3428 kBSize

28 Cookies

4 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

insider-report.pages.ontraport.net Open in urlscan Pro
209.170.211.182 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

35 %
IPv6

20
Domains

27
Subdomains

23
IPs

5
Countries

1171 kB
Transfer

3428 kB
Size

28
Cookies

57 HTTP transactions
0 data transactions