urlscan.io logo urlscan.io
SecurityTrails logo

pva.pages.ontraport.net Open in urlscan Pro
209.170.211.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trading-secrets.acemlna.com/lt.php?x=3DZy~GE6UFPL6H38-t~OUulw1HQgv_9xlu41jHc2IFWa5s.t-Uy.0eJy3HBzidbvkNY0Z6HEJXCi6m
Effective URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pv...
Submission: On August 21 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 42 HTTP transactions. The main IP is 209.170.211.182, located in Las Vegas, United States and belongs to ASN-FLEXENTIAL, US. The main domain is pva.pages.ontraport.net.
TLS certificate: Issued by E6 on July 18th 2024. Valid for: 3 months.
This is the only time pva.pages.ontraport.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.237.253.202 14618 (AMAZON-AES)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 209.170.211.182 13649 (ASN-FLEXE...)
4 13.32.110.18 16509 (AMAZON-02)
12 104.18.32.136 13335 (CLOUDFLAR...)
1 5 172.64.155.120 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
2 18.224.143.245 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 209.170.211.179 13649 (ASN-FLEXE...)
42 14
1    34.237.253.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-253-202.compute-1.amazonaws.com
trading-secrets.acemlna.com
1    2606:4700::6811:cb1f (United States)

ASN13335 (CLOUDFLARENET, US)
trading-secrets.activehosted.com
1    209.170.211.182 (Las Vegas, United States)

ASN13649 (ASN-FLEXENTIAL, US)
pva.pages.ontraport.net
4    13.32.110.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-18.vie50.r.cloudfront.net
widget.wickedreports.com
12    104.18.32.136 (None, )

ASN13335 (CLOUDFLARENET, US)
optassets.ontraport.com
5    172.64.155.120 (None, )

ASN13335 (CLOUDFLARENET, US)
app.ontraport.com
i.ontraport.com
2    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2606:4700:10::6816:38f5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.inspectlet.com
hn.inspectlet.com
2    18.224.143.245 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-224-143-245.us-east-2.compute.amazonaws.com
track.wickedreports.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2606:4700:10::6816:39f5 (United States)

ASN13335 (CLOUDFLARENET, US)
hn.inspectlet.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    209.170.211.179 (Las Vegas, United States)

ASN13649 (ASN-FLEXENTIAL, US)
PTR: mail9.ontramail.com
tracking.ontraport.com
Apex Domain
Subdomains		 Transfer
18 ontraport.com
optassets.ontraport.com — Cisco Umbrella Rank: 178801
app.ontraport.com — Cisco Umbrella Rank: 249174
i.ontraport.com — Cisco Umbrella Rank: 264651
tracking.ontraport.com — Cisco Umbrella Rank: 748655
923 KB
9 inspectlet.com
cdn.inspectlet.com — Cisco Umbrella Rank: 38126
hn.inspectlet.com — Cisco Umbrella Rank: 35931
70 KB
6 wickedreports.com
widget.wickedreports.com — Cisco Umbrella Rank: 66394
track.wickedreports.com — Cisco Umbrella Rank: 110608
10 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
75 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
181 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
259 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
1 ontraport.net
pva.pages.ontraport.net
16 KB
1 activehosted.com
trading-secrets.activehosted.com
907 B
1 acemlna.com
trading-secrets.acemlna.com
202 B
42 12
Domain Requested by
12 optassets.ontraport.com pva.pages.ontraport.net
optassets.ontraport.com
8 hn.inspectlet.com cdn.inspectlet.com
pva.pages.ontraport.net
4 i.ontraport.com 1 redirects pva.pages.ontraport.net
4 widget.wickedreports.com pva.pages.ontraport.net
widget.wickedreports.com
www.googletagmanager.com
2 www.facebook.com pva.pages.ontraport.net
2 connect.facebook.net pva.pages.ontraport.net
connect.facebook.net
2 track.wickedreports.com widget.wickedreports.com
2 www.googletagmanager.com pva.pages.ontraport.net
www.googletagmanager.com
1 tracking.ontraport.com optassets.ontraport.com
1 www.google.de pva.pages.ontraport.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 cdn.inspectlet.com pva.pages.ontraport.net
1 app.ontraport.com pva.pages.ontraport.net
1 pva.pages.ontraport.net
1 trading-secrets.activehosted.com 1 redirects
1 trading-secrets.acemlna.com 1 redirects
42 17

This site contains links to these domains. Also see Links.

Domain
precisionvolumealerts.com
Subject Issuer Validity Valid
pva.pages.ontraport.net
E6		 2024-07-18 -
2024-10-16		 3 months crt.sh
widget.wickedreports.com
Amazon RSA 2048 M02		 2024-07-02 -
2025-07-31		 a year crt.sh
optassets.ontraport.com
Cloudflare Inc ECC CA-3		 2023-11-29 -
2024-11-27		 a year crt.sh
app.ontraport.com
Cloudflare Inc ECC CA-3		 2023-11-20 -
2024-11-18		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
inspectlet.com
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
i.ontraport.com
WE1		 2024-08-18 -
2024-11-16		 3 months crt.sh
track.wickedreports.com
Amazon RSA 2048 M03		 2024-02-13 -
2025-03-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-30 -
2024-08-28		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.de
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
tracking.ontraport.com
E6		 2024-07-20 -
2024-10-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Frame ID: 5E76EE68E03AF814454A6D4E3A41E7B2
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The 2023 Investment Blueprint: Explore the Secret Market Roadmap

Page URL History Show full URLs

  1. https://trading-secrets.acemlna.com/lt.php?x=3DZy~GE6UFPL6H38-t~OUulw1HQgv_9xlu41jHc2IFWa5s.t-Uy.0eJy3HBzidbvkNY... HTTP 307
    https://trading-secrets.activehosted.com/lt.php?x=3DZy~GE6UFPL6H38-t~OUulw1HQgv_9xlu41jHc2IFWa5s.t-Uy.0eJy3HBzidbvkNY... HTTP 302
    https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.inspectlet\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

98 %
HTTPS

56 %
IPv6

12
Domains

17
Subdomains

14
IPs

4
Countries

1278 kB
Transfer

2827 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trading-secrets.acemlna.com/lt.php?x=3DZy~GE6UFPL6H38-t~OUulw1HQgv_9xlu41jHc2IFWa5s.t-Uy.0eJy3HBzidbvkNY0Z6HEJXCi6m HTTP 307
    https://trading-secrets.activehosted.com/lt.php?x=3DZy~GE6UFPL6H38-t~OUulw1HQgv_9xlu41jHc2IFWa5s.t-Uy.0eJy3HBzidbvkNY0Z6HEJXCi6m HTTP 302
    https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://i.ontraport.com/21828.3c757645ad573ebc9dc990bbce644623.PNG?ops=700 HTTP 302
  • https://i.ontraport.com/21828.3c757645ad573ebc9dc990bbce644623.PNG

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ai
pva.pages.ontraport.net/
Redirect Chain
  • https://trading-secrets.acemlna.com/lt.php?x=3DZy~GE6UFPL6H38-t~OUulw1HQgv_9xlu41jHc2IFWa5s.t-Uy.0eJy3HBzidbvkNY0Z6HEJXCi6m
  • https://trading-secrets.activehosted.com/lt.php?x=3DZy~GE6UFPL6H38-t~OUulw1HQgv_9xlu41jHc2IFWa5s.t-Uy.0eJy3HBzidbvkNY0Z6HEJXCi6m
  • https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
83 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.170.211.182 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
Software
Ontraport /
Resource Hash
c6cb81384c7d8a1b35b83c8e33ea207600ddad5c3e9110e694153db0f0993ba1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Aug 2024 13:42:29 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
Ontraport
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding Accept-Encoding
X-op-ca
217.114.215.131

Redirect headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b6b0bdef9749bce-FRA
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 21 Aug 2024 13:42:26 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-privacy-policy
You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
x-request-id
68e3725a191a2d6133fb927121e046c8
x-robots-tag
noindex
wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js
widget.wickedreports.com/v2/602/ 		422 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.wickedreports.com/v2/602/wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-18.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0011caa87105379dd3c7b19f0a5671dc75de6e10ff84d6cacf214ff5495760f6

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:30 GMT
via
1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 14:31:04 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
1172
x-amz-server-side-encryption
AES256
etag
"b29408317c74a493f73f8f09bcff864a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
422
x-amz-cf-id
baAkVgtheVQZnBqBfZlut1WbZHCnEwkt_-urxGdn4-iP3vtwArL6Ww==
opt-styles.min.css
optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/ 		472 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1724179895
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bebf9359034fa6119df749893cd0dc94ff18c33f663b41e6eea2fd231ded8934

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:30 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1744
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-ca
172.69.34.162
last-modified
Tue, 20 Aug 2024 18:46:25 GMT
server
cloudflare
etag
W/"66c4e481-760fc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=28800
access-control-allow-credentials
true
cf-ray
8b6b0bf8aad935f4-FRA
expires
Wed, 21 Aug 2024 21:42:30 GMT
opt_default_image.png
app.ontraport.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.ontraport.com/images/opt_default_image.png
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e52dfee8b8ea50c75794e755848a3b03f69f871832c8764f8e406e3f81104bfe

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:30 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=5891
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-disposition
inline; filename="opt_default_image.webp"
content-length
2058
x-op-ca
172.69.34.167
cf-bgj
imgq:100,h2pri
last-modified
Tue, 20 Aug 2024 18:40:33 GMT
server
cloudflare
etag
"66c4e321-1703"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8b6b0bf82c4418d1-FRA
expires
Wed, 21 Aug 2024 14:02:30 GMT
anime.js
optassets.ontraport.com/opt_assets/static/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/anime.js
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7150c03ffd06a64b39ed90b98d84d9bec76de87fe7828bf45570012fdf91c354

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:30 GMT
content-encoding
br
cf-cache-status
HIT
age
3
cf-polished
origSize=16752
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-ca
172.68.35.59
cf-bgj
minify
last-modified
Tue, 20 Aug 2024 18:40:42 GMT
server
cloudflare
etag
W/"66c4e32a-4170"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
8b6b0bf8aada35f4-FRA
expires
Wed, 21 Aug 2024 14:12:30 GMT
jquery-3.2.1.min.js
optassets.ontraport.com/opt_assets/static/js/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/jquery-3.2.1.min.js
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:30 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3576
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-ca
172.68.34.27
last-modified
Tue, 20 Aug 2024 18:40:42 GMT
server
cloudflare
etag
W/"66c4e32a-15285"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
8b6b0bf95bba35f4-FRA
expires
Wed, 21 Aug 2024 14:12:30 GMT
opt-assets.js
optassets.ontraport.com/opt_assets/static/js/ 		368 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1724179895
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5436f51243fc01a8a70a44763581093f3a8ac68870346ff60ce24a3c0c4fc2a

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:30 GMT
content-encoding
br
cf-cache-status
HIT
age
1631
cf-polished
origSize=377710
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-ca
172.68.35.100
cf-bgj
minify
last-modified
Tue, 20 Aug 2024 18:45:58 GMT
server
cloudflare
etag
W/"66c4e466-5c36e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
8b6b0bfa8d2435f4-FRA
expires
Wed, 21 Aug 2024 14:12:30 GMT
custom-elements.min.js
optassets.ontraport.com/opt_assets/static/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/custom-elements.min.js
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:31 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5856
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-ca
172.69.34.168
last-modified
Tue, 20 Aug 2024 18:40:42 GMT
server
cloudflare
etag
W/"66c4e32a-47a8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
8b6b0bfbff8a35f4-FRA
expires
Wed, 21 Aug 2024 14:12:31 GMT
tracking.js
optassets.ontraport.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/tracking.js
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bd4db5489f52f092ac687a50c5afd570c768acad3636a0955149b949c4bb32f

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:31 GMT
content-encoding
br
cf-cache-status
HIT
age
2655
cf-polished
origSize=12107
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-ca
172.69.33.37
cf-bgj
minify
last-modified
Tue, 20 Aug 2024 18:40:27 GMT
server
cloudflare
etag
W/"66c4e31b-2f4b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=28800
access-control-allow-credentials
true
cf-ray
8b6b0bfbff8f35f4-FRA
expires
Wed, 21 Aug 2024 21:42:31 GMT
gtm.js
www.googletagmanager.com/ 		222 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MGL2B6P
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
47996d9115e2ce4846f0be6877b512d80cbdd71dbcedc53c81020762569d72a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78859
x-xss-protection
0
last-modified
Wed, 21 Aug 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Aug 2024 13:42:31 GMT
inspectlet.js
cdn.inspectlet.com/ 		188 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inspectlet.com/inspectlet.js?wid=36371617&r=478957
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:38f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:31 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified
Wed, 21 Aug 2024 13:42:31 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724247751&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=qhr2VfpYiwteLWGmqlKHVOL3eVZdhidsBZR4EQ%2F3hIw%3D"}]}
content-type
text/javascript;charset=UTF-8
cache-control
s-maxage=60, max-age=14400
cf-ray
8b6b0bfcf8f93656-FRA
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724247751&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=qhr2VfpYiwteLWGmqlKHVOL3eVZdhidsBZR4EQ%2F3hIw%3D
widget.js
widget.wickedreports.com/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.wickedreports.com/widget.js
Requested by
Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/v2/602/wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-18.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b74487af8761c9be10987f564aca761a5202c43ab28309c5cf8d2ea81d677d73

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 03:44:13 GMT
content-encoding
gzip
via
1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2024 15:23:29 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
35899
etag
W/"5512ee0e9bca9fbad6c56f558c98ec26"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
yMQ6-JctpV87n7e9ecoKsDh-Th0nlONviELSQxowrOgnDvjYQ6FdDg==
21828.bd6411af9c0058b89ff63c93ba1657be.JPEG
i.ontraport.com/ 		220 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ontraport.com/21828.bd6411af9c0058b89ff63c93ba1657be.JPEG
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fedd289246d3a5782ec083ec0a816e347cc8c17624e15993e4f2a31065feefcd

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:31 GMT
via
1.1 d9636724d333576f23b5fcfb40d7830c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P9
x-amz-request-id
MTWV2ZMHFV083QB4
cf-polished
qual=85, origFmt=jpeg, origSize=356851
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
age
168508
content-disposition
inline; filename="21828.webp"
content-length
224996
x-amz-id-2
uAgWe5pRA9HwPhBOdas8iiNMl9x+1I16nW44mcF09fOqK7xJCWO0W7idsJhf5GDK7AAcvEf4TyQ=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Aug 2023 15:51:33 GMT
server
cloudflare
etag
"efa6a315d024ecfe0b992e421be0931c"
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
8b6b0c010ca92bca-FRA
x-amz-cf-id
oRh9XwWK2Ks7RKpCqg3AQl6YowIpXHpx49OaQQSGslcOEHzyaJGfZA==
expires
Sat, 21 Sep 2024 13:42:31 GMT
roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700italic.woff2
optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/ 		53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700italic.woff2
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1724179895
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4208a4184a14e8638f7b807e3b3c9e96fb1e1d7690fa9c2ae8216b763dd3a0c

Request headers

Referer
https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1724179895
Origin
https://pva.pages.ontraport.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:31 GMT
content-encoding
gzip
cf-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-ca
172.69.40.152
last-modified
Tue, 20 Aug 2024 18:40:42 GMT
server
cloudflare
etag
W/"66c4e32a-d5f8"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=28800
access-control-allow-credentials
true
cf-ray
8b6b0bfe4e4b9972-FRA
expires
Wed, 21 Aug 2024 21:42:31 GMT
roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2
optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1724179895
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dcacf1d025168ee2f84aaf40bad826f08b43c94db12eb59dbe2a06a3e98bfb2

Request headers

Referer
https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1724179895
Origin
https://pva.pages.ontraport.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:31 GMT
content-encoding
gzip
cf-cache-status
HIT
age
89
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-ca
172.69.40.159
last-modified
Tue, 20 Aug 2024 18:40:42 GMT
server
cloudflare
etag
W/"66c4e32a-c4a4"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=28800
access-control-allow-credentials
true
cf-ray
8b6b0bfe5e579972-FRA
expires
Wed, 21 Aug 2024 21:42:31 GMT
material_icons.woff2
optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/material/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/material/material_icons.woff2
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1724179895
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83be7b2f504af2c948c5106fa907dc4224380a7b75a993a7bff52cd71ec8c7d3

Request headers

Referer
https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1724179895
Origin
https://pva.pages.ontraport.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:31 GMT
content-encoding
gzip
cf-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-ca
172.69.40.163
last-modified
Tue, 20 Aug 2024 18:40:42 GMT
server
cloudflare
etag
W/"66c4e32a-1f568"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=28800
access-control-allow-credentials
true
cf-ray
8b6b0bfe4e4e9972-FRA
expires
Wed, 21 Aug 2024 21:42:31 GMT
roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1724179895
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34ccd21cf8cc2a2bdcd7dbe6bef05246067ff849bf71308e207bf525f581763d

Request headers

Referer
https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1724179895
Origin
https://pva.pages.ontraport.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:31 GMT
content-encoding
gzip
cf-cache-status
HIT
age
89
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-ca
172.69.40.158
last-modified
Tue, 20 Aug 2024 18:40:42 GMT
server
cloudflare
etag
W/"66c4e32a-c428"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=28800
access-control-allow-credentials
true
cf-ray
8b6b0bfe5e5c9972-FRA
expires
Wed, 21 Aug 2024 21:42:31 GMT
roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1724179895
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d175f498b00516c629ce8af152cbe745d73932fa58cc9fdfc8e4b49c0da368

Request headers

Referer
https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1724179895
Origin
https://pva.pages.ontraport.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:31 GMT
content-encoding
gzip
cf-cache-status
MISS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-ca
172.69.40.152
last-modified
Tue, 20 Aug 2024 18:40:42 GMT
server
cloudflare
etag
W/"66c4e32a-c52c"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=28800
access-control-allow-credentials
true
cf-ray
8b6b0bfe4e4d9972-FRA
expires
Wed, 21 Aug 2024 21:42:31 GMT
logging.js
optassets.ontraport.com/opt_assets/static/js/ 		1023 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/logging.js
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1724179895
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
990f9545e109622866e56b8152c0ce6317c77ab9bf5851b2310f3e79b2096283

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:31 GMT
content-encoding
br
cf-cache-status
HIT
age
1432
cf-polished
origSize=1923
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-ca
172.69.34.50
cf-bgj
minify
last-modified
Tue, 20 Aug 2024 18:40:42 GMT
server
cloudflare
etag
W/"66c4e32a-783"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
8b6b0bfe4ba735f4-FRA
expires
Wed, 21 Aug 2024 14:12:31 GMT
f.php
track.wickedreports.com/ 		118 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.wickedreports.com/f.php?WickedClientID=602&WickedEmail=verdacht%40safeonweb.be&fbp=fb.1.1724247751.4002220974.0841384&fbc=&WickedURL=https%3A%2F%2Fpva.pages.ontraport.net%2Fai%3Futm_campaign%3DAI-PVA-Ebook%26utm_medium%3Demail-dedicated%26utm_source%3DSteve%26utm_content%3D08-21-24-pva-ai-ebook-link7%26utm_term%3Dai-ebook-optin%26email%3Dverdacht%40safeonweb.be&WickedReferrerURL=&WickedTrackingDate=1724247751517
Requested by
Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.224.143.245 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-224-143-245.us-east-2.compute.amazonaws.com
Software
nginx / PHP/8.1.26
Resource Hash
bfbca6b8122e1f399559eba9ba9da692d92ef6da09b0a34ee9e97c560ff55235

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 21 Aug 2024 13:42:32 GMT
server
nginx
x-powered-by
PHP/8.1.26
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
*
index.php
track.wickedreports.com/ 		118 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.wickedreports.com/index.php?WickedClientID=602&WickedEmail=verdacht%40safeonweb.be&WickedTrackingDate=1724247751509&WickedURL=https%3A%2F%2Fpva.pages.ontraport.net%2Fai%3Futm_campaign%3DAI-PVA-Ebook%26utm_medium%3Demail-dedicated%26utm_source%3DSteve%26utm_content%3D08-21-24-pva-ai-ebook-link7%26utm_term%3Dai-ebook-optin%26email%3Dverdacht%40safeonweb.be&WickedReferrerURL=
Requested by
Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.224.143.245 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-224-143-245.us-east-2.compute.amazonaws.com
Software
nginx / PHP/8.1.26
Resource Hash
9f315a909215f8c03014ec942866f9691d980e4c10d63b1bf2b4fbbf83c70a0c

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 21 Aug 2024 13:42:32 GMT
server
nginx
x-powered-by
PHP/8.1.26
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
*
21828.3c757645ad573ebc9dc990bbce644623.PNG
i.ontraport.com/
Redirect Chain
  • https://i.ontraport.com/21828.3c757645ad573ebc9dc990bbce644623.PNG?ops=700
  • https://i.ontraport.com/21828.3c757645ad573ebc9dc990bbce644623.PNG
155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ontraport.com/21828.3c757645ad573ebc9dc990bbce644623.PNG
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H2
Server
172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43b553a89a9d330c85b5dc427950ac193e357e85ac845486e871e7736f782d84

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:32 GMT
via
1.1 41fcd719412f2befdcf66654c7db4572.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS58-P6
x-amz-request-id
290JXQNPBKZWNHGE
cf-polished
origFmt=png, origSize=243461
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
age
424338
content-disposition
inline; filename="21828.webp"
content-length
158444
x-amz-id-2
MWFQjI0PhN8kBEnLoUF3TDG8vKg/H8V1Woa5uVQqCPBjAM/DFppYIBy1qUq60teJqkGiqXTrvno=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Aug 2023 16:12:29 GMT
server
cloudflare
etag
"2c228f89490425f182d386c5cc6bffa5"
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
8b6b0c0378152bca-FRA
x-amz-cf-id
o71GcSTvk__ChJCJxjJkDSOYXDpv52qCcw0ILwRtchBbeKL_dhuszA==
expires
Sat, 21 Sep 2024 13:42:32 GMT

Redirect headers

date
Wed, 21 Aug 2024 13:42:32 GMT
via
1.1 9cf04b48b6c1d39fa4ec78ed3583f106.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-request-id
YKX4RE1HMKSXVTXH
x-amz-cf-pop
VIE50-P2
x-cache
Hit from cloudfront
content-length
0
x-amz-id-2
7/tN+FR4QEwOiM0zdBoPkC40TNWhTaalTqBNlFtoxLncDUCRDJoIFox0HOhqWQ66ai3QljIxVZQ=
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
location
/21828.3c757645ad573ebc9dc990bbce644623.PNG
cache-control
public, max-age=2678400
cf-ray
8b6b0c010cac2bca-FRA
x-amz-cf-id
OPKe9UxDScl3-mypMlGePSl5i0ApHc8O4wpnikO5sQkS2kbaL0SFJQ==
expires
Sat, 21 Sep 2024 13:42:32 GMT
js
www.googletagmanager.com/gtag/ 		314 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGL2B6P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d4a3ed1525b93827ee786e7b9fc502af0d10d92d74e953950a651bb2133a975c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105894
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 21 Aug 2024 13:42:32 GMT
wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js
widget.wickedreports.com/v2/602/ 		422 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.wickedreports.com/v2/602/wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGL2B6P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-18.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0011caa87105379dd3c7b19f0a5671dc75de6e10ff84d6cacf214ff5495760f6

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:30 GMT
via
1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 14:31:04 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
1172
x-amz-server-side-encryption
AES256
etag
"b29408317c74a493f73f8f09bcff864a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
422
x-amz-cf-id
baAkVgtheVQZnBqBfZlut1WbZHCnEwkt_-urxGdn4-iP3vtwArL6Ww==
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 21 Aug 2024 13:42:32 GMT
document-policy
force-load-at-top
x-fb-server-load
53
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58912
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=79, rtx=0, c=12, mss=1328, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
nfdoLyXiPOevM3qXWtNdKLKs9WV6KKlXOt8HJDtyu/6GDDhlJLDgrdwGnl+uGJOOxY4Jbu+BgWFJnw/OVQi1LA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
36371617
hn.inspectlet.com/ginit/ 		212 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hn.inspectlet.com/ginit/36371617
Requested by
Host: cdn.inspectlet.com
URL: https://cdn.inspectlet.com/inspectlet.js?wid=36371617&r=478957
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:38f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e6c7429e77a0600fd77baa91265b58d397efe6a8ffaf0c8f6f3e17f34e5e7eae

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Aug 2024 13:42:32 GMT
via
1.1 vegur
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724247752&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=ua5DsU3aKt9%2BlAEzCZSetNNYW%2FMv2jpNH%2F2GMaHOCk8%3D
server
cloudflare
etag
W/"d4-aY9MrRsYAZFARgDHBv7vvQ"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724247752&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=ua5DsU3aKt9%2BlAEzCZSetNNYW%2FMv2jpNH%2F2GMaHOCk8%3D"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pva.pages.ontraport.net
access-control-allow-methods
GET, POST
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8b6b0c06b9bf3656-FRA
access-control-allow-headers
X-Requested-With, Content-Type
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8SJNWV4ZSP&gtm=45je48j0v878195527z8870991869za200zb870991869&_p=1724247749740&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2032086547.1724247753&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724247752&sct=1&seg=0&dl=https%3A%2F%2Fpva.pages.ontraport.net%2Fai%3Futm_campaign%3DAI-PVA-Ebook%26utm_medium%3Demail-dedicated%26utm_source%3DSteve%26utm_content%3D08-21-24-pva-ai-ebook-link7%26utm_term%3Dai-ebook-optin%26email%3Dverdacht%2540safeonweb.be&dt=The%202023%20Investment%20Blueprint%3A%20Explore%20the%20Secret%20Market%20Roadmap&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=8011
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 13:42:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pva.pages.ontraport.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8SJNWV4ZSP&cid=2032086547.1724247753&gtm=45je48j0v878195527z8870991869za200zb870991869&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 13:42:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pva.pages.ontraport.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8SJNWV4ZSP&cid=2032086547.1724247753&gtm=45je48j0v878195527z8870991869za200zb870991869&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=598300876
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 13:42:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getfid
hn.inspectlet.com/ 		17 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hn.inspectlet.com/getfid
Requested by
Host: cdn.inspectlet.com
URL: https://cdn.inspectlet.com/inspectlet.js?wid=36371617&r=478957
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:39f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
26fdc2df8757a07937e2233d1b5439611d7d756dca544069148cf3b77263a7bc

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Aug 2024 13:42:34 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
content-length
17
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724247754&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=WPqw6VSol1Ra7XOOt8xDTTyCIB6Jpjgk41vhMMZDfps%3D
server
cloudflare
etag
W/"11-emRSIpx/U7xAj2PhOkWNRg"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724247754&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=WPqw6VSol1Ra7XOOt8xDTTyCIB6Jpjgk41vhMMZDfps%3D"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST
cache-control
no-cache
cf-ray
8b6b0c0e6b08382b-FRA
access-control-allow-headers
X-Requested-With, Content-Type
getfid
hn.inspectlet.com/ 		18 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hn.inspectlet.com/getfid
Requested by
Host: cdn.inspectlet.com
URL: https://cdn.inspectlet.com/inspectlet.js?wid=36371617&r=478957
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:39f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
157357ab36016b7fd492a47d1d2cdc131ec54dcd14fafeb184c867fe5445e8ca

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Aug 2024 13:42:34 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
content-length
18
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724247754&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=WPqw6VSol1Ra7XOOt8xDTTyCIB6Jpjgk41vhMMZDfps%3D
server
cloudflare
etag
W/"12-+xs5diu1/X9/bJo4t4LNTQ"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724247754&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=WPqw6VSol1Ra7XOOt8xDTTyCIB6Jpjgk41vhMMZDfps%3D"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST
cache-control
no-cache
cf-ray
8b6b0c0e6b05382b-FRA
access-control-allow-headers
X-Requested-With, Content-Type
widget.js
widget.wickedreports.com/ 		26 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.wickedreports.com/widget.js
Requested by
Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/v2/602/wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-18.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b74487af8761c9be10987f564aca761a5202c43ab28309c5cf8d2ea81d677d73

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 03:44:13 GMT
content-encoding
gzip
via
1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2024 15:23:29 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
35899
etag
W/"5512ee0e9bca9fbad6c56f558c98ec26"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
yMQ6-JctpV87n7e9ecoKsDh-Th0nlONviELSQxowrOgnDvjYQ6FdDg==
1357489168502278
connect.facebook.net/signals/config/ 		73 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1357489168502278?v=2.9.165&r=stable&domain=pva.pages.ontraport.net&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
185dddaad5f9b60d3cfbb6fa5be79e3cecc4e76ac62c4e3f7bc31f125431e181
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 21 Aug 2024 13:42:33 GMT
document-policy
force-load-at-top
x-fb-server-load
40
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=142, rtx=3, c=44, mss=1328, tbw=64434, tp=-1, tpl=-1, uplat=72, ullat=0
pragma
public
x-fb-debug
B+5nCsUdFG6xQj0CNeMEqdK0N8jU91pCREChOqgHxulxhV56a4QQCyrb6vra+aZ8djmOo2h/ol7tinbHsCS8Hg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1357489168502278&ev=PageView&dl=https%3A%2F%2Fpva.pages.ontraport.net%2Fai%3Futm_campaign%3DAI-PVA-Ebook%26utm_medium%3Demail-dedicated%26utm_source%3DSteve%26utm_content%3D08-21-24-pva-ai-ebook-link7%26utm_term%3Dai-ebook-optin%26email%3Dverdacht%2540safeonweb.be&rl=&if=false&ts=1724247753928&cd[source]=https%3A%2F%2Fpva.pages.ontraport.net%2Fai&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1724247753921.654078653333349128&cs_est=true&ler=empty&cdl=API_unavailable&it=1724247753407&coo=false&rqm=GET
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=85, rtx=0, c=10, mss=1328, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 21 Aug 2024 13:42:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1357489168502278&ev=PageView&dl=https%3A%2F%2Fpva.pages.ontraport.net%2Fai%3Futm_campaign%3DAI-PVA-Ebook%26utm_medium%3Demail-dedicated%26utm_source%3DSteve%26utm_content%3D08-21-24-pva-ai-ebook-link7%26utm_term%3Dai-ebook-optin%26email%3Dverdacht%2540safeonweb.be&rl=&if=false&ts=1724247753928&cd[source]=https%3A%2F%2Fpva.pages.ontraport.net%2Fai&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1724247753921.654078653333349128&cs_est=true&ler=empty&cdl=API_unavailable&it=1724247753407&coo=false&rqm=FGET
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x38997843af9bd3b5","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:6666219873491539","24:7103484746342992","24:6735933266485393","24:6397533597010568","7830:6666219873491539","7830:7103484746342992","7830:6735933266485393","7830:6397533597010568","10853:6666219873491539","10853:7103484746342992","10853:6735933266485393","10853:6397533597010568","41:6666219873491539","41:7103484746342992","41:6735933266485393","41:6397533597010568","8046:6666219873491539","8046:7103484746342992","8046:6735933266485393","8046:6397533597010568"]},"debug_reporting":true,"debug_key":"1"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 21 Aug 2024 13:42:34 GMT
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7405587714073510046", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=75, rtx=0, c=10, mss=1328, tbw=3102, tp=-1, tpl=-1, uplat=145, ullat=0
pragma
no-cache
x-fb-debug
uN7StVBCet/PB7fYqGLZ3GYkts5x25M0JyRyNcSf7ehmpPGFXJAjmL2I5jBHwlFE8d9imbhBDK0LhWKSzS9cGQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7405587714073510046"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
fa
hn.inspectlet.com/ 		35 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hn.inspectlet.com/fa?w=36371617&r=927035096&farc=1&isfpayload=eyJmb3JtaWQiOjE4NjUxOTM4MDgsIm10Ijoic2VlbiIsInYiOjF9&isfnum=1&isftotal=1&rrtn=1724247754222
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:38f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:34 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server
cloudflare
x-powered-by
Express
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724247754&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=WPqw6VSol1Ra7XOOt8xDTTyCIB6Jpjgk41vhMMZDfps%3D"}]}
cache-control
no-cache
cf-ray
8b6b0c1038c43656-FRA
alt-svc
h3=":443"; ma=86400
content-length
35
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724247754&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=WPqw6VSol1Ra7XOOt8xDTTyCIB6Jpjgk41vhMMZDfps%3D
fa
hn.inspectlet.com/ 		35 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hn.inspectlet.com/fa?w=36371617&r=927035096&farc=2&isfpayload=W3siZm9ybWlkIjoxODY1MTkzODA4LCJtdCI6InNlZW4iLCJpaWQiOiJbXCJpZFwiLFwibzk2NTFiZmRiNzFjOS1lbWFpbFwiXSIsImlwb3MiOjIzNywidiI6IjAifV0=&isfnum=1&isftotal=1&rrtn=1724247754223
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:38f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:34 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server
cloudflare
x-powered-by
Express
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724247754&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=WPqw6VSol1Ra7XOOt8xDTTyCIB6Jpjgk41vhMMZDfps%3D"}]}
cache-control
no-cache
cf-ray
8b6b0c1038c93656-FRA
alt-svc
h3=":443"; ma=86400
content-length
35
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724247754&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=WPqw6VSol1Ra7XOOt8xDTTyCIB6Jpjgk41vhMMZDfps%3D
fa
hn.inspectlet.com/ 		35 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hn.inspectlet.com/fa?w=36371617&r=927035096&farc=3&isfpayload=eyJmb3JtaWQiOjQ0OTc0NDAwNiwibXQiOiJzZWVuIiwidiI6MX0=&isfnum=1&isftotal=1&rrtn=1724247754235
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:38f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:34 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server
cloudflare
x-powered-by
Express
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724247754&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=WPqw6VSol1Ra7XOOt8xDTTyCIB6Jpjgk41vhMMZDfps%3D"}]}
cache-control
no-cache
cf-ray
8b6b0c1048e53656-FRA
alt-svc
h3=":443"; ma=86400
content-length
35
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724247754&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=WPqw6VSol1Ra7XOOt8xDTTyCIB6Jpjgk41vhMMZDfps%3D
fa
hn.inspectlet.com/ 		35 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hn.inspectlet.com/fa?w=36371617&r=927035096&farc=4&isfpayload=W3siZm9ybWlkIjo0NDk3NDQwMDYsIm10Ijoic2VlbiIsImlpZCI6IltcImlkXCIsXCJvODJmZGVhZDUyMjQ2LWVtYWlsXCJdIiwiaXBvcyI6NTMsInYiOiIwIn1d&isfnum=1&isftotal=1&rrtn=1724247754236
Requested by
Host: pva.pages.ontraport.net
URL: https://pva.pages.ontraport.net/ai?utm_campaign=AI-PVA-Ebook&utm_medium=email-dedicated&utm_source=Steve&utm_content=08-21-24-pva-ai-ebook-link7&utm_term=ai-ebook-optin&email=verdacht%40safeonweb.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:38f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:34 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server
cloudflare
x-powered-by
Express
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724247754&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=WPqw6VSol1Ra7XOOt8xDTTyCIB6Jpjgk41vhMMZDfps%3D"}]}
cache-control
no-cache
cf-ray
8b6b0c1048fa3656-FRA
alt-svc
h3=":443"; ma=86400
content-length
35
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724247754&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=WPqw6VSol1Ra7XOOt8xDTTyCIB6Jpjgk41vhMMZDfps%3D
track.php
tracking.ontraport.com/ 		774 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.ontraport.com/track.php?mid=21828_lp484.0_2&first_visit=1&utm_source=Steve&utm_medium=email-dedicated&utm_term=ai-ebook-optin&utm_content=08-21-24-pva-ai-ebook-link7&utm_campaign=AI-PVA-Ebook&s=c21by6r4j5y0pst9t76m&l=pva.pages.ontraport.net/ai&ti=The%202023%20Investment%20Blueprint:%20Explore%20the%20Secret%20Market%20Roadmap&forms%5Bp2c21828lp484.0.bid5ce9562a-ed12-ba15-b2c7-82fdead52246%5D=0&forms%5Bp2c21828lp484.0.bid4d3cb2c7-3b26-d94c-0a13-dfd3780937b8%5D=0&forms%5Bp2c21828lp484.0.bid5d78c3d0-d72c-f9f5-ca4c-9651bfdb71c9%5D=0&forms%5Bp2c21828lp484.0.bidf1e336f4-e74e-d380-627f-a90e466e7d46%5D=0&is_unique=1
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.170.211.179 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
mail9.ontramail.com
Software
ONTRAport /
Resource Hash
6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 21 Aug 2024 13:42:35 GMT
Content-Encoding
gzip
Server
ONTRAport
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=UTF-8
X-op-release
2
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-op-class
hosted
X-op-ca
217.114.215.131
21828.dbed8a65d4dae2507ab434c21583420f.PNG
i.ontraport.com/ 		196 B
567 B 		Other
General
Check archive.org
Download Go to
Full URL
https://i.ontraport.com/21828.dbed8a65d4dae2507ab434c21583420f.PNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a29cfc6f6be8b77b8a0d8b4b61ebc6eb399fb16f66a51bed49299fb6d828b30

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:34 GMT
via
1.1 8fa6a359afa3b10c460a2c884c6400e8.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
CDG52-P2
x-amz-request-id
PED3JM2J934WPTPC
cf-polished
origFmt=png, origSize=471
x-cache
Miss from cloudfront
content-disposition
inline; filename="21828.webp"
content-length
196
x-amz-id-2
1ZOeBlg3gzb6aZ4uBh+DqrChMe0xRA3ApTUcdw/cjz4SSFiWSw7b6gXfRQdXVTx8Tm7Npu2cT7U=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 07 Dec 2022 15:43:18 GMT
server
cloudflare
etag
"0a74939fbfef124db08913f979e5be3b"
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
8b6b0c126ce92bca-FRA
x-amz-cf-id
jfs1-787CpEU4ztg-GFNoylBZdkS_ghjLIKkfm-rlp-Iq3ktdsndtg==
expires
Sat, 21 Sep 2024 13:42:34 GMT
pdata
hn.inspectlet.com/ 		35 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hn.inspectlet.com/pdata?d=mr,1066,undefined,undefined,undefined,undefined)s,1066,0,0)cinmi,2809,143,)cinmi,2809,169,)cinmi,2809,184,ODY0OEVCRTIxNzkxM0UzNzExRTBDN0ZDOjNGQkJBMjNDQjczNzc5RkRERUU4QUY2Qg==)cinmi,2809,186,MDE3MjEzMzpFRDNBMkJDODEwMjU0RDQ0MkRFM0U3RTM6RjkzOENEMjk2NTA1NUFDQTBDQjAyMkM2)cinmi,2809,188,cDJjMjE4MjhscDQ4NC4wLmJpZDVjZTk1NjJhLWVkMTItYmExNS1iMmM3LTgyZmRlYWQ1MjI0Ng==)cinmi,2809,190,)cinmi,2809,192,)cinmi,2809,194,)cinmi,2809,196,)cinmi,2809,198,)cinmi,2809,200,)cinmi,2809,202,)cinmi,2809,204,)cinmi,2809,206,)cinmi,2809,208,)cinmi,2809,210,)cinmi,2809,212,)cinmi,2809,214,)cinmi,2809,216,)cinmi,2809,218,)cinmi,2809,220,)cinmi,2809,222,)cinmi,2809,249,)cinmi,2809,275,)cinmi,2809,290,RDI2QjZBQUQwQzYzQUI4ODkwODY2OEY3OkQwRkVEQjVFMjlCQjAwQkVDOEMwQUEyQw==)cinmi,2809,292,MDE3MjEzMzpFRDY5ODA0ODMxOTc0OUJDOUI4RjA0Mzk6NThGM0UyRjY5NjVEN0ZFMDJBRjcxNUZG)cinmi,2809,294,cDJjMjE4MjhscDQ4NC4wLmJpZDRkM2NiMmM3LTNiMjYtZDk0Yy0wYTEzLWRmZDM3ODA5MzdiOA==)cinmi,2809,296,)cinmi,2810,298,)cinmi,2810,300,)cinmi,2810,302,)cinmi,2810,304,)cinmi,2810,306,)cinmi,2810,308,)cinmi,2810,310,)cinmi,2810,312,)cinmi,2810,314,)cinmi,2810,316,)cinmi,2810,318,)cinmi,2810,320,)cinmi,2810,322,)cinmi,2810,324,)cinmi,2810,326,)cinmi,2810,328,)cinmi,2810,437,)cinmi,2810,460,)cinmi,2810,472,MzI1NUJDRDNGMDRBM0Y0Rjg4MzRGMkIxOkFCODUyRjkwQjdENDBBRDVGNjkzM0RBMQ==)cinmi,2810,474,MDE3MjEzMzo2QTgxMjExMDVENjk0NkI4MDZFNDIxQTk6RkY2RTZDOTIxODRCMkE3ODYzOEExREMw)cinmi,2810,476,cDJjMjE4MjhscDQ4NC4wLmJpZDVkNzhjM2QwLWQ3MmMtZjlmNS1jYTRjLTk2NTFiZmRiNzFjOQ==)cinmi,2810,478,)cinmi,2810,480,)cinmi,2810,482,)cinmi,2810,484,)cinmi,2810,486,)cinmi,2810,488,)cinmi,2810,490,)cinmi,2810,492,)cinmi,2810,494,)cinmi,2810,496,)cinmi,2810,498,)cinmi,2810,500,)cinmi,2810,502,)cinmi,2810,504,)cinmi,2810,506,)cinmi,2810,508,)cinmi,2810,510,)cinmi,2810,586,)cinmi,2810,609,)cinmi,2810,621,OTRFOTk0RTlDQzg5MTAyOTE2N0ZFRDk1OjExMjM0MDAyOTcyRjUxMTc3OTI0NTU5MA==)cinmi,2810,623,MDE3MjEzMzpEOTkwREIzRjYzNzZCNUIxQ0Q0QTI3Mjg6N0MyRTQyNTQ5OEQ5M0NBQjlCQTNBNzNB)cinmi,2810,625,cDJjMjE4MjhscDQ4NC4wLmJpZGYxZTMzNmY0LWU3NGUtZDM4MC02MjdmLWE5MGU0NjZlN2Q0Ng==)cinmi,2810,627,)cinmi,2810,629,)cinmi,2810,631,)cinmi,2810,633,)cinmi,2810,635,)cinmi,2810,637,)cinmi,2810,639,)cinmi,2810,641,)cinmi,2810,643,)cinmi,2810,645,)cinmi,2810,647,)cinmi,2810,649,)cinmi,2810,651,)cinmi,2810,653,)cinmi,2810,655,)cinmi,2810,657,)cinmi,2810,659,)&w=36371617&r=927035096&sid=1842071891&pad=1&dn=dn&fadd=true&oid=39937361&lpt=0&rrtn=1724247759429
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:38f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://pva.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 13:42:40 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server
cloudflare
x-powered-by
Express
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1724247760&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=YVEFvLKRyfXtM2xiDIkXfD%2BrUQ1MDld1%2FwIu5wIn3tw%3D"}]}
cache-control
no-cache
cf-ray
8b6b0c344b3b3656-FRA
alt-svc
h3=":443"; ma=86400
content-length
35
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1724247760&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=YVEFvLKRyfXtM2xiDIkXfD%2BrUQ1MDld1%2FwIu5wIn3tw%3D

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| dataLayer object| __insp number| __inspld object| wrWidgetSettings function| loadWR object| op object| dcParam string| awsParam string| _opt_lpid boolean| isONTRApage object| $jscomp object| $jscomp$this function| anime function| $ function| jQuery function| _wr function| cash object| M object| Materialize function| Hammer object| desExport function| des function| des_createKeys function| stringToHex function| hexToString object| XD function| _ number| ACCOUNT_SIGNUP_ERROR number| CC_VERIFY_POST number| CC_VERIFY_SHOW_IFRAME number| CC_VERIFY_HIDE_IFRAME number| CC_VERIFY_GET_CC_DATA number| LOG_LEVEL_WARNING number| LOG_LEVEL_DEBUG string| PROTOCOL string| COUPON_PROCESS_DOMAIN string| FORM_PROCESS_DOMAIN string| CC_VERIFY_DOMAIN function| OPCapcha_filled function| OPCapcha_expired function| $l function| Globalize function| OptDateTimePicker string| _mri object| _mrd string| _mrl object| _mrct string| _mr_ex string| _linktrack string| _mr_title string| _mrl_internal_url string| _mrl_internal_domain function| mrSetupActual function| mrtracking function| gC function| parseGetVars function| genmrSess function| _escapeT function| _mrGetLinkTo function| _sanitizeMrLink function| _mrScanLinks function| _mrTrackLink function| _mrReturnXmlHttpObject string| _mr_domain string| session string| possible object| google_tag_manager object| google_tag_data function| stripUrlParameters function| fbq function| _fbq object| Base64i function| $i function| __insp_ object| __inspcr object| __inspm object| __inspq function| setZeroTimeout object| __inspels function| onYouTubeIframeAPIReady object| gaGlobal string| property object| _mrTrackLinks

32 Cookies

Domain/Path Name / Value
pva.pages.ontraport.net/ai Name: lpsplt_484
Value: 0
trading-secrets.activehosted.com/ Name: PHPSESSID
Value: dd4ea3b9ebdf7c0a77581260f1c18793
.trading-secrets.activehosted.com/ Name: cmp68399962
Value: 3a3ab879536e6358a0b240dbcf7389e4
.activehosted.com/ Name: __cf_bm
Value: 46LVzByoZD2duHbrGi3_iNjy4j5aCK2Kzv4POM53IfY-1724247746-1.0.1.1-DM3G2GZPWfz9gNAsesuERwb0gzLtrYf0wdGIg7egtkoyAcHVWoQ0ybSW2k6RJqtGgfzr2gBgxnt79L2udQ9ZAw
pva.pages.ontraport.net/ Name: sess_
Value: c21by6r4j5y0pst9t76m
pva.pages.ontraport.net/ Name: utm_source
Value: Steve
pva.pages.ontraport.net/ Name: utm_medium
Value: email-dedicated
pva.pages.ontraport.net/ Name: utm_term
Value: ai-ebook-optin
pva.pages.ontraport.net/ Name: utm_content
Value: 08-21-24-pva-ai-ebook-link7
pva.pages.ontraport.net/ Name: utm_campaign
Value: AI-PVA-Ebook
pva.pages.ontraport.net/ Name: vid
Value:
pva.pages.ontraport.net/ Name: lastvisit
Value: 1724247751
.ontraport.net/ Name: wickedfu
Value: %7B%22url%22%3A%22https%3A%2F%2Fpva.pages.ontraport.net%2Fai%3Futm_campaign%3DAI-PVA-Ebook%26utm_medium%3Demail-dedicated%26utm_source%3DSteve%26utm_content%3D08-21-24-pva-ai-ebook-link7%26utm_term%3Dai-ebook-optin%26email%3Dverdacht%2540safeonweb.be%22%2C%22time%22%3A1724247751508%2C%22c%22%3A602%7D
.ontraport.net/ Name: wickedEmails4163570615
Value: verdacht%40safeonweb.be
.ontraport.net/ Name: __insp_wid
Value: 36371617
.ontraport.net/ Name: __insp_slim
Value: 1724247752666
.ontraport.net/ Name: __insp_nv
Value: true
.ontraport.net/ Name: __insp_targlpu
Value: aHR0cHM6Ly9wdmEucGFnZXMub250cmFwb3J0Lm5ldC9haT91dG1fY2FtcGFpZ249QUktUFZBLUVib29rJnV0bV9tZWRpdW09ZW1haWwtZGVkaWNhdGVkJnV0bV9zb3VyY2U9U3RldmUmdXRtX2NvbnRlbnQ9MDgtMjEtMjQtcHZhLWFpLWVib29rLWxpbms3JnV0bV90ZXJtPWFpLWVib29rLW9wdGluJmVtYWlsPXZlcmRhY2h0JTQwc2FmZW9ud2ViLmJl
.ontraport.net/ Name: __insp_targlpt
Value: VGhlIDIwMjMgSW52ZXN0bWVudCBCbHVlcHJpbnQ6IEV4cGxvcmUgdGhlIFNlY3JldCBNYXJrZXQgUm9hZG1hcA%3D%3D
.ontraport.net/ Name: _ga_8SJNWV4ZSP
Value: GS1.1.1724247752.1.0.1724247752.60.0.0
.ontraport.net/ Name: _ga
Value: GA1.1.2032086547.1724247753
.ontraport.net/ Name: __insp_pad
Value: 1
.ontraport.net/ Name: __insp_sid
Value: 1842071891
.ontraport.net/ Name: __insp_uid
Value: 1240771910
.ontraport.net/ Name: _fbp
Value: fb.1.1724247753921.654078653333349128
tracking.ontraport.com/ Name: sess_
Value: c21by6r4j5y0pst9t76m
tracking.ontraport.com/ Name: mr_src
Value: lp484
tracking.ontraport.com/ Name: utm_source
Value: Steve
tracking.ontraport.com/ Name: utm_medium
Value: email-dedicated
tracking.ontraport.com/ Name: utm_term
Value: ai-ebook-optin
tracking.ontraport.com/ Name: utm_content
Value: 08-21-24-pva-ai-ebook-link7
tracking.ontraport.com/ Name: utm_campaign
Value: AI-PVA-Ebook

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.ontraport.com
cdn.inspectlet.com
connect.facebook.net
hn.inspectlet.com
i.ontraport.com
optassets.ontraport.com
pva.pages.ontraport.net
region1.analytics.google.com
stats.g.doubleclick.net
track.wickedreports.com
tracking.ontraport.com
trading-secrets.acemlna.com
trading-secrets.activehosted.com
widget.wickedreports.com
www.facebook.com
www.google.de
www.googletagmanager.com
104.18.32.136
13.32.110.18
172.64.155.120
18.224.143.245
2001:4860:4802:32::36
209.170.211.179
209.170.211.182
2606:4700:10::6816:38f5
2606:4700:10::6816:39f5
2606:4700::6811:cb1f
2a00:1450:4001:803::2008
2a00:1450:4001:811::2003
2a00:1450:400c:c00::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.237.253.202
0011caa87105379dd3c7b19f0a5671dc75de6e10ff84d6cacf214ff5495760f6
157357ab36016b7fd492a47d1d2cdc131ec54dcd14fafeb184c867fe5445e8ca
185dddaad5f9b60d3cfbb6fa5be79e3cecc4e76ac62c4e3f7bc31f125431e181
26fdc2df8757a07937e2233d1b5439611d7d756dca544069148cf3b77263a7bc
34ccd21cf8cc2a2bdcd7dbe6bef05246067ff849bf71308e207bf525f581763d
43b553a89a9d330c85b5dc427950ac193e357e85ac845486e871e7736f782d84
47996d9115e2ce4846f0be6877b512d80cbdd71dbcedc53c81020762569d72a8
4bd4db5489f52f092ac687a50c5afd570c768acad3636a0955149b949c4bb32f
5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48
7150c03ffd06a64b39ed90b98d84d9bec76de87fe7828bf45570012fdf91c354
73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
83be7b2f504af2c948c5106fa907dc4224380a7b75a993a7bff52cd71ec8c7d3
990f9545e109622866e56b8152c0ce6317c77ab9bf5851b2310f3e79b2096283
9a29cfc6f6be8b77b8a0d8b4b61ebc6eb399fb16f66a51bed49299fb6d828b30
9dcacf1d025168ee2f84aaf40bad826f08b43c94db12eb59dbe2a06a3e98bfb2
9f315a909215f8c03014ec942866f9691d980e4c10d63b1bf2b4fbbf83c70a0c
a4208a4184a14e8638f7b807e3b3c9e96fb1e1d7690fa9c2ae8216b763dd3a0c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b5436f51243fc01a8a70a44763581093f3a8ac68870346ff60ce24a3c0c4fc2a
b74487af8761c9be10987f564aca761a5202c43ab28309c5cf8d2ea81d677d73
bebf9359034fa6119df749893cd0dc94ff18c33f663b41e6eea2fd231ded8934
bfbca6b8122e1f399559eba9ba9da692d92ef6da09b0a34ee9e97c560ff55235
c6cb81384c7d8a1b35b83c8e33ea207600ddad5c3e9110e694153db0f0993ba1
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
d4a3ed1525b93827ee786e7b9fc502af0d10d92d74e953950a651bb2133a975c
d4d175f498b00516c629ce8af152cbe745d73932fa58cc9fdfc8e4b49c0da368
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52dfee8b8ea50c75794e755848a3b03f69f871832c8764f8e406e3f81104bfe
e6c7429e77a0600fd77baa91265b58d397efe6a8ffaf0c8f6f3e17f34e5e7eae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fedd289246d3a5782ec083ec0a816e347cc8c17624e15993e4f2a31065feefcd