weekly-paycheck.safechkout.net Open in urlscan Pro
209.170.211.179 Public Scan

spdc.pbp.vip.ir2.yahoo.com

Software

ESF /

Resource Hash

cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 14:50:57 GMT
server: ESF
date: Tue, 05 Oct 2021 14:50:57 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 05 Oct 2021 14:50:57 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
18 KB 70ms
28ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

439df5885089c84e5d6a7f3a0de94990d0a8efefe8452393d6b8a6476744e5a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17619
x-xss-protection: 0
server: cafe
etag: 4495727085171687606
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 14:50:57 GMT

GET
H2 200 opt-styles.min.css
optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/ 208 KB
36 KB 48ms
26ms Stylesheet
text/css 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
Requested by: Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b2e71175b2bb8e673e1734f746a6c951188ab955e25d886aeda2b8c09569e5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 417
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997771efe165b3e-FRA
expires: Tue, 05 Oct 2021 18:50:57 GMT

GET
H2 200 trackfu.js Show response
widget.wickedreports.com/TradersReserveLLC/ 432 B
762 B 61ms
19ms Script
text/javascript 65.9.66.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/TradersReserveLLC/trackfu.js
Requested by: Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8fe7b620d1168611023029e8d8d5040e599f72309a2c8de4318d6afef959b4b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 06:42:49 GMT
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jun 2020 15:21:47 GMT
server: AmazonS3
age: 29289
etag: "40a1070787734f0260a2ed913267c879"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 432
x-amz-cf-id: OPodktbZcI6jNGBRcCbGzn3_nshHwSCoQOIPxyUlWxxfyBY20MSsCA==

GET
H2 200 8953.ce45cb055d7f97a4fbeef0abe44a9d95.JPEG
i.ontraport.com/ 24 KB
25 KB 1130ms
847ms Image
image/jpeg 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/8953.ce45cb055d7f97a4fbeef0abe44a9d95.JPEG
Requested by: Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64ab07b9d08e3fc799bc8b04ee4a81d2166872eb5e886f460f811ff7740dfdbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
via: 1.1 a7631312afe99e40229aa0da70662113.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
x-edge-origin-shield-skipped: 0
content-length: 25031
x-amz-request-id: VJ46AKFBBP6QM8V7
x-amz-id-2: ju4Vb0re/LNREiID/lr1mXNj9Q3TxQUDHCAHLqGT+qOenE5nMdpcTXRjLaZJNmDbFINxN7S345w=
last-modified: Tue, 07 May 2019 20:00:08 GMT
server: cloudflare
etag: "4ac69d60fd80519205baa8412709f6a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 699777215a485b3e-FRA
x-amz-cf-id: tzFY6Ih2pX1icG6RZfuV2OVMs-J60ncbvXrs-HAEelhoLWK8dag8_g==
expires: Thu, 07 Oct 2021 14:50:58 GMT

GET
H2 200 opt_default_image.png
app.ontraport.com/images/ 5 KB
5 KB 49ms
36ms Image
image/png 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.ontraport.com/images/opt_default_image.png
Requested by: Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f697537edc72c0764b1ff7e9f1d3e21f601d82afb169ca435fc3e7f1a3af2415

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:57 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 289
cf-polished: origSize=5891
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
content-length: 4968
x-op-ca: 10.2.80.206
last-modified: Thu, 31 Jan 2019 20:36:34 GMT
server: cloudflare
etag: "5c535c52-1703"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Tue, 05 Oct 2021 15:10:57 GMT
cache-control: public, max-age=1200
x-op-class: app
accept-ranges: bytes
cf-ray: 6997771fcf685b3e-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 8953.3441e180acd66a437b439fdc05f871bf.JPEG
i.ontraport.com/ 9 KB
10 KB 986ms
713ms Image
image/jpeg 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/8953.3441e180acd66a437b439fdc05f871bf.JPEG
Requested by: Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb31a9a61f6bdbc306aa74d48e7bf54ac90d8c408578253ad685d6c314d0e71f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
x-edge-origin-shield-skipped: 0
content-length: 9523
x-amz-request-id: VJ442MF517ZTRXA5
x-amz-id-2: wa8FvuWKeCQ/WRqCl8OnR5J+XgnJJz9ZyOUZGLg5EB6btd1U3E61lfwsyA89vCriqsuRSay1zBM=
last-modified: Fri, 19 Oct 2018 01:48:11 GMT
server: cloudflare
etag: "55ee552dcde85090439226e07d609305"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-touched: true
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 699777215a4d5b3e-FRA
x-amz-cf-id: fzppAq9ED46jmJDlbMufebiYLG_PQgKh40p5n3NuZ9nU-v_Sp5z73w==
expires: Thu, 07 Oct 2021 14:50:58 GMT

GET
H2 200 anime.js Show response
optassets.ontraport.com/opt_assets/elements_v3/common/materialize-1-dev/js/ 16 KB
7 KB 37ms
37ms Script
text/plain 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize-1-dev/js/anime.js
Requested by: Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c2348bbc056a14a9cd62dadb8d461800a192e8ba636f803d0ffddd753977976

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 5171
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997771f4e975b3e-FRA
expires: Tue, 05 Oct 2021 18:50:57 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
optassets.ontraport.com/opt_assets/opt_boilerplates/v3/ 85 KB
31 KB 19ms
19ms Script
text/plain 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/opt_boilerplates/v3/jquery-3.2.1.min.js
Requested by: Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 5170
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997771f5eb85b3e-FRA
expires: Tue, 05 Oct 2021 18:50:57 GMT

GET
H2 200 opt-assets.js Show response
optassets.ontraport.com/opt_assets/ 299 KB
88 KB 26ms
26ms Script
text/plain 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/opt-assets.js?1633024868
Requested by: Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49d52af7d62f3f8403d58c67ae1b90e4f23bdab8a4b1dc8b837e7a43e7207db2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 1265
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997771f8ef35b3e-FRA
expires: Tue, 05 Oct 2021 18:50:57 GMT

GET
H2 200 tracking.js Show response
optassets.ontraport.com/ 12 KB
3 KB 31ms
28ms Script
text/html 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/tracking.js
Requested by: Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e216637f4a7df41f3b559d1998bcb11854d5c05f6b7fed6327c428c33e2cb93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2136
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997771faf2c5b3e-FRA
expires: Tue, 05 Oct 2021 18:50:57 GMT

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ 43 B
962 B 143ms
45ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10002286

Requested by

Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 14:50:57 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Tue, 05 Oct 2021 14:50:57 GMT

GET
H2 200 opf.js Show response
app.ontraport.com/js/ontraport/opt_assets/drivers/ 65 KB
22 KB 51ms
41ms Script
application/javascript 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ontraport.com/js/ontraport/opt_assets/drivers/opf.js
Requested by: Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c48ce7495d12ecaad5f3588143d97e1fc9c7ccb76aac86699f31d10d8b422c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:57 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 17
cf-polished: origSize=66656
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
cf-bgj: minify
content-encoding: br
x-op-ca: 10.2.80.206
last-modified: Thu, 30 Sep 2021 18:07:38 GMT
server: cloudflare
etag: W/"6155fcea-10460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
x-op-class: app
cf-ray: 6997771fcf6b5b3e-FRA
expires: Tue, 05 Oct 2021 15:10:57 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1006006567/ 2 KB
2 KB 42ms
19ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1006006567/?random=1633445457815&cv=9&fst=1633445457815&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&tiba=How%20To%20Sell%20Options%20For%20Income%20with%20Michael%20Shulman&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9cc9632a29938f7f455607d9b72e93a5a513f2f2403c14e976cafd14fa8868df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 14:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1035
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 285 KB
12 KB 18ms
17ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cef0553be8b385a4f0befb3ff2e2f983cf6637a1530120c5d251966acd5da4ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://optassets.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 14:16:58 GMT
server: ESF
date: Tue, 05 Oct 2021 14:50:57 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 05 Oct 2021 14:50:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 277 KB
12 KB 29ms
29ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48eca37c763ca9e68d20d4bc92517a8fed8f01a4c46f5d20cecd03271056ebe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://optassets.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 14:50:57 GMT
server: ESF
date: Tue, 05 Oct 2021 14:50:57 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 05 Oct 2021 14:50:57 GMT

GET
H2 200 widget.js Show response
widget.wickedreports.com/ 24 KB
8 KB 8ms
7ms Script
text/javascript 65.9.66.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/widget.js
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/TradersReserveLLC/trackfu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df34b7cc0668c81b00e76f0c186178d9a8a29baa99f2257ef76ac9362c5ec9d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:20:10 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 14:02:22 GMT
server: AmazonS3
age: 1848
etag: W/"449ff510406d05660839cb12c3f13686"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 4w549l3VZ2pG0fmI_EiLD_Yv37wiTEZWhi4WdORF_LGo2thGfwzyZg==

GET
H2 200 fontawesome-webfont.woff2
optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/ 75 KB
76 KB 530ms
253ms Font
application/octet-stream 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/fontawesome-webfont.woff2
Requested by: Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
Origin: https://weekly-paycheck.safechkout.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: MISS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 69977721ea955ba4-FRA
expires: Tue, 05 Oct 2021 18:50:58 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 293ms
12ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weekly-paycheck.safechkout.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:39:23 GMT
x-content-type-options: nosniff
age: 511895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17380
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:39:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 277ms
7ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

e2.ycpi.vip.deb.yahoo.com

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weekly-paycheck.safechkout.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 512357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:31:41 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1006006567/ 42 B
569 B 44ms
20ms Image
image/gif 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1006006567/?random=1633445457815&cv=9&fst=1633442400000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&tiba=How%20To%20Sell%20Options%20For%20Income%20with%20Michael%20Shulman&fmt=3&is_vtc=1&random=314464233&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 14:50:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logging.js Show response
optassets.ontraport.com/opt_assets/scripts/ 1 KB
727 B 19ms
17ms Script
text/plain 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/scripts/logging.js
Requested by: Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/opt-assets.js?1633024868
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 398aeee3c266005c4cb1ba93d1de89f6ac06f24e491df3b02486900d8a79b11f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 420137
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997772088d05b3e-FRA
expires: Wed, 06 Oct 2021 14:50:58 GMT

GET
H2 200 font-awesome.min.css
optassets.ontraport.com/opt_assets/opt_boilerplates/v3/ 31 KB
7 KB 23ms
22ms Stylesheet
text/css 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/opt_boilerplates/v3/font-awesome.min.css
Requested by: Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/opt-assets.js?1633024868
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 035fbaa3cd2839454720989a45f209d5c932f94268ad3462f2f5472fb069cd6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 3696
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997772088d45b3e-FRA
expires: Tue, 05 Oct 2021 18:50:58 GMT

GET
H2 200 opf.js Show response
optassets.ontraport.com/opt_assets/drivers/ 65 KB
23 KB 20ms
19ms Script
text/plain 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/drivers/opf.js
Requested by: Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/opt-assets.js?1633024868
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c83d4bfeeea1e1785f3ba9c3d993c857516d768dbc045ce9b4d46ef390fac272

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1264
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997772088d75b3e-FRA
expires: Tue, 05 Oct 2021 18:50:58 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 100ms
30ms Script
application/javascript 87.248.118.23
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.23 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: VDC70F6BRYQE2T1H
x-amz-id-2: 1wob0VWDKtmVRbivOL77Gtp9B+vS5GQ6lhsegoMDbzp+HvcN3QLR9APStjOM236HZ24xgYj/tnk=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 27 May 2021 13:00:20 GMT
server: ATS
etag: "6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 5639
content-type: application/javascript

GET
H2 200 bat.js Show response
bat.bing.com/ 34 KB
10 KB 88ms
53ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: 25691b4cadbc6312d4968d44601681557ab0c8dc4cef73a82ff00171ba2bad31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:57 GMT
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 19:22:40 GMT
x-msedge-ref: Ref A: C77244711C1D4E548E8A89CADB720A17 Ref B: PRG01EDGE0806 Ref C: 2021-10-05T14:50:58Z
etag: "080879d5b3d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9985

GET
H2 200 index.php Show response
track.wickedreports.com/ 118 B
342 B 367ms
128ms XHR
text/html 18.191.114.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.wickedreports.com/index.php?WickedClientID=778&WickedEmail=&WickedTrackingDate=1633445458012&WickedURL=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&WickedReferrerURL=&WickedNullURL=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F%3Futm_source%3DDirect%26utm_medium%3DDirect%26utm_campaign%3DDirect%26utm_content%3Dweekly-paycheck.safechkout.net%26utm_term%3DOrganic%20traffic&WickedNullReferrerURL=
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.114.192 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-114-192.us-east-2.compute.amazonaws.com
Software: nginx / PHP/7.3.27
Resource Hash: 813c09243272ab1ef223023d540d3982977b455ca001399763752d6431d422fe

Request headers

Referer: https://weekly-paycheck.safechkout.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
server: nginx
x-powered-by: PHP/7.3.27
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 genlightbootstrap.php Show response
forms.ontraport.com/v2.4/include/formEditor/ Frame 6162 57 KB
12 KB 539ms
528ms Document
text/html 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Requested by: Host: app.ontraport.com
URL: https://app.ontraport.com/js/ontraport/opt_assets/drivers/opf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6349a74ef48cbace69a500f6b0972dfc82fd2bbc28e42bec4a8581f5921584d0

Request headers

:method: GET
:authority: forms.ontraport.com
:scheme: https
:path: /v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://weekly-paycheck.safechkout.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-type: text/html
vary: Accept-Encoding Accept-Encoding
set-cookie: PHPSESSID=gk6g2po1magl3bjon2ua4ehfo1; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-benvironment: production
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
x-op-what: what
x-op-pci: true
x-cache-status: BYPASS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69977720c93c5b3e-FRA
content-encoding: br

GET
H2 204 5772599.js Show response
bat.bing.com/p/action/ 0
112 B 165ms
165ms Script
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5772599.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Oct 2021 14:50:57 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 38BB3FEABE9A4FDDB170E398A8BC6DD6 Ref B: PRG01EDGE0806 Ref C: 2021-10-05T14:50:58Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
173 B 1666ms
1665ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5772599&Ver=2&mid=f214491b-0ac4-445f-b114-c98bfd60dbb3&sid=a6685f5025eb11ecb520abf1cf16dd0e&vid=a6689f7025eb11eca15d296870a31b88&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=How%20To%20Sell%20Options%20For%20Income%20with%20Michael%20Shulman&p=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&r=&lt=1919&evt=pageLoad&msclkid=N&sv=1&rn=120587
Requested by: Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 05 Oct 2021 14:50:59 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: E299772F6095433F8E718E9D40B23EDD Ref B: PRG01EDGE0806 Ref C: 2021-10-05T14:50:58Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10002286.json Show response
s.yimg.com/wi/config/ 2 B
485 B 138ms
127ms XHR
application/json 87.248.118.23
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10002286.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.23 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: VJ4852ZB8P9S0AZ6
x-amz-id-2: 1YxjExLYJUJpkNji0KGFJCWeFZ1JeemaZuiSTlcsuicKux61TpuKgRVxMLHIRYvceAE+WEev5BI=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H/1.1 200
OK sp.pl
sp.analytics.yahoo.com/ 43 B
962 B 47ms
47ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2005%20Oct%202021%2014%3A50%3A58%20GMT&n=0&b=How%20To%20Sell%20Options%20For%20Income%20with%20Michael%20Shulman&.yp=10002286&f=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&enc=UTF-8&yv=1.10.1

Requested by

Host: weekly-paycheck.safechkout.net
URL: https://weekly-paycheck.safechkout.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weekly-paycheck.safechkout.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 14:50:58 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Tue, 05 Oct 2021 14:50:58 GMT

GET
H2 200 normalize.css
optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/ Frame 6162 2 KB
1 KB 21ms
20ms Stylesheet
text/css 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/normalize.css
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85129671a3a7e50e880d82cdf2666bc6303c5719db28dbabbaa7bfdc7425d11b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1915
cf-polished: origSize=7797
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997772549725b3e-FRA
expires: Tue, 05 Oct 2021 18:50:58 GMT

GET
H2 200 skeleton.css
optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/ Frame 6162 6 KB
2 KB 23ms
22ms Stylesheet
text/css 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/skeleton.css
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f34d8a7768c26a7fa26614bc8fd032eb5e1fff3284f26c73058ef14bdb7a4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1915
cf-polished: origSize=11452
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997772559745b3e-FRA
expires: Tue, 05 Oct 2021 18:50:58 GMT

GET
H2 200 skeleton.ontraport.css
optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/ Frame 6162 10 KB
2 KB 14ms
13ms Stylesheet
text/css 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/skeleton.ontraport.css
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19cad0f242c1bd7e07d3410ad07ab647afbf5be0883fdbee2804e8d914930376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1915
cf-polished: origSize=19364
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997772559765b3e-FRA
expires: Tue, 05 Oct 2021 18:50:58 GMT

GET
H2 200 fonts.css
optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/ Frame 6162 4 KB
1 KB 24ms
23ms Stylesheet
text/css 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/fonts.css
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 012fe32d0cca4921c7befc5b09a7a54468c9fa6e573a8dcb071e823118fbfb98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1799
cf-polished: origSize=4223
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997772559775b3e-FRA
expires: Tue, 05 Oct 2021 18:50:58 GMT

GET
H2 200 wysihtml5-textalign.css
optassets.ontraport.com/opt_assets/blocks/common/css/ Frame 6162 297 B
171 B 18ms
17ms Stylesheet
text/css 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/blocks/common/css/wysihtml5-textalign.css
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba404759a02456dad5471f582d230e6f59bfbecc57c088737c34f433aa49a10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1915
cf-polished: origSize=769
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997772559785b3e-FRA
expires: Tue, 05 Oct 2021 18:50:58 GMT

GET
H2 200 materializev2.min.css
app.ontraport.com/js/libs/materialize/dist/css/ Frame 6162 37 KB
6 KB 33ms
32ms Stylesheet
text/css 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ontraport.com/js/libs/materialize/dist/css/materializev2.min.css
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f96877ab0cb7cfe38d6899d7b9c8ca1e5f77ec61eabf179f2c15f1fca62ded87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 120
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
content-encoding: br
x-op-ca: 10.2.80.206
last-modified: Thu, 05 Sep 2019 20:16:02 GMT
server: cloudflare
etag: W/"5d716d02-92cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1200
x-op-class: app
cf-ray: 69977725597b5b3e-FRA
expires: Tue, 05 Oct 2021 15:10:58 GMT

GET
H2 200 opt_date_time_picker_lib.css
optassets.ontraport.com/opt_assets/libraries/opt_date_time_picker/dist/ Frame 6162 9 KB
2 KB 19ms
19ms Stylesheet
text/css 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/libraries/opt_date_time_picker/dist/opt_date_time_picker_lib.css
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c999b8750e8d355ecb570d2d05a10b5d3450795758f7341a4d4218f08fc74fdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1726
cf-polished: origSize=8741
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997772559815b3e-FRA
expires: Tue, 05 Oct 2021 18:50:58 GMT

GET
H2 200 trackfu.js Show response
widget.wickedreports.com/TradersReserveLLC/ Frame 6162 432 B
762 B 7ms
7ms Script
text/javascript 65.9.66.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/TradersReserveLLC/trackfu.js
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8fe7b620d1168611023029e8d8d5040e599f72309a2c8de4318d6afef959b4b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 06:42:49 GMT
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jun 2020 15:21:47 GMT
server: AmazonS3
age: 29290
etag: "40a1070787734f0260a2ed913267c879"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 432
x-amz-cf-id: wUOuDJfU63TIoDf-xpO-hCQDMUX2DGYdDgqgk-ChAH-CsMXVlskjng==

GET
H2 200 8953.e4ea31079056ba2f686f7a866c9099e9.GIF
i.ontraport.com/ Frame 6162 35 KB
36 KB 17ms
16ms Image
image/gif 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/8953.e4ea31079056ba2f686f7a866c9099e9.GIF
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4056335baa0f43ea504360225b579539069c3bb32c489156e40347f4ba6a3263

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 29287
cf-polished: origSize=37252
cf-ray: 69977725599a5b3e-FRA
x-cache: RefreshHit from cloudfront
content-length: 36221
x-amz-id-2: gNBDhz+Y6ZFAE0RrSjcSpdZcD3UMsJDIG2xeRnL0W71MXXqNQniEgX58TwGbIbOwidpqWzQN3p0=
expires: Thu, 07 Oct 2021 14:50:58 GMT
last-modified: Fri, 19 Oct 2018 01:48:15 GMT
server: cloudflare
etag: "208494482dffab0aaf718cd80f0617d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 0F3X27QYXQCGCC13
access-control-allow-origin: *
x-amz-meta-touched: true
cache-control: public, max-age=172800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: AQXh0UkrTnBtQaBycJHDPlOcC9EI4cJOl2KH8mzCLVkIGdOOdBalAQ==
cf-bgj: imgq:100,h2pri

GET
H2 200 8953.700ab74c2b656388e24997103355659e.GIF
i.ontraport.com/ Frame 6162 6 KB
6 KB 28ms
28ms Image
image/gif 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ontraport.com/8953.700ab74c2b656388e24997103355659e.GIF
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f666dd7bbc4f18a92a3d63cc049b6dc3887f49316a6fa226ca9abb00ad14350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
via: 1.1 9e1b24b39ac8b669f996f1e7907eb697.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 29287
cf-polished: origSize=5822
cf-ray: 69977725599b5b3e-FRA
x-cache: RefreshHit from cloudfront
x-edge-origin-shield-skipped: 0
content-length: 5814
x-amz-id-2: 1d1XKg2XDhTvsmbTG8MdFA03s+GU6k8V53B02DEi3WU4tK17zbavJd8mcIDsRbMrs+GWz5BQp0Q=
expires: Thu, 07 Oct 2021 14:50:58 GMT
last-modified: Fri, 19 Oct 2018 01:48:13 GMT
server: cloudflare
etag: "9e3e1e0af11bbe49fd7ac14390a91367"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: PX1WJZMNWR0NDMP3
access-control-allow-origin: *
x-amz-meta-touched: true
cache-control: public, max-age=172800
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: MfXEprJZQgvEz6uu-T2esqB80GrixFJK_EUtsGIDVn44P8sf80QsjA==
cf-bgj: imgq:100,h2pri

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 6162 86 KB
31 KB 33ms
8ms Script
text/javascript 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 05 Oct 2022 13:36:51 GMT

GET
H2 200 underscore.js Show response
optassets.ontraport.com/opt_assets/blocks/common/jQueryPageBackgroundPro/js/libs/ Frame 6162 14 KB
5 KB 17ms
15ms Script
text/plain 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/blocks/common/jQueryPageBackgroundPro/js/libs/underscore.js
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6109c4f47106ffeef9f8497a1d95e67c7e531c44bf898caded338466eaa691d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 2008
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 69977725598e5b3e-FRA
expires: Tue, 05 Oct 2021 18:50:58 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ Frame 6162 248 KB
66 KB 40ms
16ms Script
text/javascript 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 07:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67948
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 04 Oct 2022 07:57:45 GMT

GET
H2 200 jquery-ui.min.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ Frame 6162 31 KB
8 KB 39ms
15ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be92933b839bd4ce1b67c440bd9bd832d8a7333d578c7d1061d00edbceb557d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 07:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Oct 2022 07:30:45 GMT

GET
H2 200 form.default.css
forms.ontraport.com/formeditor/formeditor/css/ Frame 6162 12 KB
4 KB 22ms
21ms Stylesheet
text/css 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.ontraport.com/formeditor/formeditor/css/form.default.css
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8257086cb586f703993a32e0df3826c398b706a5b07e4e50b2626d05066ba96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 420147
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-pci: true
content-encoding: br
x-op-what: what
last-modified: Fri, 23 Oct 2020 01:13:29 GMT
server: cloudflare
etag: W/"5f922e39-31ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 69977725598f5b3e-FRA
expires: Tue, 05 Oct 2021 15:50:58 GMT

GET
H2 200 /
forms.ontraport.com/v2.4/include/minify/ Frame 6162 9 KB
2 KB 33ms
31ms Stylesheet
text/css 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.ontraport.com/v2.4/include/minify/?g=moonrayCSS
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc4ed09d68119a5644dc1e28a9ec8a932892af3c98024c31083390e546ff7037

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 420147
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-pci: true
content-encoding: br
pragma: no-cache
x-op-what: what
last-modified: Thu, 25 Jun 2020 20:16:29 GMT
server: cloudflare
etag: W/"pub1593116189;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 6997772559905b3e-FRA
expires: Tue, 05 Oct 2021 15:50:58 GMT

GET
H2 200 / Show response
forms.ontraport.com/v2.4/include/minify/ Frame 6162 173 KB
49 KB 27ms
25ms Script
application/x-javascript 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.ontraport.com/v2.4/include/minify/?g=genjs-v3
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5778c8d214e5b118e8897b88f7ee696d38c204067052d0310ef02c11b5fcb534

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 420147
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-pci: true
content-encoding: br
pragma: no-cache
x-op-what: what
last-modified: Thu, 22 Jul 2021 19:57:02 GMT
server: cloudflare
etag: W/"pub1626983822;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 6997772559915b3e-FRA
expires: Tue, 05 Oct 2021 15:50:58 GMT

GET
H2 200 jquery-cloneVal.js Show response
optassets.ontraport.com/opt_assets/blocks/common/jQueryCloneVal/ Frame 6162 1 KB
956 B 30ms
28ms Script
text/plain 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/blocks/common/jQueryCloneVal/jquery-cloneVal.js
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19f858c8bb95c206f7af7a4aee03dc77afff9a3ae11e8a25b6c7abb93d24ab3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1739
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997772559935b3e-FRA
expires: Tue, 05 Oct 2021 18:50:58 GMT

GET
H2 200 globalize.js Show response
app.ontraport.com/js/globalize/ Frame 6162 14 KB
6 KB 25ms
24ms Script
application/javascript 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ontraport.com/js/globalize/globalize.js
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82fc1dcd60ea5ecf1a0362d8d87deb5d5686bf739f8d23c78f248477ba3d6c07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 130
cf-polished: origSize=19965
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
cf-bgj: minify
content-encoding: br
x-op-ca: 10.2.80.206
last-modified: Wed, 04 Nov 2020 17:28:15 GMT
server: cloudflare
etag: W/"5fa2e4af-4dfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
x-op-class: app
cf-ray: 6997772559945b3e-FRA
expires: Tue, 05 Oct 2021 15:10:58 GMT

GET
H2 200 materializev2.min.js Show response
app.ontraport.com/js/libs/materialize/dist/js/ Frame 6162 79 KB
24 KB 24ms
23ms Script
application/javascript 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ontraport.com/js/libs/materialize/dist/js/materializev2.min.js
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63457f29c8360dcd4060bf3fbfbf7646c25b448eea6c2e59927ede36c861e805

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 281
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
content-encoding: br
x-op-ca: 10.2.80.206
last-modified: Thu, 05 Sep 2019 20:15:55 GMT
server: cloudflare
etag: W/"5d716cfb-13bbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
x-op-class: app
cf-ray: 6997772559965b3e-FRA
expires: Tue, 05 Oct 2021 15:10:58 GMT

GET
H2 200 opt_date_time_picker_lib.js Show response
optassets.ontraport.com/opt_assets/libraries/opt_date_time_picker/dist/ Frame 6162 33 KB
8 KB 21ms
20ms Script
text/plain 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/libraries/opt_date_time_picker/dist/opt_date_time_picker_lib.js
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8d8a096078ae871a4d81cbd227b5a629881a081a7eb8f48cceecd75caecedac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1535
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 6997772559985b3e-FRA
expires: Tue, 05 Oct 2021 18:50:58 GMT

GET
H2 200 opf.js Show response
app.ontraport.com/js/ontraport/opt_assets/drivers/ Frame 6162 65 KB
22 KB 23ms
23ms Script
application/javascript 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ontraport.com/js/ontraport/opt_assets/drivers/opf.js
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c48ce7495d12ecaad5f3588143d97e1fc9c7ccb76aac86699f31d10d8b422c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
x-op-benvironment: production
cf-cache-status: HIT
age: 18
cf-polished: origSize=66656
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
cf-bgj: minify
content-encoding: br
x-op-ca: 10.2.80.206
last-modified: Thu, 30 Sep 2021 18:07:38 GMT
server: cloudflare
etag: W/"6155fcea-10460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200
x-op-class: app
cf-ray: 6997772579c25b3e-FRA
expires: Tue, 05 Oct 2021 15:10:58 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame 6162 13 KB
5 KB 57ms
37ms Script
text/javascript 104.16.95.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.95.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 699777259a384a56-FRA

GET
H3 200 css
fonts.googleapis.com/ Frame 6162 285 KB
12 KB 25ms
25ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/blocks/common/skeleton/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cef0553be8b385a4f0befb3ff2e2f983cf6637a1530120c5d251966acd5da4ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://optassets.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 14:35:59 GMT
server: ESF
date: Tue, 05 Oct 2021 14:50:58 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 05 Oct 2021 14:50:58 GMT

GET
H2 200 widget.js Show response
widget.wickedreports.com/ Frame 6162 24 KB
8 KB 7ms
7ms Script
text/javascript 65.9.66.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/widget.js
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/TradersReserveLLC/trackfu.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df34b7cc0668c81b00e76f0c186178d9a8a29baa99f2257ef76ac9362c5ec9d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:20:10 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 14:02:22 GMT
server: AmazonS3
age: 1849
etag: W/"449ff510406d05660839cb12c3f13686"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: B7YwTiBVS5zdMNCY9y3D8ca0jsyWnM6Vf3pjEUIWJFpYxBMDFXLGfg==

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ Frame 6162 46 KB
46 KB 31ms
16ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forms.ontraport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 20:10:53 GMT
x-content-type-options: nosniff
age: 67205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Oct 2022 20:10:53 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ Frame 6162 44 KB
44 KB 22ms
9ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forms.ontraport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 17:03:52 GMT
x-content-type-options: nosniff
age: 424026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 30 Sep 2022 17:03:52 GMT

GET
H3 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v26/ Frame 6162 47 KB
47 KB 10ms
7ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forms.ontraport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 17:07:44 GMT
x-content-type-options: nosniff
age: 423794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47804
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:51:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 30 Sep 2022 17:07:44 GMT

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 6162 13 KB
5 KB 37ms
14ms Script
text/javascript 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/minify/?g=genjs-v3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 04 Oct 2022 18:00:00 GMT

GET
H2 200 logging.js Show response
optassets.ontraport.com/opt_assets/scripts/ Frame 6162 1 KB
775 B 22ms
19ms Script
text/plain 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/opt_assets/scripts/logging.js
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/minify/?g=genjs-v3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 398aeee3c266005c4cb1ba93d1de89f6ac06f24e491df3b02486900d8a79b11f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 420137
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 699777265b365b3e-FRA
expires: Wed, 06 Oct 2021 14:50:58 GMT

GET
H2 200 load.gif
optassets.ontraport.com/opt_assets/images/ Frame 6162 13 KB
6 KB 25ms
22ms Image
image/gif 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optassets.ontraport.com/opt_assets/images/load.gif
Requested by: Host: forms.ontraport.com
URL: https://forms.ontraport.com/v2.4/include/formEditor/genlightbootstrap.php?uid=p2c8953f316&formType=modal&formGUID=OPF_ce30548b-21a9-c7fc-a40e-d963f701f970&referer=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&formceptionID=formception-8907b7c2-6914-62a0-9c45-ec366a1c352b&__opv=v1&lpid=360.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9ab21501c829516d91901c1f04da862d095aeb9e5019360aed6624920edd882

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 420146
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 2
x-op-ca: 10.2.80.206
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 699777265b395b3e-FRA
expires: Tue, 05 Oct 2021 15:50:58 GMT

GET
H2 200 index.php Show response
track.wickedreports.com/ Frame 6162 118 B
341 B 126ms
125ms XHR
text/html 18.191.114.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.wickedreports.com/index.php?WickedClientID=778&WickedEmail=&WickedTrackingDate=1633445458958&WickedURL=https%3A%2F%2Fforms.ontraport.com%2Fv2.4%2Finclude%2FformEditor%2Fgenlightbootstrap.php%3Fuid%3Dp2c8953f316%26formType%3Dmodal%26formGUID%3DOPF_ce30548b-21a9-c7fc-a40e-d963f701f970%26referer%3Dhttps%3A%2F%2Fweekly-paycheck.safechkout.net%2F%26formceptionID%3Dformception-8907b7c2-6914-62a0-9c45-ec366a1c352b%26__opv%3Dv1%26lpid%3D360.0&WickedReferrerURL=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F&WickedNullURL=https%3A%2F%2Fforms.ontraport.com%2Fv2.4%2Finclude%2FformEditor%2Fgenlightbootstrap.php%3Fuid%3Dp2c8953f316%26formType%3Dmodal%26formGUID%3DOPF_ce30548b-21a9-c7fc-a40e-d963f701f970%26referer%3Dhttps%3A%2F%2Fweekly-paycheck.safechkout.net%2F%26formceptionID%3Dformception-8907b7c2-6914-62a0-9c45-ec366a1c352b%26__opv%3Dv1%26lpid%3D360.0%26utm_source%3Dweekly-paycheck.safechkout.net%26utm_medium%3DReferral%26utm_campaign%3DReferral%26utm_content%3Dforms.ontraport.com%2Fv2.4%2Finclude%2FformEditor%2Fgenlightbootstrap.php%26utm_term%3DOrganic%20traffic&WickedNullReferrerURL=https%3A%2F%2Fweekly-paycheck.safechkout.net%2F
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.191.114.192 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-191-114-192.us-east-2.compute.amazonaws.com
Software: nginx / PHP/7.3.27
Resource Hash: 5a724599a9b71d2e1f93fbf859f74c3259b42aa93ef93cf47db38b1c4111ee47

Request headers

Referer: https://forms.ontraport.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Oct 2021 14:50:59 GMT
server: nginx
x-powered-by: PHP/7.3.27
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 css
fonts.googleapis.com/ Frame 6162 3 KB
624 B 25ms
25ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a96cd9dfe9d017cd6994b9387d6489407d81bba04fc4e88062c41806a927a53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://forms.ontraport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 14:28:49 GMT
server: ESF
date: Tue, 05 Oct 2021 14:50:58 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 05 Oct 2021 14:50:58 GMT

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v26/ Frame 6162 16 KB
16 KB 7ms
7ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS