secure.jeffclarktrader.com Open in urlscan Pro
2606:4700::6810:ea05 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.exct.caseyresearch.com/?qs=06bcbce3c26b88265dde80d9703d68c099b5ce9feacf4c769b284f811aaa04b538f50b7dd19f3f73fcb2f337a5d6...
Effective URL:
https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeon...
Submission: On August 26 via api (August 26th 2022, 1:36:45 am UTC) from BE — Scanned from DE

Summary HTTP 153 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 35 domains to perform 153 HTTP transactions. The main IP is 2606:4700::6810:ea05, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.jeffclarktrader.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2022. Valid for: a year.

This is the only time secure.jeffclarktrader.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.45.58 13.111.45.58	22606 (EXACT-7) (EXACT-7)
23	2606:4700::68... 2606:4700::6810:ea05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	92.123.29.243 92.123.29.243	16625 (AKAMAI-AS) (AKAMAI-AS)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
1	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
9	2600:1f18:24e... 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:f41b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::ac43:a9f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:9000:205... 2600:9000:2057:1a00:f:75e2:4ac0:21	16509 (AMAZON-02) (AMAZON-02)
1	52.217.132.96 52.217.132.96	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.123 52.222.236.123	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.130.11 18.66.130.11	16509 (AMAZON-02) (AMAZON-02)
9	54.148.115.137 54.148.115.137	16509 (AMAZON-02) (AMAZON-02)
1	104.18.6.244 104.18.6.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::ac43:49ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
2	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
2 10	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	108.128.85.69 108.128.85.69	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	23.35.237.37 23.35.237.37	16625 (AKAMAI-AS) (AKAMAI-AS)
2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	209.59.154.196 209.59.154.196	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
8	151.101.2.27 151.101.2.27	54113 (FASTLY) (FASTLY)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
5	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.99.44 13.32.99.44	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:11a... 2a02:26f0:11a::6867:4831	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
153	39

1 13.111.45.58 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.exct.caseyresearch.com

click.exct.caseyresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6810:ea05 (United States)

ASN13335 (CLOUDFLARENET, US)

secure.jeffclarktrader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.29.243 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-29-243.deploy.static.akamaitechnologies.com

static.zuora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f41b (United States)

ASN13335 (CLOUDFLARENET, US)

marketingassets.cloudsna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2057:1a00:f:75e2:4ac0:21 (United States)

ASN16509 (AMAZON-02, US)

d3bjnmbj12697.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.132.96 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-123.fra56.r.cloudfront.net

gsdpeazjjf.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.130.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-130-11.fra60.r.cloudfront.net

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.148.115.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-115-137.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.6.244 (None, )

ASN13335 (CLOUDFLARENET, US)

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:49ec (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.85.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-85-69.eu-west-1.compute.amazonaws.com

tracking.legacyoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.37 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-37.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.59.154.196 (United States)

ASN32244 (LIQUIDWEB, US)

js.trackinggrid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.2.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-44.fra60.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::6867:4831 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

bcbolt446c5271-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	jeffclarktrader.com secure.jeffclarktrader.com	420 KB
10	google.de www.google.de — Cisco Umbrella Rank: 6076	1 KB
10	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 9	996 B
10	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 108 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52	9 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	550 KB
9	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 9290	32 KB
9	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 3481
8	lytics.io c.lytics.io — Cisco Umbrella Rank: 5202	115 KB
8	cloudfront.net d3bjnmbj12697.cloudfront.net	467 KB
7	boltdns.net manifest.prod.boltdns.net — Cisco Umbrella Rank: 4657 Failed cf-images.us-east-1.prod.boltdns.net — Cisco Umbrella Rank: 4672	468 KB
7	brightcove.com edge.api.brightcove.com — Cisco Umbrella Rank: 4990 metrics.brightcove.com — Cisco Umbrella Rank: 4009	5 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	40 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 346	12 KB
3	gstatic.com fonts.gstatic.com	88 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 615	105 KB
2	akamaihd.net bcbolt446c5271-a.akamaihd.net — Cisco Umbrella Rank: 7648	2 MB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 130	31 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3370	267 B
2	listrakbi.com cdn.listrakbi.com — Cisco Umbrella Rank: 9376 s1.listrakbi.com — Cisco Umbrella Rank: 9661	21 KB
2	amazonaws.com s3.amazonaws.com gsdpeazjjf.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 231397	7 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 941	72 KB
2	paypal.com www.paypal.com — Cisco Umbrella Rank: 2338 t.paypal.com — Cisco Umbrella Rank: 3136	6 KB
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 5169	7 KB
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 707	378 B
1	trackinggrid.com js.trackinggrid.com — Cisco Umbrella Rank: 600266	902 B
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 3748	184 KB
1	legacyoffers.com tracking.legacyoffers.com — Cisco Umbrella Rank: 595514	522 B
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 9413	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	1 KB
1	cloudsna.com marketingassets.cloudsna.com — Cisco Umbrella Rank: 126799	1 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3388	18 KB
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2094	235 KB
1	zuora.com static.zuora.com — Cisco Umbrella Rank: 50178	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	16 KB
1	caseyresearch.com 1 redirects click.exct.caseyresearch.com — Cisco Umbrella Rank: 750975	414 B
153	35

	Domain	Requested by
23	secure.jeffclarktrader.com	secure.jeffclarktrader.com www.googletagmanager.com
10	www.google.de
10	www.google.com	2 redirects
10	www.googletagmanager.com	secure.jeffclarktrader.com www.googletagmanager.com js.trackinggrid.com
9	ssl.kaptcha.com	secure.jeffclarktrader.com ssl.kaptcha.com
9	rum.browser-intake-datadoghq.com	secure.jeffclarktrader.com
8	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
8	c.lytics.io	secure.jeffclarktrader.com c.lytics.io
8	d3bjnmbj12697.cloudfront.net	secure.jeffclarktrader.com d3bjnmbj12697.cloudfront.net s3.amazonaws.com
6	manifest.prod.boltdns.net	secure.jeffclarktrader.com
6	www.google-analytics.com	www.googletagmanager.com secure.jeffclarktrader.com
5	metrics.brightcove.com	players.brightcove.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	fonts.gstatic.com	fonts.googleapis.com
3	code.jquery.com	secure.jeffclarktrader.com
2	bcbolt446c5271-a.akamaihd.net	secure.jeffclarktrader.com
2	edge.api.brightcove.com	secure.jeffclarktrader.com
2	www.googleadservices.com	www.googletagmanager.com
2	pixel.sitescout.com	secure.jeffclarktrader.com
2	stats.g.doubleclick.net	secure.jeffclarktrader.com
2	use.fontawesome.com	secure.jeffclarktrader.com use.fontawesome.com
1	cf-images.us-east-1.prod.boltdns.net
1	vjs.zencdn.net	players.brightcove.net
1	trc.taboola.com
1	js.trackinggrid.com	secure.jeffclarktrader.com
1	players.brightcove.net	secure.jeffclarktrader.com
1	tracking.legacyoffers.com	secure.jeffclarktrader.com
1	up.pixel.ad	www.googletagmanager.com
1	s1.listrakbi.com	cdn.listrakbi.com
1	cdn.listrakbi.com	secure.jeffclarktrader.com
1	gsdpeazjjf.execute-api.us-east-1.amazonaws.com	secure.jeffclarktrader.com
1	s3.amazonaws.com	secure.jeffclarktrader.com
1	fonts.googleapis.com	secure.jeffclarktrader.com
1	marketingassets.cloudsna.com	secure.jeffclarktrader.com
1	t.paypal.com	secure.jeffclarktrader.com
1	www.paypal.com	www.paypalobjects.com
1	cdn.mxpnl.com	secure.jeffclarktrader.com
1	www.paypalobjects.com	secure.jeffclarktrader.com
1	static.zuora.com	secure.jeffclarktrader.com
1	cdnjs.cloudflare.com	secure.jeffclarktrader.com
1	click.exct.caseyresearch.com	1 redirects
153	41

This site contains links to these domains. Also see Links.

Domain
www.jeffclarktrader.com
beaconstreet-privacy.my.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-31` - `2023-05-31`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
www.zuora.com Sectigo RSA Organization Validation Secure Server CA	`2022-05-10` - `2023-05-10`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-25` - `2023-04-25`	a year	crt.sh
*.mxpnl.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-11` - `2023-07-28`	a year	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2022-08-24` - `2023-09-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.listrakbi.com Amazon	`2022-01-10` - `2023-02-06`	a year	crt.sh
ssl.kaptcha.com Thawte RSA CA 2018	`2021-11-01` - `2022-11-27`	a year	crt.sh
listrakbi.com Cloudflare Inc ECC CA-3	`2022-07-28` - `2023-07-27`	a year	crt.sh
*.pixel.ad GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-26` - `2023-02-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
tracking.legacyoffers.com Amazon	`2022-03-26` - `2023-04-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
players.brightcove.net DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-07-28`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
js.trackinggrid.com cPanel, Inc. Certification Authority	`2022-08-22` - `2022-11-20`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
brightcove.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-08` - `2023-07-10`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
metrics.brightcove.com GTS CA 1D4	`2022-08-11` - `2022-11-09`	3 months	crt.sh
*.prod.boltdns.net Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Frame ID: BC95CC5D090A924840958A46FB9027E0
Requests: 150 HTTP requests in this frame

Frame: https://tracking.legacyoffers.com/aff_goal?a=l&goal_id=319
Frame ID: 356283F679CB43A2166CCE60E382D7F5
Requests: 1 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=100014&s=9ffd335dd07d40f493a8cd37bd4b29c2
Frame ID: C920F362ADC51F6F462D78BF0208AD7D
Requests: 6 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 154F801BE008C0F72CE3665D7CF9AABA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jeff Clark

Page URL History Show full URLs

https://click.exct.caseyresearch.com/?qs=06bcbce3c26b88265dde80d9703d68c099b5ce9feacf4c769b284f811aaa04b538f50b7d... HTTP 302
https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

153
Requests

95 %
HTTPS

54 %
IPv6

35
Domains

41
Subdomains

39
IPs

8
Countries

5072 kB
Transfer

10695 kB
Size

27
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.jeffclarktrader.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.jeffclarktrader.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.jeffclarktrader.com/privacy-policy/?choice=adchoice
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://beaconstreet-privacy.my.onetrust.com/webform/c246f198-7123-4766-b29c-917342eff0f7/795dbff5-b02e-47fb-b5af-aa723ae6d4dc
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.exct.caseyresearch.com/?qs=06bcbce3c26b88265dde80d9703d68c099b5ce9feacf4c769b284f811aaa04b538f50b7dd19f3f73fcb2f337a5d675d18edfd0b1b07482d7 HTTP 302
https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 140

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/311444767/?random=1661477804192&cv=9&fst=1661477804192&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=638847570.1661477804&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/311444767/?random=1661477804192&cv=9&fst=1661475600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&is_vtc=1&random=3833169838&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/311444767/?random=1661477804192&cv=9&fst=1661475600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&is_vtc=1&random=3833169838&resp=GooglemKTybQhCsO&ipr=y

Request Chain 142

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/456578300/?random=1661477804193&cv=9&fst=1661477804193&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=638847570.1661477804&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/456578300/?random=1661477804193&cv=9&fst=1661475600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&is_vtc=1&random=1258186694&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/456578300/?random=1661477804193&cv=9&fst=1661475600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&is_vtc=1&random=1258186694&resp=GooglemKTybQhCsO&ipr=y

153 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
secure.jeffclarktrader.com/
Redirect Chain

https://click.exct.caseyresearch.com/?qs=06bcbce3c26b88265dde80d9703d68c099b5ce9feacf4c769b284f811aaa04b538f50b7dd19f3f73fcb2f337a5d675d18edfd0b1b07482d7
https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=...

2 KB
1 KB

575ms
509ms

Document
text/html

2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7541c599d2a1861ef29b8dc828f6affd2d0c4f3ca4458ddbab989b460769b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7408d6738ea3cc5a-ZRH
content-encoding: gzip
content-type: text/html
date: Fri, 26 Aug 2022 01:36:39 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 01 Aug 2022 16:16:53 GMT
server: cloudflare
via: 1.1 d92debab8d9ca0518390aebaec8733a6.cloudfront.net (CloudFront)
x-amz-cf-id: ft5ZLl3vE5EWhP3lzmvlx_wjXO0utaA5Q3huAhIKtJy-A9m7xGNQRw==
x-amz-cf-pop: ZRH50-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:483c06dd-e5c7-4fef-a74c-4df95ded73c0
x-amz-meta-codebuild-content-md5: edb4b9b521ce135381349fe0d6b53ef9
x-amz-meta-codebuild-content-sha256: 3529f5dfca368fc1d7588f1065457d19603660e2f2adc4392468ce839d52b510
x-amz-version-id: null
x-cache: Miss from cloudfront

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 388
Content-Type: text/html; charset=utf-8
Date: Fri, 26 Aug 2022 01:36:38 GMT
Location: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 79ms
25ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1661477799.dop153.fr8.t,1661477799.cds246.fr8.hn,1661477799.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 jsencrypt.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/ 55 KB
16 KB 77ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/jsencrypt.min.js

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2353797
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15539
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-db4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EnFBfWPUSSc%2BuDdlgtg5njfYUsQ3%2FZnyaf8FI6CFXnLKcaKYN38Idv6TSv8CPQHTW%2Bncf0OANeM0yBhF8ToHeKnxiASvfxf0x4UxE58tXamWFc8Kz9bCqZk3jeOSi8pfSsG9iL0e6fc5IDV%2FVNK3yk0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7408d6770d97233d-ZRH
expires: Wed, 16 Aug 2023 01:36:39 GMT

GET
H/1.1 200
OK zuora-min.js Show response
static.zuora.com/Resources/libs/hosted/1.3.1/ 18 KB
7 KB 246ms
30ms Script
application/javascript 92.123.29.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.zuora.com/Resources/libs/hosted/1.3.1/zuora-min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.29.243 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-29-243.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 73567000b57fdfed5825cd324d4e8b9bcf59317eed6076ad05c7f95427a420ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 01:36:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Aug 2022 15:10:34 GMT
Server: nginx
ETag: "62fa61ea-4724"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6646

GET
H2 200 postToIframe.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 2 KB
991 B 415ms
411ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/postToIframe.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98c2a74405e978d753625e97a0cb1c2eab250a9444d82dd75e1bce82cb437ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Thu, 25 Aug 2022 22:57:45 GMT
x-amz-cf-pop: ZRH50-C1, ZRH50-C1
x-amzn-requestid: 7bc940db-9d04-4860-99cf-79df36942c53
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XcSwbEbPIAMFQew=
content-length: 607
last-modified: Sat, 22 Sep 2018 10:04:10 GMT
server: cloudflare
etag: W/"3934dce8d049fb2790a29e7de331d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: jcZd1q0X4PG.0tDIV.AM4TZ5jHnAmWBj
via: 1.1 c07945b00aad28e34fbfebb3d3907060.cloudfront.net (CloudFront), 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7408d676cfa9cc5a-ZRH
x-amz-cf-id: Mlpm_mUNgmQYx0cBetEsTlgZVwlNEKWyx9VKi1djCZ-Tzi9Ap5MVOA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 encryption_util.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 6 KB
2 KB 401ms
398ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/encryption_util.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71014fdfc6e16f4d67c3c1ce51f661beb63cf9eaa923ed0e46d56cc675b55a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Thu, 25 Aug 2022 18:40:28 GMT
x-amz-cf-pop: FRA60-P1, ZRH50-C1
x-amzn-requestid: 659a7992-9bdc-49f8-b8ab-4821efeae9b0
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XbtEiGARIAMFb5w=
content-length: 1539
last-modified: Thu, 20 Sep 2018 10:42:47 GMT
server: cloudflare
etag: W/"a4562de2bcce9e6631abf61e5a04728b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: .RXPgt8IOHDC5kcSlGGlyGGq.lruUQic
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f748.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7408d676cfaacc5a-ZRH
x-amz-cf-id: eLBYrZBU1ZAB2j4T-M3iudCjTJI2JUwCVDSVvYmEgPVTK8mNUhs44Q==
x-amzn-remapped-connection: keep-alive

GET
H2 200 HPM2Security-min.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 44 KB
13 KB 500ms
496ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/HPM2Security-min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fe7a95be52af9780b34bb34d7c6e4801e77fda4be41f7b0676e671543023e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Thu, 25 Aug 2022 18:40:29 GMT
x-amz-cf-pop: FRA60-P1, ZRH50-C1
x-amzn-requestid: 9c892282-1c54-4ac7-b256-4bb1c65a888c
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XbtEkFheIAMF8MA=
content-length: 13430
last-modified: Thu, 20 Sep 2018 10:42:47 GMT
server: cloudflare
etag: W/"5c56f33a7d1fcd065fa2bd0fa7758d42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: F1zb.i6q7MEDZAdQsvHFruscv_FKHXVQ
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7408d676cfabcc5a-ZRH
x-amz-cf-id: bUrd-xC4A4GufT_jAZSMDBFoQW9rrBD393jrGbUOYaqx7cjd7zPCCg==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery.payment.min.js Show response
secure.jeffclarktrader.com/store/PROD/plugins/jquery-payment/ 8 KB
3 KB 420ms
418ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/plugins/jquery-payment/jquery.payment.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a60672efd62862adb750cf0d1ba8916744490d764cb2807c8114353f6aae6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Thu, 25 Aug 2022 22:57:41 GMT
x-amz-cf-pop: ZRH50-C1, ZRH50-C1
x-amzn-requestid: 61f4d86d-44ba-497a-8c5f-b4abdea227ec
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XcSvzEFEoAMFQtg=
content-length: 2713
last-modified: Wed, 21 Aug 2019 20:18:01 GMT
server: cloudflare
etag: W/"2ccb4360a6b212383716224d0b56bd21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: uVxF0OX6Rj_lsOZHo0OKGG0I2eVEXwcB
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront), 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f748.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7408d676cfaccc5a-ZRH
x-amz-cf-id: _N5yPd6FnXAnccUGagzJnfawofaY1RP33wMj3p1t6FJ4B9uhXy487A==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.13.1/themes/base/ 35 KB
8 KB 76ms
24ms Stylesheet
text/css 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.13.1/themes/base/jquery-ui.css
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 58a6f49e92f7d2fd1246d98c568c2ac7d6be832ddfece67ec9f7ef3332766adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
server: nginx
etag: W/"620cd700-8d03"
vary: Accept-Encoding
x-hw: 1661477799.dop153.fr8.t,1661477799.cds246.fr8.hn,1661477799.cds141.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8356

GET
H2 200 store.min.js Show response
secure.jeffclarktrader.com/store/PROD/js/revampstore/ 121 KB
17 KB 437ms
434ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/revampstore/store.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: add2ae6e587488a3ee7c774b8e6f9e8bff4b92789c8d8fda0f362293ad990a09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Thu, 25 Aug 2022 22:57:41 GMT
x-amz-cf-pop: ZRH50-C1, ZRH50-C1
x-amzn-requestid: 3e8913ae-98f1-40f6-9504-fa8e71a24f62
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XcSvzEJOIAMF61Q=
content-length: 17293
last-modified: Tue, 28 Jun 2022 17:20:05 GMT
server: cloudflare
etag: W/"de144bfd85261d853fc7b20105b482e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: Bu.Hj2c4C4X5HRpsJSHZAoQ3FylbzZBo
via: 1.1 7245e91891539560c1f484b1e46159c8.cloudfront.net (CloudFront), 1.1 c07945b00aad28e34fbfebb3d3907060.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7408d676cfadcc5a-ZRH
x-amz-cf-id: RZL7nrAbLAjy-7505hibfROumUzy7QHFzyBpELafgANtGfO3C79ydA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 mygtm.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 474 B
696 B 401ms
399ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/mygtm.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb37413b7c8e7e66a05f145a6af367f5d593b358a3c45f2b294a9438997a4ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Thu, 25 Aug 2022 19:38:07 GMT
x-amz-cf-pop: FRA60-P1, ZRH50-C1
x-amzn-requestid: b42a9ad4-d147-4aab-b41f-813fef886a00
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: Xb1g_F4_oAMFm4Q=
content-length: 338
last-modified: Thu, 19 Nov 2020 00:44:24 GMT
server: cloudflare
etag: W/"f01dbb5bc4745bf1f386572cdf22c8c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: 4.dw3bbUWT3wk0yaqGtXbpSm9ui25xti
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 d92debab8d9ca0518390aebaec8733a6.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7408d676cfaecc5a-ZRH
x-amz-cf-id: XQ51H0eMtncvzuwRlNxUjeqjEwsgX9QPnRaru1pppHNyzP5Q14SB6Q==
x-amzn-remapped-connection: keep-alive

GET
H2 200 listrak.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 1 KB
1005 B 393ms
391ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/listrak.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc29bdfa5e510b47aa7faf5ec6ddac2b91581060cc56aaa19153575f72431273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Thu, 25 Aug 2022 19:38:08 GMT
x-amz-cf-pop: FRA60-P1, ZRH50-C1
x-amzn-requestid: 87e5c96b-6752-4dfc-9f69-6692063ed2f4
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: Xb1hDEbioAMF0pw=
content-length: 506
last-modified: Thu, 28 Jun 2018 20:46:57 GMT
server: cloudflare
etag: W/"cd9f94dd71125cb7fda1e1088aa19ec3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: W46Q95OyRSSEl7u8xZsbwfK4bzk35Yt_
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7408d676cfafcc5a-ZRH
x-amz-cf-id: -LO3KzJxxu-O0c6xq54Mez9xbGzg1yU4Z4-JmHbHrwbZBd6Qp1xCew==
x-amzn-remapped-connection: keep-alive

GET
H2 200 mymixpanel.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 2 KB
1 KB 429ms
428ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/mymixpanel.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013050e8e5ab5ca56b6344fe09502a82fc4ced559a155646ff286b4af3545eeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Thu, 25 Aug 2022 22:57:41 GMT
x-amz-cf-pop: FRA60-P1, ZRH50-C1
x-amzn-requestid: cd0f0f0e-0cb8-44ef-a026-adcab09d3498
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XcSvzEPpIAMFWlg=
content-length: 778
last-modified: Thu, 19 Nov 2020 00:44:24 GMT
server: cloudflare
etag: W/"52928b3325fc59cf3a4b91c0e7b59c52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: kgR13lhzSsVCRIE0MlY3UBQ0EPNv4JeB
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7408d676cfb0cc5a-ZRH
x-amz-cf-id: vHqgL81oiTgjZGJk4ydksZxT0_ruD7lmoxCAsW42r0HcqLFNjreuKQ==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.13.1/ 249 KB
66 KB 84ms
34ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.13.1/jquery-ui.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 14:12:59 GMT
server: nginx
etag: W/"61e96deb-3e46a"
vary: Accept-Encoding
x-hw: 1661477799.dop153.fr8.t,1661477799.cds246.fr8.hn,1661477799.cds146.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67637

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ 1 MB
235 KB 152ms
18ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2D9) /

Resource Hash

507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: cce7ed295e7f4
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 239948
last-modified: Mon, 25 Apr 2022 17:04:48 GMT
server: ECAcc (frd/E2D9)
etag: "6266d4b0-16d23e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Sat, 27 Aug 2022 01:36:39 GMT

GET
H2 200 runtime-es2015.js Show response
secure.jeffclarktrader.com/ 1 KB
878 B 501ms
500ms Script
application/x-javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/runtime-es2015.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 852efa9c5c678757dbd43e9dd9db2d0716656995bd8db701c15248634b2eca47

Request headers

Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
via: 1.1 7245e91891539560c1f484b1e46159c8.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: ZRH50-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:483c06dd-e5c7-4fef-a74c-4df95ded73c0
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 3529f5dfca368fc1d7588f1065457d19603660e2f2adc4392468ce839d52b510
content-encoding: gzip
x-amz-meta-codebuild-content-md5: edb4b9b521ce135381349fe0d6b53ef9
x-amz-version-id: null
last-modified: Mon, 01 Aug 2022 16:16:53 GMT
server: cloudflare
etag: W/"193974daff264d8d7d9a789f91c41d40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 7408d676cfb1cc5a-ZRH
x-amz-cf-id: yg1u0VX9RuI3KbQ2TtAbJB1_Cnj6pfygseFEazfy-5dX91RCOSyGyw==

GET
H2 200 polyfills-es2015.js Show response
secure.jeffclarktrader.com/ 772 KB
212 KB 501ms
500ms Script
application/x-javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfebf58d935986f47bb3dcfd71241ec01472a5995c37c58ae0094238461f3327

Request headers

Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:39 GMT
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: ZRH50-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:483c06dd-e5c7-4fef-a74c-4df95ded73c0
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 3529f5dfca368fc1d7588f1065457d19603660e2f2adc4392468ce839d52b510
content-encoding: gzip
x-amz-meta-codebuild-content-md5: edb4b9b521ce135381349fe0d6b53ef9
x-amz-version-id: null
last-modified: Mon, 01 Aug 2022 16:16:53 GMT
server: cloudflare
etag: W/"d5682aa68c78318fb29bc868b563803d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 7408d676cfb2cc5a-ZRH
x-amz-cf-id: Pi8M5nD8EZvNYEL-jRaesa5w3Mt9DShhCf70rqhT-86kn6QpmeSLbA==

GET
H2 200 main-es2015.js Show response
secure.jeffclarktrader.com/ 495 KB
143 KB 576ms
575ms Script
application/x-javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/main-es2015.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a761974ea449b3fa737f6ad2bee59176aefc3572a6a79984f830bbaeafa6ebaa

Request headers

Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:40 GMT
via: 1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: ZRH50-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:483c06dd-e5c7-4fef-a74c-4df95ded73c0
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 3529f5dfca368fc1d7588f1065457d19603660e2f2adc4392468ce839d52b510
content-encoding: gzip
x-amz-meta-codebuild-content-md5: edb4b9b521ce135381349fe0d6b53ef9
x-amz-version-id: null
last-modified: Mon, 01 Aug 2022 16:16:52 GMT
server: cloudflare
etag: W/"0b510fcaf411469e8287be40c7a65565"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 7408d676efc5cc5a-ZRH
x-amz-cf-id: aJchjPa7m4euaY6fOX9zXczH4qDqOwwD31fzEnUKK0mQOPnIzEFmUg==

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 56ms
17ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/store/PROD/js/mymixpanel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:27:26 GMT
content-encoding: gzip
age: 554
x-guploader-uploadid: ADPycdtgw0WKhdGEsRpFLb4v90NXQBrDn2bUQyPq14E6Aej6j43cKM1V8F4dpLITotPqdHB0HKATfkVnCAIPAoOrFWAEkQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation: 1645129310876382
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 26 Aug 2022 01:37:26 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 121ms
18ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=secure.jeffclarktrader.com&source=checkoutjs&t=xo&v=4.0.336

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-1PBeSRVuiSTwRgVRk11/ja8QWXBBULu3ebP/Hl4XopJWpHqh' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-1PBeSRVuiSTwRgVRk11/ja8QWXBBULu3ebP/Hl4XopJWpHqh' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 227
x-cache: HIT
paypal-debug-id: f20182394cb34
server-timing: "traceparent;desc="00-0000000000000000000f20182394cb34-dc25455c125cba97-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4064-HHN
traceparent: 00-0000000000000000000f20182394cb34-ab58e9d98a30158f-01
x-timer: S1661477800.135387,VS0,VE2
x-frame-options: SAMEORIGIN
date: Fri, 26 Aug 2022 01:36:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 styles.css
secure.jeffclarktrader.com/ 55 B
259 B 482ms
482ms Stylesheet
text/css 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/styles.css
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c506082fa68431a459024b440e5e418c769f3e2803cbb9cdb296ae7b6cae2d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:40 GMT
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: ZRH50-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:483c06dd-e5c7-4fef-a74c-4df95ded73c0
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 3529f5dfca368fc1d7588f1065457d19603660e2f2adc4392468ce839d52b510
content-encoding: gzip
x-amz-meta-codebuild-content-md5: edb4b9b521ce135381349fe0d6b53ef9
x-amz-version-id: null
last-modified: Mon, 01 Aug 2022 16:16:53 GMT
server: cloudflare
etag: W/"2f35a3d2f42282a4b66d4237a5ea0a2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css
cf-ray: 7408d67a38d8cc5a-ZRH
x-amz-cf-id: -EFJqU2MHPDAcieLQejh-qek6Q56uhlNWnBtv5S2BAWr-Cf5G910Cg==

GET
H2 200 ts
t.paypal.com/ 42 B
687 B 216ms
176ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1661477800146&g=0&completeurl=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2BWAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D%26emailjobid%3D5203809%26emailname%3D20220821-CDD&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frb/6755) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:40 GMT
content-type: image/gif
server: ECAcc (frb/6755)
traceparent: 00-00000000000000000008216cf0c6b801-f96174465d798088-01
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 8216cf0c6b801
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=161
timing-allow-origin: *
content-length: 42
expires: Fri, 26 Aug 2022 01:36:40 GMT

GET
H2 200 getSiteDetails Show response
secure.jeffclarktrader.com/site/api/v1/ 252 KB
14 KB 1503ms
1503ms XHR
text/plain 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/site/api/v1/getSiteDetails?cid=MKT534830&eid=MKT666434&chainId=&plcid=PLC151358&preview=false&baseUrl=secure.jeffclarktrader.com
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87aa3ea8685247febc29ae9b9d4bb925701df9664e16cf34625387c85bfea56f

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5203809&emailname=20220821-CDD
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:42 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f748.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 258182
x-amzn-remapped-date: Fri, 26 Aug 2022 01:36:41 GMT
x-amz-cf-pop: FRA60-P1, ZRH50-C1
x-amzn-requestid: ccecae75-2155-4151-ba9b-b61376aa1cca
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: gzip
x-amz-apigw-id: XcqCaGFeoAMFXoA=
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=ISO-8859-1
cf-ray: 7408d67dca17cc5a-ZRH
x-amz-cf-id: 165gfpYYonmccdtBpw2t6O_pBQZZZezDmS0D_nV-eLpguuSRNlLkvg==
x-amzn-remapped-connection: keep-alive

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 950ms
238ms Ping
application/json 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=22787ea3-ba06-4f5b-a0cc-3bef63891f7c&batch_time=1661477800613
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK legacyExternalJs.js Show response
marketingassets.cloudsna.com/prod/javascript/legacy/casey/ 2 KB
1 KB 503ms
145ms Script
application/javascript 2606:4700::6810:f41b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marketingassets.cloudsna.com/prod/javascript/legacy/casey/legacyExternalJs.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:f41b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e7a175bbbb2d42cd553a6f0ec8135cfe0ddb6fc2e21975d01e5cd0bafdff13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 01:36:42 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Tue, 01 Feb 2022 15:26:26 GMT
Server: cloudflare
x-amz-request-id: 4BHNT624YYEDBAVP
ETag: W/"af69bb3836d13060de7b6c61e0b79782"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding: chunked
x-amz-version-id: 7E5q.ejfRs58tAIqNZGxszGsyyvAmP02
Content-Type: application/javascript
Connection: keep-alive
CF-RAY: 7408d68b1d55021d-ZRH
x-amz-id-2: QYoKSEReVTWljHLfuSf10nvo9DJ7qwvvGa2h48Az443o5iQNuq5nL9U6ZrthTpNXM3Ulu11f1oo=

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 67ms
27ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,700;1,400;1,700&family=Oswald:wght@400;700&display=swap

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4963143a31cb8a457413caa891052d208de3bd889cce03315d76dd1606924af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 01:36:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Aug 2022 01:36:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Aug 2022 01:36:42 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
11 KB 99ms
33ms Stylesheet
text/css 2606:4700:3032::ac43:a9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153456
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: XGEFZWMS53AD1K7Z
x-amz-id-2: fs1+mTfztVDk1XMnE53/QxVZB4Ipc+umnO8fJke3WVmgSgk3nARIaXOab6jiEUOG7Oals7LLnW0=
last-modified: Wed, 30 Jun 2021 15:41:36 GMT
server: cloudflare
etag: W/"20a9ce516eaea76da29a23adc43e8998"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yzVZtDeRSRMHXy%2B2TH5V2iIN02S%2FptNAsABq8pva%2FEwjGVPMui16amEE2j60Uc0L%2F%2FSp3b445ovT0e%2BfUtHAvTwLFrBprIAbUWKJc11iK6OK1PMxnTu19JGkAywWUiL6BO6CP2BypQolQHV49rHRkKI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7408d6895822baf4-MXP

GET
H/1.1 200
OK bootstrap.min.css
d3bjnmbj12697.cloudfront.net/_/css/bootstrap/4.5.0/ 158 KB
158 KB 67ms
20ms Stylesheet
text/css 2600:9000:2057:1a00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/css/bootstrap/4.5.0/bootstrap.min.css
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fadadc49b4ca3c49a69a4ce2c17d56cab0a8b52af6b3fae5296ae1a9f56ed453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 02:58:07 GMT
Via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
Last-Modified: Wed, 18 May 2022 14:44:35 GMT
Server: AmazonS3
x-amz-meta-user-agent-id: efiorani@s-c2cd08720a404b138
Age: 81516
ETag: "14e3036e583d9d5910ed515b6ebebb00"
x-amz-meta-user-agent: AWSTransfer
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 161736
X-Amz-Cf-Id: NSdiK1OuIWD0hy86aH5KKKjgtVZPitVgqeGjPjl1uxfE7nGgXsa6bw==

GET
H/1.1 200
OK custom.css
d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/css/ 64 KB
65 KB 72ms
25ms Stylesheet
text/css 2600:9000:2057:1a00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/css/custom.css?v=7
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc8e3b1c8ced64440f2a2ed3330eeb1223d8b88c8c1c7c40c891618d9d744205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 03:28:27 GMT
Via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
Last-Modified: Fri, 16 Apr 2021 17:49:12 GMT
Server: AmazonS3
Age: 79696
ETag: "483ca71349594f61f604d522347852d9"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 65793
X-Amz-Cf-Id: bdhk7vENNPFPdlCBNtdl4RZrZS05e8DksN3wJWhT_pvvGxQSu0AP6Q==

GET
H/1.1 200
OK da79c500415896fc289fe4f3e7d93dc1.css
s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/JCF/inlinecss/ 287 B
755 B 456ms
127ms Stylesheet
text/css 52.217.132.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/JCF/inlinecss/da79c500415896fc289fe4f3e7d93dc1.css?versionId=UQQ2djQnK6kWVg3jAgWCDpQd2zFsC0dD
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.132.96 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d151ae46c49607e9df9798d7a237bec2760d810ab65f79489b638d890d8877f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 01:36:43 GMT
Content-Encoding: utf8
Last-Modified: Fri, 16 Apr 2021 18:34:15 GMT
Server: AmazonS3
x-amz-request-id: 4BHHFWZFV91RC01Q
ETag: "756cab89a19aa6a7be192539086c3ff2"
x-amz-version-id: UQQ2djQnK6kWVg3jAgWCDpQd2zFsC0dD
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 287
x-amz-id-2: ZvWtosYj7EaXza0DgWtzD+5Uqod9KcfBLt9lGas4/ullzzkIMsJ/GBUWczGFQpBXFExKzYSPjWU=

GET
H2 200 versionId=l..ZbtduSQU7PSRMLRiNCCKksGg4HotC Show response
gsdpeazjjf.execute-api.us-east-1.amazonaws.com/prod/assets/asset/JCF/VideoLandingPage/fcae7f78b7dea1107c0403a3cdff336b.html/ 6 KB
6 KB 422ms
374ms XHR
application/json 52.222.236.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gsdpeazjjf.execute-api.us-east-1.amazonaws.com/prod/assets/asset/JCF/VideoLandingPage/fcae7f78b7dea1107c0403a3cdff336b.html/versionId=l..ZbtduSQU7PSRMLRiNCCKksGg4HotC
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-123.fra56.r.cloudfront.net
Software: /
Resource Hash: d93a9280ae61d563593f5538f3116ccb941134fac598c912b0eaef93c9442c42

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:42 GMT
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amzn-requestid: a27e4da1-2f42-42cd-b117-17ea95fd4c85
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-630823aa-2e9cc2666c0df43d24e60c2b;Sampled=0
x-amz-apigw-id: XcqCsGNKIAMFt7g=
content-length: 5961
x-amz-cf-id: u_P_X_Qh7pFBn3ro6vja666KJ2J4gsjkPV2xxCpBNRhM_xaNnvyvsw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 328 KB
86 KB 81ms
42ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/store/PROD/js/mygtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef98f87d06424b7b8d7d16bcae7dd0aad6d8a9a81914f2c00603c48f8f6f5fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87916
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 00:56:38 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Aug 2022 01:36:42 GMT

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 62 KB
20 KB 88ms
16ms Script
text/javascript 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=mJqOWFhiqMPC&v=1
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/store/PROD/js/listrak.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: 65f6e644b708a9691cfa6d8f1e95737051659151f3bbaf2a9a19fef8d100e747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 01:29:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-AspNet-Version: 4.0.30319
Age: 419
X-Powered-By: ASP.NET
X-Cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 19514
Last-Modified: Thu, 26 Sep 2019 14:40:04 GMT
Server: cloudflare
X-ltk: 8/1/2022 11:02:09 PM
ETag: "NqbnZ531Ol93zBfCObLS8A=="
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
CF-RAY: 734392b3b8bb9223-FRA
X-Amz-Cf-Id: FkNmjgJ_LUydUH6voCtDhpKKnzrTDL885gnSYKsOfTbQ1ePeHXm1-A==
Expires: Fri, 26 Aug 2022 02:29:43 GMT

GET
H/1.1 200
OK sdk Show response
ssl.kaptcha.com/collect/ 5 KB
6 KB 569ms
174ms Script
text/javascript 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/sdk?m=100014
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: bae1a4fb696b7fcf6b87562cf3d4be4c7c8b3de16db90ca174eeb75d3ee3022b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 01:36:42 GMT
X-Correlation-Id: 99f7f87d-b493-4184-a211-4c4ae9625c13
Transfer-Encoding: chunked
P3p: CP=CAO PSA OUR
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Type: text/javascript
Expires: 0

GET
H2 200 bss-px.min.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 5 KB
2 KB 366ms
366ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/bss-px.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5203809&emailname=20220821-CDD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Thu, 25 Aug 2022 18:40:35 GMT
x-amz-cf-pop: FRA60-P1, ZRH50-C1
x-amzn-requestid: 4e78d061-adac-4e48-bf78-e15916e818b5
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XbtFoGzpIAMFYVw=
content-length: 2052
last-modified: Tue, 01 Jun 2021 15:08:33 GMT
server: cloudflare
etag: W/"3ee3506660c2ef343d6c68a229cd42be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: fGaHECtcp1774Apxw3QoOeW87E1iGAd2
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 d92debab8d9ca0518390aebaec8733a6.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7408d688eda6cc5a-ZRH
x-amz-cf-id: -J2u1l3K9H575JsNPFL5bbPMkdFWhuB0yPmgMHafPQMyiuqX7tHk-w==
x-amzn-remapped-connection: keep-alive

POST
H2 200 generic Show response
secure.jeffclarktrader.com/snowflake/ 21 B
343 B 415ms
415ms XHR
application/json 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/snowflake/generic
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5203809&emailname=20220821-CDD
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-api-key: g5wZnpMOAV6d3DVWjACKU9Pz86tj10Es39Avoa3n
Content-Type: application/json

Response headers

date: Fri, 26 Aug 2022 01:36:42 GMT
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront), 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA60-P1, ZRH50-C1
x-amzn-requestid: 48ab8d3f-2fc8-477d-b36a-90910d75c088
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-630823aa-5e3ae064100f384216b8f87a
cf-ray: 7408d688fda7cc5a-ZRH
x-amz-apigw-id: XcqCsGhnoAMFjyg=
content-length: 21
x-amz-cf-id: vFnEV_XvKK4XLgEujxMQ9_7esasGmbpOJrbseDi1R6G0E-qNyiZV8g==

GET
H2 200 getIds Show response
s1.listrakbi.com/mJqOWFhiqMPC/session/ 175 B
1 KB 192ms
117ms Script
application/x-javascript 104.18.6.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/mJqOWFhiqMPC/session/getIds?callback=ltkCallback7790&gsid=&_sid=&_tid=954314&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=mJqOWFhiqMPC&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.6.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f2b9255e90b14cdd88486ce7ce93f76e0b9f911ceca3d55eee64d02e4cf7e8dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type: application/x-javascript; charset=utf-8
cache-control: no-cache
cf-ray: 7408d689ff30bbb9-FRA
expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2082
date: Fri, 26 Aug 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 26 Aug 2022 03:02:00 GMT

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/ 64 KB
22 KB 375ms
304ms Script
application/javascript 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a394fd65fe8013eb58e146ddccbf749fd875c291cb8ea9e2d4144c80caf65182

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7408d68a3d3e59cb-MXP
date: Fri, 26 Aug 2022 01:36:42 GMT
via: 1.1 google
cf-cache-status: EXPIRED
last-modified: Thu, 25 Aug 2022 23:28:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkBUkb6IwCxmPzsrvrIOqf2WgpONhcgjCgtoChaDrrRZdzQ3GhXVs%2FQnc9JHv5Cag%2BfOOHZjI85ZkN%2FsmtNIW%2F2SGlSFZccHiq%2B09LJL8Dx3FhzKVmLhj35NA3HjxTRvliWreGy%2FgEFb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 76ms
16ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:42 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 87542
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: 6ce12bff4d76963d7e156f3e98374ddb

GET
H2 200 bss-px.min.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 5 KB
2 KB 384ms
384ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/bss-px.min.js?affiliateId=2000&brandId=2004
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5203809&emailname=20220821-CDD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Fri, 26 Aug 2022 01:08:06 GMT
x-amz-cf-pop: FRA60-P1, ZRH50-C1
x-amzn-requestid: 78bf9890-805c-4e6e-ba00-d961f8aec564
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: Xcl2hHirIAMFiKw=
content-length: 2134
last-modified: Tue, 01 Jun 2021 15:08:33 GMT
server: cloudflare
etag: W/"3ee3506660c2ef343d6c68a229cd42be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: fGaHECtcp1774Apxw3QoOeW87E1iGAd2
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront), 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f748.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7408d689ce12cc5a-ZRH
x-amz-cf-id: sGAoEJq3OTYbSwRNhIqypMB8tD9fS0hxynl4OeM8ZOAXuRAoUaYN0g==
x-amzn-remapped-connection: keep-alive

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
214 B 23ms
22ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1804510403&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD&ul=en-us&de=UTF-8&dt=Jeff%20Clark&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1410700734&gjid=1942234520&cid=1727584496.1661477803&tid=UA-90673817-1&_gid=1821413646.1661477803&_r=1&gtm=2wg8o0KBZNSS9&z=1883920071

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.jeffclarktrader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 85ms
28ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-90673817-1&cid=1727584496.1661477803&jid=1410700734&gjid=1942234520&_gid=1821413646.1661477803&_u=YEBAAEAAAAAAAC~&z=1008787511

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Aug 2022 01:36:42 GMT
content-type: text/plain
access-control-allow-origin: https://secure.jeffclarktrader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 66ms
27ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90673817-1&cid=1727584496.1661477803&jid=1410700734&_u=YEBAAEAAAAAAAC~&z=1299628549

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 64ms
26ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90673817-1&cid=1727584496.1661477803&jid=1410700734&_u=YEBAAEAAAAAAAC~&z=1299628549

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 logger Show response
secure.jeffclarktrader.com/snowflake/ 21 B
272 B 325ms
325ms XHR
application/json 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/snowflake/logger
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5203809&emailname=20220821-CDD
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Fri, 26 Aug 2022 01:36:43 GMT
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: ZRH50-C1
x-amzn-requestid: bf2b755a-174f-45d2-8160-008ee029c295
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-630823aa-183912b552dee2dc1309c4c3
cf-ray: 7408d68b3edccc5a-ZRH
x-amz-apigw-id: XcqCuFjJiYcFWvA=
content-length: 21
x-amz-cf-id: XaclYdTVql7CgxbQQJMKb9_csjsEI68OBMtL6PM4jiyCUw81ROmmgg==

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 238ms
238ms Ping
application/json 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=9d97be44-5a4a-4176-b84e-614bb21cfd33&batch_time=1661477802767
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK aff_goal Show response
tracking.legacyoffers.com/ Frame 3562 88 B
522 B 185ms
40ms Document
text/html 108.128.85.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.legacyoffers.com/aff_goal?a=l&goal_id=319
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.85.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-85-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3c117e5507807b5c9d0bf307f55992c726d33e8bdbadbcfe505f48cdc025a231

Request headers

Referer: https://secure.jeffclarktrader.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 26 Aug 2022 01:36:42 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Request-Id: 97796a122e45b50bf1e3b8568d32b7ee

GET
H/1.1 200
OK bg-header.jpg
d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/img/ 24 KB
25 KB 19ms
19ms Image
image/jpeg 2600:9000:2057:1a00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/img/bg-header.jpg
Requested by: Host: d3bjnmbj12697.cloudfront.net
URL: https://d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/css/custom.css?v=7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5497d558c5d57e560b31c238171ef0617add9658659ffe2c353ce24020f10d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/css/custom.css?v=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 22:43:41 GMT
Via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
Last-Modified: Fri, 09 Apr 2021 14:22:44 GMT
Server: AmazonS3
Age: 10382
ETag: "71392ccddb73e1b0301a5e247ce48d6a"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 24729
X-Amz-Cf-Id: LKsozooIEJ-BqFCLtDkMh4UzzOmCT14E3OCOD-BHfzEUbVsXX3keMQ==

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v26/ 35 KB
35 KB 57ms
16ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,700;1,400;1,700&family=Oswald:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 19:08:58 GMT
x-content-type-options: nosniff
age: 282464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35660
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 19:08:58 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 86ms
45ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,700;1,400;1,700&family=Oswald:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 21:12:27 GMT
x-content-type-options: nosniff
age: 275055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 21:12:27 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v26/ 35 KB
35 KB 73ms
32ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,700;1,400;1,700&family=Oswald:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 19:08:58 GMT
x-content-type-options: nosniff
age: 282464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35660
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 19:08:58 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 61 KB
62 KB 62ms
33ms Font
font/woff2 2606:4700:3032::ac43:a9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

Referer: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:42 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30733
cf-ray: 7408d68bdf9aba89-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62472
x-amz-id-2: AGgCkQfCJQPleiw4d1LMxLH1NzWGcaQJ9YDzlsg8i8OTwJABqnkzoVAn73vQpsPQXJs16a8HlBs=
last-modified: Wed, 30 Jun 2021 15:41:55 GMT
server: cloudflare
etag: "b75b4bfe0d58faeced5006c785eaae23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxV1Bi%2F5Btu%2FJKoO%2B9vYbH6zmYM28aY23zihHhXuf2tk1QFmnXP0P2HnQus9RaQzCdYQx5TWotLXnJhea0g5XxXfma%2FrUyX3EWJdiAesxKJ%2Bz8n7eOyv7zoemtVy9lPQlgHYcRcuFoWwSG03S1jHtX2G"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: D2CPGAMVE39TAYCV
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
d3bjnmbj12697.cloudfront.net/_/js/bootstrap/4.5.0/ 79 KB
80 KB 18ms
17ms Script
application/javascript 2600:9000:2057:1a00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/bootstrap/4.5.0/bootstrap.bundle.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 02:58:50 GMT
Via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
Last-Modified: Mon, 29 Jun 2020 13:27:40 GMT
Server: AmazonS3
Age: 81473
ETag: "7fd2f04e75bd7ab1a79d80cdd4c33085"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 81084
X-Amz-Cf-Id: c8I_4CYldSq0wudLxfb96N4mG5g0etoNlpL5Z8rOAUNeLA4x2wECvg==

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/5102072647001/0zLsWuD5UW_default/ 676 KB
184 KB 638ms
421ms Script
application/javascript 23.35.237.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-37.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 840d00f62116fbc5872b6ca0d58ad7ad4b9a1e9ac18309b81cf75ece010fd60a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: Q_CSnOmrD43lt5GQ4.FnJiRrxgH4vQB2
Content-Encoding: gzip
ETag: "b037efb4398a11d20810bda5ec4664a4"
x-amz-request-id: DPKWZ4CV2K29WYT9
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 188063
x-amz-id-2: qdLObMbFTGIxAsXYkIgqonkEvq+Zpwp4mDjGa7QbxYu1KHNx4zTIgvoLABxW+Ll7odT8nH9UW4E=
X-BCOV-Response-Mode: 1
X-Served-By: cache-hhn4061-HHN
Last-Modified: Fri, 04 Mar 2022 17:13:39 GMT
Server: AmazonS3
X-Timer: S1653892255.010133,VS0,VE1
Date: Fri, 26 Aug 2022 01:36:43 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK ouibounce.min.js Show response
d3bjnmbj12697.cloudfront.net/_/js/ouibounce/ 2 KB
2 KB 16ms
15ms Script
application/javascript 2600:9000:2057:1a00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/ouibounce/ouibounce.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08cb0f46ed2415058019966967713095ef16ce83d54c74a5f52a61846dbe2399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 02:56:10 GMT
Via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
Last-Modified: Wed, 15 Apr 2020 20:03:18 GMT
Server: AmazonS3
Age: 82079
ETag: "aa63b6f263c50e0cd2636cce8c794214"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 1626
X-Amz-Cf-Id: umYRf8dJ7zXd3_QHszH5tqZkAlNv7PZBclHfiu7OpE0Ey5MA8RrIOw==

GET
H/1.1 200
OK lr-data-jc.js Show response
d3bjnmbj12697.cloudfront.net/_/js/lr-data/1.1.5/ 13 KB
13 KB 33ms
15ms Script
application/javascript 2600:9000:2057:1a00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/lr-data/1.1.5/lr-data-jc.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3b9fa25dbe7727a9714e0bc13d276c0855527396a0bb5b00be50c5a27beb4ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 03:58:13 GMT
Via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Aug 2022 18:26:50 GMT
Server: AmazonS3
Age: 77909
ETag: "2b70e1afa8e890d66b0229501e84f032"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 13050
X-Amz-Cf-Id: STx15YcEymjvztUAigVZHcRfhSvd3uuMokWO-RM5FFiGRjGhEqqTuw==

GET
H/1.1 200
OK v-zoom-19.js Show response
d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/js/ 8 KB
8 KB 51ms
29ms Script
application/javascript 2600:9000:2057:1a00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/js/v-zoom-19.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f168ec108eb7ad831c6980fdc2ae712990139027f66c3f658f2f5181c3c14271

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 11:19:33 GMT
Via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
Last-Modified: Fri, 16 Apr 2021 21:34:41 GMT
Server: AmazonS3
Age: 51430
ETag: "f05b37b48ad09f8f2b1238c1825357b6"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 7909
X-Amz-Cf-Id: uzipd7ZmEyAN8EOZUsnNHquS_O5zkxjrHcDtZnqL-HgM1cuNByTMHQ==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
16ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1804510403&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&ul=en-us&de=UTF-8&dt=Jeff%20Clark&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1727584496.1661477803&tid=UA-90673817-1&_gid=1821413646.1661477803&gtm=2wg8o0KBZNSS9&z=1413608882

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 18:53:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24217
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bg-light.jpg
d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/img/ 115 KB
116 KB 44ms
19ms Image
image/jpeg 2600:9000:2057:1a00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/img/bg-light.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/JCF/inlinecss/da79c500415896fc289fe4f3e7d93dc1.css?versionId=UQQ2djQnK6kWVg3jAgWCDpQd2zFsC0dD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1a00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5aa40c6db18170f8c42935b36d935e2cbdaf7ca7e71ed485dde33c3601e00d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Thu, 25 Aug 2022 01:59:01 GMT
Via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
Last-Modified: Fri, 09 Apr 2021 14:49:24 GMT
Server: AmazonS3
Age: 85062
ETag: "9b80af901cff210c6fdbf294e5509b59"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 117962
X-Amz-Cf-Id: g1QpBU5T7xoBHDLkp7mKK0Z3RLzH_M75kBx5OIUySbXfidn7w_pU6A==

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
secure.jeffclarktrader.com/snowflake/ 21 B
251 B 303ms
303ms XHR
application/json 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/snowflake/logger
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5203809&emailname=20220821-CDD&assetId=AST178959&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Fri, 26 Aug 2022 01:36:43 GMT
via: 1.1 c07945b00aad28e34fbfebb3d3907060.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: ZRH50-C1
x-amzn-requestid: f4e3cbcf-7b17-472a-9e52-abf0125af6bd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-630823ab-5697556232137887585a194e
cf-ray: 7408d68c7f32cc5a-ZRH
x-amz-apigw-id: XcqCwFtbiYcFnKA=
content-length: 21
x-amz-cf-id: PBy7G6s78Fj8zBW7XmGBb8j8Si-lL6jkwE_9hQkGYwd_lqjuLwCWsQ==

GET
H2 200 6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 35 B
574 B 152ms
151ms Image
image/gif 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?gtm.start=1661477802372&event=gtm.js&gtm.uniqueEventId=1&_ts=1661477802956&_nmob=t&_device=desktop&url=secure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&_v=3.0.27&_uid=a2e68ace-69b6-4296-b528-647d9b92145e&_getid=t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BH%2BlTDLqsSG%2Fi6y5ApnCzSJpjrfhChXLM17hB9LRj2Ufmp2mRHqYykvp%2FUcQElcOoD5ntGzBI2NUsWrIoYb9rO3HJJMs8VFA5Hd00mCdH%2FImktCPk9OBK0JbjCUavUTC91Fxg6w6VZMY"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7408d68caeb659cb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 35 B
322 B 152ms
152ms Image
image/gif 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?event=gtm.historyChange&gtm.historyChangeSource=replaceState&gtm.oldUrlFragment=&gtm.newUrlFragment=&gtm.oldHistoryState.navigationId=1&gtm.oldUrl=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD&gtm.newUrl=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&gtm.uniqueEventId=50&_ts=1661477802956&_nmob=t&_device=desktop&url=secure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&_v=3.0.27&_uid=a2e68ace-69b6-4296-b528-647d9b92145e&_getid=t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39%2F5l01IPI0YS01PHSsG0uoYVFBzzbcfy9rEvHg5dyJhTovQrMqU0VqizUBmwzZJXdMpYZZx%2F556%2BrO%2BFYW547LxUutSArsig1h5MLdUYHcXDXJ%2Fm0oB7U95OjwuM%2FQJECkdux%2B%2FykEv"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7408d68caeb859cb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 129ms
129ms Ping
application/json 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=8ae1684c-b6d2-48aa-8d8e-d8177a07521d&batch_time=1661477802970
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK kasupport Show response
ssl.kaptcha.com/collect/ 2 KB
2 KB 520ms
172ms XHR
text/plain 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/kasupport
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ee3c32b057bd027f697511552f3769239060d1075f854fd1fef4b83106235ed5

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 26 Aug 2022 01:36:43 GMT
X-Correlation-Id: 459fc7fe-5bdb-49a3-8db0-cfb921acd6cd
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0

GET
H/1.1 200
OK logo.htm Show response
ssl.kaptcha.com/ Frame C920 22 KB
22 KB 174ms
174ms Document
text/html 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=9ffd335dd07d40f493a8cd37bd4b29c2
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/collect/sdk?m=100014
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: fa18446e25d74d23c3ec220135c0ff959d43c332222cc6bc7303bbab1ee508af

Request headers

Referer: https://secure.jeffclarktrader.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Type: text/html
Date: Fri, 26 Aug 2022 01:36:43 GMT
Expires: 0
Pragma: no-cache
Transfer-Encoding: chunked
X-Correlation-Id: de47eb3d-8809-41c0-9b20-9e589eb18fae

GET
H2 200 a2e68ace-69b6-4296-b528-647d9b92145e Show response
c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/ 237 KB
26 KB 187ms
186ms Script
application/json 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/a2e68ace-69b6-4296-b528-647d9b92145e?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22a2e68ace-69b6-4296-b528-647d9b92145e%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22secure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1%22%2C%22_v%22%3A%223.0.27%22%7D&ts=1661477803046&callback=u_968575266593320700

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d75e52e3724e30ed89d4f8fc1ecbf487b940f2f7f7ddbe839cf72c84d86ddb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7408d68d2f0359cb-MXP
date: Fri, 26 Aug 2022 01:36:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37QcALkWDZ1oAjniT7ZfaL%2BFbuff3%2B80nkqZ0OG89IByuzOWTa7T2YykqciNuQcfAxpq27YeLv3yShuXuTU%2FvAQ5%2BrGJVcse5mGQ7A1yRvhUSNoQoHQk1novCL5Myf%2FjfsaI1m%2BDKWEC"}],"group":"cf-nel","max_age":604800}
content-encoding: br
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 35 B
319 B 154ms
154ms Image
image/gif 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ts=1661477803043&_nmob=t&_device=desktop&url=secure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&_uid=a2e68ace-69b6-4296-b528-647d9b92145e&_v=3.0.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHrGC7kO6mtrf1bbwWgcpakNwHpXmroY%2BmuYgeM%2B9StOTbSJTGUzy9o40%2BuoGbWIz%2B3o5oy%2BH3anN1VQWgVhYvwO%2FYPHywK7sC8tde5B%2Bp3tqAjCBUkxz05mjJ9m3JX7TyOjBxZFXfXc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7408d68d2f0559cb-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 154F 0
0 125ms
32ms Document
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5203809&emailname=20220821-CDD&assetId=AST178959&page=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://secure.jeffclarktrader.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Fri, 26 Aug 2022 01:36:42 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 200 77c21d510266169b
pixel.sitescout.com/up/ 43 B
267 B 126ms
33ms Image
image/gif 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/77c21d510266169b?cntr_url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:42 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 23ms
22ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1804510403&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&ul=en-us&de=UTF-8&dt=Jeff%20Clark&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=1059020071&gjid=1778692851&cid=1727584496.1661477803&tid=UA-170962029-3&_gid=1821413646.1661477803&_r=1&gtm=2wg8o0KBZNSS9&z=1178439490

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.jeffclarktrader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 103ms
41ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B7A3B1F6BCA84BF3999780452EE1FD0B Ref B: FRAEDGE1215 Ref C: 2022-08-26T01:36:43Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 26 Aug 2022 01:36:43 GMT
accept-ranges: bytes
content-length: 11367

GET
H/1.1 200
OK / Show response
js.trackinggrid.com/lr/ 863 B
902 B 827ms
122ms Script
application/javascript 209.59.154.196
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://js.trackinggrid.com/lr/

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.154.196 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

1ebf6a2710236762178861bf15fa6074bd5e61502c1811551099ebe3754e0c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.jeffclarktrader.com/
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 01:36:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 1062
Server: nginx
Etag: W/"PSA-aj-JPd0QB94FZ"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2591998
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 24 Sep 2022 22:15:52 GMT

GET
H2 200 bss-px.min.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 5 KB
2 KB 370ms
369ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/bss-px.min.js?affiliateId=2000&brandId=2004
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5203809&emailname=20220821-CDD&assetId=AST178959&page=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Fri, 26 Aug 2022 01:08:06 GMT
x-amz-cf-pop: FRA60-P1, ZRH50-C1
x-amzn-requestid: 78bf9890-805c-4e6e-ba00-d961f8aec564
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: Xcl2hHirIAMFiKw=
content-length: 2134
last-modified: Tue, 01 Jun 2021 15:08:33 GMT
server: cloudflare
etag: W/"3ee3506660c2ef343d6c68a229cd42be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: fGaHECtcp1774Apxw3QoOeW87E1iGAd2
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront), 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7408d68defa0cc5a-ZRH
x-amz-cf-id: ckJKAkxEsYmuxFazLsj5oDLm56u6y6Cm_Tl0TwYL6Cyy6wIIcAiVig==
x-amzn-remapped-connection: keep-alive

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
61 KB 62ms
29ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10850488633

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3aaa2e18578fc150409c444853805dbc9c99d951ff877a2dd90290fae4b03633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62409
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 00:56:38 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Aug 2022 01:36:43 GMT

POST
H2 200 generic Show response
secure.jeffclarktrader.com/snowflake/ 21 B
300 B 442ms
442ms XHR
application/json 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/snowflake/generic
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5203809&emailname=20220821-CDD&assetId=AST178959&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-api-key: g5wZnpMOAV6d3DVWjACKU9Pz86tj10Es39Avoa3n
Content-Type: application/json

Response headers

date: Fri, 26 Aug 2022 01:36:43 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 7245e91891539560c1f484b1e46159c8.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA60-P1, ZRH50-C1
x-amzn-requestid: 83649c63-9be7-4599-ba27-4d1cb1fc6f3c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-630823ab-3b8c1bbf247dec340557b33b
cf-ray: 7408d68dffa4cc5a-ZRH
x-amz-apigw-id: XcqC0H_DIAMFZFw=
content-length: 21
x-amz-cf-id: zys3RB6xiQnJy6tkQ_Kt4CyuM9OwA5twJs-njiSkYM33gfRKDmpkgg==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 85ms
28ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-170962029-3&cid=1727584496.1661477803&jid=1059020071&gjid=1778692851&_gid=1821413646.1661477803&_u=aEDAAEABAAAAAC~&z=462806685

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Aug 2022 01:36:43 GMT
content-type: text/plain
access-control-allow-origin: https://secure.jeffclarktrader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
trc.taboola.com/sg/lytics/1/ 43 B
378 B 153ms
50ms Image
image/gif 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3Da2e68ace-69b6-4296-b528-647d9b92145e%26account_id%3D6754fc8577b0e933befa552acea53d64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-vcl-time-ms: 24
pragma: no-cache
date: Fri, 26 Aug 2022 01:36:43 GMT
via: 1.1 varnish
server: nginx
x-timer: S1661477803.367863,VS0,VE24
x-served-by: cache-mxp6942-MXP
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 134025820.js Show response
bat.bing.com/p/action/ 0
118 B 167ms
167ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134025820.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 218D7036613A42D1B569BE88FC2FA36E Ref B: FRAEDGE1215 Ref C: 2022-08-26T01:36:43Z
date: Fri, 26 Aug 2022 01:36:43 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
174 B 41ms
41ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134025820&tm=gtm002&Ver=2&mid=744586ba-b9a1-41e8-9d6e-980a0478bbab&sid=8a2b69c024df11ed81c4e5c953a56c95&vid=8a2b9b1024df11ed8382d1933ac51829&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Jeff%20Clark&p=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&r=&lt=2223&evt=pageLoad&sv=1&rn=76407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1EA77CE1F52146048B3E00D14C2332A6 Ref B: FRAEDGE1215 Ref C: 2022-08-26T01:36:43Z
date: Fri, 26 Aug 2022 01:36:43 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 61ms
26ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-170962029-3&cid=1727584496.1661477803&jid=1059020071&_u=aEDAAEABAAAAAC~&z=860590981

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 63ms
28ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-170962029-3&cid=1727584496.1661477803&jid=1059020071&_u=aEDAAEABAAAAAC~&z=860590981

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame C920 0
299 B 174ms
174ms XHR
text/plain 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=9ffd335dd07d40f493a8cd37bd4b29c2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=9ffd335dd07d40f493a8cd37bd4b29c2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 26 Aug 2022 01:36:43 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 0fa78041-745b-40e7-9663-0b2967f21838
Content-Length: 0
Expires: 0

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 140ms
139ms Ping
application/json 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=eacff3a2-08d5-4587-9ad1-90f8b66e7a0d&batch_time=1661477803343
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame C920 0
299 B 228ms
174ms XHR
text/plain 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=9ffd335dd07d40f493a8cd37bd4b29c2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=9ffd335dd07d40f493a8cd37bd4b29c2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 26 Aug 2022 01:36:43 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: c35276f9-2037-46fe-ba46-7d4d3047eef2
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK cookiestore Show response
ssl.kaptcha.com/collect/ 0
299 B 171ms
171ms XHR
text/plain 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/cookiestore
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 26 Aug 2022 01:36:43 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 60a6648f-2afd-4d70-9b5f-b71d59df342b
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame C920 0
299 B 335ms
173ms XHR
text/plain 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=9ffd335dd07d40f493a8cd37bd4b29c2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=9ffd335dd07d40f493a8cd37bd4b29c2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 26 Aug 2022 01:36:43 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 9f62945b-7bb1-4769-84fe-860d5625fc22
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame C920 0
299 B 447ms
172ms XHR
text/plain 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=9ffd335dd07d40f493a8cd37bd4b29c2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=9ffd335dd07d40f493a8cd37bd4b29c2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 26 Aug 2022 01:36:43 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: ad5ef497-ccfb-4d7f-90f5-bf8545f60bc1
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK fin Show response
ssl.kaptcha.com/ Frame C920 0
299 B 504ms
173ms XHR
text/plain 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/fin
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=9ffd335dd07d40f493a8cd37bd4b29c2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=9ffd335dd07d40f493a8cd37bd4b29c2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 26 Aug 2022 01:36:43 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 413ad70d-a587-4f1e-a840-3009b5d09ef5
Content-Length: 0
Expires: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 90ms
36ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10850488633

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

3518dc23a7598efd9b2492134cd52c36ba126f28f62d3685d21e8373a2a0b92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15841
x-xss-protection: 0
server: cafe
etag: 3917395523371313451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 01:36:43 GMT

POST
H2 200 logger Show response
secure.jeffclarktrader.com/snowflake/ 21 B
288 B 688ms
688ms XHR
application/json 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/snowflake/logger
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5203809&emailname=20220821-CDD&assetId=AST178959&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
via: 1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: ZRH50-C1
x-amzn-requestid: d980725d-c7f4-4e6d-aa0f-af911a11407b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-630823ac-3dbd52de32265c756315258f
cf-ray: 7408d690587ecc5a-ZRH
x-amz-apigw-id: XcqC6Gk4iYcFlqQ=
content-length: 21
x-amz-cf-id: FPcw2Ucdy58mMv3n3cZdA_G7Q3JqRbpUS4ct-1ePrqOa2r3WtBpmqg==

OPTIONS
H2 200 6249094980001
edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/ Frame 0
0 73ms
15ms Preflight 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/6249094980001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://secure.jeffclarktrader.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Fri, 26 Aug 2022 01:36:43 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4067-HHN
x-timer: S1661477804.685259,VS0,VE0

GET
H2 200 vtt.global.min.js Show response
vjs.zencdn.net/vttjs/0.12.5/ 20 KB
7 KB 90ms
25ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:43 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2017 21:04:55 GMT
etag: "f30dac97e5c2aaa10a7695b93cc66699"
x-served-by: cache-mxp6929-MXP
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 7231
x-cache-hits: 135529

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 69ms
31ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 26 Aug 2022 01:36:43 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
207 B 67ms
30ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 26 Aug 2022 01:36:43 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 6249094980001 Show response
edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/ 5 KB
5 KB 90ms
90ms XHR
application/json 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/6249094980001
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 22c1af338970d668e05edbe2c60f4f2fa8b31694b71444175ec56dd061ce35e9

Request headers

Accept: application/json;pk=BCpkADawqM18bNrtg81z9CsS9ERCN71x-_ntsRN4hc5BEWiBt_JPwrFbQmEhXcLwtFCOpiegWE1GyczMOqn0hOz53TOClK3WOZTkP8UO9EaZuG74hAr14nnF-80NEsEO-EsGv7v4OiLJqGyY
Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

bc-override-client-ip: 193.27.14.10
date: Fri, 26 Aug 2022 01:36:43 GMT
powered-from: eu-central-1b
bcov-request-id: 914a9341-fc50-4fef-9ebc-ec365c0f9d46
age: 0
policy-key-accountid: 5102072647001
x-cache: MISS
powered-by: BC
content-length: 4660
via: 1.1 varnish
x-served-by: cache-hhn4067-HHN
policy-key-raw: BCpkADawqM18bNrtg81z9CsS9ERCN71x-_ntsRN4hc5BEWiBt_JPwrFbQmEhXcLwtFCOpiegWE1GyczMOqn0hOz53TOClK3WOZTkP8UO9EaZuG74hAr14nnF-80NEsEO-EsGv7v4OiLJqGyY
x-timer: S1661477804.701480,VS0,VE75
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 0

GET
BLOB 200
OK 65f212ba-e623-4e93-aaad-56007a85f65c
https://secure.jeffclarktrader.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.jeffclarktrader.com/65f212ba-e623-4e93-aaad-56007a85f65c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14bf8292ae1e1ac698da2f2155f00ab24d5eda73e0c3e1e25e368a905759283b

Request headers

Referer
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 44ms
31ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=875e34ab1268b01dd165b487&account=5102072647001&destination=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&platform_version=6.27.0&player=players.brightcove.com%2F5102072647001%2F0zLsWuD5UW_default&player_name=Marketing%20Player%20-%20No%20autoplay&source=&usage=inpage-embed&event=player_load&time=1661477803639&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=26000000&qos.performance.memory.totalJSHeapSize=35100000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=1661477800616&qos.performance.timing.loadEventStart=1661477800615&qos.performance.timing.domComplete=1661477800615&qos.performance.timing.domContentLoadedEventEnd=1661477800601&qos.performance.timing.domContentLoadedEventStart=1661477800601&qos.performance.timing.domInteractive=1661477800023&qos.performance.timing.domLoading=1661477799461&qos.performance.timing.responseEnd=1661477799459&qos.performance.timing.responseStart=1661477799458&qos.performance.timing.requestStart=1661477798949&qos.performance.timing.secureConnectionStart=1661477798919&qos.performance.timing.connectEnd=1661477798949&qos.performance.timing.connectStart=1661477798897&qos.performance.timing.domainLookupEnd=1661477798897&qos.performance.timing.domainLookupStart=1661477798883&qos.performance.timing.fetchStart=1661477798883&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1661477798393&qos.performance.bcInit=44&qos.player.dimensions=%5B%5B1661477803638%2C%22300x150%22%2C%22800x450%22%5D%5D&qos.player.pixelratio=%5B%5B1661477803638%2C1%5D%5D&qos.player.screendimensions=%5B%5B1661477803638%2C%221600x1200%22%5D%5D&seq=2

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 26 Aug 2022 01:36:43 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10850488633/ 3 KB
2 KB 70ms
31ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10850488633/?random=1661477803650&cv=9&fst=1661477803650&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=638847570.1661477804&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

070eda999d9134a9d2998cedf2eb549db1cacc2a8e9caa207c8623ef9176ad06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 121ms
119ms Ping
application/json 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=d73e34c2-f011-41a4-9dbe-55d1b827471c&batch_time=1661477803686
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 /
www.google.com/pagead/1p-user-list/10850488633/ 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10850488633/?random=1661477803650&cv=9&fst=1661475600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=4252932267&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10850488633/ 42 B
64 B 31ms
30ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10850488633/?random=1661477803650&cv=9&fst=1661475600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=4252932267&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 logger Show response
secure.jeffclarktrader.com/snowflake/ 21 B
274 B 320ms
320ms XHR
application/json 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/snowflake/logger
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5203809&emailname=20220821-CDD&assetId=AST178959&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: ZRH50-C1
x-amzn-requestid: 76535b04-f194-4ddd-b42b-acd49debac4c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-630823ab-3b56f3c81219dec41f757248
cf-ray: 7408d69178dbcc5a-ZRH
x-amz-apigw-id: XcqC4Ga0iYcFyyg=
content-length: 21
x-amz-cf-id: Sh_4KRJOt5HMEksMa4X8Q89n4VL0cATIwHakpZpXRr6dGkUrBqFRsw==

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 101 KB
22 KB 33ms
33ms Script
text/javascript 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7408d691897c59cb-MXP
date: Fri, 26 Aug 2022 01:36:43 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 25 Aug 2022 23:37:24 GMT
server: cloudflare
age: 7159
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vouikVcd73Sj0ZSE%2FqsWd%2BvSaeBNf0ftaM6sVXatg5CSXjKu6%2B9vpx%2FjRlJ3RBQHoT8CqmCh1a9DBMSBngzBDIBmL96KjdU040%2Fj1%2BHBk%2B3MKXHqoxh0x7ucvAWbAcklnhHp553EOc89"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

POST
H3 200 tracker
metrics.brightcove.com/v2/ 35 B
49 B 70ms
34ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 26 Aug 2022 01:36:43 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET thumbnail.webvtt
manifest.prod.boltdns.net/thumbnail/v1/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/3e726622-82bb-43ef-b5c4-aa62aa576610/ 0
0

GET
H2 200 thumbnail.webvtt Show response
manifest.prod.boltdns.net/thumbnail/v1/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/3e726622-82bb-43ef-b5c4-aa62aa576610/ 135 KB
135 KB 169ms
140ms XHR
text/vtt 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/3e726622-82bb-43ef-b5c4-aa62aa576610/thumbnail.webvtt?fastly_token=NjMwODg0MWRfOTFkYjViNTE2NGI5YjY1OTg0ZDJhNWQ4N2YyZTZkZWM3MDYxYjUzMDM1MTkxMzhmMTIyZWJiNjcwOGFhYmUwZQ%3D%3D
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: cbaae7bb0ee8254ef3b6884a79804dd96893ff8e84f634c59aac5dd20c78a6b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:43 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 138336
x-served-by: cache-hhn4067-HHN
x-device-group: desktop-chrome
x-timer: S1661477804.837827,VS0,VE125
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/vtt; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/6ceef67e-9fed-4043-aa06-32b18de350e9/1280x720/match/ 150 KB
150 KB 109ms
17ms Image
image/jpeg 13.32.99.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/6ceef67e-9fed-4043-aa06-32b18de350e9/1280x720/match/image.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-44.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 2818ae4a1707c05fdf021ca9ad759ad320526935fb07d06d82db02440245579d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 10:49:25 GMT
Via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 5410038
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: aZKL2znaEM16ee3uh9O0JJuscPydoNNXddV_J-rC01BJjqy6k9UFTQ==
Expires: Sat, 24 Jun 2023 10:49:25 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 129ms
128ms Ping
application/json 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=ca6c7ba8-5b2e-4054-9f0c-b8f83df388bd&batch_time=1661477803804
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/10s/ 7 KB
7 KB 77ms
60ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/10s/master.m3u8?fastly_token=NjMwODg0MWRfMzk0ZDk3NTVmYjMyZTEzODRjOWVlMzQ4OWEzMDNiOTk4YjNhMzkxZTdmMzEzNTM1ZmVhZGVhODIzYTA5ZTM2OQ%3D%3D
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 94df4cb381e94867a61110b73d9c828ba808ccd451506874dd36b6c28f8a698c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:43 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
x-bolt-device-group: desktop-chrome
content-length: 7279
x-served-by: cache-hhn4067-HHN
x-device-group: desktop-chrome
x-timer: S1661477804.837924,VS0,VE45
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 32ms
32ms Stylesheet
text/css 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7408d691e9b859cb-MXP
date: Fri, 26 Aug 2022 01:36:43 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 01:35:55 GMT
server: cloudflare
age: 48
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzoS3fKwQTuZox2eaovu7x1vtbGhH9fHo%2BAfzEfe3LFOa7XwqMH6HSLKorXF%2F2dpQN0sLSF%2Brtup0XAu6XUoLVW2KgZjDsBHHtpEUaG8oUtXnz9JdoALrONO1YbwKTLMSB%2B%2FoP8xxfGL"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
BLOB 200
OK 7cec2ea4-b0e3-4e91-b49e-b61257e4f5dc
https://secure.jeffclarktrader.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.jeffclarktrader.com/7cec2ea4-b0e3-4e91-b49e-b61257e4f5dc
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3f7c0ed14b5b7347b93e0e91f558238b0c0542501b484de714eef38e9e236fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 5922
Content-Type: application/javascript

GET
H2 200 config.js Show response
c.lytics.io/api/experience/candidate/6754fc8577b0e933befa552acea53d64/ 556 KB
39 KB 292ms
291ms Script
application/javascript 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/experience/candidate/6754fc8577b0e933befa552acea53d64/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a4671945b6a45491721eb1d52f516ff443395562bc1cdbc2adc647b8fc6cb54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7408d691f9c059cb-MXP
date: Fri, 26 Aug 2022 01:36:44 GMT
via: 1.1 google
cf-cache-status: EXPIRED
last-modified: Thu, 25 Aug 2022 23:28:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnNRJA10Qy5J9rvumggQk%2FXvw%2FpCpQ%2BmT6jsXkiTXH0QLDLmv%2F9yIKKHUPPdkpbWiARyhhd1BQfkATGVcV3CtaVsQdjDoy3Z888bTtXw9hUyZfuj4JoliZH4uRcLvTj7IgJmZYmhplts"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

POST
H3 200 tracker
metrics.brightcove.com/v2/ 35 B
49 B 30ms
30ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 26 Aug 2022 01:36:43 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/68025fc9-a6b1-4003-9d3a-c1a3423be67e/10s/ 87 KB
87 KB 180ms
180ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/68025fc9-a6b1-4003-9d3a-c1a3423be67e/10s/rendition.m3u8?fastly_token=NjMwODg0MWRfNzYyNDA1M2I0OGMwMDliZDdkMThlNTk1OTQ1OGI0Y2Q5OTAzNzk0MjMzN2U2ODMxYWFlNjljNGY3NmQ0ZmNiOA%3D%3D
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: b37137b66fae410f7f6d82f4f863cba408a01619a31e99826bec2325289fe3de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 89067
x-served-by: cache-hhn4067-HHN
x-device-group: desktop-chrome
x-timer: S1661477804.906205,VS0,VE164
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
61 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-753664851

Requested by

Host: js.trackinggrid.com
URL: https://js.trackinggrid.com/lr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f27c4d019ade75b31798c921436a3b8b0caf17c783d59ac236174e768264ff85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62417
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 00:56:38 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Aug 2022 01:36:44 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 72ms
37ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-753664851

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

3518dc23a7598efd9b2492134cd52c36ba126f28f62d3685d21e8373a2a0b92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15841
x-xss-protection: 0
server: cafe
etag: 3917395523371313451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 01:36:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
41 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137602623-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06f165e1ab38fc96a64b20af2e0be74343a6e4464479a3cacc3bc8eb29d8af75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42099
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 00:56:38 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Aug 2022 01:36:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
61 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-456578300&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

821c167679b0072be706187d8569af8b7320edf70715c2506fe3c13da426f0dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62422
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 00:56:38 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Aug 2022 01:36:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-700588147&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1dc1c08ba03296d23b369a39f318d89772e3c281caabf0196114bff8ade0fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45699
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 00:56:38 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Aug 2022 01:36:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
61 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-311444767&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3de75b1a66e482ee209f05ec9667147e347732ceee57213ca4d51ffd81fa4e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62399
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 00:56:38 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Aug 2022 01:36:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-668877205&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8a7446846fc68e2522c08dc93ff72b196dfccff6cd040fe043a3a7b75dc0265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45680
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 00:56:38 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Aug 2022 01:36:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10828766220&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b5bf24f4f30e290a37a5d278437b953f51dbe274e99340e72787b74cd3ef5ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45687
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 00:56:38 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Aug 2022 01:36:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-668474013&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2992024702453fa73c92c88fe8fc69c22268970ef02a5e1670757a950fd27337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45738
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 00:56:38 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Aug 2022 01:36:44 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 141ms
140ms Ping
application/json 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=83db4fcb-391c-47f5-8493-53f909230ba4&batch_time=1661477804078
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/b1e2740d-07eb-41fc-a01f-b3ca5db365c2/10s/ 88 KB
88 KB 222ms
219ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/b1e2740d-07eb-41fc-a01f-b3ca5db365c2/10s/rendition.m3u8?fastly_token=NjMwODg0MWRfMTU3ZWJmYzA0NDgzYzhjMjM1NzJlOGU1MzY1Y2YwY2U1YjAxNzk0ZjBlYTIxZjE0MmFjZGExM2E0YjY2ZDdjMQ%3D%3D
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 96caa69c01bf1ca2145023e1f3a450cd75bde025797a33b156ed634694f92107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 89822
x-served-by: cache-hhn4067-HHN
x-device-group: desktop-chrome
x-timer: S1661477804.099256,VS0,VE203
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
BLOB 200
OK ba04feea-a4c8-4881-93cc-09db7435eec7
https://secure.jeffclarktrader.com/ 68 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.jeffclarktrader.com/ba04feea-a4c8-4881-93cc-09db7435eec7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21d93ac5a388df10b961801cce44bd72d8e612f9c5305c769ef2602b9b0480eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 70120
Content-Type: application/javascript

GET
H2 200 a626d881-9ca8-4e42-a761-0e5cef66aadc Show response
manifest.prod.boltdns.net/license/v1/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/ 16 B
188 B 252ms
252ms XHR
application/octet-stream 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/license/v1/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/a626d881-9ca8-4e42-a761-0e5cef66aadc?fastly_token=NjMwODg0MWVfNTdlNzRjMGZmODE3YjFkZjVjYWRjZTNhNjg1MWQ0NDEyZjZjNGQwOGE2Njk3NTk4ZGNjYzQ3N2I1ZjYzMmEyMQ%3D%3D
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 5d727f45985f355b7d9d17c9f2eb2ece4e2ba45ca88fdbbd2e4f1713d1d6b9b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
via: 1.1 varnish
bcov-request-id: 392ada6b-34fe-4a1f-a9d8-dcde2a7c2cdf
x-powered-by: BC
x-cache: MISS
x-hosted-on: Gantry
content-length: 16
x-served-by: cache-hhn4067-HHN
x-device-group: desktop-chrome
x-timer: S1661477804.103227,VS0,VE237
x-powered-from: eu-west-1b
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=3753
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts Show response
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/68025fc9-a6b1-4003-9d3a-c1a3423be67e/a626d881-9ca8-4e42-a761-0e5cef66aadc/5x/ 2 MB
2 MB 167ms
34ms XHR
video/mp2t 2a02:26f0:11a::6867:4831
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/68025fc9-a6b1-4003-9d3a-c1a3423be67e/a626d881-9ca8-4e42-a761-0e5cef66aadc/5x/segment0.ts?akamai_token=exp=1661502493~acl=/media/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/68025fc9-a6b1-4003-9d3a-c1a3423be67e/a626d881-9ca8-4e42-a761-0e5cef66aadc/*~hmac=cc5f4c52921106a60f261fed9c821c48cc65acec23ce6ff3e5a26bca38277f2f
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:11a::6867:4831 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: a38ca7cfbe9fed1deef889ca645230eea836123c74d6c5cc09c42c2b2afc378d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 01:36:44 GMT
X-Amz-Cf-Pop: EWR52-C4
X-Powered-By: BC
Backend-IP: 99.84.47.55
X-Edge-Origin-FBL: 0.301
BC-MID: true
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1901440
X-Served-By: cache-ewr18123-EWR
Akamai-Mon-Iucid-Del: 1315351
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1657384071.417447,VS0,VE49
X-Powered-From: gantry
ETag: "a8afab0d5d5614334a69115d219ee61d"
X-Cache-Hits: 1
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=29544613
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
X-Amz-Cf-Id: t1wzDFxZ9Dld-iHEkyAvqd6YwuIOikfW1wp8jPh3nrQzXEFuYPkWvg==
Expires: Thu, 03 Aug 2023 00:26:57 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 23ms
22ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1804510403&t=pageview&_s=1&dl=secure.jeffclarktrader.com%2Fhttps%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&ul=en-us&de=UTF-8&dt=lrRemJS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1826623054&gjid=1722081552&cid=1727584496.1661477803&tid=UA-137602623-2&_gid=1821413646.1661477803&_r=1&gtm=2ou8o0&z=1978196345

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.jeffclarktrader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137602623-2&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2084
date: Fri, 26 Aug 2022 01:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 26 Aug 2022 03:02:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/668877205/ 3 KB
1 KB 86ms
53ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668877205/?random=1661477804188&cv=9&fst=1661477804188&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=638847570.1661477804&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72f3749edc67c66a7233f2467c0465768d686d322b2a1bc112a5a01cc393cb70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/753664851/ 3 KB
1 KB 70ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/753664851/?random=1661477804190&cv=9&fst=1661477804190&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&ig=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=638847570.1661477804&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0be0f38bc2f36d376fe5bc156cc9e8b46b2dc5694f9a8a2c01834304cb09d168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1265
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10828766220/ 3 KB
1 KB 67ms
36ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10828766220/?random=1661477804191&cv=9&fst=1661477804191&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=638847570.1661477804&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c78d953b78a47ec89cb3cfcada2772d64d94aae318d0018bd1cd86bacfce39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/700588147/ 3 KB
1 KB 64ms
35ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/700588147/?random=1661477804192&cv=9&fst=1661477804192&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=638847570.1661477804&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acf335a007ccf24f70773dcf53bf06c64623a55d1f80df81b2df98a3e51a335e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/311444767/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/311444767/?random=1661477804192&cv=9&fst=1661477804192&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/311444767/?random=1661477804192&cv=9&fst=1661475600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/311444767/?random=1661477804192&cv=9&fst=1661475600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

28ms
28ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/311444767/?random=1661477804192&cv=9&fst=1661475600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&is_vtc=1&random=3833169838&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/311444767/?random=1661477804192&cv=9&fst=1661475600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&is_vtc=1&random=3833169838&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/668474013/ 3 KB
1 KB 62ms
33ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668474013/?random=1661477804193&cv=9&fst=1661477804193&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=638847570.1661477804&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2f9b719965db70075a333e96bc07d50b3f74cf9d4d4120d73270506e4747697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/456578300/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/456578300/?random=1661477804193&cv=9&fst=1661477804193&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/456578300/?random=1661477804193&cv=9&fst=1661475600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/456578300/?random=1661477804193&cv=9&fst=1661475600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

31ms
31ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/456578300/?random=1661477804193&cv=9&fst=1661475600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&is_vtc=1&random=1258186694&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/456578300/?random=1661477804193&cv=9&fst=1661475600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&is_vtc=1&random=1258186694&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/668474013/ 42 B
64 B 34ms
30ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/668474013/?random=1661477804193&cv=9&fst=1661475600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=466848828&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/668474013/ 42 B
64 B 33ms
30ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/668474013/?random=1661477804193&cv=9&fst=1661475600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=466848828&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/700588147/ 42 B
64 B 33ms
31ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/700588147/?random=1661477804192&cv=9&fst=1661475600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=130237916&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/700588147/ 42 B
64 B 49ms
48ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/700588147/?random=1661477804192&cv=9&fst=1661475600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=130237916&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10828766220/ 42 B
64 B 30ms
30ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10828766220/?random=1661477804191&cv=9&fst=1661475600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=2706863273&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10828766220/ 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10828766220/?random=1661477804191&cv=9&fst=1661475600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=2706863273&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 137ms
137ms Ping
application/json 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=21a9594f-3fae-4f8a-a5c3-a6d06e2e19f1&batch_time=1661477804263
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 /
www.google.com/pagead/1p-user-list/753664851/ 42 B
64 B 30ms
30ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/753664851/?random=1661477804190&cv=9&fst=1661475600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=259237231&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/753664851/ 42 B
64 B 33ms
33ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/753664851/?random=1661477804190&cv=9&fst=1661475600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=259237231&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/668877205/ 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/668877205/?random=1661477804188&cv=9&fst=1661475600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=1510752677&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/668877205/ 42 B
64 B 28ms
28ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/668877205/?random=1661477804188&cv=9&fst=1661475600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8o0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT666434%26step%3Dstart%26plcid%3DPLC151358%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5203809%26emailname%3D20220821-CDD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=1510752677&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Aug 2022 01:36:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 123ms
123ms Ping
application/json 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=9a017c7b-3795-411f-8a45-f87e22c99d41&batch_time=1661477804310
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
BLOB 200
OK 569ec85d-91c5-437a-87d4-1a9e7bca73bf
https://secure.jeffclarktrader.com/ 68 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.jeffclarktrader.com/569ec85d-91c5-437a-87d4-1a9e7bca73bf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21d93ac5a388df10b961801cce44bd72d8e612f9c5305c769ef2602b9b0480eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 70120
Content-Type: application/javascript

GET
H2 200 a626d881-9ca8-4e42-a761-0e5cef66aadc Show response
manifest.prod.boltdns.net/license/v1/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/ 16 B
117 B 147ms
147ms XHR
application/octet-stream 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/license/v1/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/a626d881-9ca8-4e42-a761-0e5cef66aadc?fastly_token=NjMwODg0MWVfNTdlNzRjMGZmODE3YjFkZjVjYWRjZTNhNjg1MWQ0NDEyZjZjNGQwOGE2Njk3NTk4ZGNjYzQ3N2I1ZjYzMmEyMQ%3D%3D
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 5d727f45985f355b7d9d17c9f2eb2ece4e2ba45ca88fdbbd2e4f1713d1d6b9b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:36:44 GMT
via: 1.1 varnish
bcov-request-id: 63c070e7-5756-411d-a910-5b1e125f2f70
x-powered-by: BC
x-cache: MISS
x-hosted-on: Gantry
content-length: 16
x-served-by: cache-hhn4067-HHN
x-device-group: desktop-chrome
x-timer: S1661477804.334867,VS0,VE131
x-powered-from: eu-west-1a
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=3753
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts Show response
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/b1e2740d-07eb-41fc-a01f-b3ca5db365c2/a626d881-9ca8-4e42-a761-0e5cef66aadc/5x/ 285 KB
286 KB 83ms
31ms XHR
video/mp2t 2a02:26f0:11a::6867:4831
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/b1e2740d-07eb-41fc-a01f-b3ca5db365c2/a626d881-9ca8-4e42-a761-0e5cef66aadc/5x/segment0.ts?akamai_token=exp=1661502494~acl=/media/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/b1e2740d-07eb-41fc-a01f-b3ca5db365c2/a626d881-9ca8-4e42-a761-0e5cef66aadc/*~hmac=920af48a96d02ff7ea562a079c150132e078ba84fdb6a464980cb5c1b73d4648
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:11a::6867:4831 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: 3bb1abc8bfb04aef8fc55af082f37aaa7405e5edc92d0b0f29f3977127bc9be3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 26 Aug 2022 01:36:44 GMT
X-Amz-Cf-Pop: EWR52-C4
X-Powered-By: BC
Backend-IP: 99.84.47.51
BC-MID: true
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 292160
X-Served-By: cache-ewr18134-EWR
Akamai-Mon-Iucid-Del: 1315351
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1659334088.158658,VS0,VE2
X-Powered-From: gantry
ETag: "1c5e370e1f561ef0fec0223929127d95"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=29392316
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
X-Amz-Cf-Id: MO3lIVVOBzIO1DvPVW2f83O1v6F4EXQjykPjqBa6iHuU9uZdO1W8dg==
Expires: Tue, 01 Aug 2023 06:08:40 GMT
X-Cache-Hits: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: manifest.prod.boltdns.net
URL: http://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/3e726622-82bb-43ef-b5c4-aa62aa576610/thumbnail.webvtt?fastly_token=NjMwODg0MWRfOTFkYjViNTE2NGI5YjY1OTg0ZDJhNWQ4N2YyZTZkZWM3MDYxYjUzMDM1MTkxMzhmMTIyZWJiNjcwOGFhYmUwZQ%3D%3D

Verdicts & Comments Add Verdict or Comment

493 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.listrakbi.com/mJqOWFhiqMPC	1970-01-20 15:07:17	Name: gsid Value: prW4IgWaEvKVS%2buLAIqYdUmKy5iXV3jh5uZ%2fiBPlHcdgcmSRmTXW5tMvHfntMY7Wq1TOwwhZZvE%3d
.listrakbi.com/mJqOWFhiqMPC	1970-01-20 14:16:53	Name: scasid Value: 9ebdf513-92cd-443c-82db-1c78a57a8dc6
.paypal.com/	1970-01-20 15:07:17	Name: ts Value: vreXpYrS%3D1756172200%26vteXpYrS%3D1661479600%26vr%3Dd7cb495c1820a5685157bbe3ffffffff%26vt%3Dd7cb495c1820a5685157bbe3fffffffe
.paypal.com/	1970-01-20 15:07:17	Name: ts_c Value: vr%3Dd7cb495c1820a5685157bbe3ffffffff%26vt%3Dd7cb495c1820a5685157bbe3fffffffe
.jeffclarktrader.com/	1970-01-20 15:07:17	Name: _ga Value: GA1.2.1727584496.1661477803
.jeffclarktrader.com/	1970-01-20 05:32:44	Name: _gid Value: GA1.2.1821413646.1661477803
.jeffclarktrader.com/	1970-01-20 05:31:17	Name: _gat_UA-90673817-1 Value: 1
s1.listrakbi.com/	1970-01-20 05:41:22	Name: AWSALBCORS Value: PTdEZK7t2oidlkZKRiESXRHI45NOvk8J145IQDsh4bD1P17xVUjv0q8ImMbCNy/qkXG/UYbAzsfSYXVrbLjVs08nL/HUkZ6Sol/NohOWnHXpMJb4Di25l23KLanT
.listrakbi.com/	1970-01-20 07:40:53	Name: usid Value: 5a75facefabe459e894de20359298272
.jeffclarktrader.com/	1970-01-20 15:07:17	Name: GSIDmJqOWFhiqMPC Value: 64db2edf-a3c6-4893-b690-7210a8d005c3
.jeffclarktrader.com/	1970-01-20 14:16:53	Name: STSID954314 Value: 9ebdf513-92cd-443c-82db-1c78a57a8dc6
secure.jeffclarktrader.com/	1970-01-20 15:07:17	Name: bssSessionId Value: eeafdeeb-5ea1-4a4e-86b7-60f04a5222f3
secure.jeffclarktrader.com/	1970-01-20 06:57:41	Name: MKT534830_MKT666434_AST178959 Value: visited
secure.jeffclarktrader.com/	1970-01-20 14:16:53	Name: lr_cue_2104JCFLaunch2021_19_v1 Value: 0
.secure.jeffclarktrader.com/	1970-01-20 05:31:19	Name: seerses Value: e
ssl.kaptcha.com/	1970-01-20 07:40:53	Name: k Value: 20c311b7b10f4e34b5b40314cf74d0c8
.secure.jeffclarktrader.com/	1970-01-20 15:07:17	Name: seerid Value: a2e68ace-69b6-4296-b528-647d9b92145e
.lytics.io/	1970-01-20 15:07:17	Name: seerid Value: a2e68ace-69b6-4296-b528-647d9b92145e
.jeffclarktrader.com/	1970-01-20 05:31:17	Name: _gat_UA-170962029-3 Value: 1
.bing.com/	1970-01-20 14:52:53	Name: MUID Value: 0C08249CBA0D629F3EB73690BBDF63E0
.jeffclarktrader.com/	1970-01-20 05:32:44	Name: _uetsid Value: 8a2b69c024df11ed81c4e5c953a56c95
.jeffclarktrader.com/	1970-01-20 14:52:53	Name: _uetvid Value: 8a2b9b1024df11ed8382d1933ac51829
secure.jeffclarktrader.com/	1970-01-20 14:16:53	Name: cdn.beaconstreetservices.100014.ka.ck Value: 3a7b08445db5fca659340a98abaf4a2d0ad38e251ce0d89b3910501b53c185017253ab3273d25f9fce9e43ce8c2288c33441af50b5733c1d0eb508b2c9056d268eb9ad0554f2336c255c5a2371c0f1eef0e79e19f776541055c2c6707a3619be326eba1eaf26db5c20851cca2ab9901cdfe798a4cf5f316cec8900fc737b452de96bda5d8e3ec0222a6ee8aaebaad782eb6a54fcaf7efdc9ca49
.jeffclarktrader.com/	1970-01-20 07:40:53	Name: _gcl_au Value: 1.1.638847570.1661477804
secure.jeffclarktrader.com/	1970-01-20 05:31:18	Name: _dd_s Value: logs=1&id=112d6d8d-dc02-4923-adbf-c08551197689&created=1661477800574&expire=1661478700579&rum=1
.jeffclarktrader.com/	1970-01-20 05:31:17	Name: _gat_gtag_UA_137602623_2 Value: 1
.doubleclick.net/	1970-01-20 14:52:53	Name: IDE Value: AHWqTUmkOLs4IfY_D9S7hbXVuaR92HsjTRgxh3HXWqCOGOJX-uDf8TQkJeB6PQ4w

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://secure.jeffclarktrader.com/polyfills-es2015.js Message: Mixed Content: The page at 'https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT666434&step=start&plcid=PLC151358&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5203809&emailname=20220821-CDD&assetId=AST178959&page=1' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/3e726622-82bb-43ef-b5c4-aa62aa576610/thumbnail.webvtt?fastly_token=NjMwODg0MWRfOTFkYjViNTE2NGI5YjY1OTg0ZDJhNWQ4N2YyZTZkZWM3MDYxYjUzMDM1MTkxMzhmMTIyZWJiNjcwOGFhYmUwZQ%3D%3D'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
bcbolt446c5271-a.akamaihd.net
c.lytics.io
cdn.listrakbi.com
cdn.mxpnl.com
cdnjs.cloudflare.com
cf-images.us-east-1.prod.boltdns.net
click.exct.caseyresearch.com
code.jquery.com
d3bjnmbj12697.cloudfront.net
edge.api.brightcove.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gsdpeazjjf.execute-api.us-east-1.amazonaws.com
js.trackinggrid.com
manifest.prod.boltdns.net
marketingassets.cloudsna.com
metrics.brightcove.com
pixel.sitescout.com
players.brightcove.net
rum.browser-intake-datadoghq.com
s1.listrakbi.com
s3.amazonaws.com
secure.jeffclarktrader.com
ssl.kaptcha.com
static.zuora.com
stats.g.doubleclick.net
t.paypal.com
tracking.legacyoffers.com
trc.taboola.com
up.pixel.ad
use.fontawesome.com
vjs.zencdn.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
manifest.prod.boltdns.net
104.18.6.244
108.128.85.69
13.111.45.58
13.32.99.44
151.101.129.21
151.101.2.27
172.217.18.2
178.79.242.16
18.66.130.11
192.229.221.25
2001:4de0:ac18::1:a:3b
209.59.154.196
23.35.237.37
2600:1901:0:bc29::
2600:1f18:24e6:b901:28fe:d66a:cdbd:bbe
2600:9000:2057:1a00:f:75e2:4ac0:21
2606:4700:20::ac43:49ec
2606:4700:3032::ac43:a9f7
2606:4700::6810:ea05
2606:4700::6810:f41b
2606:4700::6811:180e
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c09::9b
2a02:26f0:11a::6867:4831
2a04:4e42:600::300
2a04:4e42::729
35.244.232.184
52.217.132.96
52.222.236.123
54.148.115.137
66.155.71.150
92.123.29.243
013050e8e5ab5ca56b6344fe09502a82fc4ced559a155646ff286b4af3545eeb
06f165e1ab38fc96a64b20af2e0be74343a6e4464479a3cacc3bc8eb29d8af75
070eda999d9134a9d2998cedf2eb549db1cacc2a8e9caa207c8623ef9176ad06
08cb0f46ed2415058019966967713095ef16ce83d54c74a5f52a61846dbe2399
09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d
0be0f38bc2f36d376fe5bc156cc9e8b46b2dc5694f9a8a2c01834304cb09d168
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
14bf8292ae1e1ac698da2f2155f00ab24d5eda73e0c3e1e25e368a905759283b
1ebf6a2710236762178861bf15fa6074bd5e61502c1811551099ebe3754e0c83
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
21d93ac5a388df10b961801cce44bd72d8e612f9c5305c769ef2602b9b0480eb
22c1af338970d668e05edbe2c60f4f2fa8b31694b71444175ec56dd061ce35e9
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
2818ae4a1707c05fdf021ca9ad759ad320526935fb07d06d82db02440245579d
28e7a175bbbb2d42cd553a6f0ec8135cfe0ddb6fc2e21975d01e5cd0bafdff13
2992024702453fa73c92c88fe8fc69c22268970ef02a5e1670757a950fd27337
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3518dc23a7598efd9b2492134cd52c36ba126f28f62d3685d21e8373a2a0b92e
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
3aaa2e18578fc150409c444853805dbc9c99d951ff877a2dd90290fae4b03633
3bb1abc8bfb04aef8fc55af082f37aaa7405e5edc92d0b0f29f3977127bc9be3
3c117e5507807b5c9d0bf307f55992c726d33e8bdbadbcfe505f48cdc025a231
3d75e52e3724e30ed89d4f8fc1ecbf487b940f2f7f7ddbe839cf72c84d86ddb4
3de75b1a66e482ee209f05ec9667147e347732ceee57213ca4d51ffd81fa4e03
4963143a31cb8a457413caa891052d208de3bd889cce03315d76dd1606924af0
507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d
5497d558c5d57e560b31c238171ef0617add9658659ffe2c353ce24020f10d79
58a6f49e92f7d2fd1246d98c568c2ac7d6be832ddfece67ec9f7ef3332766adf
5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5aa40c6db18170f8c42935b36d935e2cbdaf7ca7e71ed485dde33c3601e00d51
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5d727f45985f355b7d9d17c9f2eb2ece4e2ba45ca88fdbbd2e4f1713d1d6b9b0
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899
65f6e644b708a9691cfa6d8f1e95737051659151f3bbaf2a9a19fef8d100e747
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c78d953b78a47ec89cb3cfcada2772d64d94aae318d0018bd1cd86bacfce39d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
72f3749edc67c66a7233f2467c0465768d686d322b2a1bc112a5a01cc393cb70
73567000b57fdfed5825cd324d4e8b9bcf59317eed6076ad05c7f95427a420ca
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526
7a4671945b6a45491721eb1d52f516ff443395562bc1cdbc2adc647b8fc6cb54
7b5bf24f4f30e290a37a5d278437b953f51dbe274e99340e72787b74cd3ef5ab
7c506082fa68431a459024b440e5e418c769f3e2803cbb9cdb296ae7b6cae2d2
821c167679b0072be706187d8569af8b7320edf70715c2506fe3c13da426f0dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840d00f62116fbc5872b6ca0d58ad7ad4b9a1e9ac18309b81cf75ece010fd60a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852efa9c5c678757dbd43e9dd9db2d0716656995bd8db701c15248634b2eca47
87aa3ea8685247febc29ae9b9d4bb925701df9664e16cf34625387c85bfea56f
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8a60672efd62862adb750cf0d1ba8916744490d764cb2807c8114353f6aae6c8
94df4cb381e94867a61110b73d9c828ba808ccd451506874dd36b6c28f8a698c
96caa69c01bf1ca2145023e1f3a450cd75bde025797a33b156ed634694f92107
98c2a74405e978d753625e97a0cb1c2eab250a9444d82dd75e1bce82cb437ae2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a38ca7cfbe9fed1deef889ca645230eea836123c74d6c5cc09c42c2b2afc378d
a394fd65fe8013eb58e146ddccbf749fd875c291cb8ea9e2d4144c80caf65182
a761974ea449b3fa737f6ad2bee59176aefc3572a6a79984f830bbaeafa6ebaa
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
acf335a007ccf24f70773dcf53bf06c64623a55d1f80df81b2df98a3e51a335e
add2ae6e587488a3ee7c774b8e6f9e8bff4b92789c8d8fda0f362293ad990a09
b1dc1c08ba03296d23b369a39f318d89772e3c281caabf0196114bff8ade0fee
b37137b66fae410f7f6d82f4f863cba408a01619a31e99826bec2325289fe3de
bae1a4fb696b7fcf6b87562cf3d4be4c7c8b3de16db90ca174eeb75d3ee3022b
c71014fdfc6e16f4d67c3c1ce51f661beb63cf9eaa923ed0e46d56cc675b55a0
cbaae7bb0ee8254ef3b6884a79804dd96893ff8e84f634c59aac5dd20c78a6b5
cc29bdfa5e510b47aa7faf5ec6ddac2b91581060cc56aaa19153575f72431273
d151ae46c49607e9df9798d7a237bec2760d810ab65f79489b638d890d8877f4
d3f7c0ed14b5b7347b93e0e91f558238b0c0542501b484de714eef38e9e236fd
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7fe7a95be52af9780b34bb34d7c6e4801e77fda4be41f7b0676e671543023e9
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
d93a9280ae61d563593f5538f3116ccb941134fac598c912b0eaef93c9442c42
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
db7541c599d2a1861ef29b8dc828f6affd2d0c4f3ca4458ddbab989b460769b3
dc8e3b1c8ced64440f2a2ed3330eeb1223d8b88c8c1c7c40c891618d9d744205
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfebf58d935986f47bb3dcfd71241ec01472a5995c37c58ae0094238461f3327
e2f9b719965db70075a333e96bc07d50b3f74cf9d4d4120d73270506e4747697
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ee3c32b057bd027f697511552f3769239060d1075f854fd1fef4b83106235ed5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef98f87d06424b7b8d7d16bcae7dd0aad6d8a9a81914f2c00603c48f8f6f5fd7
f168ec108eb7ad831c6980fdc2ae712990139027f66c3f658f2f5181c3c14271
f27c4d019ade75b31798c921436a3b8b0caf17c783d59ac236174e768264ff85
f2b9255e90b14cdd88486ce7ce93f76e0b9f911ceca3d55eee64d02e4cf7e8dd
f3b9fa25dbe7727a9714e0bc13d276c0855527396a0bb5b00be50c5a27beb4ed
f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd
f8a7446846fc68e2522c08dc93ff72b196dfccff6cd040fe043a3a7b75dc0265
fa18446e25d74d23c3ec220135c0ff959d43c332222cc6bc7303bbab1ee508af
fadadc49b4ca3c49a69a4ce2c17d56cab0a8b52af6b3fae5296ae1a9f56ed453
fb37413b7c8e7e66a05f145a6af367f5d593b358a3c45f2b294a9438997a4ada
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

secure.jeffclarktrader.com Open in urlscan Pro 2606:4700::6810:ea05 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

153 Requests

95 %HTTPS

54 %IPv6

35 Domains

41 Subdomains

39 IPs

8 Countries

5072 kBTransfer

10695 kBSize

27 Cookies

4 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.jeffclarktrader.com Open in urlscan Pro
2606:4700::6810:ea05 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

95 %
HTTPS

54 %
IPv6

35
Domains

41
Subdomains

39
IPs

8
Countries

5072 kB
Transfer

10695 kB
Size

27
Cookies

153 HTTP transactions
6 data transactions