secure.jeffclarktrader.com Open in urlscan Pro
2606:4700::6810:ea05 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.exct.legacyresearch.com/?qs=5700e9e302944832a0787921621ec774a5135f45eea94688c25a06fb4715c6e40a5552af14d0075f3eebfe6008d4...
Effective URL:
https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeon...
Submission: On September 10 via api (September 10th 2022, 12:13:32 pm UTC) from BE — Scanned from DE

Summary HTTP 151 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 35 domains to perform 151 HTTP transactions. The main IP is 2606:4700::6810:ea05, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.jeffclarktrader.com. The Cisco Umbrella rank of the primary domain is 872491.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2022. Valid for: a year.

This is the only time secure.jeffclarktrader.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.45.142 13.111.45.142	22606 (EXACT-7) (EXACT-7)
21	2606:4700::68... 2606:4700::6810:ea05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	92.123.29.243 92.123.29.243	16625 (AKAMAI-AS) (AKAMAI-AS)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
1	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
9	2600:1f18:24e... 2600:1f18:24e6:b900:6fe3:30:3061:2ca6	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:f51b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400e:800::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3033::6815:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:9000:20e... 2600:9000:20eb:de00:f:75e2:4ac0:21	16509 (AMAZON-02) (AMAZON-02)
1	52.217.66.94 52.217.66.94	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.93 13.225.78.93	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.130.11 18.66.130.11	16509 (AMAZON-02) (AMAZON-02)
9	35.81.31.24 35.81.31.24	16509 (AMAZON-02) (AMAZON-02)
1	104.18.6.244 104.18.6.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.33.177.108 63.33.177.108	16509 (AMAZON-02) (AMAZON-02)
1	184.51.9.157 184.51.9.157	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::681a:216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.79.227.76 178.79.227.76	22822 (LLNW) (LLNW)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	209.59.154.196 209.59.154.196	32244 (LIQUIDWEB) (LIQUIDWEB)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
5	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
8	151.101.2.27 151.101.2.27	54113 (FASTLY) (FASTLY)
1	13.224.189.46 13.224.189.46	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:1496	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
151	39

1 13.111.45.142 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.exct.legacyresearch.com

click.exct.legacyresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700::6810:ea05 (United States)

ASN13335 (CLOUDFLARENET, US)

secure.jeffclarktrader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.29.243 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-29-243.deploy.static.akamaitechnologies.com

static.zuora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:24e6:b900:6fe3:30:3061:2ca6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f51b (United States)

ASN13335 (CLOUDFLARENET, US)

marketingassets.cloudsna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:20eb:de00:f:75e2:4ac0:21 (United States)

ASN16509 (AMAZON-02, US)

d3bjnmbj12697.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.66.94 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-93.fra2.r.cloudfront.net

gsdpeazjjf.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.130.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-130-11.fra60.r.cloudfront.net

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.81.31.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-31-24.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.6.244 (None, )

ASN13335 (CLOUDFLARENET, US)

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.177.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-177-108.eu-west-1.compute.amazonaws.com

tracking.legacyoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.9.157 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-157.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.227.76 (Vienna, Austria)

ASN22822 (LLNW, US)
PTR: https-178-79-227-76.vie.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.59.154.196 (United States)

ASN32244 (LIQUIDWEB, US)

js.trackinggrid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.2.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-46.fra2.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:1496 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

bcbolt446c5271-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	jeffclarktrader.com secure.jeffclarktrader.com — Cisco Umbrella Rank: 872491	417 KB
10	google.de www.google.de — Cisco Umbrella Rank: 3469	1 KB
10	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 19	1 KB
10	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73	10 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	547 KB
9	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 11592	32 KB
9	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 5668
8	cloudfront.net d3bjnmbj12697.cloudfront.net	467 KB
7	boltdns.net manifest.prod.boltdns.net — Cisco Umbrella Rank: 6580 Failed cf-images.us-east-1.prod.boltdns.net — Cisco Umbrella Rank: 6818	468 KB
7	brightcove.com metrics.brightcove.com — Cisco Umbrella Rank: 4672 edge.api.brightcove.com — Cisco Umbrella Rank: 6554	5 KB
7	lytics.io c.lytics.io — Cisco Umbrella Rank: 8650	119 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	40 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 664	12 KB
3	gstatic.com fonts.gstatic.com	88 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 976	105 KB
2	akamaihd.net bcbolt446c5271-a.akamaihd.net — Cisco Umbrella Rank: 12525	2 MB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 5522	267 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 159	31 KB
2	listrakbi.com cdn.listrakbi.com — Cisco Umbrella Rank: 12478 s1.listrakbi.com — Cisco Umbrella Rank: 12695	21 KB
2	amazonaws.com s3.amazonaws.com gsdpeazjjf.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 231353	7 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1565	72 KB
2	paypal.com www.paypal.com — Cisco Umbrella Rank: 2465 t.paypal.com — Cisco Umbrella Rank: 3345	6 KB
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 5994	7 KB
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 918	376 B
1	trackinggrid.com js.trackinggrid.com — Cisco Umbrella Rank: 437275	902 B
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 15471	2 KB
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 4733	184 KB
1	legacyoffers.com tracking.legacyoffers.com — Cisco Umbrella Rank: 357945	522 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120	1 KB
1	cloudsna.com marketingassets.cloudsna.com — Cisco Umbrella Rank: 170722	1 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 6070	18 KB
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2141	235 KB
1	zuora.com static.zuora.com — Cisco Umbrella Rank: 99192	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	16 KB
1	legacyresearch.com 1 redirects click.exct.legacyresearch.com — Cisco Umbrella Rank: 410957	414 B
151	35

	Domain	Requested by
21	secure.jeffclarktrader.com	secure.jeffclarktrader.com www.googletagmanager.com
10	www.google.de
10	www.google.com	1 redirects
10	www.googletagmanager.com	secure.jeffclarktrader.com www.googletagmanager.com js.trackinggrid.com
9	ssl.kaptcha.com	secure.jeffclarktrader.com ssl.kaptcha.com
9	rum.browser-intake-datadoghq.com	secure.jeffclarktrader.com
8	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
8	d3bjnmbj12697.cloudfront.net	secure.jeffclarktrader.com d3bjnmbj12697.cloudfront.net s3.amazonaws.com
7	c.lytics.io	secure.jeffclarktrader.com c.lytics.io
6	manifest.prod.boltdns.net	secure.jeffclarktrader.com
5	metrics.brightcove.com	players.brightcove.net
5	www.google-analytics.com	www.googletagmanager.com secure.jeffclarktrader.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	fonts.gstatic.com	fonts.googleapis.com
3	code.jquery.com	secure.jeffclarktrader.com
2	bcbolt446c5271-a.akamaihd.net	secure.jeffclarktrader.com
2	edge.api.brightcove.com	secure.jeffclarktrader.com
2	pixel.sitescout.com	secure.jeffclarktrader.com
2	www.googleadservices.com	www.googletagmanager.com
2	stats.g.doubleclick.net	secure.jeffclarktrader.com
2	use.fontawesome.com	secure.jeffclarktrader.com use.fontawesome.com
1	cf-images.us-east-1.prod.boltdns.net
1	vjs.zencdn.net	players.brightcove.net
1	trc.taboola.com
1	js.trackinggrid.com	secure.jeffclarktrader.com
1	up.pixel.ad	www.googletagmanager.com
1	players.brightcove.net	secure.jeffclarktrader.com
1	tracking.legacyoffers.com	secure.jeffclarktrader.com
1	s1.listrakbi.com	cdn.listrakbi.com
1	cdn.listrakbi.com	secure.jeffclarktrader.com
1	gsdpeazjjf.execute-api.us-east-1.amazonaws.com	secure.jeffclarktrader.com
1	s3.amazonaws.com	secure.jeffclarktrader.com
1	fonts.googleapis.com	secure.jeffclarktrader.com
1	marketingassets.cloudsna.com	secure.jeffclarktrader.com
1	t.paypal.com	secure.jeffclarktrader.com
1	www.paypal.com	www.paypalobjects.com
1	cdn.mxpnl.com	secure.jeffclarktrader.com
1	www.paypalobjects.com	secure.jeffclarktrader.com
1	static.zuora.com	secure.jeffclarktrader.com
1	cdnjs.cloudflare.com	secure.jeffclarktrader.com
1	click.exct.legacyresearch.com	1 redirects
151	41

This site contains links to these domains. Also see Links.

Domain
www.jeffclarktrader.com
beaconstreet-privacy.my.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-31` - `2023-05-31`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
www.zuora.com Sectigo RSA Organization Validation Secure Server CA	`2022-05-10` - `2023-05-10`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-25` - `2023-04-25`	a year	crt.sh
*.mxpnl.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-11` - `2023-07-28`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2022-08-24` - `2023-09-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.listrakbi.com Amazon	`2022-01-10` - `2023-02-06`	a year	crt.sh
ssl.kaptcha.com Thawte RSA CA 2018	`2021-11-01` - `2022-11-27`	a year	crt.sh
listrakbi.com Cloudflare Inc ECC CA-3	`2022-07-28` - `2023-07-27`	a year	crt.sh
tracking.legacyoffers.com Amazon	`2022-03-26` - `2023-04-24`	a year	crt.sh
players.brightcove.net DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-07-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.pixel.ad GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-26` - `2023-02-02`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
js.trackinggrid.com cPanel, Inc. Certification Authority	`2022-08-22` - `2022-11-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-08-30` - `2023-10-01`	a year	crt.sh
metrics.brightcove.com GTS CA 1D4	`2022-08-11` - `2022-11-09`	3 months	crt.sh
brightcove.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-08` - `2023-07-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.prod.boltdns.net Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Frame ID: F2009784AD3F319684765305037DABD6
Requests: 148 HTTP requests in this frame

Frame: https://tracking.legacyoffers.com/aff_goal?a=l&goal_id=319
Frame ID: 5B625EA315A35BE75FD014CDAFBCDD10
Requests: 1 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=100014&s=65c9dda2d7fa467cba7d12db96359d8c
Frame ID: 96E305915FDFD8A30083E83959A154B7
Requests: 6 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 76E40BDC7C3BBA79DDF67A7901FEBBD1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jeff Clark

Page URL History Show full URLs

https://click.exct.legacyresearch.com/?qs=5700e9e302944832a0787921621ec774a5135f45eea94688c25a06fb4715c6e40a5552af... HTTP 302
https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

151
Requests

96 %
HTTPS

54 %
IPv6

35
Domains

41
Subdomains

39
IPs

8
Countries

5070 kB
Transfer

10736 kB
Size

27
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.jeffclarktrader.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.jeffclarktrader.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.jeffclarktrader.com/privacy-policy/?choice=adchoice
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://beaconstreet-privacy.my.onetrust.com/webform/c246f198-7123-4766-b29c-917342eff0f7/795dbff5-b02e-47fb-b5af-aa723ae6d4dc
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.exct.legacyresearch.com/?qs=5700e9e302944832a0787921621ec774a5135f45eea94688c25a06fb4715c6e40a5552af14d0075f3eebfe6008d41b2e424e9f58ceefb905 HTTP 302
https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 120

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10828766220/?random=1662812010223&cv=9&fst=1662812010223&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=1771083837.1662812010&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/10828766220/?random=1662812010223&cv=9&fst=1662811200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&is_vtc=1&random=3052183178&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/10828766220/?random=1662812010223&cv=9&fst=1662811200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&is_vtc=1&random=3052183178&resp=GooglemKTybQhCsO&ipr=y

151 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
secure.jeffclarktrader.com/
Redirect Chain

https://click.exct.legacyresearch.com/?qs=5700e9e302944832a0787921621ec774a5135f45eea94688c25a06fb4715c6e40a5552af14d0075f3eebfe6008d41b2e424e9f58ceefb905
https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=...

2 KB
1 KB

536ms
505ms

Document
text/html

2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7541c599d2a1861ef29b8dc828f6affd2d0c4f3ca4458ddbab989b460769b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 748813dbc8a16903-FRA
content-encoding: gzip
content-type: text/html
date: Sat, 10 Sep 2022 12:13:26 GMT
last-modified: Thu, 01 Sep 2022 19:15:13 GMT
server: cloudflare
via: 1.1 754bdce40e362bbcfd1fc58f56f9bc7c.cloudfront.net (CloudFront)
x-amz-cf-id: UqLe75JOmKF09y2rhMMaQsgUAr83rg-0Cj7cC3MAYOJ-oKJR71fcaQ==
x-amz-cf-pop: HAM50-P1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:5622b398-0787-48b4-ac24-3c5aa8396872
x-amz-meta-codebuild-content-md5: 0fb3180254137817f7e3657294de41aa
x-amz-meta-codebuild-content-sha256: 1af379dd6ce1b9e1e081c5f52c2faa47630292fc65cceda3c28114dd81af7514
x-amz-version-id: null
x-cache: Miss from cloudfront

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 388
Content-Type: text/html; charset=utf-8
Date: Sat, 10 Sep 2022 12:13:24 GMT
Location: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 83ms
38ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
x-hw: 1662812006.dop211.am5.t,1662812006.cds311.am5.hn,1662812006.cds210.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 jsencrypt.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/ 55 KB
16 KB 56ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/jsencrypt.min.js

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 199001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15539
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-db4e"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9LZSPqKZn5D2nquXK6ZvAIXkCTe7p0VX5r08fF3%2Bv215Gi%2BMeDs2K%2Bu1U8fgUB%2FD9sj0lW0sJq1xW%2Fj4O00vYNI0ic%2Fj3Fuos9P3fU7lFnbEDms%2F1wN%2BvxF%2BC%2FRTSby6R%2BsiXp0c6liIkiRswW0vt2U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 748813df39f6925b-FRA
expires: Thu, 31 Aug 2023 12:13:26 GMT

GET
H/1.1 200
OK zuora-min.js Show response
static.zuora.com/Resources/libs/hosted/1.3.1/ 18 KB
7 KB 198ms
22ms Script
application/javascript 92.123.29.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.zuora.com/Resources/libs/hosted/1.3.1/zuora-min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.29.243 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-29-243.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 73567000b57fdfed5825cd324d4e8b9bcf59317eed6076ad05c7f95427a420ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 12:13:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 13:11:22 GMT
Server: nginx
ETag: "630f5dfa-4724"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6646

GET
H2 200 postToIframe.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 2 KB
1 KB 284ms
280ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/postToIframe.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98c2a74405e978d753625e97a0cb1c2eab250a9444d82dd75e1bce82cb437ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sat, 10 Sep 2022 12:08:10 GMT
x-amz-cf-pop: MUC51-C1, HAM50-P1
x-amzn-requestid: cf576ba2-0423-4204-b8fb-bcddbd9c6e8f
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: YPimqEr4oAMFnog=
content-length: 607
last-modified: Sat, 22 Sep 2018 10:04:10 GMT
server: cloudflare
etag: W/"3934dce8d049fb2790a29e7de331d9c9"
x-amz-version-id: jcZd1q0X4PG.0tDIV.AM4TZ5jHnAmWBj
via: 1.1 7187cfd76669785d6cdaa648abee3064.cloudfront.net (CloudFront), 1.1 f6000cfec7fa5ef85a04c1160d44340e.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 748813df0e1d6903-FRA
x-amz-cf-id: Xi8fDr3tVEoCqR1sEFpsMqK0Hau2G8aZpxw0skoIP2mOde5WBN0kQg==
x-amzn-remapped-connection: keep-alive

GET
H2 200 encryption_util.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 6 KB
2 KB 419ms
415ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/encryption_util.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71014fdfc6e16f4d67c3c1ce51f661beb63cf9eaa923ed0e46d56cc675b55a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sat, 10 Sep 2022 12:08:10 GMT
x-amz-cf-pop: LHR50-P1, HAM50-P1
x-amzn-requestid: 4ff41df7-e00d-4d83-b769-03e6b6e2cc6a
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: YPimqEa6oAMFYAQ=
content-length: 1539
last-modified: Thu, 20 Sep 2018 10:42:47 GMT
server: cloudflare
etag: W/"a4562de2bcce9e6631abf61e5a04728b"
x-amz-version-id: .RXPgt8IOHDC5kcSlGGlyGGq.lruUQic
via: 1.1 db92535f619848d07c0f5eb965b50adc.cloudfront.net (CloudFront), 1.1 754bdce40e362bbcfd1fc58f56f9bc7c.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 748813df0e1f6903-FRA
x-amz-cf-id: TRwujORsDkX9vjQ9uwqTiXpy8RjertW75c-vdxk7Jqb8irwkTMabug==
x-amzn-remapped-connection: keep-alive

GET
H2 200 HPM2Security-min.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 44 KB
14 KB 456ms
452ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/HPM2Security-min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fe7a95be52af9780b34bb34d7c6e4801e77fda4be41f7b0676e671543023e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sat, 10 Sep 2022 12:06:41 GMT
x-amz-cf-pop: MUC51-C1, HAM50-P1
x-amzn-requestid: 311e49f2-26ce-4c77-b4b5-ef8bce759114
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: YPiY0ENAoAMFyOA=
content-length: 13534
last-modified: Thu, 20 Sep 2018 10:42:47 GMT
server: cloudflare
etag: W/"5c56f33a7d1fcd065fa2bd0fa7758d42"
x-amz-version-id: F1zb.i6q7MEDZAdQsvHFruscv_FKHXVQ
via: 1.1 7187cfd76669785d6cdaa648abee3064.cloudfront.net (CloudFront), 1.1 f9e7fd4b74156e78a449b2e846941478.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 748813df0e216903-FRA
x-amz-cf-id: ncy-dHi6h3Hrc9BhabRv3PhkjV_EiDljiCbiLDT_anU6q7zvCgFDCw==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery.payment.min.js Show response
secure.jeffclarktrader.com/store/PROD/plugins/jquery-payment/ 8 KB
3 KB 457ms
453ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/plugins/jquery-payment/jquery.payment.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a60672efd62862adb750cf0d1ba8916744490d764cb2807c8114353f6aae6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sat, 10 Sep 2022 12:08:10 GMT
x-amz-cf-pop: MUC50-P1, HAM50-P1
x-amzn-requestid: b2fe8d62-eb86-48ba-a8c9-3242786856f3
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: YPimrFlxoAMFXtw=
content-length: 2713
last-modified: Wed, 21 Aug 2019 20:18:01 GMT
server: cloudflare
etag: W/"2ccb4360a6b212383716224d0b56bd21"
x-amz-version-id: uVxF0OX6Rj_lsOZHo0OKGG0I2eVEXwcB
via: 1.1 8eb3c67b1958af32e15515c8eb27fbb4.cloudfront.net (CloudFront), 1.1 b7d4565713c18d30abacb67e4342fac0.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 748813df0e246903-FRA
x-amz-cf-id: WOI5s98tyGYuAu9G6ib5-yxsGSIoKOuKySbAIxvKPtc0v_Sfsm9mjQ==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.13.1/themes/base/ 35 KB
8 KB 81ms
38ms Stylesheet
text/css 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.13.1/themes/base/jquery-ui.css
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 58a6f49e92f7d2fd1246d98c568c2ac7d6be832ddfece67ec9f7ef3332766adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 14:12:59 GMT
server: nginx
etag: W/"61e96deb-8d03"
vary: Accept-Encoding
x-hw: 1662812006.dop211.am5.t,1662812006.cds311.am5.hn,1662812006.cds116.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8356

GET
H2 200 store.min.js Show response
secure.jeffclarktrader.com/store/PROD/js/revampstore/ 121 KB
17 KB 419ms
416ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/revampstore/store.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: add2ae6e587488a3ee7c774b8e6f9e8bff4b92789c8d8fda0f362293ad990a09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sat, 10 Sep 2022 10:17:06 GMT
x-amz-cf-pop: FRA6-C1, HAM50-P1
x-amzn-requestid: 0f667f80-254d-420a-a6b7-881a33a6d331
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: YPSVaFu7IAMFo9w=
content-length: 17280
last-modified: Tue, 28 Jun 2022 17:20:05 GMT
server: cloudflare
etag: W/"de144bfd85261d853fc7b20105b482e3"
x-amz-version-id: Bu.Hj2c4C4X5HRpsJSHZAoQ3FylbzZBo
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront), 1.1 f9895d364ca1362380fa7dca357757d2.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 748813df0e256903-FRA
x-amz-cf-id: gstfXRsiCCSQIhlUAeclHiAvo2wo5K3qGJ7fkkN4jEmOjs6R_3IRjQ==
x-amzn-remapped-connection: keep-alive

GET
H2 200 mygtm.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 474 B
703 B 457ms
454ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/mygtm.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb37413b7c8e7e66a05f145a6af367f5d593b358a3c45f2b294a9438997a4ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sat, 10 Sep 2022 12:07:25 GMT
x-amz-cf-pop: FRA2-C1, HAM50-P1
x-amzn-requestid: 615cf5b8-813e-4413-83e2-0339be66456b
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: YPifmE61oAMF6tQ=
content-length: 338
last-modified: Thu, 19 Nov 2020 00:44:24 GMT
server: cloudflare
etag: W/"f01dbb5bc4745bf1f386572cdf22c8c1"
x-amz-version-id: 4.dw3bbUWT3wk0yaqGtXbpSm9ui25xti
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront), 1.1 6c8b2c2d43417dceab2ce8474c5516d6.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 748813df0e276903-FRA
x-amz-cf-id: i_kXpe1Mc54Lpg5cwyXjidTTAaYUlHOXkTEhrqd43HQdDprcOYnFxQ==
x-amzn-remapped-connection: keep-alive

GET
H2 200 listrak.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 1 KB
840 B 310ms
307ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/listrak.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc29bdfa5e510b47aa7faf5ec6ddac2b91581060cc56aaa19153575f72431273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sat, 10 Sep 2022 12:08:10 GMT
x-amz-cf-pop: TLV50-C1, HAM50-P1
x-amzn-requestid: 386f6ff9-b1cd-4ea3-8923-d65403fa41b2
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: YPimtEK9oAMFy8Q=
content-length: 506
last-modified: Thu, 28 Jun 2018 20:46:57 GMT
server: cloudflare
etag: W/"cd9f94dd71125cb7fda1e1088aa19ec3"
x-amz-version-id: W46Q95OyRSSEl7u8xZsbwfK4bzk35Yt_
via: 1.1 7f494376132d92ea6c165caa8a824d7a.cloudfront.net (CloudFront), 1.1 e5c4f04ef27e9eab9583543e79a24cb4.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 748813df0e286903-FRA
x-amz-cf-id: WRduffl-R0HBC41izRTTr_Xg9i5lxPeP56qnUEs1_gtoVEDCvReevA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 mymixpanel.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 2 KB
1 KB 301ms
299ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/mymixpanel.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013050e8e5ab5ca56b6344fe09502a82fc4ced559a155646ff286b4af3545eeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sat, 10 Sep 2022 12:08:10 GMT
x-amz-cf-pop: TLV50-C1, HAM50-P1
x-amzn-requestid: bcf24949-32eb-48f1-b054-e05011730b56
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: YPimtG37oAMF5DA=
content-length: 778
last-modified: Thu, 19 Nov 2020 00:44:24 GMT
server: cloudflare
etag: W/"52928b3325fc59cf3a4b91c0e7b59c52"
x-amz-version-id: kgR13lhzSsVCRIE0MlY3UBQ0EPNv4JeB
via: 1.1 a0dfc1e576cc19daa2f4d5ec699792f4.cloudfront.net (CloudFront), 1.1 938af0a58a4fcbf3c08e6c39b89440e2.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 748813df0e2b6903-FRA
x-amz-cf-id: 1FqVRcSo5dyW1CQOaQ-9LnCVaX2eZVNaeZktjiLMFxkuYzVFdrbKPQ==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.13.1/ 249 KB
66 KB 96ms
53ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.13.1/jquery-ui.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
server: nginx
etag: W/"620cd700-3e46a"
vary: Accept-Encoding
x-hw: 1662812006.dop211.am5.t,1662812006.cds311.am5.hn,1662812006.cds014.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67637

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ 1 MB
235 KB 71ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2D9) /

Resource Hash

507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: cce7ed295e7f4
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 239948
last-modified: Mon, 25 Apr 2022 17:04:48 GMT
server: ECAcc (frd/E2D9)
etag: "6266d4b0-16d23e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Sun, 11 Sep 2022 12:13:26 GMT

GET
H2 200 runtime-es2015.js Show response
secure.jeffclarktrader.com/ 1 KB
877 B 524ms
522ms Script
application/x-javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/runtime-es2015.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 852efa9c5c678757dbd43e9dd9db2d0716656995bd8db701c15248634b2eca47

Request headers

Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
via: 1.1 938af0a58a4fcbf3c08e6c39b89440e2.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: HAM50-P1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:5622b398-0787-48b4-ac24-3c5aa8396872
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 1af379dd6ce1b9e1e081c5f52c2faa47630292fc65cceda3c28114dd81af7514
content-encoding: gzip
x-amz-meta-codebuild-content-md5: 0fb3180254137817f7e3657294de41aa
x-amz-version-id: null
last-modified: Thu, 01 Sep 2022 19:15:13 GMT
server: cloudflare
etag: W/"193974daff264d8d7d9a789f91c41d40"
content-type: application/x-javascript
cf-ray: 748813df0e2d6903-FRA
x-amz-cf-id: qNvaTS89LjfOsC4laTMzdRynai9bWrlow2HFS1UeD3Iui7fCVarHvg==

GET
H2 200 polyfills-es2015.js Show response
secure.jeffclarktrader.com/ 772 KB
212 KB 523ms
521ms Script
application/x-javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfebf58d935986f47bb3dcfd71241ec01472a5995c37c58ae0094238461f3327

Request headers

Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
via: 1.1 b7d4565713c18d30abacb67e4342fac0.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: HAM50-P1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:5622b398-0787-48b4-ac24-3c5aa8396872
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 1af379dd6ce1b9e1e081c5f52c2faa47630292fc65cceda3c28114dd81af7514
content-encoding: gzip
x-amz-meta-codebuild-content-md5: 0fb3180254137817f7e3657294de41aa
x-amz-version-id: null
last-modified: Thu, 01 Sep 2022 19:15:13 GMT
server: cloudflare
etag: W/"d5682aa68c78318fb29bc868b563803d"
content-type: application/x-javascript
cf-ray: 748813df0e2e6903-FRA
x-amz-cf-id: LX4mBqrlKTAK-8-0VlETgezsJdwrKDbiMSPZ54LXLH7KCxcmw-Lydw==

GET
H2 200 main-es2015.js Show response
secure.jeffclarktrader.com/ 496 KB
143 KB 521ms
519ms Script
application/x-javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/main-es2015.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf53a1d2acb93d0e35ba15ff0adaa9d736c0aa03cae73200d0415b1447edf80b

Request headers

Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:26 GMT
via: 1.1 e5c4f04ef27e9eab9583543e79a24cb4.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: HAM50-P1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:5622b398-0787-48b4-ac24-3c5aa8396872
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 1af379dd6ce1b9e1e081c5f52c2faa47630292fc65cceda3c28114dd81af7514
content-encoding: gzip
x-amz-meta-codebuild-content-md5: 0fb3180254137817f7e3657294de41aa
x-amz-version-id: null
last-modified: Thu, 01 Sep 2022 19:15:13 GMT
server: cloudflare
etag: W/"ffaa8024747bbe73036558edd67fb2c9"
content-type: application/x-javascript
cf-ray: 748813df0e366903-FRA
x-amz-cf-id: jTk4Pwpf3LVAzgwe7Yy3k_3bMbFXDr4-xR9mTIeTsEbF1r20rEs6Aw==

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 109ms
34ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/store/PROD/js/mymixpanel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:09:02 GMT
content-encoding: gzip
age: 264
x-guploader-uploadid: ADPycduzJYQHSjYr2wzK4enFE0JiP4b6e4rT_ltl3U3KvSJ5XeJdTBnWnGfcpzTj3HLVz7AtRYyi9AmROU1uM8c2vkreuw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation: 1645129310876382
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 10 Sep 2022 12:19:02 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 52ms
8ms Script
application/x-javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=secure.jeffclarktrader.com&source=checkoutjs&t=xo&v=4.0.336

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2D2) /

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-tw1vUylIJHV7Mj9rJ8CpoQDPZJNhysQwIr2ZB+9gV+IKaTD6' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-tw1vUylIJHV7Mj9rJ8CpoQDPZJNhysQwIr2ZB+9gV+IKaTD6' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
age: 21520
x-cache: HIT
paypal-debug-id: 05a685a747564
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=2
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
last-modified: Sat, 10 Sep 2022 06:14:46 GMT
server: ECAcc (frd/E2D2)
traceparent: 00-000000000000000000005a685a747564-19dfd4a174e13d84-01
x-frame-options: SAMEORIGIN
date: Sat, 10 Sep 2022 12:13:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff

GET
H2 200 styles.css
secure.jeffclarktrader.com/ 55 B
282 B 525ms
524ms Stylesheet
text/css 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/styles.css
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c506082fa68431a459024b440e5e418c769f3e2803cbb9cdb296ae7b6cae2d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:27 GMT
via: 1.1 f6000cfec7fa5ef85a04c1160d44340e.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: HAM50-P1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:5622b398-0787-48b4-ac24-3c5aa8396872
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 1af379dd6ce1b9e1e081c5f52c2faa47630292fc65cceda3c28114dd81af7514
content-encoding: gzip
x-amz-meta-codebuild-content-md5: 0fb3180254137817f7e3657294de41aa
x-amz-version-id: null
last-modified: Thu, 01 Sep 2022 19:15:13 GMT
server: cloudflare
etag: W/"2f35a3d2f42282a4b66d4237a5ea0a2f"
content-type: text/css
cf-ray: 748813e23b906903-FRA
x-amz-cf-id: MwoS4dLpugzuiWpUW8XnkjfeL0HeZtRrW6Xkvvzgvxb3T5Td6v0THQ==

GET
H2 200 ts
t.paypal.com/ 42 B
809 B 258ms
168ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1662812006808&g=0&completeurl=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2BWAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D%26emailjobid%3D5208367%26emailname%3D20220829-LGD&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:27 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 2254f8345336f
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4035-HHN
pragma: no-cache
traceparent: 00-00000000000000000002254f8345336f-f9a8ca964442d5f1-01
x-timer: S1662812007.901993,VS0,VE161
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 12:13:26 GMT

GET
H2 200 getSiteDetails Show response
secure.jeffclarktrader.com/site/api/v1/ 254 KB
14 KB 1320ms
1320ms XHR
text/plain 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/site/api/v1/getSiteDetails?cid=MKT534830&eid=MKT657541&chainId=&plcid=PLC152268&preview=false&baseUrl=secure.jeffclarktrader.com
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a2319c093cdaabbc3d0af673e98cef624be4df771c0ddbaaf983d003702903d

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE+WAu31BZFErgwovAmQD8AUybb1KOlivfrKU=&emailjobid=5208367&emailname=20220829-LGD
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:28 GMT
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 938af0a58a4fcbf3c08e6c39b89440e2.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 260261
server: cloudflare
x-amz-cf-pop: FRA60-P1, HAM50-P1
x-amzn-requestid: b23953c0-bf9d-42f2-912d-50ee9f4af8f1
x-cache: Miss from cloudfront
content-type: text/plain;charset=ISO-8859-1
cf-cache-status: DYNAMIC
content-encoding: gzip
cf-ray: 748813e619336903-FRA
x-amz-apigw-id: YPjYOEdXoAMFusQ=
x-amzn-remapped-date: Sat, 10 Sep 2022 12:13:27 GMT
x-amz-cf-id: IFOetzd783cxHmoDUkcgY_vVUlgq5WDw7M2rFWpc4X0voDCobX9xRw==
x-amzn-remapped-connection: keep-alive

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 522ms
245ms Ping
application/json 2600:1f18:24e6:b900:6fe3:30:3061:2ca6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=3234811c-6357-432d-9663-04295b7570b5&batch_time=1662812007387
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:6fe3:30:3061:2ca6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK legacyExternalJs.js Show response
marketingassets.cloudsna.com/prod/javascript/legacy/casey/ 2 KB
1 KB 294ms
245ms Script
application/javascript 2606:4700::6810:f51b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marketingassets.cloudsna.com/prod/javascript/legacy/casey/legacyExternalJs.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:f51b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e7a175bbbb2d42cd553a6f0ec8135cfe0ddb6fc2e21975d01e5cd0bafdff13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 12:13:29 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Tue, 01 Feb 2022 15:26:26 GMT
Server: cloudflare
x-amz-request-id: 6S9HK6JCPV99C1WS
ETag: W/"af69bb3836d13060de7b6c61e0b79782"
Transfer-Encoding: chunked
x-amz-version-id: 7E5q.ejfRs58tAIqNZGxszGsyyvAmP02
Content-Type: application/javascript
Connection: keep-alive
CF-RAY: 748813f0595e91e9-FRA
x-amz-id-2: 5fMSNehbrynnciggW3T3li4b5aaF1fD61mU3LctYSgltsk7ch3gJbECEBLzxUB5U679IPwukuL0=

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 58ms
22ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,700;1,400;1,700&family=Oswald:wght@400;700&display=swap

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4963143a31cb8a457413caa891052d208de3bd889cce03315d76dd1606924af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Sep 2022 12:13:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 10 Sep 2022 12:13:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Sep 2022 12:13:29 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
11 KB 65ms
29ms Stylesheet
text/css 2606:4700:3033::6815:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19717731
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DAYJV4ASAN9K35HJ
x-amz-id-2: 12TAbZjPwIxJAfvRM7k1qorZ0swVJxk7DKGw0zQdQxIpl3prC1TjO24nqmf5HIvrUzCT7e1iYuo=
last-modified: Wed, 30 Jun 2021 15:41:36 GMT
server: cloudflare
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtauYF9rdHc68WEz6kW0CHr4p4SgmJq%2BExPf7E8%2BTmwgs1Vk3DpbLFQEFp3hp1JYvvRjTn2oseb1D%2Bag%2BaNXHF0VIzs5C7SlG5WREFYWFnKyz6JhHJM6z98gwPIiH1asG2TD0Y62bPwBOv9keoz2KT8L"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 748813f03edd9107-FRA

GET
H/1.1 200
OK bootstrap.min.css
d3bjnmbj12697.cloudfront.net/_/css/bootstrap/4.5.0/ 158 KB
158 KB 46ms
14ms Stylesheet
text/css 2600:9000:20eb:de00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/css/bootstrap/4.5.0/bootstrap.min.css
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:de00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fadadc49b4ca3c49a69a4ce2c17d56cab0a8b52af6b3fae5296ae1a9f56ed453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 04:57:30 GMT
Via: 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
Last-Modified: Wed, 18 May 2022 14:44:35 GMT
Server: AmazonS3
x-amz-meta-user-agent-id: efiorani@s-c2cd08720a404b138
Age: 26540
ETag: "14e3036e583d9d5910ed515b6ebebb00"
x-amz-meta-user-agent: AWSTransfer
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 161736
X-Amz-Cf-Id: PU89PjCPsCVwFTSE7myPQWe3cxyUNXDy9thGA38MYDx3T4wtYQhfKg==

GET
H/1.1 200
OK custom.css
d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/css/ 64 KB
65 KB 46ms
15ms Stylesheet
text/css 2600:9000:20eb:de00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/css/custom.css?v=7
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:de00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc8e3b1c8ced64440f2a2ed3330eeb1223d8b88c8c1c7c40c891618d9d744205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 12:13:29 GMT
Via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
Last-Modified: Fri, 16 Apr 2021 17:49:12 GMT
Server: AmazonS3
Age: 9484
ETag: "483ca71349594f61f604d522347852d9"
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 65793
X-Amz-Cf-Id: 7v4tuvqg02OPlrWHA7SaEsq35z0tEHWvtuXcYMNUNHCjpSdL-V0rQg==

GET
H/1.1 200
OK da79c500415896fc289fe4f3e7d93dc1.css
s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/JCF/inlinecss/ 287 B
755 B 346ms
128ms Stylesheet
text/css 52.217.66.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/JCF/inlinecss/da79c500415896fc289fe4f3e7d93dc1.css?versionId=UQQ2djQnK6kWVg3jAgWCDpQd2zFsC0dD
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.66.94 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d151ae46c49607e9df9798d7a237bec2760d810ab65f79489b638d890d8877f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 12:13:30 GMT
Content-Encoding: utf8
Last-Modified: Fri, 16 Apr 2021 18:34:15 GMT
Server: AmazonS3
x-amz-request-id: 6S9SN9C16N63T2YH
ETag: "756cab89a19aa6a7be192539086c3ff2"
x-amz-version-id: UQQ2djQnK6kWVg3jAgWCDpQd2zFsC0dD
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 287
x-amz-id-2: IGdrYbTLvl06JMwQ3LafPa3bIsKQHjDeEz3kRrqYqbD/HG2G01tIiVIPBiqtM0ncDing0x7W0ds=

GET
H2 200 versionId=l..ZbtduSQU7PSRMLRiNCCKksGg4HotC Show response
gsdpeazjjf.execute-api.us-east-1.amazonaws.com/prod/assets/asset/JCF/VideoLandingPage/fcae7f78b7dea1107c0403a3cdff336b.html/ 6 KB
6 KB 232ms
179ms XHR
application/json 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gsdpeazjjf.execute-api.us-east-1.amazonaws.com/prod/assets/asset/JCF/VideoLandingPage/fcae7f78b7dea1107c0403a3cdff336b.html/versionId=l..ZbtduSQU7PSRMLRiNCCKksGg4HotC
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: /
Resource Hash: d93a9280ae61d563593f5538f3116ccb941134fac598c912b0eaef93c9442c42

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:29 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: 2131ab53-5881-4cfd-8c03-0e06d1271045
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-631c7f69-6452b6ee217ff37d29d35616;Sampled=0
x-amz-apigw-id: YPjYcG8FoAMFlvw=
content-length: 5961
x-amz-cf-id: bMB7Y3qmVZFl6K-G5gs_mJcD6mbSZFc3eZer0lNuAia3v50-bdxXCQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 328 KB
87 KB 169ms
79ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/store/PROD/js/mygtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38a9e644c5ad5dc59aa19eb468fc8c745939c7f08b70e2dffd69a4144db10f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88205
x-xss-protection: 0
expires: Sat, 10 Sep 2022 12:13:29 GMT

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 62 KB
20 KB 89ms
11ms Script
text/javascript 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=mJqOWFhiqMPC&v=1
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/store/PROD/js/listrak.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: 65f6e644b708a9691cfa6d8f1e95737051659151f3bbaf2a9a19fef8d100e747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 12:13:29 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-AspNet-Version: 4.0.30319
Age: 335
X-Powered-By: ASP.NET
X-Cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 19514
Last-Modified: Thu, 26 Sep 2019 14:40:04 GMT
Server: cloudflare
X-ltk: 9/8/2022 10:56:47 PM
ETag: "NqbnZ531Ol93zBfCObLS8A=="
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
CF-RAY: 747ca71a6ac6693d-FRA
X-Amz-Cf-Id: zsjUEBc31T65OLQQXPRGFZtv4iNp5pko4W1CJbMruNDAb4PcGvFMJA==
Expires: Sat, 10 Sep 2022 13:07:54 GMT

GET
H/1.1 200
OK sdk Show response
ssl.kaptcha.com/collect/ 5 KB
6 KB 553ms
176ms Script
text/javascript 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/sdk?m=100014
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 47b17cb114d390c04274018066ec8b99b21f4dd062b22c0085b0c9b129f92c79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Sep 2022 12:13:29 GMT
X-Correlation-Id: dfde4083-f667-4c95-ac85-e0838e827fae
Transfer-Encoding: chunked
P3p: CP=CAO PSA OUR
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Type: text/javascript
Expires: 0

GET
H2 200 bss-px.min.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 5 KB
2 KB 401ms
401ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/bss-px.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5208367&emailname=20220829-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sat, 10 Sep 2022 12:08:12 GMT
x-amz-cf-pop: TLV50-C1, HAM50-P1
x-amzn-requestid: 8feed9ea-81f3-46fc-bb8f-01ab713b332a
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: YPinDGCKIAMF6yA=
content-length: 2052
last-modified: Tue, 01 Jun 2021 15:08:33 GMT
server: cloudflare
etag: W/"3ee3506660c2ef343d6c68a229cd42be"
x-amz-version-id: fGaHECtcp1774Apxw3QoOeW87E1iGAd2
via: 1.1 7f494376132d92ea6c165caa8a824d7a.cloudfront.net (CloudFront), 1.1 e5c4f04ef27e9eab9583543e79a24cb4.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 748813f00f6f6903-FRA
x-amz-cf-id: 6Y_Pfl4jrr3mwlj_KN4tWVSUjBMQnEvGSyXfcuU0WbeBaLAbaakuGA==
x-amzn-remapped-connection: keep-alive

POST
H2 200 generic Show response
secure.jeffclarktrader.com/snowflake/ 21 B
353 B 422ms
421ms XHR
application/json 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/snowflake/generic
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5208367&emailname=20220829-LGD
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
x-api-key: g5wZnpMOAV6d3DVWjACKU9Pz86tj10Es39Avoa3n
Content-Type: application/json

Response headers

date: Sat, 10 Sep 2022 12:13:29 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront), 1.1 754bdce40e362bbcfd1fc58f56f9bc7c.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA6-C1, HAM50-P1
x-amzn-requestid: bab31e3b-d675-4edc-b1c4-8c4cf4a76f2d
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-631c7f69-078f251158a8b2bd669cb859
cf-ray: 748813f00f736903-FRA
x-amz-apigw-id: YPjYeFLDIAMFTNw=
content-length: 21
x-amz-cf-id: q33XTsskYFmfO-oCpSGAXT52Yq3SjF8G9vdr6x5PIr8_IFVExywU7w==

GET
H2 200 getIds Show response
s1.listrakbi.com/mJqOWFhiqMPC/session/ 175 B
1 KB 201ms
116ms Script
application/x-javascript 104.18.6.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/mJqOWFhiqMPC/session/getIds?callback=ltkCallback4045&gsid=&_sid=&_tid=954314&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=mJqOWFhiqMPC&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.6.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cbb94c02536fd2cdf36f0eb1bdc29dd73650c2cf035c44cd76a0dc699f74868f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type: application/x-javascript; charset=utf-8
cache-control: no-cache
cf-ray: 748813f12a769b3d-FRA
expires: -1

GET
H/1.1 200
OK aff_goal Show response
tracking.legacyoffers.com/ Frame 5B62 88 B
522 B 158ms
32ms Document
text/html 63.33.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.legacyoffers.com/aff_goal?a=l&goal_id=319
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-177-108.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3c117e5507807b5c9d0bf307f55992c726d33e8bdbadbcfe505f48cdc025a231

Request headers

Referer: https://secure.jeffclarktrader.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 10 Sep 2022 12:13:29 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Request-Id: 355419acde1d722242cefc58c7089f1f

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
d3bjnmbj12697.cloudfront.net/_/js/bootstrap/4.5.0/ 79 KB
80 KB 12ms
11ms Script
application/javascript 2600:9000:20eb:de00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/bootstrap/4.5.0/bootstrap.bundle.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:de00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 03:05:17 GMT
Via: 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
Last-Modified: Mon, 29 Jun 2020 13:27:40 GMT
Server: AmazonS3
Age: 33114
ETag: "7fd2f04e75bd7ab1a79d80cdd4c33085"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 81084
X-Amz-Cf-Id: 0_PqmQEnZhpREAQncUILu7w3EBkO30SMiaUcAKLvIEBf4Higf_fKIg==

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/5102072647001/0zLsWuD5UW_default/ 676 KB
184 KB 801ms
723ms Script
application/javascript 184.51.9.157
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.9.157 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-157.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 840d00f62116fbc5872b6ca0d58ad7ad4b9a1e9ac18309b81cf75ece010fd60a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: Q_CSnOmrD43lt5GQ4.FnJiRrxgH4vQB2
Content-Encoding: gzip
ETag: "b037efb4398a11d20810bda5ec4664a4"
x-amz-request-id: 531WHAAP2C5K7HKJ
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 188063
x-amz-id-2: qigXMfZVfmGntbpk+/I5WyHeEt2gS5xmGwd0qifo+FGtmCFU4SXJjKElfsobmf7uXqH8FDwX+dg=
X-BCOV-Response-Mode: 1
X-Served-By: cache-lin2290021-LIN
Last-Modified: Fri, 04 Mar 2022 17:13:39 GMT
Server: AmazonS3
X-Timer: S1647859957.559128,VS0,VE445
Date: Sat, 10 Sep 2022 12:13:29 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK ouibounce.min.js Show response
d3bjnmbj12697.cloudfront.net/_/js/ouibounce/ 2 KB
2 KB 10ms
8ms Script
application/javascript 2600:9000:20eb:de00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/ouibounce/ouibounce.min.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:de00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08cb0f46ed2415058019966967713095ef16ce83d54c74a5f52a61846dbe2399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Fri, 09 Sep 2022 21:41:57 GMT
Via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
Last-Modified: Wed, 15 Apr 2020 20:03:18 GMT
Server: AmazonS3
Age: 52293
ETag: "aa63b6f263c50e0cd2636cce8c794214"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 1626
X-Amz-Cf-Id: UES1PwBgrHYG12VrT-AhCZEte9H4SLJcDbSlTPsb9v9CPqaF8t3BHQ==

GET
H/1.1 200
OK lr-data-jc.js Show response
d3bjnmbj12697.cloudfront.net/_/js/lr-data/1.1.5/ 13 KB
13 KB 22ms
12ms Script
application/javascript 2600:9000:20eb:de00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/lr-data/1.1.5/lr-data-jc.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:de00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3b9fa25dbe7727a9714e0bc13d276c0855527396a0bb5b00be50c5a27beb4ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 05:49:00 GMT
Via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Aug 2022 18:26:50 GMT
Server: AmazonS3
Age: 23070
ETag: "2b70e1afa8e890d66b0229501e84f032"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 13050
X-Amz-Cf-Id: pRik-AAsq2Mlz_Mxq6QWKas5TPYt2rWSRTdRABw2XpziKsAPnFgb3Q==

GET
H/1.1 200
OK v-zoom-19.js Show response
d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/js/ 8 KB
8 KB 37ms
24ms Script
application/javascript 2600:9000:20eb:de00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/js/v-zoom-19.js
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:de00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f168ec108eb7ad831c6980fdc2ae712990139027f66c3f658f2f5181c3c14271

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 12:13:29 GMT
Via: 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
Last-Modified: Fri, 16 Apr 2021 21:34:41 GMT
Server: AmazonS3
Age: 25835
ETag: "f05b37b48ad09f8f2b1238c1825357b6"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 7909
X-Amz-Cf-Id: ZbnL8avKSGkLlrhJbox5NpVgbg4I7F_WXeqYpRB4VDbt8NBTSRsz-g==

GET
H/1.1 200
OK bg-header.jpg
d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/img/ 24 KB
25 KB 20ms
11ms Image
image/jpeg 2600:9000:20eb:de00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/img/bg-header.jpg
Requested by: Host: d3bjnmbj12697.cloudfront.net
URL: https://d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/css/custom.css?v=7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:de00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5497d558c5d57e560b31c238171ef0617add9658659ffe2c353ce24020f10d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/css/custom.css?v=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 12:13:29 GMT
Via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
Last-Modified: Fri, 09 Apr 2021 14:22:44 GMT
Server: AmazonS3
Age: 8595
ETag: "71392ccddb73e1b0301a5e247ce48d6a"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 24729
X-Amz-Cf-Id: 32hmo0ySHyYOilVUwCVqSrjT3fBj4dmisQz8nSyCbxb80Urj8ZBQPg==

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v26/ 35 KB
35 KB 131ms
49ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,700;1,400;1,700&family=Oswald:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 19:06:28 GMT
x-content-type-options: nosniff
age: 407221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35660
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:06:28 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 119ms
37ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,700;1,400;1,700&family=Oswald:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 21:06:09 GMT
x-content-type-options: nosniff
age: 400040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:06:09 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v26/ 35 KB
35 KB 172ms
90ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,700;1,400;1,700&family=Oswald:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 19:06:28 GMT
x-content-type-options: nosniff
age: 407221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35660
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:07:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 19:06:28 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 61 KB
62 KB 43ms
24ms Font
font/woff2 2606:4700:3033::6815:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

Referer: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:29 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5772
cf-ray: 748813f1cc6cbc01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62472
x-amz-id-2: tuOyzjrppaFOjJYYqsWn2mlEIYJdkXYqR5r+rcdq8l4u/94mOWSDF3tn+WkkxZEVbLnXREZEUl0=
last-modified: Wed, 30 Jun 2021 15:41:55 GMT
server: cloudflare
etag: "b75b4bfe0d58faeced5006c785eaae23"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4iBwSiyTW%2Bs6HZRW5tHJmFyN4O4Z%2B7pEeQJtZzJh%2F3KfVbru%2FPNizKqDpCc93yGivsI4p49CfW1feslUowGOYiAQokllFQa%2Fwnee5pgQdPcwYgEP%2FLBohlyjpwi3lvFN%2BUP2kk87NSBl2Fbuqgdgn5d"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: EEKSJP6V54FTSVGG
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 119ms
35ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4289
date: Sat, 10 Sep 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 10 Sep 2022 13:02:00 GMT

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/ 64 KB
22 KB 74ms
22ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a394fd65fe8013eb58e146ddccbf749fd875c291cb8ea9e2d4144c80caf65182

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 748813f28d02994a-FRA
date: Sat, 10 Sep 2022 12:13:29 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Sat, 10 Sep 2022 10:44:41 GMT
server: cloudflare
age: 5328
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnIMSvNJVvzXeNlyy3XolNKko7%2FFdArPN3YSlKNkbKW%2Bq8Pm3uiHA0MMGvOxV6YcTU7pgxfQdHoBXkZMv87viTCv3nTp3Uug56r8chy4SJMNYAgKiIaR%2B3kwFy9IHLD1w60H%2BRU1BHjf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 87ms
22ms Script
application/javascript 178.79.227.76
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.76 Vienna, Austria, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-76.vie.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:29 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 6500
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: 1d974f920e07cfd9ac75632ea6ad0b24

GET
H2 200 bss-px.min.js Show response
secure.jeffclarktrader.com/store/PROD/js/ 5 KB
2 KB 432ms
431ms Script
application/javascript 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/store/PROD/js/bss-px.min.js?affiliateId=2000&brandId=2004
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5208367&emailname=20220829-LGD&assetId=AST178959&page=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sat, 10 Sep 2022 12:13:29 GMT
x-amz-cf-pop: FRA60-P1, HAM50-P1
x-amzn-requestid: d70101f9-9abb-4d0c-a13f-6e5b5c03ea6e
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-apigw-id: YPjYhHNPIAMFnFA=
content-length: 2052
last-modified: Tue, 01 Jun 2021 15:08:33 GMT
server: cloudflare
etag: W/"3ee3506660c2ef343d6c68a229cd42be"
x-amz-version-id: fGaHECtcp1774Apxw3QoOeW87E1iGAd2
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 f9895d364ca1362380fa7dca357757d2.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 748813f23a8f6903-FRA
x-amz-cf-id: mEClpSYpmhnOIhETqH0Nb0dEnLkFDJduAHT4V5DgV8JC2nVvpyHxow==
x-amzn-remapped-connection: keep-alive

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 259ms
259ms Ping
application/json 2600:1f18:24e6:b900:6fe3:30:3061:2ca6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=c32b062e-09f1-4f34-ae4b-db57081110c1&batch_time=1662812009322
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:6fe3:30:3061:2ca6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK bg-light.jpg
d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/img/ 115 KB
116 KB 13ms
13ms Image
image/jpeg 2600:9000:20eb:de00:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3bjnmbj12697.cloudfront.net/jc/p/jcf/2104-launch-2.0/img/bg-light.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/JCF/inlinecss/da79c500415896fc289fe4f3e7d93dc1.css?versionId=UQQ2djQnK6kWVg3jAgWCDpQd2zFsC0dD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:de00:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5aa40c6db18170f8c42935b36d935e2cbdaf7ca7e71ed485dde33c3601e00d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 12:13:29 GMT
Via: 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
Last-Modified: Fri, 09 Apr 2021 14:49:24 GMT
Server: AmazonS3
Age: 16972
ETag: "9b80af901cff210c6fdbf294e5509b59"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 117962
X-Amz-Cf-Id: OUWJVBMDeLMw-zhiG-9vZ-aT5w4U09dBWJNtD4S5KQDjDRYB2xThzg==

POST
H2 200 logger Show response
secure.jeffclarktrader.com/snowflake/ 21 B
271 B 802ms
802ms XHR
application/json 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/snowflake/logger
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5208367&emailname=20220829-LGD&assetId=AST178959&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
via: 1.1 6c8b2c2d43417dceab2ce8474c5516d6.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: HAM50-P1
x-amzn-requestid: c014d30c-f0cd-4e71-a3b0-1aca0cfe6463
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-631c7f69-68bb5e705c73822075fcea18
cf-ray: 748813f2ab426903-FRA
x-amz-apigw-id: YPjYkFVPCYcFhSw=
content-length: 21
x-amz-cf-id: mM2tU0NbnYN7Ji-stS62QDB5rdi4qa1NbJW6bd5RonaJyD7wN4sTRQ==

GET
H2 200 6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 35 B
549 B 141ms
141ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?gtm.start=1662812008963&event=gtm.js&gtm.uniqueEventId=1&_ts=1662812009407&_nmob=t&_device=desktop&url=secure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&_v=3.0.27&_uid=3c0765e8-76e1-462b-883e-e472a58dfadd&_getid=t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:29 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gygTV3ezP6ye14cYYyUlJb9NUp4oBa51GrH2hv0HQYGzEZ8SbFvs%2BEDA46miJN0wv%2BcD%2BPPO8JIB0tN2mjyw8fV8SzeOgsZt6SLQnxa6ilWs0vhGEexDgTHN%2FUraj6WBYUtnxQ7Wx78G"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 748813f2dd7c994a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 125ms
46ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=764765285&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&ul=en-us&de=UTF-8&dt=Jeff%20Clark&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=301459862&gjid=2101365377&cid=1683702693.1662812009&tid=UA-90673817-1&_gid=2065888004.1662812009&_r=1&gtm=2wg970KBZNSS9&z=1482971428

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.jeffclarktrader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3c0765e8-76e1-462b-883e-e472a58dfadd Show response
c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/ 256 KB
28 KB 171ms
170ms Script
application/json 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/3c0765e8-76e1-462b-883e-e472a58dfadd?segments=true&mergestate=true&state=%7B%22_uid%22%3A%223c0765e8-76e1-462b-883e-e472a58dfadd%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22secure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1%22%2C%22_v%22%3A%223.0.27%22%7D&ts=1662812009503&callback=u_315322450929934600

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d637d7d9db6600b7e2c4865eb50846773005207464a3bebb2887c487e564fb58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 748813f36e49994a-FRA
date: Sat, 10 Sep 2022 12:13:29 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000;
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YL9PGPa0aTvFn54swV4me48o%2FbqBMjuYbuJ5g1xA5vgXcBA3Zzm1aKgkjpLm3pCltips38Dod1P18RgedxHhFbhlkmW6qi6cTfYg%2BhGesD31SKqR%2Btd4E0LmC%2BOjYZppJTn%2FaxOID0%2F9"}],"group":"cf-nel","max_age":604800}
content-encoding: br
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 35 B
313 B 134ms
133ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ts=1662812009501&_nmob=t&_device=desktop&url=secure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&_uid=3c0765e8-76e1-462b-883e-e472a58dfadd&_v=3.0.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:29 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3z5JsWTTdc8%2BV3B5gJhbiX7BFurX5e9qnqkpVl7z4MM18IQk3BoWbGJlq2y8Jnmla1%2FZ0nkkKvm5vAji24rleZ4%2FM1GIwHwW0TuGncypPJm4Sb34U0pruLwhLbizJotsvJYmQVWa%2BbVB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 748813f36e4a994a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 65ms
45ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=764765285&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&ul=en-us&de=UTF-8&dt=Jeff%20Clark&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=947522845&gjid=1048020316&cid=1683702693.1662812009&tid=UA-170962029-3&_gid=2065888004.1662812009&_r=1&gtm=2wg970KBZNSS9&z=1461595806

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.jeffclarktrader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 74ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BC98AE54C50E4FE389AB09BBD695413C Ref B: FRAEDGE1119 Ref C: 2022-09-10T12:13:29Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sat, 10 Sep 2022 12:13:29 GMT
accept-ranges: bytes
content-length: 11367

GET
H/1.1 200
OK / Show response
js.trackinggrid.com/lr/ 863 B
902 B 377ms
116ms Script
application/javascript 209.59.154.196
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://js.trackinggrid.com/lr/

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.154.196 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

1ebf6a2710236762178861bf15fa6074bd5e61502c1811551099ebe3754e0c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.jeffclarktrader.com/
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 12:13:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 1062
Server: nginx
Etag: W/"PSA-aj-JPd0QB94FZ"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2587315
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 10 Oct 2022 06:36:44 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 161 KB
60 KB 135ms
56ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10850488633

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4438839f08ba757142492951865dbed7cba6ca34311aa8f9145ebd7796efc63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61160
x-xss-protection: 0
expires: Sat, 10 Sep 2022 12:13:29 GMT

POST
H2 200 generic Show response
secure.jeffclarktrader.com/snowflake/ 21 B
318 B 292ms
291ms XHR
application/json 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/snowflake/generic
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5208367&emailname=20220829-LGD&assetId=AST178959&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
x-api-key: g5wZnpMOAV6d3DVWjACKU9Pz86tj10Es39Avoa3n
Content-Type: application/json

Response headers

date: Sat, 10 Sep 2022 12:13:29 GMT
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront), 1.1 f9e7fd4b74156e78a449b2e846941478.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA60-P1, HAM50-P1
x-amzn-requestid: fb66711a-fce7-4eb2-b743-fd26d2fb8c92
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-631c7f69-26a13afb4a29151960831d5d
cf-ray: 748813f39cad6903-FRA
x-amz-apigw-id: YPjYjGxRIAMFWaw=
content-length: 21
x-amz-cf-id: _6k_HxRK_VTEw4Og1kzvpCZt4D6j_i7UlFFzR8B1DaGd0lFfOHbzSA==

POST
H/1.1 200
OK kasupport Show response
ssl.kaptcha.com/collect/ 2 KB
2 KB 526ms
176ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/kasupport
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a125c9934cf5f24b1928f45ff2966581ec410e546fbc99cd71bf8502af87a446

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 10 Sep 2022 12:13:29 GMT
X-Correlation-Id: 36abd43b-d2fb-408f-ad6a-7ab8ec930779
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0

GET
H/1.1 200
OK logo.htm Show response
ssl.kaptcha.com/ Frame 96E3 22 KB
22 KB 176ms
175ms Document
text/html 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=65c9dda2d7fa467cba7d12db96359d8c
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/collect/sdk?m=100014
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: d376a3d6b52a85243a60bd75f5e031a0e1bc019bf1d09787b14b7825110bfe9f

Request headers

Referer: https://secure.jeffclarktrader.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Type: text/html
Date: Sat, 10 Sep 2022 12:13:29 GMT
Expires: 0
Pragma: no-cache
Transfer-Encoding: chunked
X-Correlation-Id: 4a89fe5e-4009-4116-9a91-9b662e42ca9f

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 58ms
18ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-170962029-3&cid=1683702693.1662812009&jid=947522845&gjid=1048020316&_gid=2065888004.1662812009&_u=aEDAAEABAAAAAC~&z=291307822

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 10 Sep 2022 12:13:29 GMT
content-type: text/plain
access-control-allow-origin: https://secure.jeffclarktrader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-90673817-1&cid=1683702693.1662812009&jid=301459862&gjid=2101365377&_gid=2065888004.1662812009&_u=YEBAAEAAAAAAAC~&z=20905947

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 10 Sep 2022 12:13:29 GMT
content-type: text/plain
access-control-allow-origin: https://secure.jeffclarktrader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 133ms
132ms Ping
application/json 2600:1f18:24e6:b900:6fe3:30:3061:2ca6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=7c15915e-82f4-47f8-bd5c-6eff4dfb332a&batch_time=1662812009590
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:6fe3:30:3061:2ca6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 204 134025820.js Show response
bat.bing.com/p/action/ 0
136 B 249ms
249ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134025820.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ACBD292C017248F6BC4B68868033B6F7 Ref B: FRAEDGE1119 Ref C: 2022-09-10T12:13:29Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sat, 10 Sep 2022 12:13:29 GMT

GET
H2 204 0
bat.bing.com/action/ 0
174 B 35ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134025820&tm=gtm002&Ver=2&mid=4f07f948-2480-41bf-967d-97325b304aca&sid=fb1baee0310111ed95a277d56ac030d0&vid=fb1bb8f0310111edbe2733abce9c26dc&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Jeff%20Clark&p=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&r=&lt=2157&evt=pageLoad&sv=1&rn=3665

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 88E3AFB045F4409E941496C2C404060E Ref B: FRAEDGE1119 Ref C: 2022-09-10T12:13:29Z
date: Sat, 10 Sep 2022 12:13:29 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 142ms
60ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-170962029-3&cid=1683702693.1662812009&jid=947522845&_u=aEDAAEABAAAAAC~&z=87342420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 144ms
62ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-170962029-3&cid=1683702693.1662812009&jid=947522845&_u=aEDAAEABAAAAAC~&z=87342420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 142ms
61ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90673817-1&cid=1683702693.1662812009&jid=301459862&_u=YEBAAEAAAAAAAC~&z=520003269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 142ms
61ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90673817-1&cid=1683702693.1662812009&jid=301459862&_u=YEBAAEAAAAAAAC~&z=520003269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
trc.taboola.com/sg/lytics/1/ 43 B
376 B 46ms
16ms Image
image/gif 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D3c0765e8-76e1-462b-883e-e472a58dfadd%26account_id%3D6754fc8577b0e933befa552acea53d64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sat, 10 Sep 2022 12:13:29 GMT
via: 1.1 varnish
server: nginx
x-timer: S1662812010.725653,VS0,VE9
x-served-by: cache-hhn4050-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 173ms
91ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10850488633

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 12:13:29 GMT

POST
H2 200 logger Show response
secure.jeffclarktrader.com/snowflake/ 21 B
249 B 655ms
655ms XHR
application/json 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/snowflake/logger
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5208367&emailname=20220829-LGD&assetId=AST178959&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
via: 1.1 938af0a58a4fcbf3c08e6c39b89440e2.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: HAM50-P1
x-amzn-requestid: 19f3c940-f154-4bcd-b62a-8fc9c80d0e65
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-631c7f6a-23b67167055a1b3f5bf3e725
cf-ray: 748813f50eba6903-FRA
x-amz-apigw-id: YPjYoEMFCYcF9hA=
content-length: 21
x-amz-cf-id: CQhMylopDA95fgWO5EcY4OahJC-EHJN7Z1MukDZAk9f4rgDmhw4I9Q==

POST
H2 200 logger Show response
secure.jeffclarktrader.com/snowflake/ 21 B
250 B 638ms
638ms XHR
application/json 2606:4700::6810:ea05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.jeffclarktrader.com/snowflake/logger
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:ea05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Referer: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5208367&emailname=20220829-LGD&assetId=AST178959&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
via: 1.1 b7d4565713c18d30abacb67e4342fac0.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: HAM50-P1
x-amzn-requestid: b065b9c3-f791-4964-ba9e-c9fd0873ed5a
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-631c7f6a-7a0fd36b46d37cb17e86d7fd
cf-ray: 748813f50ebe6903-FRA
x-amz-apigw-id: YPjYoFFICYcF7bQ=
content-length: 21
x-amz-cf-id: X23DXSYBZmGZHmtKmwvoY0GjPfus_7cRhvoxC0Q_2aBQLejj9eTmOw==

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame 96E3 0
299 B 176ms
176ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=65c9dda2d7fa467cba7d12db96359d8c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=65c9dda2d7fa467cba7d12db96359d8c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sat, 10 Sep 2022 12:13:29 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 5f7539ca-1032-478f-a9c8-86582f32ae1f
Content-Length: 0
Expires: 0

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 153ms
153ms Ping
application/json 2600:1f18:24e6:b900:6fe3:30:3061:2ca6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=d3e71b7f-95ff-4062-bddc-9bb2f8dfba5b&batch_time=1662812009902
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:6fe3:30:3061:2ca6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 161 KB
60 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-753664851

Requested by

Host: js.trackinggrid.com
URL: https://js.trackinggrid.com/lr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48a7ef3bf3888210b704989283341c6ec5c9c111d3dd4e1a8133c56ef0a6ea85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61219
x-xss-protection: 0
expires: Sat, 10 Sep 2022 12:13:29 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 76E4 0
0 66ms
19ms Document
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5208367&emailname=20220829-LGD&assetId=AST178959&page=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://secure.jeffclarktrader.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Sat, 10 Sep 2022 12:13:29 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 200 77c21d510266169b
pixel.sitescout.com/up/ 43 B
267 B 67ms
20ms Image
image/gif 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/77c21d510266169b?cntr_url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:29 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10850488633/ 3 KB
2 KB 166ms
80ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10850488633/?random=1662812009944&cv=9&fst=1662812009944&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=1771083837.1662812010&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3359c5fed2c9c590d8ec1704c007b67c5021a4094e58ce9582076bace8a044e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 191ms
128ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-753664851

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 12:13:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137602623-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13c2fb122830b6e52b877226bc8b7aa2c3faf8697da9209365ed38e22779632f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41936
x-xss-protection: 0
expires: Sat, 10 Sep 2022 12:13:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 162 KB
60 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-456578300&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f7f437981bec7b20a02e5922ae247937fee28bf1a7a40a451c6af8113760e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61247
x-xss-protection: 0
expires: Sat, 10 Sep 2022 12:13:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-700588147&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bed06c671cf84c9fa5f02ab1fcee528d566c14da978be7335e82ea29250cd16f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46081
x-xss-protection: 0
expires: Sat, 10 Sep 2022 12:13:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 162 KB
60 KB 103ms
102ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-311444767&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

366f5573453b4ca8a3f2981d7f28148ec601e9755bb793bc458794c128f4a008

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61187
x-xss-protection: 0
expires: Sat, 10 Sep 2022 12:13:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-668877205&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5f9aaf4596d9205608a0cfd26d460dfcdb3de59ab5afd6f3c5d596ad22c4e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46082
x-xss-protection: 0
expires: Sat, 10 Sep 2022 12:13:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10828766220&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a146a60bbbf3be9357f6556d473477cfe9428821291ce08cb3b5346154a3942f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46010
x-xss-protection: 0
expires: Sat, 10 Sep 2022 12:13:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 90ms
90ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-668474013&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBZNSS9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab8499dfbc691894b83c68109f4d3252cbe1c2793bfc3bfff10b54f38740b6c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46080
x-xss-protection: 0
expires: Sat, 10 Sep 2022 12:13:30 GMT

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame 96E3 0
299 B 232ms
175ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=65c9dda2d7fa467cba7d12db96359d8c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=65c9dda2d7fa467cba7d12db96359d8c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sat, 10 Sep 2022 12:13:30 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 2f242665-8edc-44a6-a6ff-25224a03a967
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK cookiestore Show response
ssl.kaptcha.com/collect/ 0
299 B 175ms
174ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/cookiestore
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sat, 10 Sep 2022 12:13:30 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: ad6a82dc-f064-4621-b03c-6934befdda05
Content-Length: 0
Expires: 0

GET
H2 200 vtt.global.min.js Show response
vjs.zencdn.net/vttjs/0.12.5/ 20 KB
7 KB 46ms
7ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2017 21:04:55 GMT
etag: "f30dac97e5c2aaa10a7695b93cc66699"
x-served-by: cache-hhn4027-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 7231
x-cache-hits: 40326

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 169ms
70ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 10 Sep 2022 12:13:30 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
207 B 142ms
45ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 10 Sep 2022 12:13:30 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 6249094980001 Show response
edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/ 5 KB
5 KB 86ms
86ms XHR
application/json 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/6249094980001
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f10cf0ff51869c3db5b2cb876670d472d04d27fbd9909492ba4b15574c070d06

Request headers

Accept: application/json;pk=BCpkADawqM18bNrtg81z9CsS9ERCN71x-_ntsRN4hc5BEWiBt_JPwrFbQmEhXcLwtFCOpiegWE1GyczMOqn0hOz53TOClK3WOZTkP8UO9EaZuG74hAr14nnF-80NEsEO-EsGv7v4OiLJqGyY
Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

bc-override-client-ip: 185.213.155.168
date: Sat, 10 Sep 2022 12:13:30 GMT
powered-from: eu-central-1c
bcov-request-id: 95ee4b1c-0e57-4462-9b6c-c34b99459a92
age: 0
policy-key-accountid: 5102072647001
x-cache: MISS
powered-by: BC
content-length: 4660
via: 1.1 varnish
x-served-by: cache-hhn4071-HHN
policy-key-raw: BCpkADawqM18bNrtg81z9CsS9ERCN71x-_ntsRN4hc5BEWiBt_JPwrFbQmEhXcLwtFCOpiegWE1GyczMOqn0hOz53TOClK3WOZTkP8UO9EaZuG74hAr14nnF-80NEsEO-EsGv7v4OiLJqGyY
x-timer: S1662812010.163107,VS0,VE79
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 0

OPTIONS
H2 200 6249094980001
edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/ Frame 0
0 46ms
7ms Preflight 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/6249094980001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://secure.jeffclarktrader.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Sat, 10 Sep 2022 12:13:30 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4071-HHN
x-timer: S1662812010.155693,VS0,VE0

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14bf8292ae1e1ac698da2f2155f00ab24d5eda73e0c3e1e25e368a905759283b

Request headers

Referer
Origin: https://secure.jeffclarktrader.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
BLOB 200
OK 23e7487e-ceac-47d4-b804-9121ccdc301a
https://secure.jeffclarktrader.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.jeffclarktrader.com/23e7487e-ceac-47d4-b804-9121ccdc301a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 120ms
45ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=50956d7c66c760b7518722cf&account=5102072647001&destination=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&platform_version=6.27.0&player=players.brightcove.com%2F5102072647001%2F0zLsWuD5UW_default&player_name=Marketing%20Player%20-%20No%20autoplay&source=&usage=inpage-embed&event=player_load&time=1662812010135&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=29400000&qos.performance.memory.totalJSHeapSize=35100000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=1662812007384&qos.performance.timing.loadEventStart=1662812007383&qos.performance.timing.domComplete=1662812007383&qos.performance.timing.domContentLoadedEventEnd=1662812007378&qos.performance.timing.domContentLoadedEventStart=1662812007378&qos.performance.timing.domInteractive=1662812006754&qos.performance.timing.domLoading=1662812006235&qos.performance.timing.responseEnd=1662812006233&qos.performance.timing.responseStart=1662812006232&qos.performance.timing.requestStart=1662812005727&qos.performance.timing.secureConnectionStart=1662812005713&qos.performance.timing.connectEnd=1662812005727&qos.performance.timing.connectStart=1662812005706&qos.performance.timing.domainLookupEnd=1662812005706&qos.performance.timing.domainLookupStart=1662812005697&qos.performance.timing.fetchStart=1662812005696&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1662812005227&qos.performance.bcInit=41.5&qos.player.dimensions=%5B%5B1662812010134%2C%22300x150%22%2C%22800x450%22%5D%5D&qos.player.pixelratio=%5B%5B1662812010134%2C1%5D%5D&qos.player.screendimensions=%5B%5B1662812010134%2C%221600x1200%22%5D%5D&seq=2

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 10 Sep 2022 12:13:30 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame 96E3 0
299 B 287ms
175ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=65c9dda2d7fa467cba7d12db96359d8c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=65c9dda2d7fa467cba7d12db96359d8c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sat, 10 Sep 2022 12:13:30 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 34e344e4-4ad9-4208-a1cb-3ddc45c1896d
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame 96E3 0
299 B 402ms
175ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=65c9dda2d7fa467cba7d12db96359d8c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=65c9dda2d7fa467cba7d12db96359d8c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sat, 10 Sep 2022 12:13:30 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: f7ffef74-3bfa-42f1-ac1b-d253897e5163
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK fin Show response
ssl.kaptcha.com/ Frame 96E3 0
299 B 460ms
175ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/fin
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=65c9dda2d7fa467cba7d12db96359d8c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=65c9dda2d7fa467cba7d12db96359d8c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sat, 10 Sep 2022 12:13:30 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 928d5c9e-fc43-43cd-8c98-52d202d716bd
Content-Length: 0
Expires: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/10850488633/ 42 B
64 B 137ms
54ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10850488633/?random=1662812009944&cv=9&fst=1662811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=138687202&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10850488633/ 42 B
64 B 127ms
49ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10850488633/?random=1662812009944&cv=9&fst=1662811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=138687202&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 46ms
46ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=764765285&t=pageview&_s=1&dl=secure.jeffclarktrader.com%2Fhttps%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&ul=en-us&de=UTF-8&dt=lrRemJS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=354091887&gjid=763557271&cid=1683702693.1662812009&tid=UA-137602623-2&_gid=2065888004.1662812009&_r=1&gtm=2ou970&z=917260495

Requested by

Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.jeffclarktrader.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137602623-2&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4290
date: Sat, 10 Sep 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 10 Sep 2022 13:02:00 GMT

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 101 KB
22 KB 35ms
34ms Script
text/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 748813f7fd25994a-FRA
date: Sat, 10 Sep 2022 12:13:30 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Sat, 10 Sep 2022 10:38:07 GMT
server: cloudflare
age: 5723
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fdl7vRmaBo%2BtUgQIvuGbh8OrNhKjh1jFMIUCcjTP5ioaXgKD6opoMtLQ8egI9w5r%2Fa7nRHNCAJZWYp9h3p%2B5VJb6To6lasIqNsIUeF3tB7jJys6VcjGTQI%2FNJoRJZlkkj5rjc8GM0bXO"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/668877205/ 3 KB
1 KB 163ms
84ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668877205/?random=1662812010219&cv=9&fst=1662812010219&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=1771083837.1662812010&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6eba784b320a8bb7acdc113e4a439032ff4ac23bbc9760f1c966180b06a7843c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1224
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/456578300/ 3 KB
1 KB 167ms
90ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/456578300/?random=1662812010220&cv=9&fst=1662812010220&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=1771083837.1662812010&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d233a0c2c3b4b3656c13b1e5c76d3d1a25adaf54b2e29c69c8a3b605f2c4edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1224
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/700588147/ 3 KB
1 KB 163ms
86ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/700588147/?random=1662812010221&cv=9&fst=1662812010221&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=1771083837.1662812010&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc5380a51c9c92d06e1b2e1b7a6bcb717ec972dbf5d9bb3221a0eaef8a1b847f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/753664851/ 3 KB
1 KB 163ms
88ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/753664851/?random=1662812010222&cv=9&fst=1662812010222&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&ig=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=1771083837.1662812010&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e05e2d4662c78cd36fa14b96307a5eadc8c1c6c404e3cb2be7a2835b467704f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/311444767/ 3 KB
1 KB 160ms
85ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/311444767/?random=1662812010223&cv=9&fst=1662812010223&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=1771083837.1662812010&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43cf918f30f94659457b665354f2342057da2991c0524e6164672890d853ca68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1226
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/10828766220/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10828766220/?random=1662812010223&cv=9&fst=1662812010223&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=...
https://www.google.com/pagead/1p-user-list/10828766220/?random=1662812010223&cv=9&fst=1662811200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java...
https://www.google.de/pagead/1p-user-list/10828766220/?random=1662812010223&cv=9&fst=1662811200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=...

42 B
64 B

50ms
49ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10828766220/?random=1662812010223&cv=9&fst=1662811200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&is_vtc=1&random=3052183178&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/10828766220/?random=1662812010223&cv=9&fst=1662811200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&is_vtc=1&random=3052183178&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/668474013/ 3 KB
1 KB 156ms
82ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668474013/?random=1662812010224&cv=9&fst=1662812010224&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&auid=1771083837.1662812010&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d1002c5bb1f462a47328b237184d560a3332ce7723d41d3f1b4f4c91edcf7da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 133ms
133ms Ping
application/json 2600:1f18:24e6:b900:6fe3:30:3061:2ca6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=ac4f10a0-b876-469c-a2f8-a96d973cba91&batch_time=1662812010230
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:6fe3:30:3061:2ca6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 53ms
52ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 10 Sep 2022 12:13:30 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET thumbnail.webvtt
manifest.prod.boltdns.net/thumbnail/v1/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/3e726622-82bb-43ef-b5c4-aa62aa576610/ 0
0

GET
H2 200 thumbnail.webvtt Show response
manifest.prod.boltdns.net/thumbnail/v1/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/3e726622-82bb-43ef-b5c4-aa62aa576610/ 135 KB
135 KB 121ms
92ms XHR
text/vtt 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/3e726622-82bb-43ef-b5c4-aa62aa576610/thumbnail.webvtt?fastly_token=NjMxY2RmZGNfMDM5NjdmODA5NzZlNDRhYjAwOTBhY2QyNTI1MDFkNTkxOTc1YWEzYWM1MTY2YjNmNGFmMzk2NDk2YmZiZGUzYw%3D%3D
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: ba41117af0bda961fd9f918486889b2403c503caa665bbbd0534a8516133511b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 138336
x-served-by: cache-hhn4071-HHN
x-device-group: desktop-chrome
x-timer: S1662812010.292572,VS0,VE85
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/vtt; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/6ceef67e-9fed-4043-aa06-32b18de350e9/1280x720/match/ 150 KB
150 KB 89ms
10ms Image
image/jpeg 13.224.189.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/6ceef67e-9fed-4043-aa06-32b18de350e9/1280x720/match/image.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-46.fra2.r.cloudfront.net
Software: / BC
Resource Hash: 2818ae4a1707c05fdf021ca9ad759ad320526935fb07d06d82db02440245579d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 10:49:25 GMT
Via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 6744245
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: kePIxFLXVj7SwREdQVBm-4nSMZf02Kd7Du38orZTXvt6ZozChnXa9w==
Expires: Sat, 24 Jun 2023 10:49:25 GMT

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/10s/ 7 KB
7 KB 69ms
55ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/10s/master.m3u8?fastly_token=NjMxY2RmZGNfYjc4Y2NlNTlkZDFiNzAyOGQxNzhiMDQ4YmFiNmI5M2E1ZGExOTYwNzUwY2ViOWM3NTQwYjRiNTZlNzNlYjE2Ng%3D%3D
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 7dcf491b34a0df959f5585550862b2b02bebccbe91a85c21d0894c28b664c5bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
x-bolt-device-group: desktop-chrome
content-length: 7279
x-served-by: cache-hhn4071-HHN
x-device-group: desktop-chrome
x-timer: S1662812010.292305,VS0,VE48
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
BLOB 200
OK 02f0b234-77a0-41f2-ac86-af01ea760957
https://secure.jeffclarktrader.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.jeffclarktrader.com/02f0b234-77a0-41f2-ac86-af01ea760957
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3f7c0ed14b5b7347b93e0e91f558238b0c0542501b484de714eef38e9e236fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 5922
Content-Type: application/javascript

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 165ms
164ms Ping
application/json 2600:1f18:24e6:b900:6fe3:30:3061:2ca6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=64fb8b04-276a-4006-820f-fa6442cf4e45&batch_time=1662812010278
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:6fe3:30:3061:2ca6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 20ms
20ms Stylesheet
text/css 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 748813f84d92994a-FRA
date: Sat, 10 Sep 2022 12:13:30 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Sat, 10 Sep 2022 11:30:33 GMT
server: cloudflare
age: 2577
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2Bf3cuqZBgSoPKn5bOCx9gKz5tWrpooleQrQi8Ni000VXwCEUrT8u7AfX89cnSTAxC0v3Yf3IJt8FZaHd%2B%2BcssaqRI%2BKElZAiMYDbuiPOtPEEA%2Fy%2FP8yw1Ep%2BrKhMbuxv2R%2BiwVw0ZuG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H2 200 config.js Show response
c.lytics.io/api/experience/candidate/6754fc8577b0e933befa552acea53d64/ 604 KB
42 KB 25ms
24ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/experience/candidate/6754fc8577b0e933befa552acea53d64/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f614b55a3642c700fce22a94abebe1ea77bd6e5a8bb691475582b464dc2232b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 748813f84d9c994a-FRA
date: Sat, 10 Sep 2022 12:13:30 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Sat, 10 Sep 2022 10:44:48 GMT
server: cloudflare
age: 5322
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9M8O7UcCnZ2YDyABcL6LvkaCLktmwqhx9jzNm71OUyrQWwZqT3IK3LdxoAC%2Bzcw7XCXxc%2Bat0bKUnPhouvwacr4UNwj1PqEGP431LCUEEJPPzdmZO%2FaUyDC8dxGxWrefD05ve%2Bd6a8%2Fm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

POST
H3 200 tracker
metrics.brightcove.com/v2/ 35 B
49 B 111ms
47ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 10 Sep 2022 12:13:30 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/68025fc9-a6b1-4003-9d3a-c1a3423be67e/10s/ 87 KB
87 KB 211ms
210ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/68025fc9-a6b1-4003-9d3a-c1a3423be67e/10s/rendition.m3u8?fastly_token=NjMxY2RmZGNfNjRkYzBjNGM5ZWU4NWIxMWI3Mzg0NDkwODE1OTE3MmZiNjViYzE0MDhjMTMxNTI2M2VhZDc4MjhmMDU5NjgzNQ%3D%3D
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: b6dbf1127d9235a6164cbd117ed1155e134b35b013c7876023e06f5a6e5d6462

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 89067
x-served-by: cache-hhn4071-HHN
x-device-group: desktop-chrome
x-timer: S1662812010.365958,VS0,VE201
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/668474013/ 42 B
64 B 56ms
52ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/668474013/?random=1662812010224&cv=9&fst=1662811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=1343711109&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/668474013/ 42 B
64 B 52ms
48ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/668474013/?random=1662812010224&cv=9&fst=1662811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=1343711109&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/311444767/ 42 B
64 B 54ms
52ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/311444767/?random=1662812010223&cv=9&fst=1662811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=2643815543&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/311444767/ 42 B
64 B 55ms
53ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/311444767/?random=1662812010223&cv=9&fst=1662811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=2643815543&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 148ms
146ms Ping
application/json 2600:1f18:24e6:b900:6fe3:30:3061:2ca6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=50892cf8-7b97-47be-9986-ba61bd3ce9ab&batch_time=1662812010388
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:6fe3:30:3061:2ca6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 /
www.google.com/pagead/1p-user-list/668877205/ 42 B
64 B 56ms
55ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/668877205/?random=1662812010219&cv=9&fst=1662811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=1291477840&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/668877205/ 42 B
64 B 52ms
51ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/668877205/?random=1662812010219&cv=9&fst=1662811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=1291477840&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/700588147/ 42 B
64 B 54ms
53ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/700588147/?random=1662812010221&cv=9&fst=1662811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=3368877861&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/700588147/ 42 B
64 B 51ms
50ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/700588147/?random=1662812010221&cv=9&fst=1662811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=3368877861&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/753664851/ 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/753664851/?random=1662812010222&cv=9&fst=1662811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=202265897&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/753664851/ 42 B
64 B 47ms
47ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/753664851/?random=1662812010222&cv=9&fst=1662811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=202265897&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/456578300/ 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/456578300/?random=1662812010220&cv=9&fst=1662811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=2035122336&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/456578300/ 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/456578300/?random=1662812010220&cv=9&fst=1662811200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa970&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.jeffclarktrader.com%2F%3Fcid%3DMKT534830%26eid%3DMKT657541%26step%3Dstart%26plcid%3DPLC152268%26SNAID%3DSAC0029357608%26email%3Dsuspect%40safeonweb.be%26encryptedSnaid%3Db0dKKejE%2520WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%253D%26emailjobid%3D5208367%26emailname%3D20220829-LGD%26assetId%3DAST178959%26page%3D1&tiba=Jeff%20Clark&async=1&fmt=3&is_vtc=1&random=2035122336&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 12:13:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 194ms
192ms Ping
application/json 2600:1f18:24e6:b900:6fe3:30:3061:2ca6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=1dafb023-1fac-4753-bc81-0b7ea466bda3&batch_time=1662812010445
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:6fe3:30:3061:2ca6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 145ms
144ms Ping
application/json 2600:1f18:24e6:b900:6fe3:30:3061:2ca6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=36de154c-1170-4a9f-aff5-53afc356aff5&batch_time=1662812010574
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:6fe3:30:3061:2ca6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.jeffclarktrader.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/b1e2740d-07eb-41fc-a01f-b3ca5db365c2/10s/ 88 KB
88 KB 177ms
176ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/b1e2740d-07eb-41fc-a01f-b3ca5db365c2/10s/rendition.m3u8?fastly_token=NjMxY2RmZGNfZjE1ZjQxNGIzY2U2NTk0YzIwNDNjODQ3NDVhNmMxZjFmOWVmZDVlYWQ3NzA3YTMyY2JkOWE2OWJhM2UwZmRiZA%3D%3D
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 689e826f8142f482e059aaf36213449a1552eb859f2ecdf73029b71d668eedc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 89822
x-served-by: cache-hhn4071-HHN
x-device-group: desktop-chrome
x-timer: S1662812011.585771,VS0,VE164
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
BLOB 200
OK 501ca208-351e-4cab-925b-56fd3d1f0847
https://secure.jeffclarktrader.com/ 68 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.jeffclarktrader.com/501ca208-351e-4cab-925b-56fd3d1f0847
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21d93ac5a388df10b961801cce44bd72d8e612f9c5305c769ef2602b9b0480eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 70120
Content-Type: application/javascript

GET
H2 200 a626d881-9ca8-4e42-a761-0e5cef66aadc Show response
manifest.prod.boltdns.net/license/v1/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/ 16 B
188 B 174ms
173ms XHR
application/octet-stream 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/license/v1/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/a626d881-9ca8-4e42-a761-0e5cef66aadc?fastly_token=NjMxY2RmZGNfZGU5YzBlZDc4MGQ1M2RkMDc1MDdiZTE0MzIxYjA2NTA2ZmQyMDlkZjc0OGY2ZjEyNzgxNDBjOTEzNjAwMmQ3NQ%3D%3D
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 5d727f45985f355b7d9d17c9f2eb2ece4e2ba45ca88fdbbd2e4f1713d1d6b9b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
via: 1.1 varnish
bcov-request-id: 830e51c4-f5d1-415d-915c-f06e52a3f12e
x-powered-by: BC
x-cache: MISS
x-hosted-on: Gantry
content-length: 16
x-served-by: cache-hhn4071-HHN
x-device-group: desktop-chrome
x-timer: S1662812011.592615,VS0,VE163
x-powered-from: eu-west-1b
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=3753
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts Show response
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/68025fc9-a6b1-4003-9d3a-c1a3423be67e/a626d881-9ca8-4e42-a761-0e5cef66aadc/5x/ 2 MB
2 MB 128ms
8ms XHR
video/mp2t 2a02:26f0:3500:16::215:1496
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/68025fc9-a6b1-4003-9d3a-c1a3423be67e/a626d881-9ca8-4e42-a761-0e5cef66aadc/5x/segment0.ts?akamai_token=exp=1662836700~acl=/media/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/68025fc9-a6b1-4003-9d3a-c1a3423be67e/a626d881-9ca8-4e42-a761-0e5cef66aadc/*~hmac=9edd2686a8e2aa286616bd27460258717354a226b0d7689d7c8ce475d916a541
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:16::215:1496 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: a38ca7cfbe9fed1deef889ca645230eea836123c74d6c5cc09c42c2b2afc378d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 12:13:30 GMT
X-Amz-Cf-Pop: JFK50-P1
X-Powered-By: BC
Backend-IP: 108.139.46.174
BC-MID: true
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1901440
X-Served-By: cache-ewr18144-EWR
Akamai-Mon-Iucid-Del: 1315351
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1659523658.422218,VS0,VE6
X-Powered-From: gantry
ETag: "a8afab0d5d5614334a69115d219ee61d"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=27549138
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
X-Amz-Cf-Id: K72drFNI-_OABbJY4wEHbczG6qDaYGyXR1CFZrMY1shcYUQLZa8itQ==
Expires: Wed, 26 Jul 2023 08:45:48 GMT
X-Cache-Hits: 1

GET
BLOB 200
OK da909f11-1ba1-4695-959e-9dedaa0002b2
https://secure.jeffclarktrader.com/ 68 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.jeffclarktrader.com/da909f11-1ba1-4695-959e-9dedaa0002b2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21d93ac5a388df10b961801cce44bd72d8e612f9c5305c769ef2602b9b0480eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 70120
Content-Type: application/javascript

GET
H2 200 a626d881-9ca8-4e42-a761-0e5cef66aadc Show response
manifest.prod.boltdns.net/license/v1/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/ 16 B
116 B 146ms
143ms XHR
application/octet-stream 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/license/v1/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/a626d881-9ca8-4e42-a761-0e5cef66aadc?fastly_token=NjMxY2RmZGNfZGU5YzBlZDc4MGQ1M2RkMDc1MDdiZTE0MzIxYjA2NTA2ZmQyMDlkZjc0OGY2ZjEyNzgxNDBjOTEzNjAwMmQ3NQ%3D%3D
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 5d727f45985f355b7d9d17c9f2eb2ece4e2ba45ca88fdbbd2e4f1713d1d6b9b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 12:13:30 GMT
via: 1.1 varnish
bcov-request-id: f9703a0f-6c03-4442-9476-71e4e1cfa92f
x-powered-by: BC
x-cache: MISS
x-hosted-on: Gantry
content-length: 16
x-served-by: cache-hhn4071-HHN
x-device-group: desktop-chrome
x-timer: S1662812011.776047,VS0,VE138
x-powered-from: eu-west-1a
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=3753
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts Show response
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/b1e2740d-07eb-41fc-a01f-b3ca5db365c2/a626d881-9ca8-4e42-a761-0e5cef66aadc/5x/ 285 KB
286 KB 11ms
9ms XHR
video/mp2t 2a02:26f0:3500:16::215:1496
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/b1e2740d-07eb-41fc-a01f-b3ca5db365c2/a626d881-9ca8-4e42-a761-0e5cef66aadc/5x/segment0.ts?akamai_token=exp=1662836700~acl=/media/v1/hls/v4/aes128/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/b1e2740d-07eb-41fc-a01f-b3ca5db365c2/a626d881-9ca8-4e42-a761-0e5cef66aadc/*~hmac=54cc7779a548d6f42f5e283aa9feee1ce6ec686e3004d0057365cdd688125acc
Requested by: Host: secure.jeffclarktrader.com
URL: https://secure.jeffclarktrader.com/polyfills-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:16::215:1496 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: 3bb1abc8bfb04aef8fc55af082f37aaa7405e5edc92d0b0f29f3977127bc9be3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.jeffclarktrader.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 12:13:30 GMT
X-Amz-Cf-Pop: EWR53-C1
X-Powered-By: BC
Backend-IP: 13.225.66.82
BC-MID: true
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 292160
X-Served-By: cache-ewr18142-EWR
Akamai-Mon-Iucid-Del: 1315351
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1655842199.980877,VS0,VE3
X-Powered-From: gantry
ETag: "1c5e370e1f561ef0fec0223929127d95"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=27003095
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
X-Amz-Cf-Id: VWOm3Tsj5WOREASqlRsnUTEhI0li9Aemr-2W_127YJTEigJdQMOk3A==
Expires: Thu, 20 Jul 2023 01:05:05 GMT
X-Cache-Hits: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: manifest.prod.boltdns.net
URL: http://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/3e726622-82bb-43ef-b5c4-aa62aa576610/thumbnail.webvtt?fastly_token=NjMxY2RmZGNfMDM5NjdmODA5NzZlNDRhYjAwOTBhY2QyNTI1MDFkNTkxOTc1YWEzYWM1MTY2YjNmNGFmMzk2NDk2YmZiZGUzYw%3D%3D

Verdicts & Comments Add Verdict or Comment

494 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.listrakbi.com/mJqOWFhiqMPC	1970-01-20 15:29:32	Name: gsid Value: zmp8LMpGCmWkSHKasAHQemjaX%2fd7%2bM8rP0Wo2k2NukNWJVevmKSQlJKV6u4UtOeWKOW%2fQca%2fy6o%3d
.listrakbi.com/mJqOWFhiqMPC	1970-01-20 14:39:08	Name: scasid Value: 22be5602-17b2-4bdc-bdc8-8f3a7cf994c5
.paypal.com/	1970-01-20 15:29:32	Name: ts Value: vreXpYrS%3D1757506406%26vteXpYrS%3D1662813806%26vr%3D2751aa4c1830a4631906065affffffff%26vt%3D2751aa4c1830a4631906065afffffffe
.paypal.com/	1970-01-20 15:29:32	Name: ts_c Value: vr%3D2751aa4c1830a4631906065affffffff%26vt%3D2751aa4c1830a4631906065afffffffe
secure.jeffclarktrader.com/	1970-01-20 07:19:56	Name: MKT534830_MKT657541_AST178959 Value: visited
s1.listrakbi.com/	1970-01-20 06:03:36	Name: AWSALBCORS Value: Sm6Tjhd1H1zU5/mruFDW9vcvoEj40nCdMd/6E9u3TTLUDA/sSyT0O9BoJfmoFD03q8Nto6/gpnTaPF5sAkG3u57gm7kyixMPomc1/jupEbYgBC2cqfFW6EDgj26w
.listrakbi.com/	1970-01-20 08:03:08	Name: usid Value: 7b1fd4810bcd40f59c7bce8c8a4c9fcf
secure.jeffclarktrader.com/	1970-01-20 14:39:08	Name: lr_cue_2104JCFLaunch2021_19_v1 Value: 0
.jeffclarktrader.com/	1970-01-20 15:29:32	Name: GSIDmJqOWFhiqMPC Value: c5f94bed-3683-4eec-a7d0-52245c9e195c
.jeffclarktrader.com/	1970-01-20 14:39:08	Name: STSID954314 Value: 22be5602-17b2-4bdc-bdc8-8f3a7cf994c5
secure.jeffclarktrader.com/	1970-01-20 15:29:32	Name: bssSessionId Value: 8d85b977-af23-4623-b195-22e0192a784b
.secure.jeffclarktrader.com/	1970-01-20 05:53:33	Name: seerses Value: e
.secure.jeffclarktrader.com/	1970-01-20 15:29:32	Name: seerid Value: 3c0765e8-76e1-462b-883e-e472a58dfadd
.jeffclarktrader.com/	1970-01-20 15:29:32	Name: _ga Value: GA1.2.1683702693.1662812009
.jeffclarktrader.com/	1970-01-20 05:54:58	Name: _gid Value: GA1.2.2065888004.1662812009
.jeffclarktrader.com/	1970-01-20 05:53:32	Name: _gat_UA-90673817-1 Value: 1
.jeffclarktrader.com/	1970-01-20 05:53:32	Name: _gat_UA-170962029-3 Value: 1
ssl.kaptcha.com/	1970-01-20 08:03:08	Name: k Value: 70c2b83146354967bc42aafdbc41a950
.lytics.io/	1970-01-20 15:29:32	Name: seerid Value: 3c0765e8-76e1-462b-883e-e472a58dfadd
.bing.com/	1970-01-20 15:15:08	Name: MUID Value: 3CE4027823DE6EFB331E106322AF6F56
.jeffclarktrader.com/	1970-01-20 05:54:58	Name: _uetsid Value: fb1baee0310111ed95a277d56ac030d0
.jeffclarktrader.com/	1970-01-20 15:15:08	Name: _uetvid Value: fb1bb8f0310111edbe2733abce9c26dc
.jeffclarktrader.com/	1970-01-20 08:03:08	Name: _gcl_au Value: 1.1.1771083837.1662812010
secure.jeffclarktrader.com/	1970-01-20 14:39:08	Name: cdn.beaconstreetservices.100014.ka.ck Value: 1ce69d2f22d0d5616ca2171401477d90da08257335033369b123837744ca0faffb0901780ea5e7cc2ce6140bece6dda1470c9ed33941293f9127b188f06fb85bcc99b80fe3215b984d32310582f6fbec28cc9f89b647a5712db8d6f6a48b250f5c605578491092136ffe24a4d3d47dd71ced68aaf0ddb855380ee6a2b9724bfa4b927e5836c90ce554ee60b261c1dd98ec390f99db81dd92532a1b
.jeffclarktrader.com/	1970-01-20 05:53:32	Name: _gat_gtag_UA_137602623_2 Value: 1
secure.jeffclarktrader.com/	1970-01-20 05:53:32	Name: _dd_s Value: logs=1&id=d0488d79-7825-4b0c-be3a-a74f917d5c67&created=1662812007358&expire=1662812907361&rum=1
.doubleclick.net/	1970-01-20 15:15:08	Name: IDE Value: AHWqTUls3GZAvCseHrM_9zPObKgpBekVFmtdQ3xrKrGuK3Duu7wphXkqfmwhSZ7h

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://secure.jeffclarktrader.com/polyfills-es2015.js Message: Mixed Content: The page at 'https://secure.jeffclarktrader.com/?cid=MKT534830&eid=MKT657541&step=start&plcid=PLC152268&SNAID=SAC0029357608&email=suspect@safeonweb.be&encryptedSnaid=b0dKKejE%20WAu31BZFErgwovAmQD8AUybb1KOlivfrKU%3D&emailjobid=5208367&emailname=20220829-LGD&assetId=AST178959&page=1' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/a33898b2-a832-4a97-b01a-cfe83680f949/3e726622-82bb-43ef-b5c4-aa62aa576610/thumbnail.webvtt?fastly_token=NjMxY2RmZGNfMDM5NjdmODA5NzZlNDRhYjAwOTBhY2QyNTI1MDFkNTkxOTc1YWEzYWM1MTY2YjNmNGFmMzk2NDk2YmZiZGUzYw%3D%3D'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
bcbolt446c5271-a.akamaihd.net
c.lytics.io
cdn.listrakbi.com
cdn.mxpnl.com
cdnjs.cloudflare.com
cf-images.us-east-1.prod.boltdns.net
click.exct.legacyresearch.com
code.jquery.com
d3bjnmbj12697.cloudfront.net
edge.api.brightcove.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gsdpeazjjf.execute-api.us-east-1.amazonaws.com
js.trackinggrid.com
manifest.prod.boltdns.net
marketingassets.cloudsna.com
metrics.brightcove.com
pixel.sitescout.com
players.brightcove.net
rum.browser-intake-datadoghq.com
s1.listrakbi.com
s3.amazonaws.com
secure.jeffclarktrader.com
ssl.kaptcha.com
static.zuora.com
stats.g.doubleclick.net
t.paypal.com
tracking.legacyoffers.com
trc.taboola.com
up.pixel.ad
use.fontawesome.com
vjs.zencdn.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
manifest.prod.boltdns.net
104.18.6.244
13.111.45.142
13.224.189.46
13.225.78.93
142.250.185.226
151.101.2.27
151.101.65.35
178.79.227.76
18.66.130.11
184.51.9.157
192.229.221.25
2001:4de0:ac18::1:a:1b
209.59.154.196
2600:1901:0:498c::
2600:1f18:24e6:b900:6fe3:30:3061:2ca6
2600:9000:20eb:de00:f:75e2:4ac0:21
2606:4700:20::681a:216
2606:4700:3033::6815:3f36
2606:4700::6810:ea05
2606:4700::6810:f51b
2606:4700::6811:190e
2620:1ec:c11::200
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:400c:c00::9c
2a00:1450:400e:800::200a
2a02:26f0:3500:16::215:1496
2a04:4e42:200::729
2a04:4e42:600::300
35.244.232.184
35.81.31.24
52.217.66.94
63.33.177.108
66.155.71.149
92.123.29.243
013050e8e5ab5ca56b6344fe09502a82fc4ced559a155646ff286b4af3545eeb
08cb0f46ed2415058019966967713095ef16ce83d54c74a5f52a61846dbe2399
09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
13c2fb122830b6e52b877226bc8b7aa2c3faf8697da9209365ed38e22779632f
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
14bf8292ae1e1ac698da2f2155f00ab24d5eda73e0c3e1e25e368a905759283b
1ebf6a2710236762178861bf15fa6074bd5e61502c1811551099ebe3754e0c83
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
21d93ac5a388df10b961801cce44bd72d8e612f9c5305c769ef2602b9b0480eb
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
2818ae4a1707c05fdf021ca9ad759ad320526935fb07d06d82db02440245579d
28e7a175bbbb2d42cd553a6f0ec8135cfe0ddb6fc2e21975d01e5cd0bafdff13
2d1002c5bb1f462a47328b237184d560a3332ce7723d41d3f1b4f4c91edcf7da
2e05e2d4662c78cd36fa14b96307a5eadc8c1c6c404e3cb2be7a2835b467704f
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
366f5573453b4ca8a3f2981d7f28148ec601e9755bb793bc458794c128f4a008
38a9e644c5ad5dc59aa19eb468fc8c745939c7f08b70e2dffd69a4144db10f3c
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
3bb1abc8bfb04aef8fc55af082f37aaa7405e5edc92d0b0f29f3977127bc9be3
3c117e5507807b5c9d0bf307f55992c726d33e8bdbadbcfe505f48cdc025a231
3d233a0c2c3b4b3656c13b1e5c76d3d1a25adaf54b2e29c69c8a3b605f2c4edd
43cf918f30f94659457b665354f2342057da2991c0524e6164672890d853ca68
47b17cb114d390c04274018066ec8b99b21f4dd062b22c0085b0c9b129f92c79
48a7ef3bf3888210b704989283341c6ec5c9c111d3dd4e1a8133c56ef0a6ea85
4963143a31cb8a457413caa891052d208de3bd889cce03315d76dd1606924af0
507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d
5497d558c5d57e560b31c238171ef0617add9658659ffe2c353ce24020f10d79
58a6f49e92f7d2fd1246d98c568c2ac7d6be832ddfece67ec9f7ef3332766adf
5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389
5a2319c093cdaabbc3d0af673e98cef624be4df771c0ddbaaf983d003702903d
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5aa40c6db18170f8c42935b36d935e2cbdaf7ca7e71ed485dde33c3601e00d51
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5d727f45985f355b7d9d17c9f2eb2ece4e2ba45ca88fdbbd2e4f1713d1d6b9b0
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899
65f6e644b708a9691cfa6d8f1e95737051659151f3bbaf2a9a19fef8d100e747
689e826f8142f482e059aaf36213449a1552eb859f2ecdf73029b71d668eedc8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6eba784b320a8bb7acdc113e4a439032ff4ac23bbc9760f1c966180b06a7843c
6f7f437981bec7b20a02e5922ae247937fee28bf1a7a40a451c6af8113760e02
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
73567000b57fdfed5825cd324d4e8b9bcf59317eed6076ad05c7f95427a420ca
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526
7c506082fa68431a459024b440e5e418c769f3e2803cbb9cdb296ae7b6cae2d2
7dcf491b34a0df959f5585550862b2b02bebccbe91a85c21d0894c28b664c5bd
840d00f62116fbc5872b6ca0d58ad7ad4b9a1e9ac18309b81cf75ece010fd60a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852efa9c5c678757dbd43e9dd9db2d0716656995bd8db701c15248634b2eca47
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8a60672efd62862adb750cf0d1ba8916744490d764cb2807c8114353f6aae6c8
98c2a74405e978d753625e97a0cb1c2eab250a9444d82dd75e1bce82cb437ae2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a125c9934cf5f24b1928f45ff2966581ec410e546fbc99cd71bf8502af87a446
a146a60bbbf3be9357f6556d473477cfe9428821291ce08cb3b5346154a3942f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a38ca7cfbe9fed1deef889ca645230eea836123c74d6c5cc09c42c2b2afc378d
a394fd65fe8013eb58e146ddccbf749fd875c291cb8ea9e2d4144c80caf65182
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
ab8499dfbc691894b83c68109f4d3252cbe1c2793bfc3bfff10b54f38740b6c2
add2ae6e587488a3ee7c774b8e6f9e8bff4b92789c8d8fda0f362293ad990a09
b5f9aaf4596d9205608a0cfd26d460dfcdb3de59ab5afd6f3c5d596ad22c4e6c
b6dbf1127d9235a6164cbd117ed1155e134b35b013c7876023e06f5a6e5d6462
ba41117af0bda961fd9f918486889b2403c503caa665bbbd0534a8516133511b
bed06c671cf84c9fa5f02ab1fcee528d566c14da978be7335e82ea29250cd16f
bf53a1d2acb93d0e35ba15ff0adaa9d736c0aa03cae73200d0415b1447edf80b
c71014fdfc6e16f4d67c3c1ce51f661beb63cf9eaa923ed0e46d56cc675b55a0
cbb94c02536fd2cdf36f0eb1bdc29dd73650c2cf035c44cd76a0dc699f74868f
cc29bdfa5e510b47aa7faf5ec6ddac2b91581060cc56aaa19153575f72431273
d151ae46c49607e9df9798d7a237bec2760d810ab65f79489b638d890d8877f4
d376a3d6b52a85243a60bd75f5e031a0e1bc019bf1d09787b14b7825110bfe9f
d3f7c0ed14b5b7347b93e0e91f558238b0c0542501b484de714eef38e9e236fd
d637d7d9db6600b7e2c4865eb50846773005207464a3bebb2887c487e564fb58
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7fe7a95be52af9780b34bb34d7c6e4801e77fda4be41f7b0676e671543023e9
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
d93a9280ae61d563593f5538f3116ccb941134fac598c912b0eaef93c9442c42
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
db7541c599d2a1861ef29b8dc828f6affd2d0c4f3ca4458ddbab989b460769b3
dc8e3b1c8ced64440f2a2ed3330eeb1223d8b88c8c1c7c40c891618d9d744205
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfebf58d935986f47bb3dcfd71241ec01472a5995c37c58ae0094238461f3327
e3359c5fed2c9c590d8ec1704c007b67c5021a4094e58ce9582076bace8a044e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10cf0ff51869c3db5b2cb876670d472d04d27fbd9909492ba4b15574c070d06
f168ec108eb7ad831c6980fdc2ae712990139027f66c3f658f2f5181c3c14271
f3b9fa25dbe7727a9714e0bc13d276c0855527396a0bb5b00be50c5a27beb4ed
f4438839f08ba757142492951865dbed7cba6ca34311aa8f9145ebd7796efc63
f614b55a3642c700fce22a94abebe1ea77bd6e5a8bb691475582b464dc2232b9
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd
fadadc49b4ca3c49a69a4ce2c17d56cab0a8b52af6b3fae5296ae1a9f56ed453
fb37413b7c8e7e66a05f145a6af367f5d593b358a3c45f2b294a9438997a4ada
fc5380a51c9c92d06e1b2e1b7a6bcb717ec972dbf5d9bb3221a0eaef8a1b847f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

secure.jeffclarktrader.com Open in urlscan Pro 2606:4700::6810:ea05 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

151 Requests

96 %HTTPS

54 %IPv6

35 Domains

41 Subdomains

39 IPs

8 Countries

5070 kBTransfer

10736 kBSize

27 Cookies

4 Outgoing links

Page URL History

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.jeffclarktrader.com Open in urlscan Pro
2606:4700::6810:ea05 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

96 %
HTTPS

54 %
IPv6

35
Domains

41
Subdomains

39
IPs

8
Countries

5070 kB
Transfer

10736 kB
Size

27
Cookies

151 HTTP transactions
6 data transactions