urlscan.io logo urlscan.io
SecurityTrails logo

insider-report.pages.ontraport.net Open in urlscan Pro
209.170.211.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B2zC0SH4M...
Effective URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Submission: On November 28 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 2 countries across 17 domains to perform 42 HTTP transactions. The main IP is 209.170.211.182, located in Las Vegas, United States and belongs to ASN-FLEXENTIAL, US. The main domain is insider-report.pages.ontraport.net.
TLS certificate: Issued by E5 on November 23rd 2024. Valid for: 3 months.
This is the only time insider-report.pages.ontraport.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2606:4700:310... 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 52.33.206.160 16509 (AMAZON-02)
1 1 34.196.122.89 14618 (AMAZON-AES)
2 209.170.211.182 13649 (ASN-FLEXE...)
3 13.226.34.106 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
9 172.64.155.120 13335 (CLOUDFLAR...)
2 162.159.138.60 13335 (CLOUDFLAR...)
1 104.18.32.136 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 52.34.98.195 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 54.147.125.227 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a03:2880:f11... 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 209.170.211.179 13649 (ASN-FLEXE...)
42 19
1    2606:4700:10::6816:286e (United States)

ASN13335 (CLOUDFLARENET, US)
email.analystratings.net
1    2606:4700:3108::ac42:28f2 (United States)

ASN13335 (CLOUDFLARENET, US)
www.marketbeat.com
1    2606:4700:20::681a:de3 (United States)

ASN13335 (CLOUDFLARENET, US)
2.markettradersdaily.com
2    52.33.206.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-206-160.us-west-2.compute.amazonaws.com
www.clkmg.com
1    34.196.122.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: forextradersdaily.com
insider-report.com
2    209.170.211.182 (Las Vegas, United States)

ASN13649 (ASN-FLEXENTIAL, US)
insider-report.pages.ontraport.net
3    13.226.34.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-106.ewr53.r.cloudfront.net
widget.wickedreports.com
1    2606:4700:10::6816:8d7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.clkmc.com
9    172.64.155.120 (None, )

ASN13335 (CLOUDFLARENET, US)
optassets.ontraport.com
2    162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
1    104.18.32.136 (None, )

ASN13335 (CLOUDFLARENET, US)
app.ontraport.com
2    2607:f8b0:4006:80b::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.34.98.195 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-98-195.us-west-2.compute.amazonaws.com
www.clkmc.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:10::ac43:aac (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.inspectlet.com
2    54.147.125.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-125-227.compute-1.amazonaws.com
track.wickedreports.com
2    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
3    2606:4700:3030::6815:4521 (United States)

ASN13335 (CLOUDFLARENET, US)
capig.insiders-exposed.com
6    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700:10::6816:39f5 (United States)

ASN13335 (CLOUDFLARENET, US)
hn.inspectlet.com
1    209.170.211.179 (Las Vegas, United States)

ASN13649 (ASN-FLEXENTIAL, US)
PTR: mail9.ontramail.com
signupforex.ontraport.com
Apex Domain
Subdomains		 Transfer
11 ontraport.com
optassets.ontraport.com — Cisco Umbrella Rank: 144517
app.ontraport.com — Cisco Umbrella Rank: 200733
signupforex.ontraport.com
334 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
645 B
5 wickedreports.com
widget.wickedreports.com — Cisco Umbrella Rank: 59637
track.wickedreports.com — Cisco Umbrella Rank: 88165
11 KB
3 insiders-exposed.com
capig.insiders-exposed.com
3 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
568 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 142
2 inspectlet.com
cdn.inspectlet.com — Cisco Umbrella Rank: 13784
hn.inspectlet.com — Cisco Umbrella Rank: 13863
66 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
155 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
213 KB
2 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 2102
12 KB
2 clkmc.com
cdn.clkmc.com — Cisco Umbrella Rank: 148674
www.clkmc.com — Cisco Umbrella Rank: 162788
22 KB
2 ontraport.net
insider-report.pages.ontraport.net
15 KB
2 clkmg.com
www.clkmg.com — Cisco Umbrella Rank: 498614
2 KB
1 insider-report.com
insider-report.com
765 B
1 markettradersdaily.com
2.markettradersdaily.com
1 KB
1 marketbeat.com
www.marketbeat.com — Cisco Umbrella Rank: 82779
5 KB
1 analystratings.net
email.analystratings.net — Cisco Umbrella Rank: 289291
600 B
42 17
Domain Requested by
9 optassets.ontraport.com insider-report.pages.ontraport.net
optassets.ontraport.com
6 www.facebook.com insider-report.pages.ontraport.net
3 capig.insiders-exposed.com connect.facebook.net
3 widget.wickedreports.com insider-report.pages.ontraport.net
widget.wickedreports.com
2 analytics.google.com www.googletagmanager.com
2 track.wickedreports.com widget.wickedreports.com
2 connect.facebook.net insider-report.pages.ontraport.net
connect.facebook.net
2 www.googletagmanager.com insider-report.pages.ontraport.net
www.googletagmanager.com
2 player.vimeo.com insider-report.pages.ontraport.net
2 insider-report.pages.ontraport.net
2 www.clkmg.com 1 redirects insider-report.pages.ontraport.net
1 signupforex.ontraport.com optassets.ontraport.com
1 hn.inspectlet.com cdn.inspectlet.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 cdn.inspectlet.com insider-report.pages.ontraport.net
1 www.clkmc.com cdn.clkmc.com
1 app.ontraport.com insider-report.pages.ontraport.net
1 cdn.clkmc.com insider-report.pages.ontraport.net
1 insider-report.com 1 redirects
1 2.markettradersdaily.com 1 redirects
1 www.marketbeat.com 1 redirects
1 email.analystratings.net 1 redirects
42 23

This site contains links to these domains. Also see Links.

Domain
www.insider-report.com
www.markettradersdaily.com
Subject Issuer Validity Valid
insider-report.pages.ontraport.net
E5		 2024-11-23 -
2025-02-21		 3 months crt.sh
widget.wickedreports.com
Amazon RSA 2048 M02		 2024-07-02 -
2025-07-31		 a year crt.sh
clkmc.com
WE1		 2024-10-30 -
2025-01-28		 3 months crt.sh
*.clkmg.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-02-28 -
2025-03-31		 a year crt.sh
optassets.ontraport.com
WE1		 2024-10-28 -
2025-01-26		 3 months crt.sh
vimeo.com
WE1		 2024-11-23 -
2025-02-21		 3 months crt.sh
app.ontraport.com
WE1		 2024-10-19 -
2025-01-17		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.clkmc.com
AlphaSSL CA - SHA256 - G4		 2023-11-27 -
2024-12-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-06 -
2024-12-05		 3 months crt.sh
inspectlet.com
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
track.wickedreports.com
Amazon RSA 2048 M03		 2024-01-23 -
2025-02-19		 a year crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
capig.insiders-exposed.com
WE1		 2024-11-15 -
2025-02-13		 3 months crt.sh
signupforex.ontraport.com
E6		 2024-10-21 -
2025-01-19		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Frame ID: 7D30FCF56FD0367833C999CCBA777B55
Requests: 40 HTTP requests in this frame

Frame: https://player.vimeo.com/video/856434580
Frame ID: 6061F0E8E66C04903735FFED872DB7F2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-8SJNWV4ZSP&gacid=1929298271.1732772752&gtm=45je4bk0v878195527z8870991869za200zb870991869&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=922052873
Frame ID: 8E8A98CA783C8B099ED4BD0A40384514
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

621 trades, zero losses

Page URL History Show full URLs

  1. https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dR... HTTP 302
    https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82451&UserID=11404962&interstitial=1&Has... HTTP 301
    https://2.markettradersdaily.com/mkb-aff-ir/verdacht@safeonweb.be HTTP 302
    https://www.clkmg.com/Dustinpass25/mkb-aff-ir/verdacht@safeonweb.be HTTP 302
    https://insider-report.com/IR-3click.php?email=verdacht@safeonweb.be&utm_campaign=IR-Steve&utm_medium=e... HTTP 302
    https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.inspectlet\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

100 %
HTTPS

57 %
IPv6

17
Domains

23
Subdomains

19
IPs

2
Countries

831 kB
Transfer

2595 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B2zC0SH4Mls8R2zMABk0bcCziFeAroGHrSpplH5oTWMRmg7y4GBKxN0MRhzv6o7e4-2FYWJ3RRsnjpCsyO8Wbo-2FICdP7vjKw-2Flx2lZwpxnccLYZMMOf6k90a8Lx6Ry7fSCavqijChNQ-2FFx8tRTDxJKpJV776kOYlKfsUEEgVAe-2Bw7heFW4N6oLpgO1K-2FEq8e0m2p7qQ-2Bk4sLMNZenYNmSTzxNd10Y60bmunukBtLoYm0C4HIU9ZADzON3Y-2F94kwGujTZxLU_SqbCKX6aHEKYVZ41h-2BYp89Y9IvddAHi0odnd-2B4IzEhoZihIZLoPbaAZk0iK1XZeCuAGDaKksaTUSKl1RroECnohzsMDeW8MKAZw6wewhhYXX3h3-2FbXVYpVupYibcvBi1qjLn9KfhCINNzQs-2B0ZLsVw9iqE3mrXxuffPfmU-2F6mJNs0Qj9xeidSjwn4GcNsrJrumFi7t2KN21BUN7fF6OmQkjyiq0FEvohYnQ4aPZpFBvafvx0x6HiTSun3rt8Hq8U HTTP 302
    https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82451&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F6DD753850FFB8F73AB7F52849A0A689CBD51 HTTP 301
    https://2.markettradersdaily.com/mkb-aff-ir/verdacht@safeonweb.be HTTP 302
    https://www.clkmg.com/Dustinpass25/mkb-aff-ir/verdacht@safeonweb.be HTTP 302
    https://insider-report.com/IR-3click.php?email=verdacht@safeonweb.be&utm_campaign=IR-Steve&utm_medium=email&utm_source=marketbeat&utm_content=ir-webinar-page&utm_term=affiliate&op=gpsi&orid=1251779&opid=112&ref=1251779 HTTP 302
    https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request training
insider-report.pages.ontraport.net/
Redirect Chain
  • https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2B2zC0SH4Mls8R2zMABk0bcCziFeAroGHrSpplH5oTWMRmg7y4GBKxN0MRhzv6o7e4-2FYWJ3RRsnj...
  • https://www.marketbeat.com/scripts/redirect.aspx?SponsorshipID=82451&UserID=11404962&interstitial=1&Hash=54155C44E1BA582367DE39E87C49FED2667478813F80DF261F8865C4866EA1CFAA87097611AF0C87213F14E55C1F...
  • https://2.markettradersdaily.com/mkb-aff-ir/verdacht@safeonweb.be
  • https://www.clkmg.com/Dustinpass25/mkb-aff-ir/verdacht@safeonweb.be
  • https://insider-report.com/IR-3click.php?email=verdacht@safeonweb.be&utm_campaign=IR-Steve&utm_medium=email&utm_source=marketbeat&utm_content=ir-webinar-page&utm_term=affiliate&op=gpsi&orid=1251779...
  • https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
56 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.170.211.182 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
Software
Ontraport /
Resource Hash
2c107fe27b72a7acfa902e86e9e5d6dd907393530a943cfc0df3a146896f7ecd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Nov 2024 05:45:51 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
Ontraport
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding Accept-Encoding
X-op-ca
5.181.234.134

Redirect headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 28 Nov 2024 05:45:51 GMT
location
https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
server
nginx/1.26.2
strict-transport-security
max-age=63072000; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
trackfu.js
widget.wickedreports.com/GlobalProfitSystemsInternational/ 		422 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.wickedreports.com/GlobalProfitSystemsInternational/trackfu.js
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-106.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0011caa87105379dd3c7b19f0a5671dc75de6e10ff84d6cacf214ff5495760f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

vary
accept-encoding
etag
"b29408317c74a493f73f8f09bcff864a"
age
45749
via
1.1 a0b94a243c49df97658a8a3ea0fe2d20.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
422
x-amz-cf-id
PB-r0cs1cLcL_93vtT9y5lNB3QQaNLSGGXnhWWokCQCD0nctnXPnhg==
date
Wed, 27 Nov 2024 17:03:23 GMT
content-type
text/javascript
last-modified
Tue, 03 Oct 2023 14:31:04 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
x-amz-server-side-encryption
AES256
cmc.js
cdn.clkmc.com/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clkmc.com/cmc.js
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:8d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da274ce6310d42174fbf8369e8737ad5a2db661802d7aeb09ee13da863d7843

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

access-control-max-age
300
cf-cache-status
HIT
etag
"66e1cc81-527f"
age
161851
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 26 Dec 2024 08:48:19 GMT
date
Thu, 28 Nov 2024 05:45:51 GMT
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 16:59:45 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control
public, max-age=2592000, no-transform
pragma
public
access-control-allow-credentials
true
cf-ray
8e980de2af6ec463-EWR
accept-ranges
bytes
content-length
21119
server
cloudflare
wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js
widget.wickedreports.com/v2/602/ 		422 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.wickedreports.com/v2/602/wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-106.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0011caa87105379dd3c7b19f0a5671dc75de6e10ff84d6cacf214ff5495760f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

vary
accept-encoding
etag
"b29408317c74a493f73f8f09bcff864a"
age
43634
via
1.1 a0b94a243c49df97658a8a3ea0fe2d20.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
422
x-amz-cf-id
SNskiK_SMH4JGxfNE9uW1SWS7AgSm1D0CiLLGKff3s3DlLPqFJkk1g==
date
Wed, 27 Nov 2024 17:38:38 GMT
content-type
text/javascript
last-modified
Tue, 03 Oct 2023 14:31:04 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
x-amz-server-side-encryption
AES256
/
www.clkmg.com/api/a/pixel/ 		49 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.clkmg.com/api/a/pixel/?uid=101868&ref=optin
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.206.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-206-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c1dbc6d58f074cf9d3c16029f91e71465ba785f7950983419021ff2fd003b0f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

Content-Length
49
Access-Control-Max-Age
300
X-Permitted-Cross-Domain-Policies
none
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Connection
keep-alive
Access-Control-Allow-Origin
undefined-origin
P3P
CP="This is not a P3P policy! See http://www.clkmg.com for more info."
X-CM-FE
httpfe-2
Date
Thu, 28 Nov 2024 05:45:52 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/gif
Server
nginx
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
opt-styles.min.css
optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/ 		472 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1732639703
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
412846d92d01817e002a0061b56b7def493632c96628b7fd342f93e4bec38383

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6745fad6-761a2"
x-op-ca
172.69.40.212
age
2277
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 28 Nov 2024 13:45:51 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 28 Nov 2024 05:45:51 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Nov 2024 16:44:06 GMT
cache-control
public, max-age=28800
access-control-allow-credentials
true
cf-ray
8e980de2ceb91885-EWR
access-control-allow-origin
*
server
cloudflare
player.js
player.vimeo.com/api/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
498a41eab15456686643b139ae2c289c961bb02da852aaad698540831d0e9bb5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Age
0
x-backend-server
player-backend-edge-entry
expires
Thu, 28 Nov 2024 01:15:51 GMT
x-player-backend
g
x-cache
MISS
Date
Thu, 28 Nov 2024 05:45:51 GMT
Content-Type
application/javascript;charset=utf-8
x-bapp-server
x-served-by
cache-lga21991-LGA
x-cache-hits
0
vary
Origin, Referer, Accept-Encoding
content-security-policy
default-src 'none'; style-src 'unsafe-inline'
Cache-Control
max-age=1800
x-timer
S1732772752.803266,VS0,VE47
Connection
keep-alive
via
1.1 varnish
CF-RAY
8e980de2aac81839-EWR
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
11437
Server
cloudflare
opt_default_image.png
app.ontraport.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.ontraport.com/images/opt_default_image.png
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e52dfee8b8ea50c75794e755848a3b03f69f871832c8764f8e406e3f81104bfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6745f995-1703"
x-op-ca
172.69.40.196
cf-cache-status
HIT
age
300
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 28 Nov 2024 06:05:51 GMT
cf-polished
origFmt=png, origSize=5891
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 28 Nov 2024 05:45:51 GMT
content-type
image/webp
content-disposition
inline; filename="opt_default_image.webp"
vary
Accept
last-modified
Tue, 26 Nov 2024 16:38:45 GMT
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
8e980de30e364201-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2058
server
cloudflare
anime.js
optassets.ontraport.com/opt_assets/static/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/anime.js
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2348bbc056a14a9cd62dadb8d461800a192e8ba636f803d0ffddd753977976

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6745f99a-4170"
x-op-ca
172.69.34.125
age
5203
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 28 Nov 2024 06:15:51 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 28 Nov 2024 05:45:51 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Nov 2024 16:38:50 GMT
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
8e980de2eed81885-EWR
access-control-allow-origin
*
server
cloudflare
jquery-3.2.1.min.js
optassets.ontraport.com/opt_assets/static/js/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/jquery-3.2.1.min.js
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6745f99a-15285"
x-op-ca
172.69.40.186
age
2530
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 28 Nov 2024 06:15:51 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 28 Nov 2024 05:45:51 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Nov 2024 16:38:50 GMT
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
8e980de2eeda1885-EWR
access-control-allow-origin
*
server
cloudflare
opt-assets.js
optassets.ontraport.com/opt_assets/static/js/ 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1732639703
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85dd7090bc8b73a3a62f84ab73a37330b1088542c7d0f4a652357adc862cd0f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6745fabf-5c40e"
x-op-ca
172.69.33.208
age
2505
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 28 Nov 2024 06:15:51 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 28 Nov 2024 05:45:51 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Nov 2024 16:43:43 GMT
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
8e980de2eedb1885-EWR
access-control-allow-origin
*
server
cloudflare
custom-elements.min.js
optassets.ontraport.com/opt_assets/static/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/custom-elements.min.js
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6745f99a-47a8"
x-op-ca
172.69.34.49
age
5275
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 28 Nov 2024 06:15:51 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 28 Nov 2024 05:45:51 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Nov 2024 16:38:50 GMT
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
8e980de2eedc1885-EWR
access-control-allow-origin
*
server
cloudflare
tracking.js
optassets.ontraport.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/tracking.js
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bb63eb5f4841d00e086da04ab89a586470114a49c7e07b4a1b03bc6a41fe01d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6745f992-2f4b"
x-op-ca
172.69.34.200
age
4222
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 28 Nov 2024 13:45:51 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 28 Nov 2024 05:45:51 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Nov 2024 16:38:42 GMT
cache-control
public, max-age=28800
access-control-allow-credentials
true
cf-ray
8e980de2eede1885-EWR
access-control-allow-origin
*
server
cloudflare
gtm.js
www.googletagmanager.com/ 		236 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MGL2B6P
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
edb6ff1a47a3344f0c5c5328a96ff715ea4a64ff80c99aaaa1124e9ed3d9da36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 28 Nov 2024 05:45:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 05:45:51 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83505
x-xss-protection
0
server
Google Tag Manager
widget.js
widget.wickedreports.com/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.wickedreports.com/widget.js
Requested by
Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/GlobalProfitSystemsInternational/trackfu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-106.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b74487af8761c9be10987f564aca761a5202c43ab28309c5cf8d2ea81d677d73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

x-amz-cf-pop
EWR53-C2
content-encoding
gzip
etag
W/"5512ee0e9bca9fbad6c56f558c98ec26"
age
73379
via
1.1 a0b94a243c49df97658a8a3ea0fe2d20.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
ezmm1NeBXAvof4qf1YQO0i3NQ9DizuFZA_PFpLAz8R6dxspXepKwbQ==
date
Wed, 27 Nov 2024 09:22:53 GMT
content-type
application/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Wed, 27 Nov 2024 09:22:49 GMT
x-amz-server-side-encryption
AES256
/
www.clkmc.com/api/ 		26 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clkmc.com/api/?uid=101868&vid=4285933933&hid=4159344535&vid_info=on&utm_source=organic&cmc_ref=webinar%2Bpage&version=2.42.01&utm_medium=organic&utm_campaign=none&disabled=0&cmc_project=Insider%20Report&cmclid=2722A6D6E2D6A6871606A696E6C7F4B776C6E6B6D7A69722A322362247&page_url=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining
Requested by
Host: cdn.clkmc.com
URL: https://cdn.clkmc.com/cmc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.98.195 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-98-195.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2cf9b5ba7fd801d61e8a891c8234031c824ac2aabc42dc8399ec9e5debf018f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

Content-Length
26
Access-Control-Max-Age
300
X-Permitted-Cross-Domain-Policies
none
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Connection
keep-alive
Access-Control-Allow-Origin
https://insider-report.pages.ontraport.net
P3P
CP="This is not a P3P policy! See http://www.clkmc.com for more info."
X-CM-FE
httpfe-1
Date
Thu, 28 Nov 2024 05:45:52 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/plain; charset=UTF-8
Server
nginx
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-1T7PvIOA' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 05:45:51 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-1T7PvIOA' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4460, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
4i4nX27tqzoQa9xr20nuXgtK1d0L981AGqdKgoN/74XP+oe/UqnWtDzOTLPdwMUuZPSbSuNHVIvDWTFsSd2quw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
inspectlet.js
cdn.inspectlet.com/ 		188 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inspectlet.com/inspectlet.js?wid=36371617&r=481325
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:aac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732772751&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=Mhrx3bwwh2TRYIaySb%2B%2BZ4DPtrom16nNTvoED5cvzZo%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
s-maxage=60, max-age=14400
content-encoding
br
cf-cache-status
EXPIRED
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732772751&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=Mhrx3bwwh2TRYIaySb%2B%2BZ4DPtrom16nNTvoED5cvzZo%3D"}]}
via
1.1 vegur
cf-ray
8e980de30c784302-EWR
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 28 Nov 2024 05:45:51 GMT
vary
Accept-Encoding
server
cloudflare
roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1732639703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d175f498b00516c629ce8af152cbe745d73932fa58cc9fdfc8e4b49c0da368

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://insider-report.pages.ontraport.net
Referer
https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1732639703

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6745f99a-c52c"
x-op-ca
172.69.34.219
age
6550
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 28 Nov 2024 13:45:51 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 28 Nov 2024 05:45:51 GMT
content-type
application/octet-stream
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Nov 2024 16:38:50 GMT
cache-control
public, max-age=28800
access-control-allow-credentials
true
cf-ray
8e980de37d790c84-EWR
access-control-allow-origin
*
server
cloudflare
856434580
player.vimeo.com/video/ Frame 6061 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/856434580
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://browser-intake-datadoghq.com https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://browser-intake-datadoghq.com https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com https://player-telemetry.vimeo.com https://lensflare.vimeo.com https://arclight.vimeo.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://insider-report.pages.ontraport.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

CF-Cache-Status
DYNAMIC
CF-Ray
8e980de38c7e43a0-EWR
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Nov 2024 05:45:52 GMT
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Origin, Referer, Accept-Encoding
Via
1.1 varnish
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://browser-intake-datadoghq.com https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://browser-intake-datadoghq.com https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com https://player-telemetry.vimeo.com https://lensflare.vimeo.com https://arclight.vimeo.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; worker-src blob:
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-749f8dd5dd-58ck5
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-host
player-backend-749f8dd5dd-58ck5
x-player-backend
g
x-served-by
cache-lga21965-LGA
x-timer
S1732772752.949477,VS0,VE264
x-xss-protection
1; mode=block
1357489168502278
connect.facebook.net/signals/config/ 		310 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1357489168502278?v=2.9.176&r=stable&domain=insider-report.pages.ontraport.net&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dd2303513857c497243675e141488fbbb61e14c65628714d824968adc8140c64
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-QdCxB3ZF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-QdCxB3ZF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=71, mss=1232, tbw=70910, tp=68, tpl=0, uplat=184, ullat=0
pragma
public
x-fb-debug
EPlGdbRy5klRWEeLeH0YaZvImOcfdBlLBVdF6SXWKv0O4gT8rbk/tmi+ikFSfcBfcwJWRBZJ4RAQCgtE+1A9TQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/ 		406 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c&gtm=45He4bk0v870991869za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGL2B6P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
46b3b4c9df110de5bef98dcde04dcebfbede500e83cb52c8121fb160de13f20b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 28 Nov 2024 05:45:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
133296
x-xss-protection
0
server
Google Tag Manager
roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-300.woff2
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1732639703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34ccd21cf8cc2a2bdcd7dbe6bef05246067ff849bf71308e207bf525f581763d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://insider-report.pages.ontraport.net
Referer
https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1732639703

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6745f99a-c428"
x-op-ca
172.71.254.225
age
6551
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 28 Nov 2024 13:45:52 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
application/octet-stream
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Nov 2024 16:38:50 GMT
cache-control
public, max-age=28800
access-control-allow-credentials
true
cf-ray
8e980de42e020c84-EWR
access-control-allow-origin
*
server
cloudflare
logging.js
optassets.ontraport.com/opt_assets/static/js/ 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/logging.js
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1732639703
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81adfb26d280f078c88f6ca927f39d4b06800287b943dfe0b8c078a4f4fd662

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6745f99a-783"
x-op-ca
172.69.40.139
age
6432
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 28 Nov 2024 06:15:52 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Tue, 26 Nov 2024 16:38:50 GMT
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
8e980de44fd41885-EWR
access-control-allow-origin
*
server
cloudflare
f.php
track.wickedreports.com/ 		118 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.wickedreports.com/f.php?WickedClientID=602&WickedEmail=verdacht%40safeonweb.be&fbp=fb.1.1732772752.3980948271.9780893&fbc=&WickedURL=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&WickedReferrerURL=&WickedTrackingDate=1732772752076
Requested by
Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.125.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-125-227.compute-1.amazonaws.com
Software
nginx / PHP/8.1.26
Resource Hash
63a438dae65a9c8ca9b9b259a15a41c3199ba03f718c899ee9bb6f0541eac4ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://insider-report.pages.ontraport.net/

Response headers

access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin
*
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.1.26
server
nginx
access-control-allow-headers
*
index.php
track.wickedreports.com/ 		118 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.wickedreports.com/index.php?WickedClientID=602&WickedEmail=verdacht%40safeonweb.be&WickedTrackingDate=1732772752076&WickedURL=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&WickedReferrerURL=
Requested by
Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.125.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-125-227.compute-1.amazonaws.com
Software
nginx / PHP/8.1.26
Resource Hash
5ef8e785d4fd2ae10d245e6d9342d3ba335cbdc209155a292cc728952cda0414

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://insider-report.pages.ontraport.net/

Response headers

access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin
*
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.1.26
server
nginx
access-control-allow-headers
*
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8SJNWV4ZSP&gtm=45je4bk0v878195527z8870991869za200zb870991869&_p=1732772751792&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1929298271.1732772752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1732772752&sct=1&seg=0&dl=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&dt=621%20trades%2C%20zero%20losses&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2280
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c&gtm=45He4bk0v870991869za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://insider-report.pages.ontraport.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
568 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8SJNWV4ZSP&cid=1929298271.1732772752&gtm=45je4bk0v878195527z8870991869za200zb870991869&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c&gtm=45He4bk0v870991869za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://insider-report.pages.ontraport.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 8E8A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-8SJNWV4ZSP&gacid=1929298271.1732772752&gtm=45je4bk0v878195527z8870991869za200zb870991869&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=922052873
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c&gtm=45He4bk0v870991869za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://insider-report.pages.ontraport.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Nov 2024 05:45:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
f998de276671077aa170eec8f688b5923c76d54ad4033274ab484770b1af4713
capig.insiders-exposed.com/events/ 		0
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capig.insiders-exposed.com/events/f998de276671077aa170eec8f688b5923c76d54ad4033274ab484770b1af4713
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1357489168502278?v=2.9.176&r=stable&domain=insider-report.pages.ontraport.net&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://insider-report.pages.ontraport.net/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xgPQ69ITP5Nb%2Fn21piMubIK5b9S1E7B1eMUsxrAfCO%2BdnYK5Hjk6Ih0IuLAmU65idGEBJBymO1h%2B7petnp2LFfb9bgLztDZaqeUOaNMP16s1s%2FRcbc%2F6AF90AOLhqPhawSl%2F6j5xXiNugWx9DPikJknvCTBBdwNIRA%3D%3D"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8e980de88f829e05-EWR
access-control-allow-origin
https://insider-report.pages.ontraport.net
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=2763&min_rtt=2430&rtt_var=649&sent=16&recv=16&lost=0&retrans=0&sent_bytes=5171&recv_bytes=6838&delivery_rate=1008&cwnd=12000&unsent_bytes=0&cid=392ded6733c4b8ba&ts=61&x=1", cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 05:45:52 GMT
vary
origin
server
cloudflare
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1357489168502278&ev=PageView&dl=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&rl=&if=false&ts=1732772752316&cd[source]=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732772752312.847611314105701383&eid=ob3_plugin-set_77a8ff126f3aafed6db546896a8dee6ef11970d6aff53b9f343cd66d77739a0b&cs_est=true&ler=empty&cdl=API_unavailable&it=1732772751946&coo=false&rqm=GET
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4651, tp=13, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1357489168502278&ev=PageView&dl=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&rl=&if=false&ts=1732772752316&cd[source]=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732772752312.847611314105701383&eid=ob3_plugin-set_77a8ff126f3aafed6db546896a8dee6ef11970d6aff53b9f343cd66d77739a0b&cs_est=true&ler=empty&cdl=API_unavailable&it=1732772751946&coo=false&rqm=FGET
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442202301711990949"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442202301711990949"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
42oZRqRah9libXqfEVVIkfrr/8yR0asRCw46dcwe+EN6p3Hc+Dbp+Sn+SDi3/kKbBM9VZkv+OAo/p6melOmFnA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442202301711990949", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=27, mss=1232, tbw=9138, tp=25, tpl=0, uplat=81, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
f998de276671077aa170eec8f688b5923c76d54ad4033274ab484770b1af4713
capig.insiders-exposed.com/events/ 		0
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capig.insiders-exposed.com/events/f998de276671077aa170eec8f688b5923c76d54ad4033274ab484770b1af4713
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1357489168502278?v=2.9.176&r=stable&domain=insider-report.pages.ontraport.net&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://insider-report.pages.ontraport.net/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3WPlZJLO1l0Ean31vsdZREqrEs5SZy5U6jL5jd1mvDnFTExMdGPemOV2fD1llrUAe%2FplXh%2Btr5GvfIqyt3FGBwQScjV0BAw0manqHIepXvIUcZH8FM8%2BxR9WjGgHrq0fKZBdE6mzawI%2BV6Y2v%2FANlmUoo0vViNpsHg%3D%3D"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8e980de88f859e05-EWR
access-control-allow-origin
https://insider-report.pages.ontraport.net
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=2763&min_rtt=2430&rtt_var=649&sent=17&recv=16&lost=0&retrans=0&sent_bytes=6033&recv_bytes=6838&delivery_rate=1008&cwnd=12000&unsent_bytes=0&cid=392ded6733c4b8ba&ts=61&x=1", cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 05:45:52 GMT
vary
origin
server
cloudflare
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1357489168502278&ev=Lead&dl=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&rl=&if=false&ts=1732772752322&cd[source]=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=4126&fbp=fb.1.1732772752312.847611314105701383&eid=ob3_plugin-set_cb2bfa2bcfef329c7f22108c4d80b1d4c3aaf876aecf0fb4fd725b9b80944fe3&ler=empty&cdl=API_unavailable&it=1732772751946&coo=false&rqm=GET
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4971, tp=15, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1357489168502278&ev=Lead&dl=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&rl=&if=false&ts=1732772752322&cd[source]=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=4126&fbp=fb.1.1732772752312.847611314105701383&eid=ob3_plugin-set_cb2bfa2bcfef329c7f22108c4d80b1d4c3aaf876aecf0fb4fd725b9b80944fe3&ler=empty&cdl=API_unavailable&it=1732772751946&coo=false&rqm=FGET
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442202301514378642"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442202301514378642"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x69374c2cd5a6d929","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["7007015079317568"]},"debug_reporting":true,"debug_key":"581668374542066993"}
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
kr+6/ljM/cvBjQ5HdPtX3GMCzv03H3MOEI+A6v/m6mzyT9ZngWVH51VfCtrwCUuaH06nKepNI+gpaKwLkqr8mw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442202301514378642", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=24, mss=1232, tbw=5394, tp=21, tpl=0, uplat=72, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
f998de276671077aa170eec8f688b5923c76d54ad4033274ab484770b1af4713
capig.insiders-exposed.com/events/ 		0
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capig.insiders-exposed.com/events/f998de276671077aa170eec8f688b5923c76d54ad4033274ab484770b1af4713
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1357489168502278?v=2.9.176&r=stable&domain=insider-report.pages.ontraport.net&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://insider-report.pages.ontraport.net/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YXvBbZ4cW1hk2Zvr7S5R98Jqyw1XYzDIo0Eyek8NDb63PH5Ylb9knzvDqgeop8mXTxc%2BIOu8D%2FHosUEga2xxsFyMh%2ByBOyZMfbnEfV0OCh8MGXP62OKXVXHk8eAtDBvQn7FzXy%2F1FnfX%2FNC0lOK06kIxFb7JT%2FJ9Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8e980de88f869e05-EWR
access-control-allow-origin
https://insider-report.pages.ontraport.net
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=2763&min_rtt=2430&rtt_var=649&sent=15&recv=16&lost=0&retrans=0&sent_bytes=4268&recv_bytes=6838&delivery_rate=1008&cwnd=12000&unsent_bytes=0&cid=392ded6733c4b8ba&ts=59&x=1", cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 05:45:52 GMT
vary
origin
server
cloudflare
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1357489168502278&ev=CompleteRegistration&dl=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&rl=&if=false&ts=1732772752324&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=4126&fbp=fb.1.1732772752312.847611314105701383&eid=ob3_plugin-set_4620246606c581c121e3f78baea31164b34c3bab764c71ea7febaebe03fc197a&ler=empty&cdl=API_unavailable&it=1732772751946&coo=false&tm=1&rqm=GET
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=5163, tp=17, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1357489168502278&ev=CompleteRegistration&dl=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&rl=&if=false&ts=1732772752324&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=4126&fbp=fb.1.1732772752312.847611314105701383&eid=ob3_plugin-set_4620246606c581c121e3f78baea31164b34c3bab764c71ea7febaebe03fc197a&ler=empty&cdl=API_unavailable&it=1732772751946&coo=false&tm=1&rqm=FGET
Requested by
Host: insider-report.pages.ontraport.net
URL: https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442202303021638241"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442202303021638241"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x095ee5f79f9e9231","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["6737475819643744","6749724648451104"]},"debug_reporting":true,"debug_key":"451615099048875095"}
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
BA4weYNjrh3fKeR4+POXSF1X8VfkYV4i4i9vkLBfIi1Xt4Dvrkj3m7O/RVkP6UTYqK8bSvwTLtPLPcqYEbnLXQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442202303021638241", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=27, mss=1232, tbw=10226, tp=27, tpl=0, uplat=81, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
36371617
hn.inspectlet.com/ginit/ 		213 B
916 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hn.inspectlet.com/ginit/36371617
Requested by
Host: cdn.inspectlet.com
URL: https://cdn.inspectlet.com/inspectlet.js?wid=36371617&r=481325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:39f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3ccc12dd97d13997082713ed250fea258d5bc828a9ab21da949ab59500f8628

Request headers

Referer
https://insider-report.pages.ontraport.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"d5-WFldT+7dsUZRlH4rgRfiYQ"
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1732772752&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=3eMyuLcPxL6q%2FpD661HJV6Nf99TgU53hmlp%2BaJCpUSk%3D"}]}
access-control-allow-methods
GET, POST
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 05:45:52 GMT
content-type
application/json; charset=utf-8
access-control-allow-headers
X-Requested-With, Content-Type
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1732772752&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=3eMyuLcPxL6q%2FpD661HJV6Nf99TgU53hmlp%2BaJCpUSk%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
no-cache
access-control-allow-credentials
true
via
1.1 vegur
cf-ray
8e980de688a24375-EWR
access-control-allow-origin
https://insider-report.pages.ontraport.net
x-powered-by
Express
server
cloudflare
track.php
signupforex.ontraport.com/ 		774 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signupforex.ontraport.com/track.php?mid=21828_lp494.0_2&llc=https%253A%252F%252Finsider-report.pages.ontraport.net%252Ftraining%253Femail%253Dverdacht%2540safeonweb.be&first_visit=1&referral_page=&s=n7wx97dy1d53psyhy3kx&l=insider-report.pages.ontraport.net/training&ti=621%20trades,%20zero%20losses&is_unique=1
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.170.211.179 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
mail9.ontramail.com
Software
ONTRAport /
Resource Hash
6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
X-op-ca
5.181.234.134
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-op-class
hosted
X-op-release
3
Access-Control-Allow-Origin
*
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Thu, 28 Nov 2024 05:45:52 GMT
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Server
ONTRAport
favicon.ico
insider-report.pages.ontraport.net/ 		552 B
926 B 		Other
General
Check archive.org
Download Go to
Full URL
https://insider-report.pages.ontraport.net/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.170.211.182 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
Software
Ontraport /
Resource Hash
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/training?email=verdacht@safeonweb.be

Response headers

X-op-ca
5.181.234.134
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Content-Length
552
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Thu, 28 Nov 2024 05:45:52 GMT
Content-Type
text/html
Server
Ontraport
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8SJNWV4ZSP&gtm=45je4bk0v878195527za200zb870991869&_p=1732772751792&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1929298271.1732772752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732772752&sct=1&seg=0&dl=https%3A%2F%2Finsider-report.pages.ontraport.net%2Ftraining%3Femail%3Dverdacht%40safeonweb.be&dt=621%20trades%2C%20zero%20losses&en=scroll&epn.percent_scrolled=90&_et=66&tfd=7354
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c&gtm=45He4bk0v870991869za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://insider-report.pages.ontraport.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://insider-report.pages.ontraport.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 05:45:57 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer object| wrWidgetSettings function| loadWR object| clickmagick_cmc boolean| clickmagick_cmc_loaded_previously object| __insp function| stripUrlParameters function| fbq function| _fbq number| __inspld function| _wr object| op object| dcParam string| awsParam string| _opt_lpid boolean| isONTRApage object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| google_tag_manager object| google_tag_data object| $jscomp object| $jscomp$this function| anime function| $ function| jQuery object| _fbq_gtm_ids function| cash object| M object| Materialize function| Hammer object| desExport function| des function| des_createKeys function| stringToHex function| hexToString object| XD function| _ number| ACCOUNT_SIGNUP_ERROR number| CC_VERIFY_POST number| CC_VERIFY_SHOW_IFRAME number| CC_VERIFY_HIDE_IFRAME number| CC_VERIFY_GET_CC_DATA number| LOG_LEVEL_WARNING number| LOG_LEVEL_DEBUG string| PROTOCOL string| COUPON_PROCESS_DOMAIN string| FORM_PROCESS_DOMAIN string| CC_VERIFY_DOMAIN function| OPCapcha_filled function| OPCapcha_expired function| $l function| Globalize function| OptDateTimePicker string| _mri object| _mrd string| _mrl object| _mrct string| _mr_ex string| _linktrack string| _mr_title string| _mrl_internal_url string| _mrl_internal_domain function| mrSetupActual function| mrtracking function| gC function| parseGetVars function| genmrSess function| _escapeT function| _mrGetLinkTo function| _sanitizeMrLink function| _mrScanLinks function| _mrTrackLink function| _mrReturnXmlHttpObject string| _mr_domain string| session string| possible string| newVal function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime object| Base64i function| $i function| __insp_ object| __inspcr object| __inspm object| __inspq function| setZeroTimeout object| __inspels object| _mrTrackLinks

27 Cookies

Domain/Path Name / Value
.capig.insiders-exposed.com/events/f998de276671077aa170eec8f688b5923c76d54ad4033274ab484770b1af4713 Name: cee
Value: RcKP2hBCHAyLiUF1JGKX4lqn0KTZ8KjkyI3mYi2Q2O0%3D.%7B%7D
insider-report.pages.ontraport.net/training Name: lpsplt_494
Value: 0
www.marketbeat.com/ Name: ASP.NET_SessionId
Value: bbnusmoclmafgycskstdyej3
.clkmg.com/ Name: vid
Value: 1098524486
.ontraport.net/ Name: cmc_vid
Value: cmc4285933933
insider-report.pages.ontraport.net/ Name: sess_
Value: n7wx97dy1d53psyhy3kx
insider-report.pages.ontraport.net/ Name: referral_page
Value:
insider-report.pages.ontraport.net/ Name: vid
Value:
insider-report.pages.ontraport.net/ Name: lastvisit
Value: 1732772752
.ontraport.net/ Name: wickedEmails1720964790
Value: verdacht%40safeonweb.be
.ontraport.net/ Name: _ga
Value: GA1.1.1929298271.1732772752
.ontraport.net/ Name: _ga_8SJNWV4ZSP
Value: GS1.1.1732772752.1.0.1732772752.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ontraport.net/ Name: _fbp
Value: fb.1.1732772752312.847611314105701383
.ontraport.net/ Name: __insp_wid
Value: 36371617
.ontraport.net/ Name: __insp_slim
Value: 1732772752373
.ontraport.net/ Name: __insp_nv
Value: true
.ontraport.net/ Name: __insp_targlpu
Value: aHR0cHM6Ly9pbnNpZGVyLXJlcG9ydC5wYWdlcy5vbnRyYXBvcnQubmV0L3RyYWluaW5nP2VtYWlsPXZlcmRhY2h0QHNhZmVvbndlYi5iZQ%3D%3D
.ontraport.net/ Name: __insp_targlpt
Value: NjIxIHRyYWRlcywgemVybyBsb3NzZXM%3D
.vimeo.com/ Name: vuid
Value: pl1059339875.2003040030
.ontraport.net/ Name: __insp_pad
Value: 1
.ontraport.net/ Name: __insp_sid
Value: 2003878056
.ontraport.net/ Name: __insp_uid
Value: 1097092842
.vimeo.com/ Name: __cf_bm
Value: lbfe1GED6B6tcBL6UKPZwoNOjdZNDz9eOI_jJIDQ66o-1732772752-1.0.1.1-8aOs5Ra85NH8kq88U7Z3XLduKbrp9M0y7U4kIUh.lDciIeYKSVtPV0vF5d0D6k_b
.vimeo.com/ Name: _cfuvid
Value: CQOoZBsV.9gpO7ejljaGOhSsusuAvWfFzyKuGTtZVVw-1732772752597-0.0.1.1-604800000
signupforex.ontraport.com/ Name: sess_
Value: n7wx97dy1d53psyhy3kx
signupforex.ontraport.com/ Name: mr_src
Value: lp494

1 Console Messages

Source Level URL
Text
network error URL: https://insider-report.pages.ontraport.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.markettradersdaily.com
analytics.google.com
app.ontraport.com
capig.insiders-exposed.com
cdn.clkmc.com
cdn.inspectlet.com
connect.facebook.net
email.analystratings.net
hn.inspectlet.com
insider-report.com
insider-report.pages.ontraport.net
optassets.ontraport.com
player.vimeo.com
signupforex.ontraport.com
stats.g.doubleclick.net
td.doubleclick.net
track.wickedreports.com
widget.wickedreports.com
www.clkmc.com
www.clkmg.com
www.facebook.com
www.googletagmanager.com
www.marketbeat.com
104.18.32.136
13.226.34.106
162.159.138.60
172.64.155.120
2001:4860:4802:32::181
209.170.211.179
209.170.211.182
2606:4700:10::6816:286e
2606:4700:10::6816:39f5
2606:4700:10::6816:8d7
2606:4700:10::ac43:aac
2606:4700:20::681a:de3
2606:4700:3030::6815:4521
2606:4700:3108::ac42:28f2
2607:f8b0:4004:c17::9b
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80c::2002
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.196.122.89
52.33.206.160
52.34.98.195
54.147.125.227
0011caa87105379dd3c7b19f0a5671dc75de6e10ff84d6cacf214ff5495760f6
2c107fe27b72a7acfa902e86e9e5d6dd907393530a943cfc0df3a146896f7ecd
2c2348bbc056a14a9cd62dadb8d461800a192e8ba636f803d0ffddd753977976
2cf9b5ba7fd801d61e8a891c8234031c824ac2aabc42dc8399ec9e5debf018f8
34ccd21cf8cc2a2bdcd7dbe6bef05246067ff849bf71308e207bf525f581763d
412846d92d01817e002a0061b56b7def493632c96628b7fd342f93e4bec38383
46b3b4c9df110de5bef98dcde04dcebfbede500e83cb52c8121fb160de13f20b
498a41eab15456686643b139ae2c289c961bb02da852aaad698540831d0e9bb5
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5bb63eb5f4841d00e086da04ab89a586470114a49c7e07b4a1b03bc6a41fe01d
5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5
5da274ce6310d42174fbf8369e8737ad5a2db661802d7aeb09ee13da863d7843
5ef8e785d4fd2ae10d245e6d9342d3ba335cbdc209155a292cc728952cda0414
63a438dae65a9c8ca9b9b259a15a41c3199ba03f718c899ee9bb6f0541eac4ab
6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48
73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08
85dd7090bc8b73a3a62f84ab73a37330b1088542c7d0f4a652357adc862cd0f6
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b74487af8761c9be10987f564aca761a5202c43ab28309c5cf8d2ea81d677d73
b81adfb26d280f078c88f6ca927f39d4b06800287b943dfe0b8c078a4f4fd662
c1dbc6d58f074cf9d3c16029f91e71465ba785f7950983419021ff2fd003b0f8
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
d4d175f498b00516c629ce8af152cbe745d73932fa58cc9fdfc8e4b49c0da368
dd2303513857c497243675e141488fbbb61e14c65628714d824968adc8140c64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ccc12dd97d13997082713ed250fea258d5bc828a9ab21da949ab59500f8628
e52dfee8b8ea50c75794e755848a3b03f69f871832c8764f8e406e3f81104bfe
edb6ff1a47a3344f0c5c5328a96ff715ea4a64ff80c99aaaa1124e9ed3d9da36