www.marketbeat.com Open in urlscan Pro
2606:4700:3108::ac42:28f2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.marketbeat.com/scripts/click.aspx?id=503&UserID=8210272&Hash=B84E426C4FE2D429C653BA22ED073FA7381F93CDE5DAEF0ACF...
Effective URL:
https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA...
Submission: On September 08 via api (September 8th 2022, 2:54:53 pm UTC) from CA — Scanned from CA

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 17 domains to perform 66 HTTP transactions. The main IP is 2606:4700:3108::ac42:28f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.marketbeat.com. The Cisco Umbrella rank of the primary domain is 65582.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2022. Valid for: a year.

This is the only time www.marketbeat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	2606:4700:310... 2606:4700:3108::ac42:28f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
2	13.33.81.12 13.33.81.12	16509 (AMAZON-02) (AMAZON-02)
7	104.20.228.67 104.20.228.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.9.111.198 52.9.111.198	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4998:1c:... 2001:4998:1c:800::1001	14779 (YAHOO) (YAHOO)
3	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02c:112:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
2	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12c:183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	108.138.113.167 108.138.113.167	16509 (AMAZON-02) (AMAZON-02)
1	13.225.231.192 13.225.231.192	16509 (AMAZON-02) (AMAZON-02)
2	108.138.125.184 108.138.125.184	16509 (AMAZON-02) (AMAZON-02)
1	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
66	23

9 2606:4700:3108::ac42:28f2 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.marketbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2008 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.81.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-81-12.ewr52.r.cloudfront.net

d3fty0aja93cmr.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.20.228.67 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.9.111.198 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-111-198.us-west-1.compute.amazonaws.com

offers.afteroffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:1c:800::1001 (United States)

ASN14779 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::200e (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02c:112:face:b00c:0:3 (Boca Raton, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:824::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::2004 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12c:183:face:b00c:0:25de (Boca Raton, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.113.167 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-113-167.jfk50.r.cloudfront.net

d2iqyqen32gtve.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.231.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-231-192.jfk51.r.cloudfront.net

dkdur240xp0jm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.125.184 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-125-184.jfk50.r.cloudfront.net

d1hrzasbrtd1fh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	marketbeat.com 2 redirects www.marketbeat.com — Cisco Umbrella Rank: 65582	23 KB
7	google.com analytics.google.com — Cisco Umbrella Rank: 640 www.google.com — Cisco Umbrella Rank: 19	1 KB
7	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 16482 secure.statcounter.com — Cisco Umbrella Rank: 23329 c.statcounter.com — Cisco Umbrella Rank: 10654	30 KB
6	cloudfront.net d3fty0aja93cmr.cloudfront.net d2iqyqen32gtve.cloudfront.net dkdur240xp0jm.cloudfront.net d1hrzasbrtd1fh.cloudfront.net	107 KB
5	google.ca www.google.ca — Cisco Umbrella Rank: 7394	890 B
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73	5 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120 ajax.googleapis.com — Cisco Umbrella Rank: 480	68 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	717 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	40 KB
3	gstatic.com fonts.gstatic.com	56 KB
3	afteroffers.com offers.afteroffers.com	10 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	184 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3423 onesignal.com — Cisco Umbrella Rank: 947	73 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 159	31 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	111 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 638	7 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1672	633 B
66	17

	Domain	Requested by
9	www.marketbeat.com	2 redirects www.marketbeat.com
5	www.google.ca	www.marketbeat.com offers.afteroffers.com
5	c.statcounter.com	secure.statcounter.com www.statcounter.com
4	www.google.com	www.marketbeat.com offers.afteroffers.com
3	www.facebook.com	www.marketbeat.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	analytics.google.com	www.googletagmanager.com
3	www.google-analytics.com	www.marketbeat.com www.google-analytics.com www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
3	offers.afteroffers.com	www.marketbeat.com offers.afteroffers.com
3	www.googletagmanager.com	www.marketbeat.com www.googletagmanager.com offers.afteroffers.com
2	d1hrzasbrtd1fh.cloudfront.net	offers.afteroffers.com www.marketbeat.com
2	www.googleadservices.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.marketbeat.com connect.facebook.net
2	s.yimg.com	www.marketbeat.com s.yimg.com
2	d3fty0aja93cmr.cloudfront.net	www.marketbeat.com offers.afteroffers.com
2	ajax.googleapis.com	www.marketbeat.com offers.afteroffers.com
2	cdn.onesignal.com	www.marketbeat.com cdn.onesignal.com
2	fonts.googleapis.com	www.marketbeat.com offers.afteroffers.com
1	sp.analytics.yahoo.com	www.marketbeat.com
1	dkdur240xp0jm.cloudfront.net	offers.afteroffers.com
1	d2iqyqen32gtve.cloudfront.net	offers.afteroffers.com
1	onesignal.com	cdn.onesignal.com
1	secure.statcounter.com	www.marketbeat.com
1	www.statcounter.com	www.marketbeat.com
66	26

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-11` - `2023-06-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-06` - `2022-12-06`	a year	crt.sh
offers.afteroffers.com Amazon	`2022-06-17` - `2023-07-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-05` - `2022-10-26`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-17` - `2022-09-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A
Frame ID: 42357E8A3E282F6DB5C9C7E696C846C1
Requests: 49 HTTP requests in this frame

Frame: https://offers.afteroffers.com/show_offers/17-FxRT8BL?email=courtney.roberts@fortisalberta.com&subid=40081077&redirect=https%3a%2f%2fwww.marketbeat.com%2fnewsletter%2fThankYou.aspx%3fid%3d8210272%26Hash%3d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%26page%3d2
Frame ID: 837300936F74644F300DB0D2923C0626
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MarketBeat Newsletter Confirmation

Page URL History Show full URLs

https://www.marketbeat.com/scripts/click.aspx?id=503&UserID=8210272&Hash=B84E426C4FE2D429C653BA22ED073F... HTTP 301
https://www.marketbeat.com/newsletter/default.aspx?RegistrationCode=GetEmails&RegisterEmail=courtney.ro... HTTP 302
https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D1... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

100 %
HTTPS

65 %
IPv6

17
Domains

26
Subdomains

23
IPs

2
Countries

748 kB
Transfer

1939 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.marketbeat.com/scripts/click.aspx?id=503&UserID=8210272&Hash=B84E426C4FE2D429C653BA22ED073FA7381F93CDE5DAEF0ACF15D2A73AFAB12DFBEEE8602FFABE9AB555BC11C9A71A899E114ACDA6F4FE6B707091BCA72BC577&SubjectLineID=%SubjectID% HTTP 301
https://www.marketbeat.com/newsletter/default.aspx?RegistrationCode=GetEmails&RegisterEmail=courtney.roberts@fortisalberta.com&utm_source=autoresponder&utm_medium=email&utm_campaign=autoresponder503 HTTP 302
https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ThankYou.aspx Show response
www.marketbeat.com/newsletter/
Redirect Chain

https://www.marketbeat.com/scripts/click.aspx?id=503&UserID=8210272&Hash=B84E426C4FE2D429C653BA22ED073FA7381F93CDE5DAEF0ACF15D2A73AFAB12DFBEEE8602FFABE9AB555BC11C9A71A899E114ACDA6F4FE6B707091BCA72B...
https://www.marketbeat.com/newsletter/default.aspx?RegistrationCode=GetEmails&RegisterEmail=courtney.roberts@fortisalberta.com&utm_source=autoresponder&utm_medium=email&utm_campaign=autoresponder503
https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A

13 KB
5 KB

278ms
278ms

Document
text/html

2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

796c6de3d4487fbbf25c17d975dafa5435827c690cb46e015a4795f63a5b9e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 747885792be27138-YUL
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 08 Sep 2022 14:54:47 GMT
server: cloudflare
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 747885782a177138-YUL
content-type: text/html; charset=utf-8
date: Thu, 08 Sep 2022 14:54:47 GMT
location: /newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A
server: cloudflare
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 82ms
34ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@500&family=Prata&family=Yantramanav:wght@400;700;900&display=swap

Requested by

Host: www.marketbeat.com
URL: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78079c9aa04745344b19d73e9ceafd3a8dcc1b40566ba747419e24a14b92acf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 14:52:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Sep 2022 14:54:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Sep 2022 14:54:47 GMT

GET
H2 200 confirmstyles.css
www.marketbeat.com/newsletter/ 7 KB
2 KB 34ms
32ms Stylesheet
text/css 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/newsletter/confirmstyles.css?v=20220517

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

fa38f162e7b24604b51ee71a93a312c979b9ff4ba43adfa433167371188031e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3865640
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Sat, 18 Jun 2022 13:47:53 GMT
server: cloudflare
etag: W/"dfa93321a83d81:0"
strict-transport-security: max-age=2592000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-polished: origSize=9125
cf-ray: 7478857ae86c7138-YUL
cf-bgj: minify

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 306ms
28ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7478857cafa94bca-YUL
date: Thu, 08 Sep 2022 14:54:47 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 3067
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Sep 2022 14:54:47 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 105ms
56ms Script
text/javascript 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 16:44:54 GMT

GET
H2 200 intlTelInput.css
www.marketbeat.com/arnreports/tel/css/ 19 KB
3 KB 27ms
26ms Stylesheet
text/css 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/arnreports/tel/css/intlTelInput.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d950cbadb17dee4b29cf72a728c04f3559ce62710221b5ec5b83b485e40a25b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3867258
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
last-modified: Wed, 11 May 2022 17:44:21 GMT
server: cloudflare
etag: W/"808cfbe5e65d81:0"
strict-transport-security: max-age=2592000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-polished: origSize=26182
cf-ray: 7478857af86f7138-YUL
cf-bgj: minify

GET
H2 200 intlTelInput.min.js Show response
www.marketbeat.com/arnreports/tel/js/ 29 KB
11 KB 28ms
27ms Script
application/javascript 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/arnreports/tel/js/intlTelInput.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c53b0e45db33f24ca38551eaf6d786ae031d9ee6c278401725f40696eb018a74

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Jul 2022 18:55:56 GMT
server: cloudflare
age: 3867258
x-powered-by: ASP.NET
etag: W/"3f8ad59b397d81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=2592000
cf-ray: 7478857af8717138-YUL
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
74 KB 99ms
49ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-74CWRXG68D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce8c962119d2585fc416b452372376583429804d4f5928195922fa416faf9212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:47 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74972
x-xss-protection: 0
expires: Thu, 08 Sep 2022 14:54:47 GMT

GET
H2 200 History.ashx Show response
www.marketbeat.com/newsletter/ 744 B
448 B 129ms
128ms Script
text/javascript 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/newsletter/History.ashx?DestinationURL=https%3a%2f%2fwww.marketbeat.com%2fnewsletter%2fThankYou.aspx%3fid%3d8210272%26Hash%3d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%26page%3d2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a95dbad8b90f1281db158d75131876d57977d457046b51b76a32c5077481b395

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private
strict-transport-security: max-age=2592000
cf-ray: 7478857af8747138-YUL
x-xss-protection: 1; mode=block

GET
H2 200 MarketBeat-logo-r-white.svg
www.marketbeat.com/images/master/ 4 KB
2 KB 40ms
39ms Image
image/svg+xml 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marketbeat.com/images/master/MarketBeat-logo-r-white.svg?v=2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f1c1b8cf0ccef4a39fe24c6d1f5f49dff7c54e5c1755047fb021b8747f1f9fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 May 2022 17:44:24 GMT
server: cloudflare
age: 238345
x-powered-by: ASP.NET
etag: W/"0cc98c05e65d81:0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=2592000
cf-ray: 7478857cfd937138-YUL
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK iframeResizer.min.js Show response
d3fty0aja93cmr.cloudfront.net/ 13 KB
14 KB 97ms
20ms Script
application/x-javascript 13.33.81.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3fty0aja93cmr.cloudfront.net/iframeResizer.min.js
Requested by: Host: www.marketbeat.com
URL: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.81.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-81-12.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a763683449b92dfc8f49261fa14062451c362bd247d4643301d1c16680639d0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Fri, 15 Feb 2019 08:20:34 GMT
Date: Thu, 08 Sep 2022 02:21:07 GMT
Via: 1.1 29206f4909cacc031d06a0daf330fb6a.cloudfront.net (CloudFront)
Last-Modified: Fri, 22 Feb 2019 20:22:02 GMT
Server: AmazonS3
Age: 45221
ETag: "1e02f32c9a4a3fcbc9b3ceb2ccefdf42"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: EWR52-C1
Accept-Ranges: bytes
Content-Length: 13535
X-Amz-Cf-Id: 4hz410tVtTdeCcfIVKsbN1aUOOn6YwIdaknuBjvTm31iVkgkR6DOow==

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 43 KB
14 KB 106ms
58ms Script
application/javascript 104.20.228.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.marketbeat.com
URL: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 10:17:25 GMT
server: cloudflare
age: 15112
etag: W/"6319c135-aa70"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7478857cec2c53e9-YYZ
expires: Thu, 08 Sep 2022 22:42:55 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 32ms
31ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7478857cf88a4bca-YUL
date: Thu, 08 Sep 2022 14:54:47 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 3061
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 11 Sep 2022 14:54:47 GMT

GET
H/1.1 200
OK 17-FxRT8BL Show response
offers.afteroffers.com/show_offers/ Frame 8373 26 KB
7 KB 585ms
337ms Document
text/html 52.9.111.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.afteroffers.com/show_offers/17-FxRT8BL?email=courtney.roberts@fortisalberta.com&subid=40081077&redirect=https%3a%2f%2fwww.marketbeat.com%2fnewsletter%2fThankYou.aspx%3fid%3d8210272%26Hash%3d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%26page%3d2
Requested by: Host: www.marketbeat.com
URL: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.111.198 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-111-198.us-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: eb19c2433068307f12296cfdaf05f9f8713a728c42c1f45002a292705e6ed89e

Request headers

Referer: https://www.marketbeat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 6497
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Sep 2022 14:54:48 GMT
Expires: Sat, 4 Jul 2015 00:00:00 GMT
Last-Modified: Thu, 08 Sep 2022 14:54:48 GMT
P3P: CP="This is not a P3P policy"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-Robots-Tag: noindex,nofollow,noarchive

GET
H2 200 CoregPixel.ashx
www.marketbeat.com/newsletter/ 43 B
135 B 134ms
132ms Image
image/gif 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marketbeat.com/newsletter/CoregPixel.ashx?CoregImpressionID=40081077

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 7478857cfdac7138-YUL
content-length: 43
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 counter.js Show response
secure.statcounter.com/counter/ 43 KB
14 KB 38ms
27ms Script
application/javascript 104.20.228.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.statcounter.com/counter/counter.js
Requested by: Host: www.marketbeat.com
URL: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598

Request headers

Referer: https://www.marketbeat.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 08 Sep 2022 14:54:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Sep 2022 10:17:25 GMT
server: cloudflare
age: 15117
etag: W/"6319c135-aa70"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7478857d0c4f53e9-YYZ
expires: Thu, 08 Sep 2022 22:42:50 GMT

GET
H2 200 flUhRqu5zY00QEpyWJYWN59IePNeKBM.woff2
fonts.gstatic.com/s/yantramanav/v11/ 17 KB
17 KB 73ms
27ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/yantramanav/v11/flUhRqu5zY00QEpyWJYWN59IePNeKBM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@500&family=Prata&family=Yantramanav:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

569c2d7dac23c593b4abaa3bea4be7be22be6c44439684f73117d9209e52c296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.marketbeat.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 23:41:59 GMT
x-content-type-options: nosniff
age: 227568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16972
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:53:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 23:41:59 GMT

GET
H2 200 flU8Rqu5zY00QEpyWJYWN5fzXeY.woff2
fonts.gstatic.com/s/yantramanav/v11/ 16 KB
17 KB 67ms
21ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/yantramanav/v11/flU8Rqu5zY00QEpyWJYWN5fzXeY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@500&family=Prata&family=Yantramanav:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6feaec1d2336b09ed856ca514fe88a68f59903a7d7fabdd137509fdb19848ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.marketbeat.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 00:19:48 GMT
x-content-type-options: nosniff
age: 225299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16688
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:46:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 00:19:48 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
573 B 67ms
62ms XHR
application/json 104.20.228.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=10555875&u1=4F2BFAC88D604F37FA5AEC978B9F6065&java=1&security=05ad46a3&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.marketbeat.com/newsletter/ThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&t=MarketBeat%20Newsletter%20Confirmation&invisible=1&sc_rum_e_s=1996&sc_rum_e_e=2003&sc_rum_f_s=0&sc_rum_f_e=1968&get_config=true
Requested by: Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7478857d5ca853e9-YYZ
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://www.marketbeat.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 342ms
281ms Script
application/javascript 2001:4998:1c:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 88TW6C4FQ2HWW29T
x-amz-id-2: LToypYxm54xR5+BuPYvZXJmFh+406IhZmufo+EOlKhbmr/iBeg/TCo3eXP50Z10VIRwcmuAvbnM=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 65ms
19ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1755
date: Thu, 08 Sep 2022 14:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 08 Sep 2022 16:25:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 171ms
57ms Script
application/x-javascript 2a03:2880:f02c:112:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02c:112:face:b00c:0:3 Boca Raton, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26737
x-xss-protection: 0
pragma: public
x-fb-debug: y0jVX4MpWnfesCHppPEsW+eSSG+t39rabI9Jg0yKHv5UPdcftZqNuMC7sSlxluyT90SC+u243ClJp+xXsK+9Gg==
x-fb-trip-id: 1709462857
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 08 Sep 2022 14:54:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
408 B 102ms
102ms XHR
application/json 104.20.228.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12227987&u1=4F2BFAC88D604F37FA5AEC978B9F6065&java=1&security=7db8912f&sc_snum=2&sess=a8f3c4&p=0&rcat=d&bb=0&rdomo=d&rdomg=0&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.marketbeat.com/newsletter/ThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&t=MarketBeat%20Newsletter%20Confirmation&invisible=1&sc_rum_e_s=2009&sc_rum_e_e=2012&sc_rum_f_s=0&sc_rum_f_e=1968&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7478857d9cf953e9-YYZ
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://www.marketbeat.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
306 B 99ms
99ms XHR
application/json 104.20.228.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=7602069&u1=4F2BFAC88D604F37FA5AEC978B9F6065&java=1&security=74cbf3e8&sc_snum=3&sess=a8f3c4&p=0&rcat=d&rdomo=d&rdomg=0&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.marketbeat.com/newsletter/ThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&t=MarketBeat%20Newsletter%20Confirmation&invisible=1&sc_rum_e_s=2013&sc_rum_e_e=2014&sc_rum_f_s=0&sc_rum_f_e=1968&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7478857d9cfb53e9-YYZ
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://www.marketbeat.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/92d0557c-79b3-4742-9ab4-9155a42d6a49/ 3 KB
2 KB 52ms
40ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/92d0557c-79b3-4742-9ab4-9155a42d6a49/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7b599eebca82b0cad06749512791d98d45c0f2fb72d0d64df686807f906842b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:47 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 1933
cf-polished: origSize=3351
status: 200 OK
x-envoy-upstream-service-time: 36
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8cdc5546-bd9e-45fe-b9b3-dbfbbb9f470c
x-runtime: 0.033264
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8dcc868bb828bc4b1e612224e187cfcd"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 7478857d7a084bca-YUL
access-control-allow-headers: SDK-Version
expires: Thu, 08 Sep 2022 15:54:47 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
306 B 83ms
83ms XHR
application/json 104.20.228.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=7602069&u1=4F2BFAC88D604F37FA5AEC978B9F6065&java=1&security=74cbf3e8&sc_snum=4&sess=a8f3c4&p=0&rcat=d&rdomo=d&rdomg=0&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.marketbeat.com/newsletter/ThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&t=MarketBeat%20Newsletter%20Confirmation&invisible=1&pg=0&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7478857d9cfc53e9-YYZ
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://www.marketbeat.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
207 B 86ms
86ms XHR
application/json 104.20.228.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=7602069&u1=4F2BFAC88D604F37FA5AEC978B9F6065&java=1&security=74cbf3e8&sc_snum=4&sess=a8f3c4&p=0&rcat=d&rdomo=d&rdomg=0&jg=0&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.marketbeat.com/newsletter/ThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&t=MarketBeat%20Newsletter%20Confirmation&invisible=1&sc_rum_e_s=2033&sc_rum_e_e=2034&sc_rum_f_s=0&sc_rum_f_e=1968&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7478857d9cff53e9-YYZ
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://www.marketbeat.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
349 B 72ms
33ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-74CWRXG68D&gtm=2oe8v0&_p=766912440&_gaz=1&cid=1232867614.1662648888&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662648887&sct=1&seg=0&dl=https%3A%2F%2Fwww.marketbeat.com%2Fnewsletter%2FThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&dt=MarketBeat%20Newsletter%20Confirmation&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74CWRXG68D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.marketbeat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
349 B 85ms
33ms Ping
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-74CWRXG68D&cid=1232867614.1662648888&gtm=2oe8v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74CWRXG68D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.marketbeat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 153 KB
57 KB 81ms
40ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1050184556&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74CWRXG68D

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6d657fc8f92782d58bef218b5735e65b024f46f82d887b49ff410fe4566b614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58568
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Sep 2022 14:54:48 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 66ms
33ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-74CWRXG68D&gtm=2oe8v0&_p=766912440&cid=1232867614.1662648888&ul=en-us&sr=1600x1200&_eu=C&_z=ccd.v9B&_s=2&sid=1662648887&sct=1&seg=0&dl=https%3A%2F%2Fwww.marketbeat.com%2Fnewsletter%2FThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&dt=MarketBeat%20Newsletter%20Confirmation&en=EmailOptin&_c=1&_ee=1&ep.event_label=User%20Signed%20Up%20for%20Mailing%20List&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74CWRXG68D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.marketbeat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 62ms
33ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-74CWRXG68D&gtm=2oe8v0&_p=766912440&ul=en-us&cid=1232867614.1662648888&sr=1600x1200&_z=ccd.v9B&_s=3&dl=https%3A%2F%2Fwww.marketbeat.com%2Fnewsletter%2FThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&dt=MarketBeat%20Newsletter%20Confirmation&sid=1662648887&sct=1&seg=0&en=EmailOptin&_c=1&ep.event_label=User%20Signed%20Up%20for%20Mailing%20List&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74CWRXG68D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.marketbeat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 87ms
40ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-74CWRXG68D&cid=1232867614.1662648888&gtm=2oe8v0&aip=1&z=1057375159

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 73ms
33ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=766912440&t=pageview&_s=1&dl=https%3A%2F%2Fwww.marketbeat.com%2Fnewsletter%2FThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&ul=en-us&de=UTF-8&dt=MarketBeat%20Newsletter%20Confirmation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAAC~&jid=137044378&gjid=986595473&cid=1232867614.1662648888&tid=UA-3019647-27&_gid=1952898796.1662648888&_r=1&_slc=1&z=2068167806

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.marketbeat.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.marketbeat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 941867162496970 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 112ms
55ms Script
application/x-javascript 2a03:2880:f02c:112:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/941867162496970?v=2.9.79&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02c:112:face:b00c:0:3 Boca Raton, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0dd4ce047fc15eec7945127377f9410a347f01297d3576dd201ba1d7f71a6da7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85954
x-xss-protection: 0
pragma: public
x-fb-debug: CENgzW9mZEiArSaEDpBxTTmHbBf0VobztzhVudNLAoD0+6X9EKIuIJfPxzcaS03KPr6hX1tXdN148hBt7m55CQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 08 Sep 2022 14:54:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 334ms
34ms XHR
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3019647-27&cid=1232867614.1662648888&jid=137044378&gjid=986595473&_gid=1952898796.1662648888&_u=IADAAEAAAAAAAC~&z=631149871

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.marketbeat.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Sep 2022 14:54:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.marketbeat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 98ms
40ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1050184556&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

998841c6f39229f6fbad5d4844a02e60f38166fa861ddfa2ca365d44b2138bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15694
x-xss-protection: 0
server: cafe
etag: 5833103075673869334
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 14:54:48 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1050184556/ 3 KB
1 KB 109ms
61ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1050184556/?random=1662648888215&cv=9&fst=1662648888215&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8v0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.marketbeat.com%2Fnewsletter%2FThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&tiba=MarketBeat%20Newsletter%20Confirmation&auid=1996078117.1662648888&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1466c106f7652f6746d494b5457c53fb4ac2457defc9301cd81978be39ad356b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1181
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1050184556/ 3 KB
2 KB 94ms
47ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1050184556/?random=1662648888217&cv=9&fst=1662648888217&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8v0&sendb=1&ig=1&data=event%3DEmailOptin%3Bevent_label%3DUser%20Signed%20Up%20for%20Mailing%20List&frm=0&url=https%3A%2F%2Fwww.marketbeat.com%2Fnewsletter%2FThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&tiba=MarketBeat%20Newsletter%20Confirmation&auid=1996078117.1662648888&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef74a568aff3847f4a45c32031ee59f3d3758c3127f2bad22a4484d7b1c7a010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1220
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 423827.json Show response
s.yimg.com/wi/config/ 2 B
450 B 329ms
280ms XHR
application/json 2001:4998:1c:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/423827.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:00:10 GMT
x-content-type-options: nosniff
age: 3278
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: NC6HK4C26GHQKQ99
x-amz-id-2: ymsO1zV67CNc2aWw/CzTPj1gCt1kKreBMzysHqzm8nXxTJrSYyGuAw3INPGSbROrWE/3yGhQawg=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 /
www.google.com/pagead/1p-user-list/1050184556/ 42 B
548 B 87ms
39ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1050184556/?random=1662648888217&cv=9&fst=1662645600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8v0&sendb=1&data=event%3DEmailOptin%3Bevent_label%3DUser%20Signed%20Up%20for%20Mailing%20List&frm=0&url=https%3A%2F%2Fwww.marketbeat.com%2Fnewsletter%2FThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&tiba=MarketBeat%20Newsletter%20Confirmation&async=1&fmt=3&is_vtc=1&random=740922620&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/1050184556/ 42 B
154 B 342ms
40ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1050184556/?random=1662648888217&cv=9&fst=1662645600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8v0&sendb=1&data=event%3DEmailOptin%3Bevent_label%3DUser%20Signed%20Up%20for%20Mailing%20List&frm=0&url=https%3A%2F%2Fwww.marketbeat.com%2Fnewsletter%2FThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&tiba=MarketBeat%20Newsletter%20Confirmation&async=1&fmt=3&is_vtc=1&random=740922620&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1050184556/ 42 B
108 B 74ms
40ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1050184556/?random=1662648888215&cv=9&fst=1662645600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.marketbeat.com%2Fnewsletter%2FThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&tiba=MarketBeat%20Newsletter%20Confirmation&async=1&fmt=3&is_vtc=1&random=3206412853&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/1050184556/ 42 B
108 B 340ms
39ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1050184556/?random=1662648888215&cv=9&fst=1662645600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.marketbeat.com%2Fnewsletter%2FThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&tiba=MarketBeat%20Newsletter%20Confirmation&async=1&fmt=3&is_vtc=1&random=3206412853&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 159ms
53ms Image
image/gif 2a03:2880:f12c:183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=941867162496970&ev=PageView&dl=https%3A%2F%2Fwww.marketbeat.com%2Fnewsletter%2FThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&rl=&if=false&ts=1662648888347&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662648888345.1112413046&it=1662648888093&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12c:183:face:b00c:0:25de Boca Raton, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 08 Sep 2022 14:54:48 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
215 B 159ms
54ms Image
image/gif 2a03:2880:f12c:183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=941867162496970&ev=Lead&dl=https%3A%2F%2Fwww.marketbeat.com%2Fnewsletter%2FThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&rl=&if=false&ts=1662648888348&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&fbp=fb.1.1662648888345.1112413046&it=1662648888093&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12c:183:face:b00c:0:25de Boca Raton, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 08 Sep 2022 14:54:48 GMT

GET
H/1.1 200
OK tooltips_bootstrap.min.css
offers.afteroffers.com/stylesheets/ Frame 8373 2 KB
984 B 82ms
82ms Stylesheet
text/css 52.9.111.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.afteroffers.com/stylesheets/tooltips_bootstrap.min.css
Requested by: Host: offers.afteroffers.com
URL: https://offers.afteroffers.com/show_offers/17-FxRT8BL?email=courtney.roberts@fortisalberta.com&subid=40081077&redirect=https%3a%2f%2fwww.marketbeat.com%2fnewsletter%2fThankYou.aspx%3fid%3d8210272%26Hash%3d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%26page%3d2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.111.198 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-111-198.us-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 357cd1057df7dc61832440ae995762f27620acd5accbd684ebeb0ba208ff3f8e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/show_offers/17-FxRT8BL?email=courtney.roberts@fortisalberta.com&subid=40081077&redirect=https%3a%2f%2fwww.marketbeat.com%2fnewsletter%2fThankYou.aspx%3fid%3d8210272%26Hash%3d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%26page%3d2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 14:54:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2015 17:31:18 GMT
Server: Apache
ETag: "6b5-5245b4f8b2507-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 696

GET
H3 200 css
fonts.googleapis.com/ Frame 8373 2 KB
550 B 78ms
34ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans

Requested by

Host: offers.afteroffers.com
URL: https://offers.afteroffers.com/show_offers/17-FxRT8BL?email=courtney.roberts@fortisalberta.com&subid=40081077&redirect=https%3a%2f%2fwww.marketbeat.com%2fnewsletter%2fThankYou.aspx%3fid%3d8210272%26Hash%3d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%26page%3d2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16ac344ced3178728d1e7ded8a0c182b72be9948ac1cbadf6937f357abcbe80a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 13:27:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Sep 2022 14:54:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Sep 2022 14:54:48 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 8373 95 KB
33 KB 65ms
21ms Script
text/javascript 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 16:49:53 GMT

GET
H/1.1 200
OK tooltips_bootstrap.min.js Show response
offers.afteroffers.com/javascript/ Frame 8373 5 KB
2 KB 166ms
82ms Script
text/javascript 52.9.111.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.afteroffers.com/javascript/tooltips_bootstrap.min.js
Requested by: Host: offers.afteroffers.com
URL: https://offers.afteroffers.com/show_offers/17-FxRT8BL?email=courtney.roberts@fortisalberta.com&subid=40081077&redirect=https%3a%2f%2fwww.marketbeat.com%2fnewsletter%2fThankYou.aspx%3fid%3d8210272%26Hash%3d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%26page%3d2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.111.198 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-111-198.us-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 5cbb2452cfcf56c1488aeb60f864c7c4d4741546b4d4df744439b0e4bc4f1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/show_offers/17-FxRT8BL?email=courtney.roberts@fortisalberta.com&subid=40081077&redirect=https%3a%2f%2fwww.marketbeat.com%2fnewsletter%2fThankYou.aspx%3fid%3d8210272%26Hash%3d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%26page%3d2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 08 Sep 2022 14:54:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Nov 2015 17:31:18 GMT
Server: Apache
ETag: "14b1-5245b4f8b05c7-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H/1.1 200
OK EHawkTalon-5.8.min.js Show response
d2iqyqen32gtve.cloudfront.net/ Frame 8373 43 KB
44 KB 81ms
20ms Script
application/x-javascript 108.138.113.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2iqyqen32gtve.cloudfront.net/EHawkTalon-5.8.min.js
Requested by: Host: offers.afteroffers.com
URL: https://offers.afteroffers.com/show_offers/17-FxRT8BL?email=courtney.roberts@fortisalberta.com&subid=40081077&redirect=https%3a%2f%2fwww.marketbeat.com%2fnewsletter%2fThankYou.aspx%3fid%3d8210272%26Hash%3d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%26page%3d2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-113-167.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5868aaf71a0a972971531889e0b244f8d0665fa23def595107ee2e07cea15e06

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Mon, 29 Jun 2020 18:00:01 GMT
Date: Thu, 08 Sep 2022 11:29:19 GMT
Via: 1.1 f359087e1d20f17f76b31eb5ffbbd450.cloudfront.net (CloudFront)
Last-Modified: Mon, 29 Jun 2020 18:01:13 GMT
Server: AmazonS3
Age: 12330
ETag: "4a9377ac06d8650b9c3bfe7c87ec75f1"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: JFK50-P3
Accept-Ranges: bytes
Content-Length: 44464
X-Amz-Cf-Id: aK744U-NcJfQk3Fz9QnNDbew1DYfSQO1mwUg3TzuvbCMBaUA3-VP-A==

GET
H/1.1 200
OK iframeResizer.contentWindow.min.js Show response
d3fty0aja93cmr.cloudfront.net/ Frame 8373 14 KB
15 KB 23ms
20ms Script
application/x-javascript 13.33.81.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3fty0aja93cmr.cloudfront.net/iframeResizer.contentWindow.min.js
Requested by: Host: offers.afteroffers.com
URL: https://offers.afteroffers.com/show_offers/17-FxRT8BL?email=courtney.roberts@fortisalberta.com&subid=40081077&redirect=https%3a%2f%2fwww.marketbeat.com%2fnewsletter%2fThankYou.aspx%3fid%3d8210272%26Hash%3d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%26page%3d2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.81.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-81-12.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f280220d67b2e53466b87feeb170a75f3c015280512372948f5b900255e514ac

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Fri, 15 Feb 2019 08:20:34 GMT
Date: Thu, 08 Sep 2022 13:33:45 GMT
Via: 1.1 29206f4909cacc031d06a0daf330fb6a.cloudfront.net (CloudFront)
Last-Modified: Fri, 22 Feb 2019 20:22:02 GMT
Server: AmazonS3
Age: 4864
ETag: "04a17c9933a935cf9ed97a4981e12d06"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: EWR52-C1
Accept-Ranges: bytes
Content-Length: 14384
X-Amz-Cf-Id: ZlW5yYgzznWR2ps19X2h58frmAdnkUuapNqOoKGYPHRXB9lp4oRoXg==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 106ms
63ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3019647-27&cid=1232867614.1662648888&jid=137044378&_u=IADAAEAAAAAAAC~&z=1314083233

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 306ms
79ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3019647-27&cid=1232867614.1662648888&jid=137044378&_u=IADAAEAAAAAAAC~&z=1314083233

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 8373 139 KB
53 KB 42ms
42ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3HD2NG

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c15760a48fc2a03fbcd8780f019ed3c7610659b1f1ec4d1170e7058b96e8639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54602
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Sep 2022 14:54:48 GMT

GET
H/1.1 200
OK Select8_red1.png
dkdur240xp0jm.cloudfront.net/ Frame 8373 2 KB
2 KB 144ms
18ms Image
image/png 13.225.231.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dkdur240xp0jm.cloudfront.net/Select8_red1.png
Requested by: Host: offers.afteroffers.com
URL: https://offers.afteroffers.com/show_offers/17-FxRT8BL?email=courtney.roberts@fortisalberta.com&subid=40081077&redirect=https%3a%2f%2fwww.marketbeat.com%2fnewsletter%2fThankYou.aspx%3fid%3d8210272%26Hash%3d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%26page%3d2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.231.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-231-192.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ef6e59ecca9e140864d47e37630a15c7e787fd094212425b08b573a8576aff9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Fri, 11 Mar 2016 01:16:59 GMT
Date: Mon, 05 Sep 2022 08:15:31 GMT
Via: 1.1 b96e96fef61e11f1c624b4bdd0ad939e.cloudfront.net (CloudFront)
Last-Modified: Fri, 11 Mar 2016 01:17:09 GMT
Server: AmazonS3
Age: 283158
ETag: "0a77a19b3353ad5a8f8a12d8a40f8679"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: JFK51-C1
Accept-Ranges: bytes
Content-Length: 1861
X-Amz-Cf-Id: ThxC_MXSEnoU93K08BKw7WGoNjZ57EfEOYOywONPHAKWhpITT2jGIQ==

GET
H/1.1 200
OK SELECT_SUBMIT_AMPERSAND_CONTINUE_408x72_dark_blue_disabled.jpg
d1hrzasbrtd1fh.cloudfront.net/ Frame 8373 10 KB
11 KB 179ms
20ms Image
image/jpeg 108.138.125.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1hrzasbrtd1fh.cloudfront.net/SELECT_SUBMIT_AMPERSAND_CONTINUE_408x72_dark_blue_disabled.jpg
Requested by: Host: offers.afteroffers.com
URL: https://offers.afteroffers.com/show_offers/17-FxRT8BL?email=courtney.roberts@fortisalberta.com&subid=40081077&redirect=https%3a%2f%2fwww.marketbeat.com%2fnewsletter%2fThankYou.aspx%3fid%3d8210272%26Hash%3d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%26page%3d2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.125.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-125-184.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 719aacb183de830fe12496c4a3964c0f523ad555abbcf9ac292edfd9ad186171

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Thu, 30 Dec 2021 00:11:05 GMT
Date: Fri, 02 Sep 2022 19:07:30 GMT
Via: 1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Dec 2021 00:12:46 GMT
Server: AmazonS3
Age: 503332
ETag: "2119655e96384a4aee94d10247f6dcd7"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: JFK50-P4
Accept-Ranges: bytes
Content-Length: 10307
X-Amz-Cf-Id: FW1J1gzrURP5xwWYw7-KD15UHqxzfPYLeoUCUzykSX7QvkqHJGAPRw==

GET
H3 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v16/ Frame 8373 22 KB
22 KB 62ms
21ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offers.afteroffers.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 20:57:27 GMT
x-content-type-options: nosniff
age: 583041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22592
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 20:57:27 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 105ms
58ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2008%20Sep%202022%2014%3A54%3A48%20GMT&n=0&b=MarketBeat%20Newsletter%20Confirmation&.yp=423827&f=https%3A%2F%2Fwww.marketbeat.com%2Fnewsletter%2FThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 08 Sep 2022 14:54:48 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 8373 49 KB
20 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3HD2NG

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1756
date: Thu, 08 Sep 2022 14:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 08 Sep 2022 16:25:32 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 8373 41 KB
15 KB 114ms
67ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3HD2NG

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

998841c6f39229f6fbad5d4844a02e60f38166fa861ddfa2ca365d44b2138bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15694
x-xss-protection: 0
server: cafe
etag: 5833103075673869334
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 14:54:48 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/987681801/ Frame 8373 3 KB
1 KB 107ms
65ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987681801/?random=1662648888713&cv=9&fst=1662648888713&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&data=host_id%3D_17_%3Boffer_ids%3D_709_12_620_%3Bhost_vertical_ids%3D_1_8_16_%3Boffer_vertical_ids%3D_1_8_11_13_14_16_&frm=2&url=https%3A%2F%2Foffers.afteroffers.com%2Fshow_offers%2F17-FxRT8BL%3Femail%3Dcourtney.roberts%40fortisalberta.com%26subid%3D40081077%26redirect%3Dhttps%253a%252f%252fwww.marketbeat.com%252fnewsletter%252fThankYou.aspx%253fid%253d8210272%2526Hash%253d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%2526page%253d2&ref=https%3A%2F%2Fwww.marketbeat.com%2F&tiba=MarketBeat.com%20Thank%20You%20page&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b95e2fc1c1c8ab86e9568d301b9490ce2af1bcaef02c8c30f084bf3a4901a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/987681801/ Frame 8373 42 B
64 B 39ms
38ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/987681801/?random=1662648888713&cv=9&fst=1662645600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&data=host_id%3D_17_%3Boffer_ids%3D_709_12_620_%3Bhost_vertical_ids%3D_1_8_16_%3Boffer_vertical_ids%3D_1_8_11_13_14_16_&frm=2&url=https%3A%2F%2Foffers.afteroffers.com%2Fshow_offers%2F17-FxRT8BL%3Femail%3Dcourtney.roberts%40fortisalberta.com%26subid%3D40081077%26redirect%3Dhttps%253a%252f%252fwww.marketbeat.com%252fnewsletter%252fThankYou.aspx%253fid%253d8210272%2526Hash%253d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%2526page%253d2&ref=https%3A%2F%2Fwww.marketbeat.com%2F&tiba=MarketBeat.com%20Thank%20You%20page&async=1&fmt=3&is_vtc=1&random=2278339695&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/987681801/ Frame 8373 42 B
64 B 37ms
37ms Image
image/gif 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/987681801/?random=1662648888713&cv=9&fst=1662645600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&data=host_id%3D_17_%3Boffer_ids%3D_709_12_620_%3Bhost_vertical_ids%3D_1_8_16_%3Boffer_vertical_ids%3D_1_8_11_13_14_16_&frm=2&url=https%3A%2F%2Foffers.afteroffers.com%2Fshow_offers%2F17-FxRT8BL%3Femail%3Dcourtney.roberts%40fortisalberta.com%26subid%3D40081077%26redirect%3Dhttps%253a%252f%252fwww.marketbeat.com%252fnewsletter%252fThankYou.aspx%253fid%253d8210272%2526Hash%253d7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A%2526page%253d2&ref=https%3A%2F%2Fwww.marketbeat.com%2F&tiba=MarketBeat.com%20Thank%20You%20page&async=1&fmt=3&is_vtc=1&random=2278339695&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 14:54:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK SELECT_SUBMIT_AMPERSAND_CONTINUE_408x72_dark_blue_enabled.jpg
d1hrzasbrtd1fh.cloudfront.net/ Frame 8373 22 KB
22 KB 21ms
21ms Image
image/jpeg 108.138.125.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1hrzasbrtd1fh.cloudfront.net/SELECT_SUBMIT_AMPERSAND_CONTINUE_408x72_dark_blue_enabled.jpg
Requested by: Host: www.marketbeat.com
URL: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.125.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-125-184.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa86f7985d48f8854216f4818bf77c8c17c39fed95eb8df3552d7292ddd50419

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://offers.afteroffers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Thu, 21 Feb 2019 18:08:36 GMT
Date: Fri, 02 Sep 2022 09:03:11 GMT
Via: 1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Dec 2021 00:12:46 GMT
Server: AmazonS3
Age: 541036
ETag: "49548157a77cfe31c2b8f9c07c2df2b3"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: JFK50-P4
Accept-Ranges: bytes
Content-Length: 22152
X-Amz-Cf-Id: NG3NstSIOGVkKKlv_E7A-Vqps7r2zymTLbiB0FJzqlo_cQfeVlgl6g==

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 111ms
54ms Image
image/gif 2a03:2880:f12c:183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=941867162496970&ev=Microdata&dl=https%3A%2F%2Fwww.marketbeat.com%2Fnewsletter%2FThankYou.aspx%3Fid%3D8210272%26Hash%3D7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A&rl=&if=false&ts=1662648889850&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtMarketBeat%20Newsletter%20Confirmation%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.79&r=stable&ec=2&o=30&fbp=fb.1.1662648888345.1112413046&it=1662648888093&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12c:183:face:b00c:0:25de Boca Raton, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.marketbeat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 14:54:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 08 Sep 2022 14:54:49 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
offers.afteroffers.com/show_offers	1970-01-20 15:26:48	Name: 6bdfac53cbfb648b7ebe7a1fe1b93f4d Value: %7B%22v%22%3A%225.8%22%2C%22a%22%3A2804026251%2C%22b%22%3A%22a904829d3c2abb0ab87920e83bb293f8%22%2C%22c%22%3A1662648889179%2C%22d%22%3A%22c454303d04402a42b271305620d8c791%22%2C%22e%22%3A%22%22%7D
www.marketbeat.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: rzox3gk4zum0qvihihfj2dlc
www.marketbeat.com/	1970-01-20 06:00:53	Name: MarketBeatSource Value: source=GetEmails
www.marketbeat.com/	1970-01-20 14:36:24	Name: newsletterclickcookie Value: ID=8210272
.marketbeat.com/	1970-01-20 15:26:48	Name: sc_is_visitor_unique Value: rx10555875.1662648888.4F2BFAC88D604F37FA5AEC978B9F6065.1.1.1.1.1.1.1.1.1-12227987.1662648888.1.1.1.1.1.1.1.1.1-7602069.1662648888.1.1.1.1.1.1.1.1.1
.statcounter.com/	1970-01-20 15:26:48	Name: is_unique Value: sc10555875.1662648887.0
.marketbeat.com/	1970-01-20 15:26:48	Name: _ga_74CWRXG68D Value: GS1.1.1662648887.1.0.1662648887.60.0.0
.statcounter.com/	1970-01-20 15:26:48	Name: is_unique_2 Value: sc7602069.1662648887.0
.statcounter.com/	1970-01-20 15:26:48	Name: is_unique_1 Value: sc12227987.1662648887.0
.statcounter.com/	1970-01-20 15:26:48	Name: is_visitor_unique Value: 1662648887391810138
.statcounter.com/	1970-01-20 15:26:48	Name: is_unique_3 Value: sc7602069.1662648887.0
.marketbeat.com/	1970-01-20 15:26:48	Name: _ga Value: GA1.2.1232867614.1662648888
.marketbeat.com/	1970-01-20 05:52:15	Name: _gid Value: GA1.2.1952898796.1662648888
.marketbeat.com/	1970-01-20 05:50:48	Name: _gat Value: 1
.marketbeat.com/	1970-01-20 08:00:24	Name: _gcl_au Value: 1.1.1996078117.1662648888
.marketbeat.com/	1970-01-20 08:00:24	Name: _fbp Value: fb.1.1662648888345.1112413046
.offers.afteroffers.com/	1970-01-20 06:00:53	Name: ao_session Value: 9hse5rqonsckt31i85es2g909ngtrjuf
.afteroffers.com/	1970-01-20 15:26:48	Name: ao_viewer Value: 988e37ad95568fe6cfa073088a39ba8e
.facebook.com/	1970-01-20 08:00:24	Name: fr Value: 04QYR1TswMHx6RJNY..BjGgI4...1.0.BjGgI4.
.yahoo.com/	1970-01-20 14:36:46	Name: A3 Value: d=AQABBDgCGmMCEIfMiJENCJYSZQ3bGPxLB3IFEgEBAQFTG2MjYwAAAAAA_eMAAA&S=AQAAAprcBX9OfiwPrDrbKynpWuc
.doubleclick.net/	1970-01-20 15:26:48	Name: IDE Value: AHWqTUkmcatX4iyJ1CldZlWklHnQlRR2bSc66PO0oCl2Su8XSuJ-6UsGH9Lrx-u8

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A(Line 121) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.marketbeat.com/newsletter/ThankYou.aspx?id=8210272&Hash=7FAD504E5709D6ADA7EDADA9B80E66D10D14D8E93331EBFD0D75EFA5E74871F5715508046AFDD8091563313F3ADA2AA012BB0F2873B9A94ACE92A9135756571A(Line 121) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
c.statcounter.com
cdn.onesignal.com
connect.facebook.net
d1hrzasbrtd1fh.cloudfront.net
d2iqyqen32gtve.cloudfront.net
d3fty0aja93cmr.cloudfront.net
dkdur240xp0jm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
offers.afteroffers.com
onesignal.com
s.yimg.com
secure.statcounter.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.marketbeat.com
www.statcounter.com
104.20.228.67
108.138.113.167
108.138.125.184
13.225.231.192
13.33.81.12
142.251.40.194
2001:4860:4802:36::181
2001:4998:1c:800::1001
2606:4700:3108::ac42:28f2
2606:4700::6812:e234
2607:f8b0:4004:c06::9d
2607:f8b0:4006:80f::200a
2607:f8b0:4006:816::200a
2607:f8b0:4006:817::2004
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::2008
2a03:2880:f02c:112:face:b00c:0:3
2a03:2880:f12c:183:face:b00c:0:25de
52.9.111.198
76.13.32.146
0dd4ce047fc15eec7945127377f9410a347f01297d3576dd201ba1d7f71a6da7
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1466c106f7652f6746d494b5457c53fb4ac2457defc9301cd81978be39ad356b
16ac344ced3178728d1e7ded8a0c182b72be9948ac1cbadf6937f357abcbe80a
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
2a763683449b92dfc8f49261fa14062451c362bd247d4643301d1c16680639d0
357cd1057df7dc61832440ae995762f27620acd5accbd684ebeb0ba208ff3f8e
38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598
3c15760a48fc2a03fbcd8780f019ed3c7610659b1f1ec4d1170e7058b96e8639
41b95e2fc1c1c8ab86e9568d301b9490ce2af1bcaef02c8c30f084bf3a4901a2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
569c2d7dac23c593b4abaa3bea4be7be22be6c44439684f73117d9209e52c296
5868aaf71a0a972971531889e0b244f8d0665fa23def595107ee2e07cea15e06
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
5cbb2452cfcf56c1488aeb60f864c7c4d4741546b4d4df744439b0e4bc4f1015
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6ef6e59ecca9e140864d47e37630a15c7e787fd094212425b08b573a8576aff9
719aacb183de830fe12496c4a3964c0f523ad555abbcf9ac292edfd9ad186171
78079c9aa04745344b19d73e9ceafd3a8dcc1b40566ba747419e24a14b92acf5
796c6de3d4487fbbf25c17d975dafa5435827c690cb46e015a4795f63a5b9e60
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
998841c6f39229f6fbad5d4844a02e60f38166fa861ddfa2ca365d44b2138bd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6feaec1d2336b09ed856ca514fe88a68f59903a7d7fabdd137509fdb19848ea
a95dbad8b90f1281db158d75131876d57977d457046b51b76a32c5077481b395
aa86f7985d48f8854216f4818bf77c8c17c39fed95eb8df3552d7292ddd50419
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c53b0e45db33f24ca38551eaf6d786ae031d9ee6c278401725f40696eb018a74
c7b599eebca82b0cad06749512791d98d45c0f2fb72d0d64df686807f906842b
ce8c962119d2585fc416b452372376583429804d4f5928195922fa416faf9212
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d950cbadb17dee4b29cf72a728c04f3559ce62710221b5ec5b83b485e40a25b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d657fc8f92782d58bef218b5735e65b024f46f82d887b49ff410fe4566b614
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
eb19c2433068307f12296cfdaf05f9f8713a728c42c1f45002a292705e6ed89e
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef74a568aff3847f4a45c32031ee59f3d3758c3127f2bad22a4484d7b1c7a010
f1c1b8cf0ccef4a39fe24c6d1f5f49dff7c54e5c1755047fb021b8747f1f9fcd
f280220d67b2e53466b87feeb170a75f3c015280512372948f5b900255e514ac
fa38f162e7b24604b51ee71a93a312c979b9ff4ba43adfa433167371188031e7

www.marketbeat.com Open in urlscan Pro 2606:4700:3108::ac42:28f2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

65 %IPv6

17 Domains

26 Subdomains

23 IPs

2 Countries

748 kBTransfer

1939 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.marketbeat.com Open in urlscan Pro
2606:4700:3108::ac42:28f2 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

65 %
IPv6

17
Domains

26
Subdomains

23
IPs

2
Countries

748 kB
Transfer

1939 kB
Size

21
Cookies

66 HTTP transactions
0 data transactions