cryptorocketsalerts.com Open in urlscan Pro
2606:4700:3036::6815:20d9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.timsykes.com/u/click?_t=b887762d95964052a023e648cd61dda9&_m=2546288abeed42369af04c7104c6538b&_e=EDnSqm0MCReQv...
Effective URL:
https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=...
Submission: On June 14 via api (June 14th 2022, 10:24:51 am UTC) from US — Scanned from DE

Summary HTTP 108 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 2 countries across 21 domains to perform 108 HTTP transactions. The main IP is 2606:4700:3036::6815:20d9, located in United States and belongs to CLOUDFLARENET, US. The main domain is cryptorocketsalerts.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 2nd 2022. Valid for: a year.

This is the only time cryptorocketsalerts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.54.159.123 52.54.159.123	14618 (AMAZON-AES) (AMAZON-AES)
1 15	2606:4700:303... 2606:4700:3036::6815:20d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	96.16.134.166 96.16.134.166	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
13	143.204.89.63 143.204.89.63	16509 (AMAZON-02) (AMAZON-02)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	54.221.249.16 54.221.249.16	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	18.66.242.100 18.66.242.100	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::ac43:4770	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	54.156.254.128 54.156.254.128	14618 (AMAZON-AES) (AMAZON-AES)
2	54.149.245.230 54.149.245.230	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	54.88.133.136 54.88.133.136	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.66.92 65.9.66.92	16509 (AMAZON-02) (AMAZON-02)
12	99.86.4.76 99.86.4.76	16509 (AMAZON-02) (AMAZON-02)
4	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:d800:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
12	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	52.42.90.94 52.42.90.94	16509 (AMAZON-02) (AMAZON-02)
108	28

1 52.54.159.123 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-159-123.compute-1.amazonaws.com

links.timsykes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3036::6815:20d9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cryptorocketsalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hgevt001.cryptorocketsalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.134.166 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-134-166.deploy.static.akamaitechnologies.com

cdn-3.convertexperiments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 143.204.89.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-63.fra50.r.cloudfront.net

tinder.thrivecart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

timsykes-supernova.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.221.249.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-249-16.compute-1.amazonaws.com

ky85ws0f10.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.242.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-100.dus51.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4770 (United States)

ASN13335 (CLOUDFLARENET, US)

js.convertflow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.convertflow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.156.254.128 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-254-128.compute-1.amazonaws.com

intof.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.149.245.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-245-230.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.88.133.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-133-136.compute-1.amazonaws.com

millionairepub.thrivecart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-92.fra56.r.cloudfront.net

spark.thrivecart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:d800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.42.90.94 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-90-94.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	stripe.com js.stripe.com — Cisco Umbrella Rank: 1400 q.stripe.com — Cisco Umbrella Rank: 9383 r.stripe.com — Cisco Umbrella Rank: 5605 m.stripe.com — Cisco Umbrella Rank: 1265	398 KB
18	thrivecart.com tinder.thrivecart.com — Cisco Umbrella Rank: 379750 millionairepub.thrivecart.com spark.thrivecart.com — Cisco Umbrella Rank: 509153	387 KB
15	cryptorocketsalerts.com 1 redirects cryptorocketsalerts.com hgevt001.cryptorocketsalerts.com	413 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 47	20 KB
6	gstatic.com fonts.gstatic.com	125 KB
4	amazonaws.com ky85ws0f10.execute-api.us-east-1.amazonaws.com	542 B
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 294 fonts.googleapis.com — Cisco Umbrella Rank: 55	33 KB
3	intof.io 1 redirects intof.io — Cisco Umbrella Rank: 169184	7 KB
3	convertflow.co js.convertflow.co — Cisco Umbrella Rank: 46727 app.convertflow.co — Cisco Umbrella Rank: 53883	55 KB
3	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3319 api.amplitude.com — Cisco Umbrella Rank: 1312	26 KB
3	timsykes-supernova.com timsykes-supernova.com	3 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1453	16 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 702	32 KB
2	convertexperiments.com cdn-3.convertexperiments.com — Cisco Umbrella Rank: 15351	121 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5859	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 4	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 48	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 127	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1320	37 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 80	52 KB
1	timsykes.com 1 redirects links.timsykes.com	1 KB
108	21

	Domain	Requested by
13	tinder.thrivecart.com	cryptorocketsalerts.com millionairepub.thrivecart.com tinder.thrivecart.com
13	cryptorocketsalerts.com	1 redirects cryptorocketsalerts.com
12	r.stripe.com	js.stripe.com
12	js.stripe.com	millionairepub.thrivecart.com js.stripe.com
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	fonts.gstatic.com	fonts.googleapis.com
4	q.stripe.com	cryptorocketsalerts.com
4	millionairepub.thrivecart.com	tinder.thrivecart.com
4	ky85ws0f10.execute-api.us-east-1.amazonaws.com	hgevt001.cryptorocketsalerts.com
3	intof.io	1 redirects cryptorocketsalerts.com
3	fonts.googleapis.com	cryptorocketsalerts.com millionairepub.thrivecart.com
3	timsykes-supernova.com	cryptorocketsalerts.com ajax.googleapis.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	app.convertflow.co	ajax.googleapis.com
2	api.amplitude.com	cdn.amplitude.com
2	hgevt001.cryptorocketsalerts.com	cryptorocketsalerts.com millionairepub.thrivecart.com
2	maxcdn.bootstrapcdn.com	cryptorocketsalerts.com
2	cdn-3.convertexperiments.com	cryptorocketsalerts.com millionairepub.thrivecart.com
1	m.stripe.com	m.stripe.network
1	spark.thrivecart.com	millionairepub.thrivecart.com
1	www.google.de	cryptorocketsalerts.com
1	www.google.com	cryptorocketsalerts.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	js.convertflow.co	www.googletagmanager.com
1	cdn.amplitude.com	cryptorocketsalerts.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	www.googletagmanager.com	cryptorocketsalerts.com
1	ajax.googleapis.com	cryptorocketsalerts.com
1	links.timsykes.com	1 redirects
108	30

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-02` - `2023-04-02`	a year	crt.sh
*.convertexperiments.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
thrivecart.com Amazon	`2022-03-09` - `2023-04-07`	a year	crt.sh
timsykes-supernova.com Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-07-22` - `2022-08-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.intof.io GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-21` - `2023-04-22`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-09-08`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2022-08-03`	4 months	crt.sh

This page contains 6 frames:

Primary Page: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Frame ID: 178DE417D9D1032C0A2EF61159322C7D
Requests: 50 HTTP requests in this frame

Frame: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Frame ID: D4D3761A512A9DB18BBC81DE0AEDE35B
Requests: 27 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: 62D4E1A3F9332D4C533FEB7ECAE59D86
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-087bf158f3a32f53c18544b2e64abcb2.html
Frame ID: 8461FCA019FA44530A0FE1467B0BC1FB
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-b55b8cbdd79b004b82925551de523712.html
Frame ID: 62839E9DFF9561B3828886E545042F60
Requests: 7 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0CF5A26EDB5C89B3C89A01DF8A9BBB73
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

$5 Crypto Webinar

Page URL History Show full URLs

http://links.timsykes.com/u/click?_t=b887762d95964052a023e648cd61dda9&_m=2546288abeed42369af04c7104c65... HTTP 303
https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3... HTTP 302
https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3... Page URL

Detected technologies

ThriveCart (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

thrivecart\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

108
Requests

99 %
HTTPS

50 %
IPv6

21
Domains

30
Subdomains

28
IPs

2
Countries

1743 kB
Transfer

5370 kB
Size

37
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.timsykes.com/u/click?_t=b887762d95964052a023e648cd61dda9&_m=2546288abeed42369af04c7104c6538b&_e=EDnSqm0MCReQvKr-D5UyyGNEDVjEUIEfHwDXAILJptVjR8ie7KrGXpVPD56E3uVRK9Ycngzx1F2fCjHkVnl2PGrK1HSUDprgL7FzDKLzlFb95ZrWIaS3iZua6qHSM0_3DD-08cGQOCsqvH4kiSDRtBLahfnWMUWkFWSeG5xK2K5y1wSNoFpDgVgd0JaSshHqBCyNH1hOLOch429PsJu8jX2uzCiU32XFkOaoGrC4tXpxNSinWAAp3Ax_qo-JC49ffE27Zm1xnBRQh0RJNGrD0GC8MVuKXbhew2Ij_IxgMCMWVk-oSFNGuZPle8nM5EpL7soxsBV2snSwjft96yFU4hdI0BlXw2UMbVHQKDAS3XmovLfva6z-hd4foT7saxaEEhJsSlSZGS7yHbThFdmNkmxjJBxYBchU4G-6Gh-LVZKPAQaIOWZYXmHiMZpe1seG HTTP 303
https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com HTTP 302
https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://intof.io/itag HTTP 301
https://intof.io/itag/?id=itag

108 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cryptorocketsalerts.com/lp/war-room/
Redirect Chain

http://links.timsykes.com/u/click?_t=b887762d95964052a023e648cd61dda9&_m=2546288abeed42369af04c7104c6538b&_e=EDnSqm0MCReQvKr-D5UyyGNEDVjEUIEfHwDXAILJptVjR8ie7KrGXpVPD56E3uVRK9Ycngzx1F2fCjHkVnl2PGrK...
https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com
https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gshe...

16 KB
6 KB

201ms
200ms

Document
text/html

2606:4700:3036::6815:20d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0543c41006807711fc22eb10d369c9316472d379c1b0bde58ec2062f5b942c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 71b25ba7eba85a31-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 14 Jun 2022 10:24:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Tue, 14 Jun 2022 10:24:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjPeGIdo6B7kmKpSfzZbVPX0gMQPCHG8lK1DwO%2FkO%2BWuKv36T1q5FMSb%2F8QDNc0ataZDC16WjvI7%2BzkbX1UtTTbX573uXdJnr1PtASTaW8b2H6cqho4taazONI037TNSKrrZmOCTjakiwSoiMTYZgGMBaM7azQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 71b25ba14b985a31-MXP
content-type: text/html; charset=UTF-8
date: Tue, 14 Jun 2022 10:24:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Tue, 14 Jun 2022 10:24:44 GMT
location: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FNSpIGp441UYcfZPiyGjEoR8VK9ZWNUSp%2Fh37CKIA0tY84943I3orN3BgGZc82oLosp2LiUWe33XLsyAT10g8SdgjPWjAckBJo7QEutXzraHOVCkuwfcKOHjjNJlgIkFoiV5FCzxr1FRAcsZp%2BDItxE%2B70r4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent

GET
H2 200 10024418-10025485.js Show response
cdn-3.convertexperiments.com/js/ 193 KB
60 KB 54ms
14ms Script
application/javascript 96.16.134.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-3.convertexperiments.com/js/10024418-10025485.js

Requested by

Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.134.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-134-166.deploy.static.akamaitechnologies.com

Software

Resource Hash

f7dd80039caf9b1c99639fedd3c4ec83e52f72acf38740aac1b5233b510e2a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=264
strict-transport-security: max-age=15768000
content-length: 61416
x-privacy-policy: You can find our privacy policy at https://www.convert.com/privacy-notice/

GET
H3 200 bootstrap.min.css
cryptorocketsalerts.com/lp/war-room/css/ 138 KB
22 KB 72ms
72ms Stylesheet
text/css 2606:4700:3036::6815:20d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/lp/war-room/css/bootstrap.min.css
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66907
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 26 Nov 2021 22:23:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C84%2FIYrquHr%2BdsgBq2aBf900USPERqyo%2FaATCv1DRxSIPCqvgwafpaSbIsZW%2By1g42Q9YrHyrHd9PUXdiG8HD0MWfChpMWMUyb%2BtFBgKmuJ36BwR2eLIfH2hL1%2B%2BJILAWr6tjchphrQbfnbr3A8zi3e3CGWodw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2628000
cf-ray: 71b25ba94be4103f-MRS
expires: Tue, 13 Jun 2023 15:49:38 GMT

GET
H3 200 font-awesome.min.css
cryptorocketsalerts.com/lp/war-room/css/ 30 KB
7 KB 49ms
48ms Stylesheet
text/css 2606:4700:3036::6815:20d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/lp/war-room/css/font-awesome.min.css
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2296
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 26 Nov 2021 22:23:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glRX7noQ2s%2F46nZcvL0LRKff2tghTl%2BxxSIi8vk5xDDBa9l3HSF6Xellgji8t%2BVdSYI168%2BtCV2L%2BgdZXpzoliS16l4AAab1qjl1fof%2BSP3Y713QOkMI7CmwOSoy6IJwn2%2FVt2lNKmuM9pbWSI4ifkHnOJq%2F9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2628000
cf-ray: 71b25ba94be8103f-MRS
expires: Wed, 14 Jun 2023 09:46:29 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
21 KB 37ms
19ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 9485271
cdn-cachedat: 2021-06-08 21:08:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 4c13519f64fe01e60388139af66d7ef8
cf-ray: 71b25ba94af29b31-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 14:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jun 2023 14:00:09 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
11 KB 42ms
24ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 9450931
cdn-cachedat: 2021-08-01 19:19:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6923066369371d6997c92d232b1a01f3
cf-ray: 71b25ba94af89b31-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 style.css
cryptorocketsalerts.com/lp/war-room/css/ 15 KB
4 KB 46ms
45ms Stylesheet
text/css 2606:4700:3036::6815:20d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/lp/war-room/css/style.css?v=1
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 315ad4f60dc2f53e889b70c45ea86fd238d0dd7f944b035bb3f2d272f7a91257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 23:36:16 GMT
server: cloudflare
age: 66907
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WhwViseIcuhIca1K2IzMaW00D8vkpjWNji0h4nvZBeniOX4xhPiv3HuZeEOl%2FRNLCaPe4gKbvKBXhK%2BIGkH3sin%2BhHQAZIL8BTZl2f82V%2BwcPHuUBY5s415seJqKs41HqDPotJK0y3PCYzPbskAwvKoBNgOxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2628000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71b25ba94bea103f-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Jun 2023 15:49:38 GMT

GET
H2 200 tfuncsp_v2.0.0.js Show response
hgevt001.cryptorocketsalerts.com/ 30 KB
11 KB 32ms
31ms Script
application/javascript 2606:4700:3036::6815:20d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hgevt001.cryptorocketsalerts.com/tfuncsp_v2.0.0.js?tim2021=sykes2021
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7ed17553f6c92ed218c5984a18b2dee9a628229a13e9f36f6873b08f8d0010

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
via: 1.1 e79b73e5f9ad915693bd9b6946372e82.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4953
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Sep 2021 08:50:30 GMT
server: cloudflare
etag: W/"256a7ce7c82a528fbf5147f1167ba8ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TPVigUY%2B3VfoGMCxfzTzXgTdCAGyFlj0dLDkGPLfEAu5nL3lmJHmhh%2BerEnISWagNGj2BA0tykEmxCQUDtLwGegWh6hKEa%2Fwa7dGElpJ%2BW2yF5J8VikwaK8vS4q4Iasrovl8LoA5uQSvUvspe5RHOb6AZdDLR%2FMdTDh%2FRbl%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-cf-pop: MRS52-P1
cf-ray: 71b25ba93f1d5a31-MXP
x-amz-cf-id: pK-D_fuKsAYb2ZhBTu1ny0CsL7FLsTQF6vR4Ilby8UNgCE0OfHzlLQ==

GET
H3 200 matt.png
cryptorocketsalerts.com/lp/war-room/images/ 203 KB
204 KB 66ms
65ms Image
image/png 2606:4700:3036::6815:20d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptorocketsalerts.com/lp/war-room/images/matt.png
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03266bd2ee7f7efa219940ae4cb280c86fd71ed1a1c14dc9259e5f207ecc5f9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 245956
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 208027
last-modified: Fri, 26 Nov 2021 22:23:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oX9O1P6ejI0slyqoGmE9KYrWZ9OEpntEaoWsE5baKmhL0fapO%2BQ4wldMo%2F%2BwYDMKZofhu4I2k1lprDB%2FFRo33Zi7Qe1vsdJ%2FDKLTw1JvxXTHcL6qM4OlgdBoj06lnO43bafxFPtXvxRs9IeTLYVp%2BKyo3tVUYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 71b25baa6d3e103f-MRS
expires: Mon, 11 Jul 2022 14:05:29 GMT

GET
H3 200 breakpoint.png
cryptorocketsalerts.com/lp/war-room/images/ 29 KB
30 KB 37ms
36ms Image
image/png 2606:4700:3036::6815:20d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptorocketsalerts.com/lp/war-room/images/breakpoint.png
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f04bcf40e01ce3e80fbc56c19312c7b700322cf28863fb3d437ad3a75ce0450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155344
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29952
last-modified: Fri, 26 Nov 2021 22:23:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNqf9pgGSW%2BXr7FXSEHhVxUgGkvXEv6Qm%2FrcYDMmXm0SFEbjUFJmu6tTh2zoIRyH8EKI2ZHY5oA3cAgNlaIQzNHbgb%2BA4rprKFfO%2BpipcdnlBILaDo8EktIdLgGqmG1P7ACwrNaGjd1twLln44tCYtPrlGKTeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 71b25baa6d3f103f-MRS
expires: Tue, 12 Jul 2022 15:15:41 GMT

GET
H2 200 thrivecart.js Show response
tinder.thrivecart.com/embed/v1/ 54 KB
16 KB 142ms
100ms Script
application/javascript 143.204.89.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/embed/v1/thrivecart.js
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-63.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: b565ed534c772bf8806d812da3d3997ca7d144c1663588a3d928d5b2a81da1c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 05:16:46 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 05:14:40 GMT
server: nginx
age: 1832879
etag: W/"628c69c0-d807"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: G7WXFXCWMQeZNVnATFuLPHXwo1ncJmIdYy70Fj60Bsr-cMEnp4WsAg==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
expires: Thu, 23 Jun 2022 05:16:46 GMT

GET
H3 200 bootstrap.min.js Show response
cryptorocketsalerts.com/lp/war-room/js/ 50 KB
15 KB 38ms
37ms Script
application/javascript 2606:4700:3036::6815:20d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/lp/war-room/js/bootstrap.min.js
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 245956
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 26 Nov 2021 22:23:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUFXmxg%2BjTgdBSl%2FUkOhSP%2BvU%2FfSee7d97gNLngAVAIagZx7L38%2B6G3PEvBe2wilk8DfHUn%2FBShbqUwZyFwQMrK8LTtRdfOVlknCCBLW4BkAcUevY5rrvg8F5myz1qzMsNyM3lwBFTs%2BWLIAlA5bKwtqzytVTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2628000
cf-ray: 71b25ba9ec9e103f-MRS
expires: Sun, 11 Jun 2023 14:05:28 GMT

GET
H2 200 ctdb.js Show response
timsykes-supernova.com/ctdb/ 2 KB
925 B 449ms
378ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://timsykes-supernova.com/ctdb/ctdb.js
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 333a09adebdf648e8fa46284a3b6b4868eb0395ac8106b5d5dc4153e2c798774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 01 Dec 2021 19:46:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vimFxoSoA2krb5UnnnStYwkHTONbLTPFUMRxPNyO050xS4u7vcfNLhjT9s8PPzBO%2FesXu40cftlEivBclRPANUvcxtvmggSI%2B54MMlJc6bxJ0RjtFKd4SIu4eyG7aaPZv6egYwI8FQ7UeyCEQRpa%2BRJOhzOm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-info: caching
cf-ray: 71b25baa8881d771-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 flipdown.min.css
cryptorocketsalerts.com/flipdown/ 4 KB
1 KB 40ms
39ms Stylesheet
text/css 2606:4700:3036::6815:20d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/flipdown/flipdown.min.css
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 989757984a5bfb0e922e7ce7fbb779eed0feda7cc273507dfd1b0ad959324ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155344
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 02 Dec 2021 22:19:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8Zt9cMdZpbNs8ZjwdeH%2FRPdVUX6nJoSNrr0TaU1L%2BitloTDmvnWPJoyfoA%2F%2Foc3e%2B%2BRWqFRL5Ll4I0aZBaS1EFWTDJsI9NpR%2B0BEF1BL2DHn4CdkU5uHsbut4oJ6V%2BOK6lfK%2FPFGjs%2F0BWHcmFOP5hIOdDEOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2628000
cf-ray: 71b25baa4d0e103f-MRS
expires: Mon, 12 Jun 2023 15:15:41 GMT

GET
H3 200 flipdown.min.js Show response
cryptorocketsalerts.com/flipdown/ 6 KB
2 KB 93ms
93ms Script
application/javascript 2606:4700:3036::6815:20d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/flipdown/flipdown.min.js
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b8c129bc7bd626c00626ce44d8b9171a8bdc4908a2e037183e3b36bb352f9eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 245956
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 02 Dec 2021 22:19:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CcmoqOrx4bEgARBL6pBJCzChQYb8xyGEneyF7tefendiqCQBxR%2BPO7Ti%2FJMdKuKJ7vIpLUs7u%2FWQFG96ebT30JkmfvLIwTjp%2B%2Bf70DH4s9zHeRdQUAfBDknciBT2D6fFUqkniL5Ma5NSPFOKcU0EtSC5t6wBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2628000
cf-ray: 71b25baa6d39103f-MRS
expires: Sun, 11 Jun 2023 14:05:29 GMT

GET
H3 200 iw.js Show response
cryptorocketsalerts.com/iw/ 4 KB
2 KB 47ms
45ms Script
application/javascript 2606:4700:3036::6815:20d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/iw/iw.js
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 251fdcadce75ca82c08da7eef61e4bd0015431861f9d91fbbb9b2b603051b0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 245956
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 23:54:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0k4YSS3NkzRsHAleY37JEe%2FL2ns0yoef%2Fo%2BJLhdi3a4GrD2mspgs1Res1EHPMiJQpuwLT10T%2F7FKDoU8UcCWkbhms8C7gzooIsh2DxAQYUfQy%2BAouVJYXReX%2BaSSMdUO73mSLpiTTLEHmfk5f0KzfZRRZqkH1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2628000
cf-ray: 71b25baa6d3c103f-MRS
expires: Sun, 11 Jun 2023 14:05:29 GMT

GET
H2 200 ctdb.js Show response
timsykes-supernova.com/ctdb/ 2 KB
1 KB 358ms
356ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://timsykes-supernova.com/ctdb/ctdb.js?v=12
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 333a09adebdf648e8fa46284a3b6b4868eb0395ac8106b5d5dc4153e2c798774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 01 Dec 2021 19:46:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cSePkADeBpwPbnGiVtLzb6P29caZ%2Fmdfc4AE1OEqz3KiquWCgnsxQeCkC1oYSoXK4ddNygyw0U9Yl8wHoXQsFE5XPbmZcxBqAGlOmB%2Fgs5usvw6Jmhs4qy%2FmXggevMT5PEzsLbK2Fzi91UY63meUxeqMvGf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71b25baa9883d771-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
52 KB 46ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W3F3RN9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5b5ae609d683109b2f0350b70d66665c99dfe14f34079b3331ccf275a7343fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52989
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Jun 2022 10:24:45 GMT

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
2 KB 41ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Oswald:wght@200;300;400;500;600;700&family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/css/style.css?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e515001321f61b8020d15e0f2ad617bd173bcb30de0e927ecfdd3e4d21a7d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 10:24:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 10:24:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 10:24:45 GMT

POST
H2 200 regev Show response
ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/ 61 B
271 B 1312ms
1311ms XHR
application/json 54.221.249.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/regev
Requested by: Host: hgevt001.cryptorocketsalerts.com
URL: https://hgevt001.cryptorocketsalerts.com/tfuncsp_v2.0.0.js?tim2021=sykes2021
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.221.249.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-249-16.compute-1.amazonaws.com
Software: /
Resource Hash: 05ce7cd72329601fa53879caf3606e0fb24038c7fba90ababd74ec1e12c23136

Request headers

Accept: application/json, text/plain, */*
Referer: https://cryptorocketsalerts.com/
X-Server-Dbg: false
accept-language: de-DE,de;q=0.9
Sttracker-Key: UV5pQG9AencxZEhuekdremIzZnpyIVppWT1vLUguQVR2OiVIOlJJfV91azVFNGlxKXVTalcsOHAzajohUHM+cQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 10:24:46 GMT
x-amzn-requestid: 6bdb00a7-6246-433f-b49b-1ce9efff2c5d
x-amz-apigw-id: TtQ9JF_JoAMFREQ=
x-amzn-trace-id: Root=1-62a861ed-14ebbda20248ffd30c380e4b;Sampled=0
content-length: 61
content-type: application/json

OPTIONS
H2 200 regev
ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/ Frame 0
0 308ms
99ms Preflight
application/json 54.221.249.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/regev
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.221.249.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-249-16.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sttracker-key,x-server-dbg
Access-Control-Request-Method: POST
Origin: https://cryptorocketsalerts.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: Sttracker-Key,X-Server-Dbg,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 14 Jun 2022 10:24:45 GMT
x-amz-apigw-id: TtQ9IEuBIAMFsOw=
x-amzn-requestid: 2f2b2a80-b51e-46a7-8e52-2dcc354b07d6

GET
H3 200 bnr.jpg
cryptorocketsalerts.com/lp/war-room/images/ 93 KB
94 KB 118ms
117ms Image
image/jpeg 2606:4700:3036::6815:20d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptorocketsalerts.com/lp/war-room/images/bnr.jpg
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/css/style.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 667c3acb0917904bd49e8fbb630b4d776b96772494121d9dcb1a03b75d3cd610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/css/style.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155343
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95443
last-modified: Fri, 26 Nov 2021 22:23:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzPw%2FOrG%2FvO%2BRb41d%2FdZObei8f%2F4lWOM96mAi77k4TJq9fpZrCV3NV9GNThp4fXnCEfPeeN%2Biiw5J3loVv8jAY1qMZX9%2BQ2ty73b1kDcUpVD07C0WSX56Ho84hMEFjJwf5Atpuz%2FhDPmg8BIrdWiW23BEflWXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 71b25baa7d4a103f-MRS
expires: Tue, 12 Jul 2022 15:15:42 GMT

GET
H3 200 check.png
cryptorocketsalerts.com/lp/war-room/images/ 366 B
979 B 127ms
126ms Image
image/png 2606:4700:3036::6815:20d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptorocketsalerts.com/lp/war-room/images/check.png
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/css/style.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb58df192534d01efde401d27c4130029de09c7860184ea86669db46a6f1909f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/css/style.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 245956
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 366
last-modified: Fri, 26 Nov 2021 22:23:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3u4VVmBCLlHt6A063m9barMRMrmakgK%2BCo7fwY2UIuiwqPsAuwNWBh0wDtZNss9miWwfzDhkFSF1TmiMGfgHvTdhP%2BQx605GkQMNDJk2axW%2FQZEYnoc1LxS7orTddOeG%2FglNl7EQgVN%2FOHjnAI7T1Y98Vg3KWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 71b25baa7d4c103f-MRS
expires: Mon, 11 Jul 2022 14:05:29 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v48/ 25 KB
25 KB 37ms
14ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v48/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Oswald:wght@200;300;400;500;600;700&family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91bf78345c55ec05de11377a4b3a8a5789ef302d73124a401cef84edbce178cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cryptorocketsalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:07:23 GMT
x-content-type-options: nosniff
age: 73042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25424
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:34:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 14:07:23 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cryptorocketsalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 580596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:08:09 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 39ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cryptorocketsalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 580596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:08:09 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 95 KB
37 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-KGDKR9J

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3F3RN9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffa3deb9e4904c6149cd540fd6ee5566072e99aeaf2d8a8047aa25ace0f2d754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37739
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Jun 2022 10:24:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3F3RN9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2999
date: Tue, 14 Jun 2022 09:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 14 Jun 2022 11:34:46 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 64ms
32ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3F3RN9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15069
x-xss-protection: 0
server: cafe
etag: 11223643544955582496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Jun 2022 10:24:45 GMT

GET
H2 200 amplitude-4.4.0-min.gz.js Show response
cdn.amplitude.com/libs/ 74 KB
25 KB 45ms
11ms Script
application/javascript 18.66.242.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-4.4.0-min.gz.js
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-100.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4d27e0d0c0172667e24d953344b058b7f16c6ef7dcc54a8910878f1d050cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 08 May 2022 23:57:36 GMT
content-encoding: gzip
age: 3148029
x-cache: Hit from cloudfront
content-length: 25521
access-control-allow-origin: *
last-modified: Mon, 21 Oct 2019 15:45:35 GMT
server: AmazonS3
etag: "0ac70c6a5de910a09be49cfefd77c771"
x-amz-version-id: 5wXGiWTByEVk3DSg02L19x7h8A..ke3l
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: iiS03QNYvtA0RFmtVasMmC_2tutzniUy3IAk4amB04D6QhiT9Z03Cw==

GET
H2 200 36338.js Show response
js.convertflow.co/production/websites/ 253 KB
54 KB 204ms
166ms Script
text/javascript 2606:4700:20::ac43:4770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.convertflow.co/production/websites/36338.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3F3RN9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4770 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9680676b66eebf37d28648e71984614f7754286a915dd7f62cc1c83d0496c5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QZTTQXJCT51XYGS1
cf-polished: origSize=368074
cf-ray: 71b25bab7c120f82-MXP
x-amz-id-2: w8gofg5vglNtC+LtTVmm+kHSAeAKqutSqpjMd4s0FFjkz3DsWD3LPA1zp25KFj0ZL5nagDSmGc4=
last-modified: Mon, 13 Jun 2022 17:14:32 GMT
server: cloudflare
etag: W/"5f7ffd34ba9d346320b13fa1eb20998b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUCmIhrUiYuu4lQj9QpQ2uY%2BeV9L%2FkThHomOT6bcxecbJnHfY9EhEQMabJQFqj7sRdaMdAcZyj5%2FQhgH7UTDo5Ta2xOxMz0r9xHSbw5EUeZbRvmDxVziP67hBNWtDFRZFHxJ6BINX6HRBYDbjX%2Ft"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: K_OK5RYr4FR1Kozvt4qVpbGVgfNMhJGT
cache-control: max-age=30
content-type: text/javascript
cf-bgj: minify

GET
H/1.1

200
OK

/ Show response
intof.io/itag/
Redirect Chain

https://intof.io/itag
https://intof.io/itag/?id=itag

6 KB
6 KB

97ms
97ms

Script
application/javascript

54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://intof.io/itag/?id=itag
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: HTTP/1.1
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: fa1cb237372d86c71a568f5fcd882d5470963e32ea235917147143fc0d7f5317

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 10:24:41 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 5643

Redirect headers

Location: https://intof.io/itag/?id=itag
Date: Tue, 14 Jun 2022 10:24:41 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 238
Content-Type: text/html; charset=iso-8859-1

POST
H2 200 / Show response
api.amplitude.com/ 7 B
168 B 492ms
160ms XHR
text/html 54.149.245.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-4.4.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.149.245.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-149-245-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://cryptorocketsalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 10:24:45 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1720032477&t=pageview&_s=1&dl=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Ddedicated%26utm_term%3D__%26utm_content%3D3976771%26utm_campaign%3DiEADiz%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&ul=en-us&de=UTF-8&dt=%245%20Crypto%20Webinar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABQAAAAC~&jid=1962894054&gjid=1360309382&cid=1768253572.1655202285&tid=UA-111298202-10&_gid=1628635936.1655202285&_r=1&gtm=2wg6d0W3F3RN9&z=752182611

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cryptorocketsalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 10:24:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cryptorocketsalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/774664871/ 3 KB
2 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/774664871/?random=1655202285411&cv=9&fst=1655202285411&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Ddedicated%26utm_term%3D__%26utm_content%3D3976771%26utm_campaign%3DiEADiz%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&tiba=%245%20Crypto%20Webinar&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

725e4982de434a1da0f2c9f46a47990d69c0c3404eb58d4b9cfb5f3855657b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 10:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1144
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/774664871/ 42 B
548 B 48ms
25ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/774664871/?random=1655202285411&cv=9&fst=1655200800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&frm=0&url=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Ddedicated%26utm_term%3D__%26utm_content%3D3976771%26utm_campaign%3DiEADiz%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&tiba=%245%20Crypto%20Webinar&async=1&fmt=3&is_vtc=1&random=1200813327&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 10:24:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/774664871/ 42 B
548 B 42ms
18ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/774664871/?random=1655202285411&cv=9&fst=1655200800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&frm=0&url=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Ddedicated%26utm_term%3D__%26utm_content%3D3976771%26utm_campaign%3DiEADiz%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&tiba=%245%20Crypto%20Webinar&async=1&fmt=3&is_vtc=1&random=1200813327&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 10:24:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ea08479a-b7e3-45a5-b2db-80a3631455a2 Show response
app.convertflow.co/websites/36338/visitors/ 489 B
702 B 933ms
925ms Script
text/javascript 2606:4700:20::ac43:4770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertflow.co/websites/36338/visitors/ea08479a-b7e3-45a5-b2db-80a3631455a2?callback=jQuery351036146543077777205_1655202285109&visitor%5Bwebsite_id%5D=36338&visitor%5Bvisitor_token%5D=ea08479a-b7e3-45a5-b2db-80a3631455a2&visitor%5Bcontact_id%5D=&visitor%5Blanding_page%5D=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Ddedicated%26utm_term%3D__%26utm_content%3D3976771%26utm_campaign%3DiEADiz%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&visitor%5Bplatform%5D=Web&new=true&utms%5Butm_source%5D=email&utms%5Butm_medium%5D=dedicated&utms%5Butm_campaign%5D=iEADiz&utms%5Butm_term%5D=__&utms%5Butm_content%5D=3976771&_=1655202285110

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be63bbabfc64c173bf2ddb0336441c83b01d93b0241c33129f8f68fffa154368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:46 GMT
access-control-request-method: *
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 4dd29aa5-60d7-4aec-9bcb-dddf2a252e60
x-runtime: 0.006549
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"be63bbabfc64c173bf2ddb0336441c83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma5M%2F%2FBa9TC4vuV7aD5szXu097ocPiI%2FlazFqMq9hze5%2FfhbyVjwOKJ8g7hnxy7nUiA0nFCeExV8xBixiEjgaycpW5ZWQHm391nVyD5LabY8Olqu1xBkwQJA3nUIEUFoRsAHaoqebtk4gkQ392YbIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
via: 1.1 vegur
cache-control: max-age=0, private, must-revalidate
cf-ray: 71b25bacae4a0f82-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 create Show response
app.convertflow.co/websites/36338/contacts/ 77 B
838 B 762ms
761ms Script
text/javascript 2606:4700:20::ac43:4770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertflow.co/websites/36338/contacts/create?callback=jQuery351036146543077777205_1655202285111&contact%5Bwebsite_id%5D=36338&contact%5Bvisitor_token%5D=ea08479a-b7e3-45a5-b2db-80a3631455a2&contact%5Bemail%5D=gsheard%40bcbsm.com&_=1655202285112

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1cab3b28fc4259a0e28df29b0054d71224f7c416b430f6686185db93afeb5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:46 GMT
access-control-request-method: *
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 6bb33805-d2e4-4eb4-82bc-bda858ff282f
x-runtime: 0.006161
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b1cab3b28fc4259a0e28df29b0054d71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHnL8Rp8bB%2BcGeqGGhroz2Iwhpql4eqhLyLPkjXpqQdNk0YWYNA0pMqZFMHzS%2BryTxGe5HM4VU2R44ScwX1qX2o5M%2FYcrldHwkH1wkH5jEiAKwpT1LRwWvkcaaSDdam6Td9QXvj6sbz4LCuVX4bZZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
via: 1.1 vegur
cache-control: max-age=0, private, must-revalidate
cf-ray: 71b25bacae500f82-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

POST
H3 200 track.php Show response
timsykes-supernova.com/ctdb/ 3 B
616 B 1233ms
1203ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://timsykes-supernova.com/ctdb/track.php?email=gsheard@bcbsm.com&funnel=cyr_wr&action=view_cart&page_url=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y&page_id=war-room-cart
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Accept: */*
Referer: https://cryptorocketsalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: Authorization, Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qm1Qspiu2ZhhIyoWijBg2KrrCff6l0W2xGzWkpkgoV2O%2BFSEi3aWmD0ZHxlrYPcwCK7MKBKpGX92W2NFbMOcJRSYcZymRzqznV57Q5RAuR6BIlJG7b7xhaGC7NbhkGZ%2F62A%2F0hsFrEhqtc2A5CZlmkYw65dc"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 71b25bacfece73c3-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3

GET
H2 200 / Show response
millionairepub.thrivecart.com/26/ Frame D4D3 106 KB
21 KB 499ms
284ms Document
text/html 54.88.133.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Requested by: Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/embed/v1/thrivecart.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.133.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-133-136.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2830e32c1bc41348982e515360557cc02205d114c1a9435a2846ec8fa08633cb

Request headers

Referer: https://cryptorocketsalerts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 14 Jun 2022 10:24:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding

GET
H/1.1 200
OK /
intof.io/iocmap/ 43 B
411 B 98ms
97ms Image
image/gif 54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intof.io/iocmap/?iocid=null&iocmap=null
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 10:24:41 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 43

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 162ms
161ms XHR
text/html 54.149.245.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-4.4.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.149.245.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-149-245-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://cryptorocketsalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 10:24:45 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 checkout.minimal.css
tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/embed/v1/ Frame D4D3 89 KB
16 KB 12ms
10ms Stylesheet
text/css 143.204.89.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/embed/v1/checkout.minimal.css
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-63.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 8358fed89d6ac5c039c6a9f8c5b3c8c55231181562bd23164392fa20de3bc330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 05:15:25 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 05:14:40 GMT
server: nginx
age: 1832961
etag: W/"628c69c0-16442"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 290YKQkoVaCXwkZjcgwQbfaLoAroE-5iUv1tm3aQXoUBx2YJV-Xtxg==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
expires: Thu, 23 Jun 2022 05:15:25 GMT

GET
H2 200 all.min.css
tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/static/assets/fontawesome-5.15.2/css/ Frame D4D3 170 KB
33 KB 198ms
195ms Stylesheet
text/css 143.204.89.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/static/assets/fontawesome-5.15.2/css/all.min.css
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-63.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: caf2756a13f8fee24efb8378994a43a44150c14fa06dc7ac372e24226b03c220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 05:15:25 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 05:14:39 GMT
server: nginx
age: 1832961
etag: W/"628c69bf-2a8fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: -btpXwH6R6N8q5bSQcjlsRpUOQvlUWeBgORrSMWvQTL50mhtvPUo4g==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
expires: Thu, 23 Jun 2022 05:15:25 GMT

GET
H2 200 widgets.css
tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/plugins/core.template.v2/assets/ Frame D4D3 588 KB
40 KB 15ms
13ms Stylesheet
text/css 143.204.89.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/plugins/core.template.v2/assets/widgets.css
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-63.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 66ebd781c901aae90ce4144c258bd42ebc192e98d5ca30cd76ad5dfc58800ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 05:15:25 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 05:14:39 GMT
server: nginx
age: 1832961
etag: W/"628c69bf-931bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: YMmcU9FkC4uiFWbP8lKvqGtTM1IHJdisOttdQsjaWeJNelzgo1mi9Q==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
expires: Thu, 23 Jun 2022 05:15:25 GMT

GET
H2 200 style.css
tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/plugins/core.template.v2/templates/embed/assets/ Frame D4D3 124 KB
11 KB 14ms
12ms Stylesheet
text/css 143.204.89.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/plugins/core.template.v2/templates/embed/assets/style.css
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-63.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 4f0f22abbe6c548a03d64cf7f3a3fffbf68a2a68d813ee11d4d13352a80d42a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 05:16:06 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 05:14:39 GMT
server: nginx
age: 1832920
etag: W/"628c69bf-1f090"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: l3vkU9TM03OhT8Kf1ctQ0c2Hx0whni8xUBBMSGw8Bw9BInpRg1cKwA==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
expires: Thu, 23 Jun 2022 05:16:06 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D4D3 4 KB
518 B 35ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext

Requested by

Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b0e12db768dea860ca3ab97866d50d6f3f9cc5ac7f03ce3ee7145556d7c8a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 10:24:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 10:24:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 10:24:46 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame D4D3 726 B
376 B 33ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?display=swap&family=DM+Sans&subset=latin-ext

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69f5c6a36a2c3779e8d124d8a02b4899a3b47e60169dfaf4a722a5a83f1c3df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 10:24:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 10:24:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 10:24:46 GMT

GET
H2 200 contentWindow.js Show response
tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/embed/v1/scripts/iframeResizer/ Frame D4D3 13 KB
5 KB 11ms
10ms Script
application/javascript 143.204.89.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/embed/v1/scripts/iframeResizer/contentWindow.js
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-63.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: c69e891536bb25b9c636f6a5f1e377ba428a6d2e0c24822d60f77d972e6c6518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 05:15:34 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 05:14:40 GMT
server: nginx
age: 1832952
etag: W/"628c69c0-334d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nx4lbGDg-t-_xpJ-WWW3tDeohhP_wAQEnAAtEWLEVnSfOkGFxObpZg==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
expires: Thu, 23 Jun 2022 05:15:34 GMT

GET
H2 200 user_assets%2FT4F2RD5O%2Fuploads%2Fimages%2Fdiamondhands-1638240054.png
spark.thrivecart.com/500x0/ Frame D4D3 87 KB
87 KB 63ms
12ms Image
image/png 65.9.66.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spark.thrivecart.com/500x0/user_assets%2FT4F2RD5O%2Fuploads%2Fimages%2Fdiamondhands-1638240054.png
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-92.fra56.r.cloudfront.net
Software: /
Resource Hash: 5764fa6f2fcc36ef4404db6a94e0eb27339474529841a85e4ae8f08eec29c09b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 11:34:45 GMT
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront), 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
etag: "7dd7385a0552c4db526565da52955a84b7bb1af0"
age: 11400601
x-amzn-requestid: 5972d0d7-9f4a-4746-b152-55f9e0add3f6
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-61fa6c54-7d96c6627d0338a51410f4f1;Sampled=0
x-amz-cf-pop: FRA60-P3, FRA56-C1
content-length: 88785
x-amz-apigw-id: M6XdNHMBoAMFn_w=
x-amzn-remapped-date: Wed, 02 Feb 2022 11:34:44 GMT
x-amz-cf-id: VDMaMr2VkATIll11KBkUQJf6379mnPWV5LexvJsBsV9keRHDoFCkWA==
expires: Thu, 02 Feb 2023 11:34:45 GMT

GET
H2 200 cards_limited.png
tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/plugins/core.template.v2/widgets/core_fields_buy_button/frontend/ Frame D4D3 8 KB
8 KB 11ms
8ms Image
image/png 143.204.89.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/plugins/core.template.v2/widgets/core_fields_buy_button/frontend/cards_limited.png
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-63.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 1beb1ffc4631dc233334ae5761d9504dc38ede5e85ade396dcc35613ed146507

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 05:15:26 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
last-modified: Tue, 24 May 2022 05:14:39 GMT
server: nginx
age: 1832960
etag: "628c69bf-1f0e"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7950
x-amz-cf-id: zl5aIEl_1t4uh223anlq_onfwlHd-vgvwDtU6GChZGLoUrI0_jJ5Dw==
expires: Thu, 23 Jun 2022 05:15:26 GMT

GET
H2 200 cards_full.png
tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/plugins/core.template.v2/widgets/core_fields_buy_button/frontend/ Frame D4D3 10 KB
10 KB 12ms
11ms Image
image/png 143.204.89.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/plugins/core.template.v2/widgets/core_fields_buy_button/frontend/cards_full.png
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-63.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: b2362f1c2a377dd386a3929b9fb2dc5fabfbc2a7f102e29009bfe09c6833849c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 05:15:26 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
last-modified: Tue, 24 May 2022 05:14:39 GMT
server: nginx
age: 1832960
etag: "628c69bf-27ff"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 10239
x-amz-cf-id: 2jfhh2EUwNF24LeSgoi5J_sqdTWZ_cydA6Dprj5Q3-YDVLSN5m3_cQ==
expires: Thu, 23 Jun 2022 05:15:26 GMT

GET
DATA 200
OK truncated
/ Frame D4D3 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo-translucent.png
tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/static/images/ Frame D4D3 9 KB
10 KB 9ms
8ms Image
image/png 143.204.89.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/static/images/logo-translucent.png
Requested by: Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/plugins/core.template.v2/templates/embed/assets/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-63.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 0178efc1cd691a4412d88770fcca9ec0c7355669113c7b4d707fa4b21bb9df9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/plugins/core.template.v2/templates/embed/assets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 05:15:27 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
last-modified: Tue, 24 May 2022 05:14:39 GMT
server: nginx
age: 1832959
etag: "628c69bf-24c8"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 9416
x-amz-cf-id: Sw9fMHPH0X5kgJyj54MSaC1d_O-5Jp0hAWYgwyphcRzI3M_Z9B2zPw==
expires: Thu, 23 Jun 2022 05:15:27 GMT

GET
H3 200 rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame D4D3 18 KB
18 KB 28ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://millionairepub.thrivecart.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 20:26:17 GMT
x-content-type-options: nosniff
age: 395909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18212
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jun 2023 20:26:17 GMT

GET
H3 200 rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame D4D3 18 KB
18 KB 28ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://millionairepub.thrivecart.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 20:26:16 GMT
x-content-type-options: nosniff
age: 395910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18096
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jun 2023 20:26:16 GMT

GET
H3 200 rP2Cp2ywxg089UriAWCrCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame D4D3 18 KB
18 KB 30ms
15ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriAWCrCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6997f451bbf8012dea5fb3b9f2e974a2f86861364126915097d81096392c800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://millionairepub.thrivecart.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 20:26:19 GMT
x-content-type-options: nosniff
age: 395907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18240
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:54:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Jun 2023 20:26:19 GMT

GET
H2 200 common.js Show response
tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/embed/v1/ Frame D4D3 153 KB
46 KB 23ms
22ms Script
application/javascript 143.204.89.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/embed/v1/common.js
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-63.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 16728d621fbc75db0ee37a0aeca0b588162d1a0057cf9433d05e229518a5fb4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 05:15:27 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 05:14:39 GMT
server: nginx
age: 1832959
etag: W/"628c69bf-2659d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 467Q-wNUQTwjJDaz9Vq-hOR2mOua6oQC7-2njmN0Lcl2DLvqSjhN-w==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
expires: Thu, 23 Jun 2022 05:15:27 GMT

GET
H2 200 checkout.v2.js Show response
tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/embed/v1/ Frame D4D3 124 KB
26 KB 11ms
11ms Script
application/javascript 143.204.89.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/embed/v1/checkout.v2.js
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-63.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: c53af9be44c73334e9e3bf0229fc0c12aad967841b914e4494652a4ba5f37677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 05:15:27 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 05:14:40 GMT
server: nginx
age: 1832959
etag: W/"628c69c0-1f07c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Gw1SsvBTWZUzQ3_UnnqrJL5uZDhsK3YRGxmQRtxKJD8kv4Vte8tPPw==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
expires: Thu, 23 Jun 2022 05:15:27 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame D4D3 312 KB
83 KB 75ms
9ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

69b58f7655d99651622be00511269f3e31b1448e7efd9b29e7859a182e3c5bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 55
x-cache: Hit from cloudfront
date: Tue, 14 Jun 2022 10:23:52 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Mon, 13 Jun 2022 21:11:05 GMT
server: Cloudfront
etag: W/"375c064eba829c0fcb38f773097082e2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: YrS9QzCe6TzjArrqYfKgYHxa29XI5eg8T9aMS4OTwPiG75PwaBtbFg==

GET
H2 200 widgets.js Show response
tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/plugins/core.template.v2/assets/ Frame D4D3 230 KB
54 KB 12ms
12ms Script
application/javascript 143.204.89.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/plugins/core.template.v2/assets/widgets.js
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-63.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 0a26fef0e357be97292a660af66e2d3feb74ea8aa40f8bf6abe499a41399b2d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 05:15:27 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 05:14:39 GMT
server: nginx
age: 1832959
etag: W/"628c69bf-39743"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Y31XUI43Do65F4l9sDt_KgydRHXeMImqhj1poqtPKx6huDow-YNRfQ==
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
expires: Thu, 23 Jun 2022 05:15:27 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1720032477&t=pageview&_s=1&dl=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Ddedicated%26utm_term%3D__%26utm_content%3D3976771%26utm_campaign%3DiEADiz%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&ul=en-us&de=UTF-8&dt=%245%20Crypto%20Webinar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABQAAAAC~&jid=&gjid=&cid=1768253572.1655202285&tid=UA-111298202-10&_gid=1628635936.1655202285&gtm=2wg6d0W3F3RN9&z=763599529

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 06:56:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12469
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 06:56:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12469
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 06:56:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12469
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 06:56:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12469
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 poll Show response
millionairepub.thrivecart.com/api/v1/plugin/call/core.stock/ Frame D4D3 49 B
422 B 163ms
163ms XHR
application/json 54.88.133.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://millionairepub.thrivecart.com/api/v1/plugin/call/core.stock/poll
Requested by: Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/embed/v1/common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.133.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-133-136.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5acd1e76eab36ae57e68e66d401cde8c038308e10e28a533fc33696644f49b6b

Request headers

Accept: application/json, text/javascript
Referer: https://millionairepub.thrivecart.com/26/?1=1&_embeddable=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard%40bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&redir=y
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 10:24:46 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://millionairepub.thrivecart.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1720032477&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Ddedicated%26utm_term%3D__%26utm_content%3D3976771%26utm_campaign%3DiEADiz%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&ul=en-us&de=UTF-8&dt=%245%20Crypto%20Webinar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Event&ea=1000px%20Scrolled&el=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Ddedicated%26utm_term%3D__%26utm_content%3D3976771%26utm_campaign%3DiEADiz%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&ev=0&_u=aEDAAEABQAAAAC~&jid=&gjid=&cid=1768253572.1655202285&tid=UA-111298202-10&_gid=1628635936.1655202285&gtm=2wg6d0W3F3RN9&z=976390253

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 06:56:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12469
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 06:56:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12469
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 06:56:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12469
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 06:56:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12469
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-6262077c14f753400d607dc30e70f1af.html Show response
js.stripe.com/v3/ Frame 62D4 240 B
979 B 12ms
12ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://millionairepub.thrivecart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1678
cache-control: max-age=31536000
content-length: 240
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Jun 2022 09:56:51 GMT
etag: "6262077c14f753400d607dc30e70f1af"
last-modified: Fri, 10 Jun 2022 18:43:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-id: OoA-VNy9zJ3UrjbTDj97wWhDsJYwz3jyakYwM7czDSXV4GGBcDd7Vg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-087bf158f3a32f53c18544b2e64abcb2.html Show response
js.stripe.com/v3/ Frame 8461 349 B
1 KB 8ms
7ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-087bf158f3a32f53c18544b2e64abcb2.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3ba0e12768a044d40d7a3116e90562f2be429a9bed0ec5ba3313f872f47611f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://millionairepub.thrivecart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 30
cache-control: max-age=60
content-length: 349
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Jun 2022 10:24:26 GMT
etag: "087bf158f3a32f53c18544b2e64abcb2"
last-modified: Mon, 13 Jun 2022 20:49:14 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-id: 3EdPQlmlFaYKSfQxSAFu9vr3AyzqBjxiCh9BISZzweF4FeDVM92jww==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 select-arrow.png
tinder.thrivecart.com/embed/v1/images/ Frame D4D3 637 B
1 KB 8ms
7ms Image
image/png 143.204.89.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinder.thrivecart.com/embed/v1/images/select-arrow.png
Requested by: Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/embed/v1/checkout.minimal.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-63.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 4ff40fb5a2aea4aee1a72ed5c530e9e6db69247d05424747e76343c82b827a7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/embed/v1/checkout.minimal.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 05:16:42 GMT
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
last-modified: Tue, 24 May 2022 05:14:40 GMT
server: nginx
age: 1832884
etag: "628c69c0-27d"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 637
x-amz-cf-id: lF-rp-qOIF6TacqffGzKDf4EiPqNwJWsU-5rJbA6VbKU8H9dH33uDw==
expires: Thu, 23 Jun 2022 05:16:42 GMT

GET
H2 200 elements-inner-card-b55b8cbdd79b004b82925551de523712.html Show response
js.stripe.com/v3/ Frame 6283 807 B
2 KB 8ms
7ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-b55b8cbdd79b004b82925551de523712.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

90788ef2d06e8f6d3146b49c69dc9c20f9a23756880e8fd1829e758046ccf441

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://millionairepub.thrivecart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3387
cache-control: max-age=31536000
content-length: 807
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Jun 2022 09:28:20 GMT
etag: "b55b8cbdd79b004b82925551de523712"
last-modified: Mon, 13 Jun 2022 20:49:14 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-amz-cf-id: a2UH5VqPeAdQhXk91AgknQlgipahVo_i0w3A07jBXVhQfACXm1iJhg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 62D4 0
571 B 500ms
160ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Jun 2022 10:24:47 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8461 0
570 B 495ms
163ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Jun 2022 10:24:47 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 tccon_v1.0.0.js Show response
hgevt001.cryptorocketsalerts.com/ Frame D4D3 35 KB
13 KB 146ms
145ms Script
application/javascript 2606:4700:3036::6815:20d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hgevt001.cryptorocketsalerts.com/tccon_v1.0.0.js
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&page_id=war-room-cart&funnel_id=cyr_wr&ref=iEADiz&utm_source=email&utm_medium=dedicated&utm_term=__&utm_content=3976771&utm_campaign=iEADiz&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:20d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d92ac6c496a5c1f7ffd0fc9574cce0d9431764e851cb30e5a54283d42e21b67d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:46 GMT
via: 1.1 fcd8545d1b62265bb65a45721c43e6ac.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP63-P3
x-cache: Miss from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Sep 2021 08:50:28 GMT
server: cloudflare
etag: W/"5abb4633bb17c8f060fe9024213951cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIKIOU1y%2BVyclkOqKV%2B45TvwP%2F5qq9vrEEuoLwl%2FFzH1K6BrxLEtFrajW9pZwcaAXgdRLvMwh4kW5o54Mk2bZHyQkE4wzAM%2FA4rDKFF7ktbVeE%2FE%2BraRsMYVEFhTGaMo8vGP%2BLocTvaFYjUOyRLdv9xgtYT9Kwp94moJvaIkxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 71b25bb45b63103f-MRS
x-amz-cf-id: qj8isVRk878XT0b11zUZcslq2Kj4Q0RkzW6JWvMLHpfzXAKEFO_ADg==

GET
H2 200 m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 62D4 1 KB
1 KB 8ms
7ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 34
x-cache: Hit from cloudfront
date: Tue, 14 Jun 2022 10:24:26 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 18:43:57 GMT
server: Cloudfront
etag: W/"77711798ecf99b8bb8207cf88a10d73c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: o_xQkd_UGBIiAkBtySMgT5C2ZvcTst3VUD3UlF7S_2mcBV98iIReZA==

POST
H2 200 csp-report
q.stripe.com/ Frame 6283 0
570 B 473ms
162ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Jun 2022 10:24:47 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-e0e3ae3acc6b6e755473ef158748a91b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8461 215 KB
59 KB 8ms
8ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-e0e3ae3acc6b6e755473ef158748a91b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-087bf158f3a32f53c18544b2e64abcb2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

42676614f8f33b6aee123b25b5e85a003e815d7f3b3ab7793df05c5ea7999adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-087bf158f3a32f53c18544b2e64abcb2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 55
x-cache: Hit from cloudfront
date: Tue, 14 Jun 2022 10:24:02 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Mon, 13 Jun 2022 20:49:21 GMT
server: Cloudfront
etag: W/"d09b903bcc58db43f960b22abd332ab5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: LtTabpAo8bp7Q4e9pkDfYiN-XLsF2vAJ568eNpTh3uHYyw7vQfalxg==

GET
H2 200 controller-82a39a9509a5fa023531445834d895b2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8461 392 KB
106 KB 10ms
10ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-82a39a9509a5fa023531445834d895b2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-087bf158f3a32f53c18544b2e64abcb2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f786701ded095486cbea25a5735081cfe0ba6fe3dd5b9ce2d36313c3d98ca6aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-087bf158f3a32f53c18544b2e64abcb2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 53
x-cache: Hit from cloudfront
date: Tue, 14 Jun 2022 10:24:02 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Mon, 13 Jun 2022 20:49:24 GMT
server: Cloudfront
etag: W/"c2eca1534f8c387664276c3c5037b568"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: 0uQ44M0c7bn5ToxbbxMTBEwAYO7MTC_wsWG4tni7a_S1xuIblr2oPA==

GET
H2 200 track Show response
millionairepub.thrivecart.com/api/v1/statistics/ Frame D4D3 87 B
452 B 332ms
332ms XHR
application/json 54.88.133.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://millionairepub.thrivecart.com/api/v1/statistics/track?viewer_id=&user_id=de693474-c846-4df2-ad3d-b750d3c95c4b&browser=chrome&os=windows&entity_id=26&entity_type=product&account_id=11407&mode=2&campaign_id=iEADiz&affiliate_id=&tc_flow=&tco=&tcv=&uv=8&event_meta%5Burl%5D=https%3A%2F%2Fmillionairepub.thrivecart.com%2F26%2F%3F1%3D1%26_embeddable%3D1%26weet_sid%3D2b3c6a74-a078-44c8-98c9-bfe1404a1427%26funnel_id%3Dcyr_wr%26page_id%3Dwar-room-cart%26email%3Dgsheard%2540bcbsm.com%26utm_source%3Demail%26utm_medium%3Ddedicated%26utm_campaign%3DiEADiz%26utm_content%3D3976771%26utm_term%3D__%26redir%3Dy&event_meta%5Buser_agent%5D=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F102.0.5005.61+Safari%2F537.36&event_meta%5Bfbp%5D=.&event_meta%5Bfbc%5D=.&event_meta%5Boffer_type%5D=product&event_meta%5Boffer_ref%5D=26&event_meta%5Bevent_time%5D=1655202287&event_meta%5Bpage_load_time%5D=1655202285&event_type=checkout_view
Requested by: Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/embed/v1/common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.133.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-133-136.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f0b1748aa29b856924a1500dd03375c7ff41bcd7640c3b25a215d63add3eb32e

Request headers

Accept: application/json, text/javascript
Referer: https://millionairepub.thrivecart.com/26/?1=1&_embeddable=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard%40bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&redir=y
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 10:24:47 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://*.thrivecart.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ui-shared-dcc7704820e24909c78df35eed5aea96.css
js.stripe.com/v3/fingerprinted/css/ Frame 6283 18 KB
3 KB 10ms
8ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-dcc7704820e24909c78df35eed5aea96.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-b55b8cbdd79b004b82925551de523712.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

49f542f6b15c29f0dad8a9982664eac92652cd51da8e8592f8ecbaa7a3dff9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-b55b8cbdd79b004b82925551de523712.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 56
x-cache: Hit from cloudfront
date: Tue, 14 Jun 2022 10:24:46 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 18:43:48 GMT
server: Cloudfront
etag: W/"d8a33a9503618fb1361fd34772563167"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: ZwQ5TfRHJZYfR59kTh61jajauPlgFV1njNnt9CJ_aXv2hl3Y8dKgYg==

GET
H2 200 elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
js.stripe.com/v3/fingerprinted/css/ Frame 6283 5 KB
1 KB 14ms
13ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-b55b8cbdd79b004b82925551de523712.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-b55b8cbdd79b004b82925551de523712.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 56
x-cache: Hit from cloudfront
date: Tue, 14 Jun 2022 10:23:50 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Cloudfront
etag: W/"0de3030d19b9e3517790795cb6ccc87d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: gu8Svt2kDALEWHXoHyG1AJNkazik8QjuXBD6qW-W1Q8dkfhsvU808A==

GET
H2 200 shared-e0e3ae3acc6b6e755473ef158748a91b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6283 215 KB
59 KB 10ms
9ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-e0e3ae3acc6b6e755473ef158748a91b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-b55b8cbdd79b004b82925551de523712.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

42676614f8f33b6aee123b25b5e85a003e815d7f3b3ab7793df05c5ea7999adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-b55b8cbdd79b004b82925551de523712.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 55
x-cache: Hit from cloudfront
date: Tue, 14 Jun 2022 10:24:02 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Mon, 13 Jun 2022 20:49:21 GMT
server: Cloudfront
etag: W/"d09b903bcc58db43f960b22abd332ab5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: 3mYGpkouaPTpUGsCgTenecnmjvupG-Suki2RGOIzvdkgpJPjXtUVhw==

GET
H2 200 ui-shared-17d8a64391dd060af11ee0c474d7486a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6283 214 KB
65 KB 16ms
14ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-17d8a64391dd060af11ee0c474d7486a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-b55b8cbdd79b004b82925551de523712.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4d5832ab9f10212295b0b32e1c5db8819cbc3de22fe0827abc31e6becb1cac70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-b55b8cbdd79b004b82925551de523712.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 17
x-cache: Hit from cloudfront
date: Tue, 14 Jun 2022 10:24:46 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Mon, 13 Jun 2022 20:49:24 GMT
server: Cloudfront
etag: W/"552becbe854f1b56f3e03c4dc547113b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: 0RKgxEUwOa05qf90gwni4fm9R8f53zW5A0PAkMxB7gU9AVrG8A3gfg==

GET
H2 200 elements-inner-card-f39b043cd0a8dcaf0ab4612417786812.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6283 47 KB
12 KB 14ms
14ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-f39b043cd0a8dcaf0ab4612417786812.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-b55b8cbdd79b004b82925551de523712.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

703a0d2d286674489fe257551ad01817353e8f6275dcdd0535e9cb5092cbe55a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-b55b8cbdd79b004b82925551de523712.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 15
x-cache: Hit from cloudfront
date: Tue, 14 Jun 2022 10:24:32 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 18:43:54 GMT
server: Cloudfront
etag: W/"a32f56b16dc575ba1caa6bbc29988c6a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: LgoQppGWETR9EbeRLQYJ5j_J3_sXtLGUtljFFst0AzFNOVKRN-UlZQ==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0CF5 930 B
2 KB 48ms
9ms Document
text/html 2600:9000:2057:d800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:d800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 250
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Jun 2022 10:20:37 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id: s0frq_2wuOcN0hfd_pGMple5l2ZbphknGWHxiJpQQVYbsBdtSzfpWg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 0 Show response
r.stripe.com/ Frame 8461 0
127 B 677ms
320ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e0e3ae3acc6b6e755473ef158748a91b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 14 Jun 2022 10:24:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame 0CF5 0
344 B 371ms
162ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 10:24:47 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8461 0
127 B 609ms
322ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e0e3ae3acc6b6e755473ef158748a91b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 14 Jun 2022 10:24:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 8461 0
127 B 607ms
319ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e0e3ae3acc6b6e755473ef158748a91b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 14 Jun 2022 10:24:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 8461 0
128 B 605ms
319ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e0e3ae3acc6b6e755473ef158748a91b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 14 Jun 2022 10:24:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 8461 0
127 B 762ms
475ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e0e3ae3acc6b6e755473ef158748a91b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 14 Jun 2022 10:24:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 8461 0
127 B 607ms
321ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e0e3ae3acc6b6e755473ef158748a91b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 14 Jun 2022 10:24:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 8461 0
127 B 605ms
320ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e0e3ae3acc6b6e755473ef158748a91b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 14 Jun 2022 10:24:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 8461 0
127 B 606ms
322ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e0e3ae3acc6b6e755473ef158748a91b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 14 Jun 2022 10:24:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 0CF5 86 KB
14 KB 26ms
26ms Script
text/javascript 2600:9000:2057:d800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:d800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
age: 27
date: Tue, 14 Jun 2022 10:24:20 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: btwureREbNDxtcuctJY-HW7hWABs23oTvaRl1R4Nzm-an-AnWFwIQg==
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"

POST
H2 200 0 Show response
r.stripe.com/ Frame 8461 0
127 B 598ms
321ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e0e3ae3acc6b6e755473ef158748a91b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 14 Jun 2022 10:24:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 8461 0
127 B 594ms
321ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e0e3ae3acc6b6e755473ef158748a91b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 14 Jun 2022 10:24:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 8461 0
127 B 593ms
322ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e0e3ae3acc6b6e755473ef158748a91b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 14 Jun 2022 10:24:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 regev Show response
ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/ Frame D4D3 61 B
271 B 1128ms
1127ms XHR
application/json 54.221.249.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/regev
Requested by: Host: hgevt001.cryptorocketsalerts.com
URL: https://hgevt001.cryptorocketsalerts.com/tccon_v1.0.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.221.249.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-249-16.compute-1.amazonaws.com
Software: /
Resource Hash: f3ccd5e87a44ed23dfc97a4c9a8db6164ab2ce16345de9fd5c3f6c05b3e9aa1a

Request headers

Accept: application/json, text/plain, */*
Referer: https://millionairepub.thrivecart.com/
X-Server-Dbg: false
accept-language: de-DE,de;q=0.9
Sttracker-Key: UV5pQG9AencxZEhuekdremIzZnpyIVppWT1vLUguQVR2OiVIOlJJfV91azVFNGlxKXVTalcsOHAzajohUHM+cQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 10:24:48 GMT
x-amzn-requestid: a13483e5-b10e-4641-9035-60c338de5da0
x-amz-apigw-id: TtQ9ZHJvoAMFUsQ=
x-amzn-trace-id: Root=1-62a861ef-4f0a7ce80617793b454377b1;Sampled=0
content-length: 61
content-type: application/json

OPTIONS
H2 200 regev
ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/ Frame 0
0 99ms
97ms Preflight
application/json 54.221.249.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/regev
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.221.249.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-249-16.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sttracker-key,x-server-dbg
Access-Control-Request-Method: POST
Origin: https://millionairepub.thrivecart.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: Sttracker-Key,X-Server-Dbg,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 14 Jun 2022 10:24:47 GMT
x-amz-apigw-id: TtQ9YE85IAMFvDg=
x-amzn-requestid: 4c14c2a6-cd80-49d0-8494-7376ed141f58

POST
H2 200 0 Show response
r.stripe.com/ Frame 8461 0
127 B 570ms
319ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e0e3ae3acc6b6e755473ef158748a91b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Tue, 14 Jun 2022 10:24:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 10024418-10025485.js Show response
cdn-3.convertexperiments.com/js/ Frame D4D3 193 KB
60 KB 14ms
14ms Script
application/javascript 96.16.134.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-3.convertexperiments.com/js/10024418-10025485.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.134.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-134-166.deploy.static.akamaitechnologies.com

Software

Resource Hash

f7dd80039caf9b1c99639fedd3c4ec83e52f72acf38740aac1b5233b510e2a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:24:46 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=263
strict-transport-security: max-age=15768000
content-length: 61416
x-privacy-policy: You can find our privacy policy at https://www.convert.com/privacy-notice/

POST
H2 200 6 Show response
m.stripe.com/ Frame 0CF5 156 B
523 B 488ms
162ms XHR
application/json 52.42.90.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.42.90.94 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-90-94.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c4d67fc1020d655cea40a0da57c67e550134bf2218ba686419abf9b521ea3fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 14 Jun 2022 10:24:47 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 heartbeat Show response
millionairepub.thrivecart.com/api/v1/statistics/ Frame D4D3 24 B
389 B 225ms
224ms XHR
application/json 54.88.133.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://millionairepub.thrivecart.com/api/v1/statistics/heartbeat?data%5Baccount_id%5D=11407&data%5Bviewer_id%5D=429583657635114900&data%5Bproduct_id%5D=26&data%5Btc_flow%5D=&data%5Btco%5D=&data%5Btcv%5D=&data%5Bping_id%5D=&data%5Buv%5D=8
Requested by: Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v89aba31e068e8152442a339283573f5f519ecb17/embed/v1/common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.133.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-133-136.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f138e2989fb8d91ad08774c2fd2036a3c54f7ada2034ba3a043460d5cff2abcd

Request headers

Accept: application/json, text/javascript
Referer: https://millionairepub.thrivecart.com/26/?1=1&_embeddable=1&weet_sid=2b3c6a74-a078-44c8-98c9-bfe1404a1427&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard%40bcbsm.com&utm_source=email&utm_medium=dedicated&utm_campaign=iEADiz&utm_content=3976771&utm_term=__&redir=y
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 10:24:50 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://*.thrivecart.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.timsykes.com/	1970-01-20 12:32:18	Name: iterableEndUserId Value: gsheard%40bcbsm.com
.timsykes.com/	1970-01-20 03:48:08	Name: iterableEmailCampaignId Value: 3976771
.timsykes.com/	1970-01-20 03:48:08	Name: iterableTemplateId Value: 5415580
.timsykes.com/	1970-01-20 03:48:08	Name: iterableMessageId Value: 2546288abeed42369af04c7104c6538b
links.timsykes.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 29048b6fd78a8d951e7e59207b9b796e9c914a60-1655202283604-d2b6914f569591d802f18aa4
cryptorocketsalerts.com/	1969-12-31 23:59:59	Name: X-Mapping-oihobbed Value: F67B6623586FCEC759A0F3C29A3D6C2D
.cryptorocketsalerts.com/	1970-01-20 08:09:30	Name: _conv_v Value: vi%3A1sc%3A1cs%3A1655202285fs%3A1655202285pv%3A1
.cryptorocketsalerts.com/	1970-01-20 03:46:43	Name: _conv_s Value: si%3A1sh%3A1655202285084-0.5411105054557215pv%3A1
.cryptorocketsalerts.com/	1970-01-20 08:05:54	Name: _conv_r Value: s%3Aemailm%3Adedicatedt%3A__*c%3Aieadiz
cryptorocketsalerts.com/	1970-01-20 04:29:54	Name: sid Value: 2b3c6a74-a078-44c8-98c9-bfe1404a1427
cryptorocketsalerts.com/	1970-01-20 04:29:54	Name: fte Value: gsheard@bcbsm.com
cryptorocketsalerts.com/	1970-01-20 04:29:54	Name: fts Value: email
cryptorocketsalerts.com/	1970-01-20 04:29:54	Name: ftm Value: dedicated
cryptorocketsalerts.com/	1970-01-20 04:29:54	Name: ftca Value: iEADiz
cryptorocketsalerts.com/	1970-01-20 04:29:54	Name: ftco Value: 3976771
cryptorocketsalerts.com/	1970-01-20 04:29:54	Name: ftt Value: __
cryptorocketsalerts.com/	1970-01-20 04:29:54	Name: pid Value: war-room-cart
cryptorocketsalerts.com/	1970-01-20 04:29:54	Name: fid Value: cyr_wr
cryptorocketsalerts.com/	1970-01-22 22:42:14	Name: amp_uid Value: gsheard@bcbsm.com
.cryptorocketsalerts.com/	1970-01-23 19:22:42	Name: amplitude_id_f20f5ffa6dcc1a76609e1a5b37fc4bbbcryptorocketsalerts.com Value: eyJkZXZpY2VJZCI6IjA1NmNhNDQ1LTEyMDEtNDEzMi1iMWYyLTc1NjFlODA4NjY5MVIiLCJ1c2VySWQiOiJnc2hlYXJkQGJjYnNtLmNvbSIsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY1NTIwMjI4NTM4OCwibGFzdEV2ZW50VGltZSI6MTY1NTIwMjI4NTM5MSwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MSwic2VxdWVuY2VOdW1iZXIiOjJ9
.cryptorocketsalerts.com/	1970-01-20 21:17:54	Name: _ga Value: GA1.2.1768253572.1655202285
.cryptorocketsalerts.com/	1970-01-20 03:48:08	Name: _gid Value: GA1.2.1628635936.1655202285
.cryptorocketsalerts.com/	1970-01-20 03:46:42	Name: _gat_UA-111298202-10 Value: 1
.doubleclick.net/	1970-01-20 03:46:43	Name: test_cookie Value: CheckForPermission
.cryptorocketsalerts.com/	1970-01-27 10:58:42	Name: cf_36338_id Value: ea08479a-b7e3-45a5-b2db-80a3631455a2
.cryptorocketsalerts.com/	1969-12-31 23:59:59	Name: cf_36338_person_last_update Value: 1655202285537
.thrivecart.com/	1969-12-31 23:59:59	Name: thrivecart_v2 Value: iqc4r2t3kvcv1t9ve71au1geu4
millionairepub.thrivecart.com/	1970-01-20 04:29:54	Name: fid Value: cyr_wr
millionairepub.thrivecart.com/	1970-01-20 04:29:54	Name: pid Value: war-room-cart
millionairepub.thrivecart.com/	1970-01-20 04:29:54	Name: fte Value: gsheard@bcbsm.com
millionairepub.thrivecart.com/	1970-01-20 04:29:54	Name: fts Value: email
millionairepub.thrivecart.com/	1970-01-20 04:29:54	Name: ftm Value: dedicated
millionairepub.thrivecart.com/	1970-01-20 04:29:54	Name: ftca Value: iEADiz
millionairepub.thrivecart.com/	1970-01-20 04:29:54	Name: ftco Value: 3976771
millionairepub.thrivecart.com/	1970-01-20 04:29:54	Name: ftt Value: __
millionairepub.thrivecart.com/	1970-01-20 04:29:54	Name: sid Value: 2b3c6a74-a078-44c8-98c9-bfe1404a1427
m.stripe.com/	1970-01-20 21:17:54	Name: m Value: db3d9e92-2c1a-4886-b70c-9f4e5a5a7b862d304e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.amplitude.com
app.convertflow.co
cdn-3.convertexperiments.com
cdn.amplitude.com
cryptorocketsalerts.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hgevt001.cryptorocketsalerts.com
intof.io
js.convertflow.co
js.stripe.com
ky85ws0f10.execute-api.us-east-1.amazonaws.com
links.timsykes.com
m.stripe.com
m.stripe.network
maxcdn.bootstrapcdn.com
millionairepub.thrivecart.com
q.stripe.com
r.stripe.com
spark.thrivecart.com
timsykes-supernova.com
tinder.thrivecart.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
143.204.89.63
172.217.18.2
18.66.242.100
2600:9000:2057:d800:19:7d10:bd80:93a1
2606:4700:20::ac43:4770
2606:4700:3036::6815:20d9
2606:4700::6812:bcf
2a00:1450:4001:800::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200a
2a06:98c1:3121::3
52.42.90.94
52.54.159.123
54.149.245.230
54.156.254.128
54.186.23.98
54.187.159.182
54.221.249.16
54.88.133.136
65.9.66.92
96.16.134.166
99.86.4.76
0178efc1cd691a4412d88770fcca9ec0c7355669113c7b4d707fa4b21bb9df9c
03266bd2ee7f7efa219940ae4cb280c86fd71ed1a1c14dc9259e5f207ecc5f9f
05ce7cd72329601fa53879caf3606e0fb24038c7fba90ababd74ec1e12c23136
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
0a26fef0e357be97292a660af66e2d3feb74ea8aa40f8bf6abe499a41399b2d8
0b0e12db768dea860ca3ab97866d50d6f3f9cc5ac7f03ce3ee7145556d7c8a23
0c7ed17553f6c92ed218c5984a18b2dee9a628229a13e9f36f6873b08f8d0010
16728d621fbc75db0ee37a0aeca0b588162d1a0057cf9433d05e229518a5fb4d
1beb1ffc4631dc233334ae5761d9504dc38ede5e85ade396dcc35613ed146507
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
251fdcadce75ca82c08da7eef61e4bd0015431861f9d91fbbb9b2b603051b0d9
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
2830e32c1bc41348982e515360557cc02205d114c1a9435a2846ec8fa08633cb
315ad4f60dc2f53e889b70c45ea86fd238d0dd7f944b035bb3f2d272f7a91257
333a09adebdf648e8fa46284a3b6b4868eb0395ac8106b5d5dc4153e2c798774
3ba0e12768a044d40d7a3116e90562f2be429a9bed0ec5ba3313f872f47611f6
42676614f8f33b6aee123b25b5e85a003e815d7f3b3ab7793df05c5ea7999adc
49f542f6b15c29f0dad8a9982664eac92652cd51da8e8592f8ecbaa7a3dff9ad
4d5832ab9f10212295b0b32e1c5db8819cbc3de22fe0827abc31e6becb1cac70
4f0f22abbe6c548a03d64cf7f3a3fffbf68a2a68d813ee11d4d13352a80d42a3
4ff40fb5a2aea4aee1a72ed5c530e9e6db69247d05424747e76343c82b827a7d
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5764fa6f2fcc36ef4404db6a94e0eb27339474529841a85e4ae8f08eec29c09b
5acd1e76eab36ae57e68e66d401cde8c038308e10e28a533fc33696644f49b6b
5e515001321f61b8020d15e0f2ad617bd173bcb30de0e927ecfdd3e4d21a7d1f
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
667c3acb0917904bd49e8fbb630b4d776b96772494121d9dcb1a03b75d3cd610
66ebd781c901aae90ce4144c258bd42ebc192e98d5ca30cd76ad5dfc58800ef2
69b58f7655d99651622be00511269f3e31b1448e7efd9b29e7859a182e3c5bd8
69f5c6a36a2c3779e8d124d8a02b4899a3b47e60169dfaf4a722a5a83f1c3df4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6f04bcf40e01ce3e80fbc56c19312c7b700322cf28863fb3d437ad3a75ce0450
703a0d2d286674489fe257551ad01817353e8f6275dcdd0535e9cb5092cbe55a
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
725e4982de434a1da0f2c9f46a47990d69c0c3404eb58d4b9cfb5f3855657b6f
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b8c129bc7bd626c00626ce44d8b9171a8bdc4908a2e037183e3b36bb352f9eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8358fed89d6ac5c039c6a9f8c5b3c8c55231181562bd23164392fa20de3bc330
90788ef2d06e8f6d3146b49c69dc9c20f9a23756880e8fd1829e758046ccf441
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91bf78345c55ec05de11377a4b3a8a5789ef302d73124a401cef84edbce178cd
989757984a5bfb0e922e7ce7fbb779eed0feda7cc273507dfd1b0ad959324ad8
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a0543c41006807711fc22eb10d369c9316472d379c1b0bde58ec2062f5b942c9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5b5ae609d683109b2f0350b70d66665c99dfe14f34079b3331ccf275a7343fa
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4d27e0d0c0172667e24d953344b058b7f16c6ef7dcc54a8910878f1d050cae
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1cab3b28fc4259a0e28df29b0054d71224f7c416b430f6686185db93afeb5b0
b2362f1c2a377dd386a3929b9fb2dc5fabfbc2a7f102e29009bfe09c6833849c
b565ed534c772bf8806d812da3d3997ca7d144c1663588a3d928d5b2a81da1c2
be63bbabfc64c173bf2ddb0336441c83b01d93b0241c33129f8f68fffa154368
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4d67fc1020d655cea40a0da57c67e550134bf2218ba686419abf9b521ea3fce
c53af9be44c73334e9e3bf0229fc0c12aad967841b914e4494652a4ba5f37677
c69e891536bb25b9c636f6a5f1e377ba428a6d2e0c24822d60f77d972e6c6518
caf2756a13f8fee24efb8378994a43a44150c14fa06dc7ac372e24226b03c220
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
d92ac6c496a5c1f7ffd0fc9574cce0d9431764e851cb30e5a54283d42e21b67d
e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6997f451bbf8012dea5fb3b9f2e974a2f86861364126915097d81096392c800
eb58df192534d01efde401d27c4130029de09c7860184ea86669db46a6f1909f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b1748aa29b856924a1500dd03375c7ff41bcd7640c3b25a215d63add3eb32e
f138e2989fb8d91ad08774c2fd2036a3c54f7ada2034ba3a043460d5cff2abcd
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
f3ccd5e87a44ed23dfc97a4c9a8db6164ab2ce16345de9fd5c3f6c05b3e9aa1a
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f786701ded095486cbea25a5735081cfe0ba6fe3dd5b9ce2d36313c3d98ca6aa
f7dd80039caf9b1c99639fedd3c4ec83e52f72acf38740aac1b5233b510e2a3b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9680676b66eebf37d28648e71984614f7754286a915dd7f62cc1c83d0496c5b
fa1cb237372d86c71a568f5fcd882d5470963e32ea235917147143fc0d7f5317
ffa3deb9e4904c6149cd540fd6ee5566072e99aeaf2d8a8047aa25ace0f2d754

cryptorocketsalerts.com Open in urlscan Pro 2606:4700:3036::6815:20d9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

99 %HTTPS

50 %IPv6

21 Domains

30 Subdomains

28 IPs

2 Countries

1743 kBTransfer

5370 kBSize

37 Cookies

0 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cryptorocketsalerts.com Open in urlscan Pro
2606:4700:3036::6815:20d9 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

99 %
HTTPS

50 %
IPv6

21
Domains

30
Subdomains

28
IPs

2
Countries

1743 kB
Transfer

5370 kB
Size

37
Cookies

108 HTTP transactions
1 data transactions