urlscan.io logo urlscan.io
SecurityTrails logo

optionsincomeblueprint.securechkout.com Open in urlscan Pro
209.170.211.169  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.gliq.com/cgi-bin/click?barchart+neteffect20220208+#campaigncode#
Effective URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-...
Submission: On February 12 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 56 HTTP transactions. The main IP is 209.170.211.169, located in Las Vegas, United States and belongs to ASN-VINS, US. The main domain is optionsincomeblueprint.securechkout.com.
TLS certificate: Issued by R3 on January 24th 2022. Valid for: 3 months.
This is the only time optionsincomeblueprint.securechkout.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    216.127.156.7 (Hagerstown, United States)

ASN13694 (XECUNET, US)
www.gliq.com
2    209.170.211.169 (Las Vegas, United States)

ASN13649 (ASN-VINS, US)
optionsincomeblueprint.securechkout.com
3    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    104.16.20.19 (None, )

ASN13335 (CLOUDFLARENET, US)
optassets.ontraport.com
i.ontraport.com
2    143.204.98.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-22.fra50.r.cloudfront.net
widget.wickedreports.com
5    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    3.139.133.225 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-139-133-225.us-east-2.compute.amazonaws.com
track.wickedreports.com
7    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    209.170.211.179 (Las Vegas, United States)

ASN13649 (ASN-VINS, US)
PTR: mail9.ontramail.com
gotradersreserve.ontraport.com
Apex Domain
Subdomains		 Transfer
14 ontraport.com
optassets.ontraport.com — Cisco Umbrella Rank: 74915
app.ontraport.com Failed
i.ontraport.com — Cisco Umbrella Rank: 121446
gotradersreserve.ontraport.com
654 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
7 gstatic.com
fonts.gstatic.com
245 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
255 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 331
12 KB
3 wickedreports.com
widget.wickedreports.com — Cisco Umbrella Rank: 36066
track.wickedreports.com — Cisco Umbrella Rank: 47038
9 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
25 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6342
565 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
565 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
386 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
113 KB
2 securechkout.com
optionsincomeblueprint.securechkout.com
15 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
15 KB
1 gliq.com
www.gliq.com
399 B
56 15
Domain Requested by
10 optassets.ontraport.com optionsincomeblueprint.securechkout.com
optassets.ontraport.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
optionsincomeblueprint.securechkout.com
7 fonts.gstatic.com fonts.googleapis.com
5 www.googletagmanager.com optionsincomeblueprint.securechkout.com
www.googletagmanager.com
www.gliq.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
optionsincomeblueprint.securechkout.com
3 i.ontraport.com 1 redirects optionsincomeblueprint.securechkout.com
3 fonts.googleapis.com optionsincomeblueprint.securechkout.com
optassets.ontraport.com
2 www.google.de optionsincomeblueprint.securechkout.com
2 www.google.com optionsincomeblueprint.securechkout.com
2 www.facebook.com optionsincomeblueprint.securechkout.com
2 connect.facebook.net www.gliq.com
connect.facebook.net
2 widget.wickedreports.com optionsincomeblueprint.securechkout.com
widget.wickedreports.com
2 optionsincomeblueprint.securechkout.com optionsincomeblueprint.securechkout.com
1 gotradersreserve.ontraport.com optassets.ontraport.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 track.wickedreports.com widget.wickedreports.com
1 www.gliq.com
0 app.ontraport.com Failed optionsincomeblueprint.securechkout.com
56 20

This site contains links to these domains. Also see Links.

Domain
tradersreserve.com
Subject Issuer Validity Valid
optionsincomeblueprint.securechkout.com
R3		 2022-01-24 -
2022-04-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.ontraport.com
Go Daddy Secure Certificate Authority - G2		 2021-10-22 -
2022-11-21		 a year crt.sh
widget.wickedreports.com
Amazon		 2021-08-14 -
2022-09-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
track.wickedreports.com
Amazon		 2021-05-14 -
2022-06-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-21 -
2022-02-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
gotradersreserve.ontraport.com
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Frame ID: B1856F5E99FFA34200A21EF97D13FC5B
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Weekly Paycheck Strategy Guide

Page URL History Show full URLs

  1. http://www.gliq.com/cgi-bin/click?barchart+neteffect20220208+ Page URL
  2. https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

95 %
HTTPS

61 %
IPv6

15
Domains

20
Subdomains

19
IPs

4
Countries

1368 kB
Transfer

4362 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.gliq.com/cgi-bin/click?barchart+neteffect20220208+ Page URL
  2. https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://i.ontraport.com/8953.6efa893f0be4ac76ee5273ba08109727.PNG?ops=1920 HTTP 302
  • https://i.ontraport.com/8953.6efa893f0be4ac76ee5273ba08109727.PNG

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
click
www.gliq.com/cgi-bin/ 		213 B
399 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.gliq.com/cgi-bin/click?barchart+neteffect20220208+
Protocol
HTTP/1.1
Server
216.127.156.7 Hagerstown, United States, ASN13694 (XECUNET, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
082c3f3acff8293c5f548f036438ecf3b42ad1d9863ef2c416c8277ab2d04da2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sat, 12 Feb 2022 05:06:32 GMT
Server
Apache/2.2.15 (CentOS)
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request weekly-paycheck
optionsincomeblueprint.securechkout.com/ 		87 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.170.211.169 Las Vegas, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
ONTRAport /
Resource Hash
ba0ee84dc4741fd4eec3f527731d295877c902d2087fa8cd9ad76155fe358f7c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.gliq.com/

Response headers

Date
Sat, 12 Feb 2022 05:06:33 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-op-class
hosted
X-op-release
3
X-op-ca
185.213.155.176
Server
ONTRAport
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Encoding
gzip
icon
fonts.googleapis.com/ 		569 B
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 05:06:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 12 Feb 2022 05:06:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Feb 2022 05:06:33 GMT
dynamic_content.css
optassets.ontraport.com/opt_assets/static/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/css/dynamic_content.css
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e2054356e356032d299e8e79272eb2855ce4efa8c43988acf8371bc86c961e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:33 GMT
content-encoding
br
cf-cache-status
HIT
age
2132
cf-polished
origSize=6657
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
3
x-op-ca
10.2.80.206
last-modified
Sat, 12 Feb 2022 04:31:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
expires
Sat, 12 Feb 2022 05:07:33 GMT
cache-control
public, max-age=60
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
6dc349cdffe392a2-FRA
cf-bgj
minify
wr-d076cf85de0ee9feaa3a438dfecbf7e1.js
widget.wickedreports.com/v2/778/ 		432 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.wickedreports.com/v2/778/wr-d076cf85de0ee9feaa3a438dfecbf7e1.js
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-22.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fe7b620d1168611023029e8d8d5040e599f72309a2c8de4318d6afef959b4b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 06:06:24 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jun 2020 15:21:47 GMT
server
AmazonS3
age
82810
etag
"40a1070787734f0260a2ed913267c879"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
432
x-amz-cf-id
UZKyODgRz0j3084mkYh1x7TGwU4FeyF_qAFH6Ai9VA03VzBp4cm8zg==
itag%E2%80%9D
optionsincomeblueprint.securechkout.com/%E2%80%9C//intof.io/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://optionsincomeblueprint.securechkout.com/%E2%80%9C//intof.io/itag%E2%80%9D
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.170.211.169 Las Vegas, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
ONTRAport /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 05:06:33 GMT
Content-Encoding
gzip
X-op-class
hosted
Server
ONTRAport
X-op-release
3
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html
X-op-ca
185.213.155.176
opt-styles.min.css
optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/ 		208 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92224f1e18abe7e6610482614ce8751cfefd40ed64928a9a1cafaf0ba9a7f7a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:33 GMT
content-encoding
br
cf-cache-status
HIT
age
2237
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
3
x-op-ca
10.2.80.206
last-modified
Sat, 12 Feb 2022 04:29:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
6dc349cdffe492a2-FRA
expires
Sat, 12 Feb 2022 09:06:33 GMT
opt_default_image.png
app.ontraport.com/images/ 		0
0
gtm.js
www.googletagmanager.com/ 		105 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MW9CJ4X
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc7241fbab4073af15afba93573b4e5edb63427b2bff45193bb021e1e69c93ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40980
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Feb 2022 05:06:33 GMT
gtm.js
www.googletagmanager.com/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KVCCLWC
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da3f31f4775696db7b6c940f6d7e248c66eade0ce8f6dff9a7d644c83e0e6fb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:33 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37395
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Feb 2022 05:06:33 GMT
anime.js
optassets.ontraport.com/opt_assets/static/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/anime.js
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2348bbc056a14a9cd62dadb8d461800a192e8ba636f803d0ffddd753977976

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:33 GMT
content-encoding
br
cf-cache-status
HIT
age
1544
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
3
x-op-ca
10.2.80.206
last-modified
Sat, 12 Feb 2022 04:40:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=60
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
6dc349cee8dd92a2-FRA
expires
Sat, 12 Feb 2022 05:07:33 GMT
jquery-3.2.1.min.js
optassets.ontraport.com/opt_assets/static/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/jquery-3.2.1.min.js
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:33 GMT
content-encoding
br
cf-cache-status
HIT
age
2132
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
3
x-op-ca
10.2.80.206
last-modified
Sat, 12 Feb 2022 04:31:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=60
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
6dc349cf08fc92a2-FRA
expires
Sat, 12 Feb 2022 05:07:33 GMT
opt-assets.js
optassets.ontraport.com/opt_assets/static/js/ 		2 MB
421 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1644602401
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b30127cf4120b184cee5f50c6e50260ea665a8884ff6712e6e65358592ed8de6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:33 GMT
content-encoding
br
cf-cache-status
HIT
age
1370
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
3
x-op-ca
10.2.80.206
last-modified
Sat, 12 Feb 2022 04:43:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=60
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
6dc349cf393492a2-FRA
expires
Sat, 12 Feb 2022 05:07:33 GMT
custom-elements.min.js
optassets.ontraport.com/opt_assets/static/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/custom-elements.min.js
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:33 GMT
content-encoding
br
cf-cache-status
HIT
age
1544
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
3
x-op-ca
10.2.80.206
last-modified
Sat, 12 Feb 2022 04:40:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=60
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
6dc349cfa9bb92a2-FRA
expires
Sat, 12 Feb 2022 05:07:33 GMT
tracking.js
optassets.ontraport.com/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/tracking.js
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e216637f4a7df41f3b559d1998bcb11854d5c05f6b7fed6327c428c33e2cb93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:33 GMT
content-encoding
br
cf-cache-status
HIT
age
3222
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
3
x-op-ca
10.2.80.206
last-modified
Sat, 12 Feb 2022 04:12:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
6dc349d0fb5892a2-FRA
expires
Sat, 12 Feb 2022 09:06:33 GMT
widget.js
widget.wickedreports.com/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.wickedreports.com/widget.js
Requested by
Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/v2/778/wr-d076cf85de0ee9feaa3a438dfecbf7e1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-22.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cd39c33061d62a3dffa4cfc325f25ee1649eba2ef0442ff482b61039bfacb26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 20:58:24 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 14:03:57 GMT
server
AmazonS3
age
29290
etag
W/"91a75eb763b3cc0b037ced4ccc7e7da3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Y2CH_gNLZFsswkWjKvQ5K2bt89GFYhjOtuZcmPulcYXpwpcGjHXHEA==
css
fonts.googleapis.com/ 		296 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i|Josefin+Sans:400,100,100i,300,300i,400i,600,600i,700,700i|Abel
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7396b95fc8288113fcbf17138274629e90b135d2a8a27cb7198ecca002b73dce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optassets.ontraport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 05:06:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 12 Feb 2022 05:06:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Feb 2022 05:06:33 GMT
css
fonts.googleapis.com/ 		289 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|cBubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i|Josefin+Sans:400,100,100i,300,300i,400i,600,600i,700,700i|Abel
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e1d9eb99a14fb96c73d79a72217215ab608819ecee5f1824652af011a73b6984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optassets.ontraport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 05:06:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 12 Feb 2022 05:06:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Feb 2022 05:06:33 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i|Josefin+Sans:400,100,100i,300,300i,400i,600,600i,700,700i|Abel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://optionsincomeblueprint.securechkout.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:48:55 GMT
x-content-type-options
nosniff
age
296258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:15:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 18:48:55 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i|Josefin+Sans:400,100,100i,300,300i,400i,600,600i,700,700i|Abel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://optionsincomeblueprint.securechkout.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:37 GMT
x-content-type-options
nosniff
age
236636
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 11:22:37 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i|Josefin+Sans:400,100,100i,300,300i,400i,600,600i,700,700i|Abel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://optionsincomeblueprint.securechkout.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 05:33:18 GMT
x-content-type-options
nosniff
age
257595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 05:33:18 GMT
fontawesome-webfont.woff2
optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/fontawesome-webfont.woff2
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
Origin
https://optionsincomeblueprint.securechkout.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:34 GMT
content-encoding
br
cf-cache-status
MISS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
3
x-op-ca
10.2.80.206
last-modified
Sat, 12 Feb 2022 05:06:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
6dc349d18f0891e9-FRA
expires
Sat, 12 Feb 2022 09:06:34 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i|Josefin+Sans:400,100,100i,300,300i,400i,600,600i,700,700i|Abel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://optionsincomeblueprint.securechkout.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:07:55 GMT
x-content-type-options
nosniff
age
291518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 20:07:55 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i|Josefin+Sans:400,100,100i,300,300i,400i,600,600i,700,700i|Abel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://optionsincomeblueprint.securechkout.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:15:22 GMT
x-content-type-options
nosniff
age
298271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17484
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 18:15:22 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v121/ 		119 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v121/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://optionsincomeblueprint.securechkout.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:29:21 GMT
x-content-type-options
nosniff
age
293832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121784
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 19:29:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i|Josefin+Sans:400,100,100i,300,300i,400i,600,600i,700,700i|Abel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://optionsincomeblueprint.securechkout.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:59:49 GMT
x-content-type-options
nosniff
age
295604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 18:59:49 GMT
logging.js
optassets.ontraport.com/opt_assets/static/js/ 		2 KB
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/logging.js
Requested by
Host:
URL: webpack-internal:///./www/js-3.2.2/ontraport/opt_assets/opt_boilerplates/v3/opt.materialize.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81adfb26d280f078c88f6ca927f39d4b06800287b943dfe0b8c078a4f4fd662

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:33 GMT
content-encoding
br
cf-cache-status
HIT
age
2812
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
3
x-op-ca
10.2.80.206
last-modified
Sat, 12 Feb 2022 04:19:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=60
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
6dc349d1ec8592a2-FRA
expires
Sat, 12 Feb 2022 05:07:33 GMT
font-awesome.min.css
optassets.ontraport.com/opt_assets/opt_boilerplates/v3/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/opt_boilerplates/v3/font-awesome.min.css
Requested by
Host:
URL: webpack-internal:///./www/js-3.2.2/ontraport/opt_assets/opt_boilerplates/v3/opt.optionalScripts.ts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
035fbaa3cd2839454720989a45f209d5c932f94268ad3462f2f5472fb069cd6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:33 GMT
content-encoding
br
cf-cache-status
HIT
age
5510
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
3
x-op-ca
10.2.80.206
last-modified
Sat, 12 Feb 2022 03:34:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
6dc349d1ec8692a2-FRA
expires
Sat, 12 Feb 2022 09:06:33 GMT
8953.ce45cb055d7f97a4fbeef0abe44a9d95.JPEG
i.ontraport.com/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ontraport.com/8953.ce45cb055d7f97a4fbeef0abe44a9d95.JPEG
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b7cbca1ac4c7c23eff4191587c1ff5860960a043dcd428be54bcb91df47469

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:33 GMT
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
1368
cf-polished
origSize=25031
cf-ray
6dc349d21cc892a2-FRA
x-cache
Hit from cloudfront
content-length
23934
x-amz-id-2
jMyLynv50ugnVV55oIvuqs5WvI5MjAiyStNt92XEcsIPy6bZpcTk29LIe9rawNnbES25SzoYiCs=
last-modified
Tue, 07 May 2019 20:00:08 GMT
server
cloudflare
etag
"4ac69d60fd80519205baa8412709f6a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
EQ71M9HGV87GPMPB
access-control-allow-origin
*
expires
Tue, 15 Mar 2022 05:06:33 GMT
cache-control
public, max-age=2678400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
ouK2T2yZDRs0uWnD3XuEfHeh66PkZzEMzsKiKESRhBSr5rveWc2Adg==
cf-bgj
imgq:100,h2pri
8953.6efa893f0be4ac76ee5273ba08109727.PNG
i.ontraport.com/
Redirect Chain
  • https://i.ontraport.com/8953.6efa893f0be4ac76ee5273ba08109727.PNG?ops=1920
  • https://i.ontraport.com/8953.6efa893f0be4ac76ee5273ba08109727.PNG
40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ontraport.com/8953.6efa893f0be4ac76ee5273ba08109727.PNG
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Server
104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1f5f42aeabb2367c3e00484a45b3a2aedffe97ce44520e610a7ae9271d51f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:34 GMT
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
1368
cf-polished
status=not_needed
cf-ray
6dc349d2fdf892a2-FRA
x-cache
Hit from cloudfront
content-length
41420
x-amz-id-2
0ZaYjEXJEU0/iMXBeXdoRYoYYYnPQFPJxP09Ob06iLxh+UHnLXeHfkAHq6LeSiFhzYOyG1oAejA=
last-modified
Mon, 29 Nov 2021 19:43:20 GMT
server
cloudflare
etag
"4801f9a45d4110545f6aa62fbca2266a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
0SNPC3M8HNYNSG2E
access-control-allow-origin
*
expires
Tue, 15 Mar 2022 05:06:34 GMT
cache-control
public, max-age=2678400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
oV-OGuXZW2pDrG8xPYzaCkshE5NA45Cq-dAj7BONTunvoWANUF7IrA==
cf-bgj
imgq:100,h2pri

Redirect headers

date
Sat, 12 Feb 2022 05:06:34 GMT
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-request-id
G7RY9786487TFQV8
x-cache
Hit from cloudfront
content-length
0
x-amz-id-2
psmF28yoQjQrUG0kf9xWeo4++MhTVLbpIPMojlqqZTK120NfH7m259RyOz4AD80x/Sr2+w7N0z0=
server
cloudflare
location
/8953.6efa893f0be4ac76ee5273ba08109727.PNG
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400
x-amz-cf-pop
FRA2-C2
cf-ray
6dc349d21cca92a2-FRA
x-amz-cf-id
fJQWBCyE5Na9dXhq_rqc-1lsJLUv2JVVtZdhhBJYHbxAh1SBWjU3Hg==
expires
Tue, 15 Mar 2022 05:06:34 GMT
index.php
track.wickedreports.com/ 		118 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.wickedreports.com/index.php?WickedClientID=778&WickedEmail=&WickedTrackingDate=1644642393930&WickedURL=https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%3Futm_source%3Dnem%26utm_medium%3Dnl%20sp%26utm_campaign%3Dbarchart-2-7-22-wpsg%26utm_term%3Dta-wp-acq%26utm_content%3Dahd140&WickedReferrerURL=http%3A%2F%2Fwww.gliq.com%2F
Requested by
Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.139.133.225 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-139-133-225.us-east-2.compute.amazonaws.com
Software
nginx / PHP/7.3.27
Resource Hash
1d964ca3016e4b833ab19d96afe852e71ec9d5b67e2421d2ede54abde3892aaa

Request headers

Referer
https://optionsincomeblueprint.securechkout.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 12 Feb 2022 05:06:34 GMT
server
nginx
x-powered-by
PHP/7.3.27
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
*
js
www.googletagmanager.com/gtag/ 		168 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1DL2XNRYZ4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVCCLWC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38c3760385f9151f821161c8808703c9b91e731e6ba7c2b80cb11f03369595d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63256
x-xss-protection
0
expires
Sat, 12 Feb 2022 05:06:34 GMT
js
www.googletagmanager.com/gtag/ 		167 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D62Q6CQ5CB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVCCLWC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
48f61056e08bc76b0a140ce01cd5c78181a06dfa63338b03c4ac9695d7d69fb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63080
x-xss-protection
0
expires
Sat, 12 Feb 2022 05:06:34 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVCCLWC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5500
date
Sat, 12 Feb 2022 03:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 12 Feb 2022 05:34:54 GMT
gtm.js
www.googletagmanager.com/ 		149 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXTS225
Requested by
Host: www.gliq.com
URL: http://www.gliq.com/cgi-bin/click?barchart+neteffect20220208+
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a66324295804ef3bf871277d3ecfcbf671580648286c0b980d66527fcf2fa549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56185
x-xss-protection
0
last-modified
Sat, 12 Feb 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Feb 2022 05:06:34 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.gliq.com
URL: http://www.gliq.com/cgi-bin/click?barchart+neteffect20220208+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
UVokA0ye1eth3TC7GVmykjS6vmom1IKwwdlPeHaFuFzBzNgxI4l38JRo7A3vhKwHD9lC+Pq69u0lNyf0Ahs6vg==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Sat, 12 Feb 2022 05:06:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
573035790166982
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/573035790166982?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
91fcbf0e973302b7996bab424dcdd5121c40169de2d445bf10e2e80c1c6d2ff1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89070
x-xss-protection
0
pragma
public
x-fb-debug
Nr/AxQNhwJtAFxbly2jmjwMEip2jFo2fAmOv5F0gDCvNMnj0vmV7frs09ni5IgqWOgl1tyEiSbaTPR5hyRzJqA==
x-frame-options
DENY
date
Sat, 12 Feb 2022 05:06:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=573035790166982&ev=PageView&dl=https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%3Futm_source%3Dnem%26utm_medium%3Dnl%2520sp%26utm_campaign%3Dbarchart-2-7-22-wpsg%26utm_term%3Dta-wp-acq%26utm_content%3Dahd140&rl=http%3A%2F%2Fwww.gliq.com%2F&if=false&ts=1644642394048&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644642394047.1442247454&it=1644642393998&coo=false&exp=p0&rqm=GET
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sat, 12 Feb 2022 05:06:34 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1262432440&t=pageview&_s=1&dl=https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%3Futm_source%3Dnem%26utm_medium%3Dnl%2520sp%26utm_campaign%3Dbarchart-2-7-22-wpsg%26utm_term%3Dta-wp-acq%26utm_content%3Dahd140&dr=http%3A%2F%2Fwww.gliq.com%2F&ul=en-us&de=UTF-8&dt=Weekly%20Paycheck%20Strategy%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1124284469&gjid=1648098259&cid=20969972.1644642394&tid=UA-12067752-39&_gid=374636716.1644642394&_r=1&gtm=2wg290KVCCLWC&z=1565585658
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://optionsincomeblueprint.securechkout.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 05:06:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://optionsincomeblueprint.securechkout.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1262432440&t=pageview&_s=1&dl=https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%3Futm_source%3Dnem%26utm_medium%3Dnl%2520sp%26utm_campaign%3Dbarchart-2-7-22-wpsg%26utm_term%3Dta-wp-acq%26utm_content%3Dahd140&dr=http%3A%2F%2Fwww.gliq.com%2F&ul=en-us&de=UTF-8&dt=Weekly%20Paycheck%20Strategy%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=1605544530&gjid=1228294507&cid=20969972.1644642394&tid=UA-12067752-19&_gid=374636716.1644642394&_r=1&gtm=2wg290MW9CJ4X&z=347418469
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://optionsincomeblueprint.securechkout.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 05:06:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://optionsincomeblueprint.securechkout.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1262432440&t=pageview&_s=1&dl=https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%3Futm_source%3Dnem%26utm_medium%3Dnl%2520sp%26utm_campaign%3Dbarchart-2-7-22-wpsg%26utm_term%3Dta-wp-acq%26utm_content%3Dahd140&dr=http%3A%2F%2Fwww.gliq.com%2F&ul=en-us&de=UTF-8&dt=Weekly%20Paycheck%20Strategy%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=20969972.1644642394&tid=UA-12067752-39&_gid=374636716.1644642394&gtm=2wg290KVCCLWC&z=2061178923
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Feb 2022 12:53:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58386
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1262432440&t=pageview&_s=1&dl=https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%3Futm_source%3Dnem%26utm_medium%3Dnl%2520sp%26utm_campaign%3Dbarchart-2-7-22-wpsg%26utm_term%3Dta-wp-acq%26utm_content%3Dahd140&dr=http%3A%2F%2Fwww.gliq.com%2F&ul=en-us&de=UTF-8&dt=Weekly%20Paycheck%20Strategy%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=20969972.1644642394&tid=UA-12067752-39&_gid=374636716.1644642394&gtm=2wg290KVCCLWC&z=1121735861
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Feb 2022 12:53:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58386
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1DL2XNRYZ4&gtm=2oe290&_p=1262432440&sr=1600x1200&ul=en-us&cid=20969972.1644642394&_s=1&dl=https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%3Futm_source%3Dnem%26utm_medium%3Dnl%2520sp%26utm_campaign%3Dbarchart-2-7-22-wpsg%26utm_term%3Dta-wp-acq%26utm_content%3Dahd140&dr=http%3A%2F%2Fwww.gliq.com%2F&dt=Weekly%20Paycheck%20Strategy%20Guide&sid=1644642393&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1DL2XNRYZ4&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 05:06:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://optionsincomeblueprint.securechkout.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-D62Q6CQ5CB&gtm=2oe290&_p=1262432440&sr=1600x1200&ul=en-us&cid=20969972.1644642394&_s=1&dl=https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%3Futm_source%3Dnem%26utm_medium%3Dnl%2520sp%26utm_campaign%3Dbarchart-2-7-22-wpsg%26utm_term%3Dta-wp-acq%26utm_content%3Dahd140&dr=http%3A%2F%2Fwww.gliq.com%2F&dt=Weekly%20Paycheck%20Strategy%20Guide&sid=1644642393&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D62Q6CQ5CB&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 05:06:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://optionsincomeblueprint.securechkout.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-12067752-19&cid=20969972.1644642394&jid=1605544530&gjid=1228294507&_gid=374636716.1644642394&_u=YEDAAEABAAAAAC~&z=1551058837
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://optionsincomeblueprint.securechkout.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 12 Feb 2022 05:06:34 GMT
content-type
text/plain
access-control-allow-origin
https://optionsincomeblueprint.securechkout.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTS225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14879
x-xss-protection
0
server
cafe
etag
17635014576153706337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 12 Feb 2022 05:06:34 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTS225
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:33 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 97363ACB07C8425B9277CA8C89A02852 Ref B: FRAEDGE1513 Ref C: 2022-02-12T05:06:34Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11347
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12067752-19&cid=20969972.1644642394&jid=1605544530&_u=YEDAAEABAAAAAC~&z=2006258117
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 05:06:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12067752-19&cid=20969972.1644642394&jid=1605544530&_u=YEDAAEABAAAAAC~&z=2006258117
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 05:06:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
27003427.js
bat.bing.com/p/action/ 		0
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/27003427.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 12 Feb 2022 05:06:33 GMT
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C7B34A0855A740789146F083C8FE3E1A Ref B: FRAEDGE1513 Ref C: 2022-02-12T05:06:34Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=27003427&tm=gtm002&Ver=2&mid=1c02991c-44d6-4a8a-8fc7-36360c70ffc6&sid=8c7383d08bc111eca8ce816597274486&vid=8c737d708bc111ec9cccddb651b9a98c&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Weekly%20Paycheck%20Strategy%20Guide&p=https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%3Futm_source%3Dnem%26utm_medium%3Dnl%2520sp%26utm_campaign%3Dbarchart-2-7-22-wpsg%26utm_term%3Dta-wp-acq%26utm_content%3Dahd140&r=http%3A%2F%2Fwww.gliq.com%2F&lt=1513&evt=pageLoad&msclkid=N&sv=1&rn=666666
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 05:06:33 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 78AE9F75391941F29BBC43A9802B397B Ref B: FRAEDGE1513 Ref C: 2022-02-12T05:06:34Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1006006567/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1006006567/?random=1644642394374&cv=9&fst=1644642394374&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&ig=1&frm=0&url=https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%3Futm_source%3Dnem%26utm_medium%3Dnl%2520sp%26utm_campaign%3Dbarchart-2-7-22-wpsg%26utm_term%3Dta-wp-acq%26utm_content%3Dahd140&ref=http%3A%2F%2Fwww.gliq.com%2F&tiba=Weekly%20Paycheck%20Strategy%20Guide&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1546ea6186ed8905a0001926726a32ec4d013c5fde31d678ce2259fb30295de3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 05:06:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1134
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1006006567/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1006006567/?random=1644642394374&cv=9&fst=1644642000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%3Futm_source%3Dnem%26utm_medium%3Dnl%2520sp%26utm_campaign%3Dbarchart-2-7-22-wpsg%26utm_term%3Dta-wp-acq%26utm_content%3Dahd140&ref=http%3A%2F%2Fwww.gliq.com%2F&tiba=Weekly%20Paycheck%20Strategy%20Guide&async=1&fmt=3&is_vtc=1&random=697295493&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 05:06:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1006006567/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1006006567/?random=1644642394374&cv=9&fst=1644642000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg290&sendb=1&frm=0&url=https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%3Futm_source%3Dnem%26utm_medium%3Dnl%2520sp%26utm_campaign%3Dbarchart-2-7-22-wpsg%26utm_term%3Dta-wp-acq%26utm_content%3Dahd140&ref=http%3A%2F%2Fwww.gliq.com%2F&tiba=Weekly%20Paycheck%20Strategy%20Guide&async=1&fmt=3&is_vtc=1&random=697295493&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Feb 2022 05:06:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=573035790166982&ev=Microdata&dl=https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%3Futm_source%3Dnem%26utm_medium%3Dnl%2520sp%26utm_campaign%3Dbarchart-2-7-22-wpsg%26utm_term%3Dta-wp-acq%26utm_content%3Dahd140&rl=http%3A%2F%2Fwww.gliq.com%2F&if=false&ts=1644642394551&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Weekly%20Paycheck%20Strategy%20Guide%22%2C%22meta%3Adescription%22%3A%22Strategy%20guide%20for%20options%20traders%20to%20learn%20a%20powerful%20weekly%20income%20trading%20system.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Weekly%20Paycheck%20Strategy%20Guide%22%2C%22og%3Adescription%22%3A%22Strategy%20guide%20for%20options%20traders%20to%20learn%20a%20powerful%20weekly%20income%20trading%20system.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fi.ontraport.com%2F8953.ce45cb055d7f97a4fbeef0abe44a9d95.JPEG%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fi.ontraport.com%2F8953.ce45cb055d7f97a4fbeef0abe44a9d95.JPEG%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644642394047.1442247454&it=1644642393998&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: optionsincomeblueprint.securechkout.com
URL: https://optionsincomeblueprint.securechkout.com/weekly-paycheck?utm_source=nem&utm_medium=nl%20sp&utm_campaign=barchart-2-7-22-wpsg&utm_term=ta-wp-acq&utm_content=ahd140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 05:06:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Sat, 12 Feb 2022 05:06:34 GMT
track.php
gotradersreserve.ontraport.com/ 		774 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gotradersreserve.ontraport.com/track.php?mid=8953_lp748.0_2&first_visit=1&utm_source=nem&utm_medium=nl%20sp&utm_term=ta-wp-acq&utm_content=ahd140&utm_campaign=barchart-2-7-22-wpsg&s=1p0vfh3031vt24xjh21h&l=optionsincomeblueprint.securechkout.com/weekly-paycheck&ti=Weekly%20Paycheck%20Strategy%20Guide&forms%5Bp2c8953lp748.0.bid8f0c2066-5ea0-821a-2c6d-6206e29fbdb3%5D=0&is_unique=1
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.170.211.179 Las Vegas, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
mail9.ontramail.com
Software
ONTRAport /
Resource Hash
6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optionsincomeblueprint.securechkout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 12 Feb 2022 05:06:35 GMT
Content-Encoding
gzip
X-op-class
hosted
Server
ONTRAport
X-op-release
3
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html
X-op-ca
185.213.155.176

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.ontraport.com
URL
https://app.ontraport.com/images/opt_default_image.png

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| dataLayer object| wrWidgetSettings function| loadWR object| op object| dcParam string| _opt_lpid boolean| isONTRApage object| $jscomp object| $jscomp$this function| anime function| $ function| jQuery function| cash object| M object| Materialize function| Hammer object| desExport function| des function| des_createKeys function| stringToHex function| hexToString object| XD number| ACCOUNT_SIGNUP_ERROR number| CC_VERIFY_POST number| CC_VERIFY_SHOW_IFRAME number| CC_VERIFY_HIDE_IFRAME number| CC_VERIFY_GET_CC_DATA number| LOG_LEVEL_ERROR number| LOG_LEVEL_WARNING number| LOG_LEVEL_DEBUG string| PROTOCOL string| COUPON_PROCESS_DOMAIN boolean| IN_DEBUG_MODE string| FORM_PROCESS_DOMAIN string| CC_VERIFY_DOMAIN function| OPCapcha_filled function| OPCapcha_expired function| Globalize function| OptDateTimePicker string| _mri string| _mrsess_ string| _mr_cid object| _mrd string| _mrl object| _mrct string| _mr_ex string| _linktrack string| _mr_title string| _mrl_internal_url string| _mrl_internal_domain function| mrSetupActual function| mrtracking function| gC function| parseGetVars function| genmrSess function| _escapeT function| _mrGetLinkTo function| _sanitizeMrLink function| _mrScanLinks function| _mrTrackLink function| _mrReturnXmlHttpObject string| _mr_domain string| session string| possible function| _wr object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| UET function| UET_init function| UET_push object| ueto_0db1bb1e0e object| uetq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| _mrTrackLinks

29 Cookies

Domain/Path Name / Value
optionsincomeblueprint.securechkout.com/weekly-paycheck Name: lpsplt_748
Value: 0
optionsincomeblueprint.securechkout.com/ Name: sess_
Value: 1p0vfh3031vt24xjh21h
optionsincomeblueprint.securechkout.com/ Name: utm_source
Value: nem
optionsincomeblueprint.securechkout.com/ Name: utm_medium
Value: nl sp
optionsincomeblueprint.securechkout.com/ Name: utm_term
Value: ta-wp-acq
optionsincomeblueprint.securechkout.com/ Name: utm_content
Value: ahd140
optionsincomeblueprint.securechkout.com/ Name: utm_campaign
Value: barchart-2-7-22-wpsg
optionsincomeblueprint.securechkout.com/ Name: vid
Value:
optionsincomeblueprint.securechkout.com/ Name: lastvisit
Value: 1644642393
.securechkout.com/ Name: wickedfu
Value: %7B%22url%22%3A%22https%3A%2F%2Foptionsincomeblueprint.securechkout.com%2Fweekly-paycheck%3Futm_source%3Dnem%26utm_medium%3Dnl%2520sp%26utm_campaign%3Dbarchart-2-7-22-wpsg%26utm_term%3Dta-wp-acq%26utm_content%3Dahd140%22%2C%22time%22%3A1644642393930%2C%22c%22%3A778%7D
.securechkout.com/ Name: _fbp
Value: fb.1.1644642394047.1442247454
.securechkout.com/ Name: _gid
Value: GA1.2.374636716.1644642394
.securechkout.com/ Name: _gat_UA-12067752-39
Value: 1
.securechkout.com/ Name: _gat_UA-12067752-19
Value: 1
.securechkout.com/ Name: _ga
Value: GA1.1.20969972.1644642394
.securechkout.com/ Name: _gcl_au
Value: 1.1.1224042639.1644642394
.bing.com/ Name: MUID
Value: 359D99DB261C63AE0A528892277762C0
.securechkout.com/ Name: _uetsid
Value: 8c7383d08bc111eca8ce816597274486
.securechkout.com/ Name: _uetvid
Value: 8c737d708bc111ec9cccddb651b9a98c
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.securechkout.com/ Name: _ga_D62Q6CQ5CB
Value: GS1.1.1644642393.1.1.1644642394.0
.securechkout.com/ Name: _ga_1DL2XNRYZ4
Value: GS1.1.1644642393.1.1.1644642394.0
gotradersreserve.ontraport.com/ Name: sess_
Value: 1p0vfh3031vt24xjh21h
gotradersreserve.ontraport.com/ Name: mr_src
Value: lp748
gotradersreserve.ontraport.com/ Name: utm_source
Value: nem
gotradersreserve.ontraport.com/ Name: utm_medium
Value: nl+sp
gotradersreserve.ontraport.com/ Name: utm_term
Value: ta-wp-acq
gotradersreserve.ontraport.com/ Name: utm_content
Value: ahd140
gotradersreserve.ontraport.com/ Name: utm_campaign
Value: barchart-2-7-22-wpsg

1 Console Messages

Source Level URL
Text
network error URL: https://optionsincomeblueprint.securechkout.com/%E2%80%9C//intof.io/itag%E2%80%9D
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.ontraport.com
bat.bing.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gotradersreserve.ontraport.com
i.ontraport.com
optassets.ontraport.com
optionsincomeblueprint.securechkout.com
stats.g.doubleclick.net
track.wickedreports.com
widget.wickedreports.com
www.facebook.com
www.gliq.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
app.ontraport.com
104.16.20.19
142.250.186.130
143.204.98.22
209.170.211.169
209.170.211.179
216.127.156.7
2620:1ec:c11::200
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200a
2a00:1450:400c:c1b::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.139.133.225
035fbaa3cd2839454720989a45f209d5c932f94268ad3462f2f5472fb069cd6f
082c3f3acff8293c5f548f036438ecf3b42ad1d9863ef2c416c8277ab2d04da2
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1546ea6186ed8905a0001926726a32ec4d013c5fde31d678ce2259fb30295de3
16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725
1d964ca3016e4b833ab19d96afe852e71ec9d5b67e2421d2ede54abde3892aaa
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c2348bbc056a14a9cd62dadb8d461800a192e8ba636f803d0ffddd753977976
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
38c3760385f9151f821161c8808703c9b91e731e6ba7c2b80cb11f03369595d9
48f61056e08bc76b0a140ce01cd5c78181a06dfa63338b03c4ac9695d7d69fb8
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
5cd39c33061d62a3dffa4cfc325f25ee1649eba2ef0442ff482b61039bfacb26
5e216637f4a7df41f3b559d1998bcb11854d5c05f6b7fed6327c428c33e2cb93
6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70e2054356e356032d299e8e79272eb2855ce4efa8c43988acf8371bc86c961e
7396b95fc8288113fcbf17138274629e90b135d2a8a27cb7198ecca002b73dce
73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8fe7b620d1168611023029e8d8d5040e599f72309a2c8de4318d6afef959b4b7
91fcbf0e973302b7996bab424dcdd5121c40169de2d445bf10e2e80c1c6d2ff1
92224f1e18abe7e6610482614ce8751cfefd40ed64928a9a1cafaf0ba9a7f7a6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f5f42aeabb2367c3e00484a45b3a2aedffe97ce44520e610a7ae9271d51f33
a66324295804ef3bf871277d3ecfcbf671580648286c0b980d66527fcf2fa549
b30127cf4120b184cee5f50c6e50260ea665a8884ff6712e6e65358592ed8de6
b81adfb26d280f078c88f6ca927f39d4b06800287b943dfe0b8c078a4f4fd662
ba0ee84dc4741fd4eec3f527731d295877c902d2087fa8cd9ad76155fe358f7c
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc7241fbab4073af15afba93573b4e5edb63427b2bff45193bb021e1e69c93ee
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
d6b7cbca1ac4c7c23eff4191587c1ff5860960a043dcd428be54bcb91df47469
da3f31f4775696db7b6c940f6d7e248c66eade0ce8f6dff9a7d644c83e0e6fb1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1d9eb99a14fb96c73d79a72217215ab608819ecee5f1824652af011a73b6984
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629