cryptorocketsalerts.com Open in urlscan Pro
2606:4700:3035::ac43:8879 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.timsykes.com/u/click?_t=b887762d95964052a023e648cd61dda9&_m=f2fb46d26f0f4ded9a272c0739bdce59&_e=J4tKAQz760oQe...
Effective URL:
https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&e...
Submission: On June 22 via api (June 22nd 2022, 10:13:54 am UTC) from US — Scanned from DE

Summary HTTP 108 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 3 countries across 21 domains to perform 108 HTTP transactions. The main IP is 2606:4700:3035::ac43:8879, located in United States and belongs to CLOUDFLARENET, US. The main domain is cryptorocketsalerts.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 2nd 2022. Valid for: a year.

This is the only time cryptorocketsalerts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.218.62.178 3.218.62.178	14618 (AMAZON-AES) (AMAZON-AES)
1 15	2606:4700:303... 2606:4700:3035::ac43:8879	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	96.16.134.166 96.16.134.166	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
13	65.9.66.18 65.9.66.18	16509 (AMAZON-02) (AMAZON-02)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400e:811::200a	15169 (GOOGLE) (GOOGLE)
4	54.83.133.90 54.83.133.90	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	143.204.214.206 143.204.214.206	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::ac43:4770	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	54.156.254.128 54.156.254.128	14618 (AMAZON-AES) (AMAZON-AES)
2	44.239.247.156 44.239.247.156	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	3.90.135.121 3.90.135.121	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.66.29 65.9.66.29	16509 (AMAZON-02) (AMAZON-02)
12	99.86.4.76 99.86.4.76	16509 (AMAZON-02) (AMAZON-02)
4	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
12	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	52.34.194.100 52.34.194.100	16509 (AMAZON-02) (AMAZON-02)
108	28

1 3.218.62.178 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-62-178.compute-1.amazonaws.com

links.timsykes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3035::ac43:8879 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cryptorocketsalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hgevt001.cryptorocketsalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.134.166 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-134-166.deploy.static.akamaitechnologies.com

cdn-3.convertexperiments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 65.9.66.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-18.fra56.r.cloudfront.net

tinder.thrivecart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

timsykes-supernova.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:811::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.83.133.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-133-90.compute-1.amazonaws.com

ky85ws0f10.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.206 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-206.fra53.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4770 (United States)

ASN13335 (CLOUDFLARENET, US)

js.convertflow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.convertflow.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.156.254.128 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-254-128.compute-1.amazonaws.com

intof.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.239.247.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-247-156.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.90.135.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-90-135-121.compute-1.amazonaws.com

millionairepub.thrivecart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-29.fra56.r.cloudfront.net

spark.thrivecart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.34.194.100 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-194-100.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	stripe.com js.stripe.com — Cisco Umbrella Rank: 1654 q.stripe.com — Cisco Umbrella Rank: 11616 r.stripe.com — Cisco Umbrella Rank: 6366 m.stripe.com — Cisco Umbrella Rank: 1451	399 KB
18	thrivecart.com tinder.thrivecart.com — Cisco Umbrella Rank: 337236 millionairepub.thrivecart.com spark.thrivecart.com — Cisco Umbrella Rank: 429189	388 KB
15	cryptorocketsalerts.com 1 redirects cryptorocketsalerts.com hgevt001.cryptorocketsalerts.com	413 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	20 KB
6	gstatic.com fonts.gstatic.com	125 KB
4	amazonaws.com ky85ws0f10.execute-api.us-east-1.amazonaws.com	541 B
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 329 fonts.googleapis.com — Cisco Umbrella Rank: 67	33 KB
3	intof.io 1 redirects intof.io — Cisco Umbrella Rank: 185952	7 KB
3	convertflow.co js.convertflow.co — Cisco Umbrella Rank: 53165 app.convertflow.co — Cisco Umbrella Rank: 63063	55 KB
3	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3851 api.amplitude.com — Cisco Umbrella Rank: 1350	26 KB
3	timsykes-supernova.com timsykes-supernova.com	3 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1761	17 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 793	32 KB
2	convertexperiments.com cdn-3.convertexperiments.com — Cisco Umbrella Rank: 17310	120 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5111	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 9	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1423	38 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	52 KB
1	timsykes.com 1 redirects links.timsykes.com	1 KB
108	21

	Domain	Requested by
13	tinder.thrivecart.com	cryptorocketsalerts.com millionairepub.thrivecart.com tinder.thrivecart.com
13	cryptorocketsalerts.com	1 redirects cryptorocketsalerts.com
12	r.stripe.com	js.stripe.com
12	js.stripe.com	millionairepub.thrivecart.com js.stripe.com
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	fonts.gstatic.com	fonts.googleapis.com
4	q.stripe.com	cryptorocketsalerts.com
4	millionairepub.thrivecart.com	tinder.thrivecart.com
4	ky85ws0f10.execute-api.us-east-1.amazonaws.com	hgevt001.cryptorocketsalerts.com
3	intof.io	1 redirects cryptorocketsalerts.com
3	fonts.googleapis.com	cryptorocketsalerts.com millionairepub.thrivecart.com
3	timsykes-supernova.com	cryptorocketsalerts.com ajax.googleapis.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	app.convertflow.co	ajax.googleapis.com
2	api.amplitude.com	cdn.amplitude.com
2	hgevt001.cryptorocketsalerts.com	cryptorocketsalerts.com millionairepub.thrivecart.com
2	maxcdn.bootstrapcdn.com	cryptorocketsalerts.com
2	cdn-3.convertexperiments.com	cryptorocketsalerts.com millionairepub.thrivecart.com
1	m.stripe.com	m.stripe.network
1	spark.thrivecart.com	millionairepub.thrivecart.com
1	www.google.de	cryptorocketsalerts.com
1	www.google.com	cryptorocketsalerts.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	js.convertflow.co	www.googletagmanager.com
1	cdn.amplitude.com	cryptorocketsalerts.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	www.googletagmanager.com	cryptorocketsalerts.com
1	ajax.googleapis.com	cryptorocketsalerts.com
1	links.timsykes.com	1 redirects
108	30

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-02` - `2023-04-02`	a year	crt.sh
*.convertexperiments.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
thrivecart.com Amazon	`2022-03-09` - `2023-04-07`	a year	crt.sh
timsykes-supernova.com Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2022-06-22` - `2023-07-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.intof.io GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-21` - `2023-04-22`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-09-08`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2022-08-03`	4 months	crt.sh

This page contains 6 frames:

Primary Page: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Frame ID: 0FA83DE059E0BDC115C69787A64BE4E7
Requests: 50 HTTP requests in this frame

Frame: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Frame ID: B6C3671D729D864FA6180762B9AE815C
Requests: 27 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: 5667E2700433D4A608D8E88C47708074
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-f120d3929fed1aaee49c9c6738108283.html
Frame ID: A922FA21D4BF4E55A482020AF1AFF41C
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-6bc9f0b82d679fa338a25b0352443621.html
Frame ID: 5CA6F7E0ED7FF42C2D7AF5021A06A9BE
Requests: 7 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 142F9A8E938722A9EE4123922689BBC8
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

$5 Crypto Webinar

Page URL History Show full URLs

http://links.timsykes.com/u/click?_t=b887762d95964052a023e648cd61dda9&_m=f2fb46d26f0f4ded9a272c0739bdc... HTTP 303
https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&u... HTTP 302
https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&u... Page URL

Detected technologies

ThriveCart (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

thrivecart\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

108
Requests

99 %
HTTPS

46 %
IPv6

21
Domains

30
Subdomains

28
IPs

3
Countries

1745 kB
Transfer

5376 kB
Size

35
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.timsykes.com/u/click?_t=b887762d95964052a023e648cd61dda9&_m=f2fb46d26f0f4ded9a272c0739bdce59&_e=J4tKAQz760oQehuls6J_BmweHiCOjFNeK-fpmU_8YynegH2FuCbZcf4yDiJx2Ti2aSI1aIs49VSkTNDb9ygvTrQHbSzVl6AF_Ur00uMO7mW33Roedt32lb1usb44HHVTZhmyOw33XsgpVXZmXfdzRV1loeXx97Srglx3QbDnCVPZt9iDqH7UJUVMRdN-LrgLHq7tehr7XkzZFWOJikSu1c_vr7IbHNOSQVSf0YCxhEkV1W4sanKLd6SW-4ee-w_ktlE2dN1-IF4IWdD9yW6zQH_EmB1RqaWnKMAFVTho_BKX-VSxCn30muBIg-NqH3OEaSDHxLUlg1BG7VXkCN5LIacXB5tmimwUQF7I36_gjWiNDYOEeivU3QsmTlUBlTHkSHxCCyDeYKbgRFMSA6s-WoQujc1BDRN61gjp3PLpDEI= HTTP 303
https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com HTTP 302
https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://intof.io/itag HTTP 301
https://intof.io/itag/?id=itag

108 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cryptorocketsalerts.com/lp/war-room/
Redirect Chain

http://links.timsykes.com/u/click?_t=b887762d95964052a023e648cd61dda9&_m=f2fb46d26f0f4ded9a272c0739bdce59&_e=J4tKAQz760oQehuls6J_BmweHiCOjFNeK-fpmU_8YynegH2FuCbZcf4yDiJx2Ti2aSI1aIs49VSkTNDb9ygvTrQH...
https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com
https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bc...

16 KB
6 KB

180ms
180ms

Document
text/html

2606:4700:3035::ac43:8879
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3eb6a8edfabae5a1b88ce52d9d6b7816f7a64ff73580a3a8cff9744588f9fb4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 71f436a048fb91de-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 10:13:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 22 Jun 2022 10:13:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYRPqTyU3cabXU0Xcq2LHPi1C8eh44V1vikuEl9Jti7GORw5fLzll7ZML5ZeBUwenxP%2FjdkhPzWu6JwHA8h40MwhdPcaX6kkuV6CDQPVLcjiRlURy003R2ksgPqRBrdjU2HyiSNbPjEgjQ0Jnwi8bXHZP7JTrw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 71f4369d7b2b91de-FRA
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 10:13:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 22 Jun 2022 10:13:48 GMT
location: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2dITUHz0w%2FNpw%2FATXbZYfbxdW7fND5WyVpz3T1kvUxlb0RpYymawIfogcQ0og%2Blg2HFxCdqFfEUTntQu5uDAqQmsUL2lL1ymjf2VeM%2BpVC38uKle4n7wCXiDqbwZ1lxQkBOxuWWywOCZ3ARdREIphE0V4aRxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent

GET
H2 200 10024418-10025485.js Show response
cdn-3.convertexperiments.com/js/ 192 KB
60 KB 81ms
29ms Script
application/javascript 96.16.134.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-3.convertexperiments.com/js/10024418-10025485.js

Requested by

Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.134.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-134-166.deploy.static.akamaitechnologies.com

Software

Resource Hash

5f83317f036e0793608e7b3d15f936e04863f0d822903a75881e1938bdcd4ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=82
strict-transport-security: max-age=15768000
content-length: 61214
x-privacy-policy: You can find our privacy policy at https://www.convert.com/privacy-notice/

GET
H3 200 bootstrap.min.css
cryptorocketsalerts.com/lp/war-room/css/ 138 KB
22 KB 23ms
23ms Stylesheet
text/css 2606:4700:3035::ac43:8879
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/lp/war-room/css/bootstrap.min.css
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65015
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 26 Nov 2021 22:23:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1VDIua8w88PVnWD587MCt3JL7HrYEp95Nb7QB%2F8ALMJDuZCsxqwKftVvfiT6T%2B0EHFe24ln8Fdqca0vPSMQwgyuvQKGB3io6vXOkGZ9vWwhdyvOlpHkG27GOIXGe6tUjb%2BV3qIueuYv9d06NOtLfSwP%2FfdSQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2628000
cf-ray: 71f436a1695c9061-FRA
expires: Wed, 21 Jun 2023 16:10:13 GMT

GET
H3 200 font-awesome.min.css
cryptorocketsalerts.com/lp/war-room/css/ 30 KB
7 KB 17ms
16ms Stylesheet
text/css 2606:4700:3035::ac43:8879
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/lp/war-room/css/font-awesome.min.css
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65015
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 26 Nov 2021 22:23:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4I6Yj5uFimcv%2B15lUO0wCkG1cIUC8QOU8G9iZK6DWNJZ9kpLDZg%2FpabJegS71lwLWAcHm25p4fg3wLz4RFNcinEkQFxZPe%2FlzyORyMplZGOTwb9ym3YHqxJ3SouHyY21zTXi6Nbqscri74nTZGul98rs2j7Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2628000
cf-ray: 71f436a1695d9061-FRA
expires: Wed, 21 Jun 2023 16:10:13 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
20 KB 66ms
35ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 20499779
cdn-cachedat: 2021-03-11 11:57:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5cb63f9f95ecf095082c5daadbee8506
cf-ray: 71f436a19bb6cc4e-ZRH
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 08:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 08:26:23 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
12 KB 64ms
33ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 5223604
cdn-cachedat: 2021-04-23 00:22:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 91ee9ec024af01c0a6c6590b9ae7f583
cf-ray: 71f436a19bb9cc4e-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H3 200 style.css
cryptorocketsalerts.com/lp/war-room/css/ 15 KB
4 KB 14ms
14ms Stylesheet
text/css 2606:4700:3035::ac43:8879
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/lp/war-room/css/style.css?v=1
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 315ad4f60dc2f53e889b70c45ea86fd238d0dd7f944b035bb3f2d272f7a91257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Nov 2021 23:36:16 GMT
server: cloudflare
age: 65015
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsWJbukzy%2FcTH%2ByDGwfwK%2FJyXikJLiSZ%2BhLHJ0sp7AX6LOZits6VQGgvNbpLdmtDwzdCRJVN4FPAVO7TQOqw%2Bo%2BwE1V02Gf5fqR%2B%2BfNsXjCM1GFsZyFuXZcUaRz7YPAG2v5fK0q7r76IaK0v8KmGKygmJY6WDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2628000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71f436a1695e9061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 21 Jun 2023 16:10:13 GMT

GET
H2 200 tfuncsp_v2.0.0.js Show response
hgevt001.cryptorocketsalerts.com/ 30 KB
11 KB 68ms
44ms Script
application/javascript 2606:4700:3035::ac43:8879
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hgevt001.cryptorocketsalerts.com/tfuncsp_v2.0.0.js?tim2021=sykes2021
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7ed17553f6c92ed218c5984a18b2dee9a628229a13e9f36f6873b08f8d0010

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Sep 2021 08:50:30 GMT
server: cloudflare
etag: W/"256a7ce7c82a528fbf5147f1167ba8ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrRXJh9PnorBiA9TKAvdsCVwjUUjDGt04r7PanozsgGU0k%2BcG%2F3bNEVnswBF7KLiaDzfHB3ephx3Z8EUeuMz500CwiBXKxUl0AW9Rl%2FbeWY0qI3eXv1Z%2FiTKWkobJF5vxhJ0Bd1nfuglqmyFl63pNS1vpo1IITB7Qprji3RIWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 71f436a18b5391de-FRA
x-amz-cf-id: G2Q7fQJ8rOxKs4Ml0wssQYQi-urLCY69kSUl3RULcSURjYeHEhEHkQ==

GET
H3 200 matt.png
cryptorocketsalerts.com/lp/war-room/images/ 203 KB
204 KB 15ms
14ms Image
image/png 2606:4700:3035::ac43:8879
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptorocketsalerts.com/lp/war-room/images/matt.png
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03266bd2ee7f7efa219940ae4cb280c86fd71ed1a1c14dc9259e5f207ecc5f9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79522
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 208027
last-modified: Fri, 26 Nov 2021 22:23:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsFa4bFQca%2FeGoT48KbF0OBtlbL1BqPFsVQCc%2BqRIh%2BwGrC2UJMPqQu8wdnTr7lnC8HcAAJJ6vDigU52PcRGqYOZxfQAifZn1jVCC9CrvrfjyHu7LUcl7pacxnSNxty74sy3bypNcuo27kYVO0GBDxjuGXNOow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 71f436a2db209061-FRA
expires: Thu, 21 Jul 2022 12:08:25 GMT

GET
H3 200 breakpoint.png
cryptorocketsalerts.com/lp/war-room/images/ 29 KB
30 KB 33ms
32ms Image
image/png 2606:4700:3035::ac43:8879
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptorocketsalerts.com/lp/war-room/images/breakpoint.png
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f04bcf40e01ce3e80fbc56c19312c7b700322cf28863fb3d437ad3a75ce0450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158967
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29952
last-modified: Fri, 26 Nov 2021 22:23:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tMlMeRPbDuN3PjqgU0bU5COu1ABD5pvvq2%2FGnVI6JZegTE4HPCh2vZ2QGQM4vj4vbFIJ94C9IDO%2BQ4XqmhgFtO7%2Fj22Mvq4ZX5%2BCa9IMjiZUsJyD6PQUiazFvjDH%2FuQpq41GPLjobXag%2By4vPs31GCbyvJTyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 71f436a2db219061-FRA
expires: Wed, 20 Jul 2022 14:04:20 GMT

GET
H2 200 thrivecart.js Show response
tinder.thrivecart.com/embed/v1/ 54 KB
16 KB 55ms
8ms Script
application/javascript 65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/embed/v1/thrivecart.js
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b565ed534c772bf8806d812da3d3997ca7d144c1663588a3d928d5b2a81da1c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 22:00:56 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 21:58:22 GMT
server: nginx
age: 562372
etag: W/"62aa55fe-d807"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: mdrcB8y42ZT9cRvC2paYDVUynJtcOgKUAD3WXbLvqbbUjSX5Fn7YUA==
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
expires: Fri, 15 Jul 2022 22:00:56 GMT

GET
H3 200 bootstrap.min.js Show response
cryptorocketsalerts.com/lp/war-room/js/ 50 KB
15 KB 14ms
14ms Script
application/javascript 2606:4700:3035::ac43:8879
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/lp/war-room/js/bootstrap.min.js
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79793
x-cache-info: cached
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 26 Nov 2021 22:23:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pugtdSdGgx21uMTPXnMo7Bi%2BkZnaGt95xosRONjAqq0ciSsY2zox3t2MWDPr2Ri27IDs5IeocrwM5uYeoaS3Oz0cQ8R2BrGwbcL4iTvHvL3n0fLxDVHtM18F0aF05ezrawyxkJVFQMJKYsbjovQ37lcxlTj76g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2628000
cf-ray: 71f436a1d9dc9061-FRA
expires: Wed, 21 Jun 2023 11:59:41 GMT

GET
H2 200 ctdb.js Show response
timsykes-supernova.com/ctdb/ 2 KB
1 KB 335ms
296ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://timsykes-supernova.com/ctdb/ctdb.js
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 333a09adebdf648e8fa46284a3b6b4868eb0395ac8106b5d5dc4153e2c798774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 01 Dec 2021 19:46:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNGZNDJWV9yl1OWXi%2B%2BrKeGvecnegEpPiZ%2FATLUm1QTlTuNY7T3CZ%2BeTpEwWQNpSqCWBl%2BupQScPLzId49sdu7YL1AyeuxMPry6CkBYy9JviTGhUqFuZShBxFzZioAZO0TIRKrrkjCdt2raItEMz1VsZOmMU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-info: cached
cf-ray: 71f436a23ff49208-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 flipdown.min.css
cryptorocketsalerts.com/flipdown/ 4 KB
1 KB 14ms
13ms Stylesheet
text/css 2606:4700:3035::ac43:8879
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/flipdown/flipdown.min.css
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 989757984a5bfb0e922e7ce7fbb779eed0feda7cc273507dfd1b0ad959324ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79523
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 02 Dec 2021 22:19:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aCRJXoRu7FgmkcDp2bACRahh9fSO7OTryYVVPXd7MYb3A5eITdqSiYNdr2FPFNQ50544Im0TtFqjDbs1emKSHSfGoB%2BQTXhp%2B0TFeZZMO5F4SIQ7RXIzo7%2Bhf4hKs3%2BIr4Ifti1Mn1i0C6WF8JLLQ9BbdD2UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2628000
cf-ray: 71f436a22a349061-FRA
expires: Wed, 21 Jun 2023 12:08:25 GMT

GET
H3 200 flipdown.min.js Show response
cryptorocketsalerts.com/flipdown/ 6 KB
2 KB 13ms
13ms Script
application/javascript 2606:4700:3035::ac43:8879
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/flipdown/flipdown.min.js
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b8c129bc7bd626c00626ce44d8b9171a8bdc4908a2e037183e3b36bb352f9eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79523
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 02 Dec 2021 22:19:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWYISq4l2purlPnYlq6vjsypMXPW8tMhVyzSLbY0PjIPr7Y7hdQnoOY3y5H%2FUPR7014Jzq%2FfOmEOgI7%2Fq5Go2TdAY%2BbY7Y8CqH2Ds4b7EpM5lumpB6U2WRtmUbggk9w%2FinX%2BO%2BhdKe85JonA33kNQIGa%2FPPcJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2628000
cf-ray: 71f436a24a6d9061-FRA
expires: Wed, 21 Jun 2023 12:08:25 GMT

GET
H3 200 iw.js Show response
cryptorocketsalerts.com/iw/ 4 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700:3035::ac43:8879
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptorocketsalerts.com/iw/iw.js
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 251fdcadce75ca82c08da7eef61e4bd0015431861f9d91fbbb9b2b603051b0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79523
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 23:54:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMtwKGhPwD2sQz2XVPzGhBroVnVmPIdIaxurRVfaRW63bapuHdeF4qKvT%2BLd3nDKh%2Fe28JJ%2F2QFKg%2B76uu8baQsuoXYbS5lvXygmQQexMGp1frEi79KaJbe3kxL87EmX5HAQKWBP2p5Psad4gWgnnXRbwQHQmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2628000
cf-ray: 71f436a2bb089061-FRA
expires: Wed, 21 Jun 2023 12:08:25 GMT

GET
H2 200 ctdb.js Show response
timsykes-supernova.com/ctdb/ 2 KB
862 B 302ms
301ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://timsykes-supernova.com/ctdb/ctdb.js?v=12
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 333a09adebdf648e8fa46284a3b6b4868eb0395ac8106b5d5dc4153e2c798774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 01 Dec 2021 19:46:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SJDKVGckZzN7p3ndggzB9fDeltm73k5q%2F%2B6KpkavdUxamL5Ujn8mzAWzr%2Fom1RINiL2Wibq873seSAZJiB8gEmPhZGnjUAyelvo3WKFLhsatFfybtd9HXKykkf%2BqRUv20Z3uqII2MM7J1Yq2Gbn9igelRxN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71f436a2d9049208-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
52 KB 49ms
27ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W3F3RN9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

053f4637e6693cd44af22da6130d2298e1dea144fdfcccebe4115935fa12c058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52992
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Jun 2022 10:13:48 GMT

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
2 KB 49ms
21ms Stylesheet
text/css 2a00:1450:400e:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Oswald:wght@200;300;400;500;600;700&family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/css/style.css?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e515001321f61b8020d15e0f2ad617bd173bcb30de0e927ecfdd3e4d21a7d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 10:13:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Jun 2022 10:13:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Jun 2022 10:13:48 GMT

POST
H2 200 regev Show response
ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/ 61 B
271 B 1096ms
1096ms XHR
application/json 54.83.133.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/regev
Requested by: Host: hgevt001.cryptorocketsalerts.com
URL: https://hgevt001.cryptorocketsalerts.com/tfuncsp_v2.0.0.js?tim2021=sykes2021
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.133.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-133-90.compute-1.amazonaws.com
Software: /
Resource Hash: fb0ccb7be6110a4913b8ac50b37999c886f6e066fc42933b5c02eb6111b1b11e

Request headers

Accept: application/json, text/plain, */*
Referer: https://cryptorocketsalerts.com/
X-Server-Dbg: false
accept-language: de-DE,de;q=0.9
Sttracker-Key: UV5pQG9AencxZEhuekdremIzZnpyIVppWT1vLUguQVR2OiVIOlJJfV91azVFNGlxKXVTalcsOHAzajohUHM+cQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 22 Jun 2022 10:13:49 GMT
x-amzn-requestid: ac9d7c7f-e535-4b4b-a767-12f69e17f73f
x-amz-apigw-id: UHm2jEuzoAMFi-A=
x-amzn-trace-id: Root=1-62b2eb5c-6dafad546ca509b23c0e332b;Sampled=0
content-length: 61
content-type: application/json

OPTIONS
H2 200 regev
ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/ Frame 0
0 333ms
101ms Preflight
application/json 54.83.133.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/regev
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.133.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-133-90.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sttracker-key,x-server-dbg
Access-Control-Request-Method: POST
Origin: https://cryptorocketsalerts.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-headers: Sttracker-Key,X-Server-Dbg,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Wed, 22 Jun 2022 10:13:48 GMT
x-amz-apigw-id: UHm2iGlcIAMF2Kw=
x-amzn-requestid: c34f34d1-749e-4def-a775-89ac7e9888b0

GET
H3 200 bnr.jpg
cryptorocketsalerts.com/lp/war-room/images/ 93 KB
94 KB 30ms
30ms Image
image/jpeg 2606:4700:3035::ac43:8879
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptorocketsalerts.com/lp/war-room/images/bnr.jpg
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/css/style.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 667c3acb0917904bd49e8fbb630b4d776b96772494121d9dcb1a03b75d3cd610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/css/style.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79522
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95443
last-modified: Fri, 26 Nov 2021 22:23:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y98i%2BCyiZUP3CXSr9UmF2aEnlJtKy2UelV9%2BpPh1XWmzmZ%2BUmoJwfYfidjHOtlP53CmmZlO%2BVNsAh0qyoQvXw1WD4KNxtZKQSWSG4S9KckojF6MQznTr0G4p6MJp3HqBKKKtBTDbAMlQHnJySC6rYtV7r9QMYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 71f436a2db319061-FRA
expires: Thu, 21 Jul 2022 12:08:26 GMT

GET
H3 200 check.png
cryptorocketsalerts.com/lp/war-room/images/ 366 B
979 B 34ms
33ms Image
image/png 2606:4700:3035::ac43:8879
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptorocketsalerts.com/lp/war-room/images/check.png
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/css/style.css?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb58df192534d01efde401d27c4130029de09c7860184ea86669db46a6f1909f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/lp/war-room/css/style.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79522
x-cache-info: caching
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 366
last-modified: Fri, 26 Nov 2021 22:23:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ezdq5TCZMkZWCK68G3CRdgoaFrdjnOynfcIbU%2F9hzfUmfPieKupnSMZhvgAyffEbwSV4VBhs%2F%2BkTMRExqfJGeBmltRJ6kgYWr%2Bnl7QQ6IqGk9Bv6a6PQQQoNIDeao3NP7OmMfXWoNQekPuTYa3eVI7NNlIvXHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2628000
accept-ranges: bytes
cf-ray: 71f436a2db329061-FRA
expires: Thu, 21 Jul 2022 12:08:26 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v48/ 25 KB
25 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v48/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&family=Oswald:wght@200;300;400;500;600;700&family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91bf78345c55ec05de11377a4b3a8a5789ef302d73124a401cef84edbce178cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cryptorocketsalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 11:36:02 GMT
x-content-type-options: nosniff
age: 167866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25424
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:34:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 11:36:02 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 37ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cryptorocketsalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 61594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:07:14 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 39ms
17ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cryptorocketsalerts.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 61594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 17:07:14 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 97 KB
38 KB 40ms
19ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-KGDKR9J

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3F3RN9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

283c628ed6aa6a31be0b32457569448867fbe07baff0bbee2e656020e479d381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38773
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Jun 2022 10:13:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3F3RN9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5081
date: Wed, 22 Jun 2022 08:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 22 Jun 2022 10:49:07 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 64ms
28ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3F3RN9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 6069194915506431635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 10:13:48 GMT

GET
H2 200 amplitude-4.4.0-min.gz.js Show response
cdn.amplitude.com/libs/ 74 KB
25 KB 35ms
7ms Script
application/javascript 143.204.214.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-4.4.0-min.gz.js
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-206.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4d27e0d0c0172667e24d953344b058b7f16c6ef7dcc54a8910878f1d050cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 22:18:07 GMT
content-encoding: gzip
age: 29591742
x-cache: Hit from cloudfront
content-length: 25521
access-control-allow-origin: *
last-modified: Mon, 21 Oct 2019 15:45:35 GMT
server: AmazonS3
etag: "0ac70c6a5de910a09be49cfefd77c771"
x-amz-version-id: 5wXGiWTByEVk3DSg02L19x7h8A..ke3l
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 9CiFyw2KfAdNSUt6HxOi7hva6nTLIRmvDzzL-QKYJNv0_dvi8NK3bA==

GET
H2 200 36338.js Show response
js.convertflow.co/production/websites/ 253 KB
54 KB 442ms
416ms Script
text/javascript 2606:4700:20::ac43:4770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.convertflow.co/production/websites/36338.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3F3RN9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4770 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9680676b66eebf37d28648e71984614f7754286a915dd7f62cc1c83d0496c5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8CF5GPR39HZQ2CJK
cf-polished: origSize=368074
cf-ray: 71f436a3ad149b51-FRA
x-amz-id-2: XtSyJFmkbyAgxszDn6jRXgdM27u/dUsO/M5PPpxhMOa92d1z3MOYsP3IZvLdJFZQhW5RBXE+feY=
last-modified: Mon, 13 Jun 2022 17:14:32 GMT
server: cloudflare
etag: W/"5f7ffd34ba9d346320b13fa1eb20998b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzZ86E%2Fq3JTkh%2FaKW6NGm%2FJ8butzxPfdJqVZFo8fazw1mDQA37uRF6BE1QsyD7ykA2%2FRGoF5U%2FVqktWcD7JKWgHpISTXse6b9VC6e6pXOxdhnOOCSLXJhZM0mSPU6R7ZnW%2BGr9Hl4GxWaVQZ13ps"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: K_OK5RYr4FR1Kozvt4qVpbGVgfNMhJGT
cache-control: max-age=30
content-type: text/javascript
cf-bgj: minify

GET
H/1.1

200
OK

/ Show response
intof.io/itag/
Redirect Chain

https://intof.io/itag
https://intof.io/itag/?id=itag

6 KB
6 KB

97ms
97ms

Script
application/javascript

54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://intof.io/itag/?id=itag
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: HTTP/1.1
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: fa1cb237372d86c71a568f5fcd882d5470963e32ea235917147143fc0d7f5317

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Jun 2022 10:13:49 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 5643

Redirect headers

Location: https://intof.io/itag/?id=itag
Date: Wed, 22 Jun 2022 10:13:48 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 238
Content-Type: text/html; charset=iso-8859-1

POST
H2 200 / Show response
api.amplitude.com/ 7 B
206 B 490ms
165ms XHR
text/html 44.239.247.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-4.4.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.247.156 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-247-156.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://cryptorocketsalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Jun 2022 10:13:49 GMT
trace-id: Root=1-62b2eb5d-7f083a0e175d07cb4b215d94
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1766169567&t=pageview&_s=1&dl=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Dinsert_bottom%26utm_content%3D4514820%26utm_campaign%3D3BSOOF%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&ul=en-us&de=UTF-8&dt=%245%20Crypto%20Webinar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABQAAAAC~&jid=78270913&gjid=899348144&cid=28566373.1655892829&tid=UA-111298202-10&_gid=119855345.1655892829&_r=1&gtm=2wg6f0W3F3RN9&z=917988367

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cryptorocketsalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 10:13:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cryptorocketsalerts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/774664871/ 3 KB
2 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/774664871/?random=1655892828790&cv=9&fst=1655892828790&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Dinsert_bottom%26utm_content%3D4514820%26utm_campaign%3D3BSOOF%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&tiba=%245%20Crypto%20Webinar&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1075582bf8cef63f6d823cfd9629237b402cb57091247e11e51cde381586eb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 10:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1141
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 track.php Show response
timsykes-supernova.com/ctdb/ 3 B
621 B 1106ms
1082ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://timsykes-supernova.com/ctdb/track.php?email=gsheard@bcbsm.com&funnel=cyr_wr&action=view_cart&page_url=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y&page_id=war-room-cart
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Accept: */*
Referer: https://cryptorocketsalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: Authorization, Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kKoMJFVXO2RUWYOs5qaxd0ecHen5QoA%2FClWmTLWth%2Bxgo7pFdISpVKw07VwUQk23zweVXKXjfU4fllRAdF%2BIbXbcu1Mw65tH%2Ft7tck0EUZrP2e%2F1la3569aqskMjcyz07%2FbI6vE1pdFVVYMJVWUpZQ2Dcs8"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 71f436a44ca759bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3

GET
H2 200 /
www.google.com/pagead/1p-user-list/774664871/ 42 B
548 B 42ms
20ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/774664871/?random=1655892828790&cv=9&fst=1655892000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Dinsert_bottom%26utm_content%3D4514820%26utm_campaign%3D3BSOOF%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&tiba=%245%20Crypto%20Webinar&async=1&fmt=3&is_vtc=1&random=3050379003&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 10:13:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/774664871/ 42 B
548 B 42ms
21ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/774664871/?random=1655892828790&cv=9&fst=1655892000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&frm=0&url=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Dinsert_bottom%26utm_content%3D4514820%26utm_campaign%3D3BSOOF%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&tiba=%245%20Crypto%20Webinar&async=1&fmt=3&is_vtc=1&random=3050379003&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 10:13:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
millionairepub.thrivecart.com/26/ Frame B6C3 106 KB
21 KB 491ms
285ms Document
text/html 3.90.135.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Requested by: Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/embed/v1/thrivecart.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.90.135.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-135-121.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3c20ae5493ed1e32cde0e88466c38a8af055e1bbc7a1fc2999a1532562c2b19d

Request headers

Referer: https://cryptorocketsalerts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 22 Jun 2022 10:13:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding

GET
H2 200 324490ae-adce-4fb0-adac-c09df2666c35 Show response
app.convertflow.co/websites/36338/visitors/ 476 B
700 B 311ms
302ms Script
text/javascript 2606:4700:20::ac43:4770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertflow.co/websites/36338/visitors/324490ae-adce-4fb0-adac-c09df2666c35?callback=jQuery351048293541812832896_1655892828538&visitor%5Bwebsite_id%5D=36338&visitor%5Bvisitor_token%5D=324490ae-adce-4fb0-adac-c09df2666c35&visitor%5Bcontact_id%5D=&visitor%5Blanding_page%5D=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Dinsert_bottom%26utm_content%3D4514820%26utm_campaign%3D3BSOOF%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&visitor%5Bplatform%5D=Web&new=true&utms%5Butm_source%5D=email&utms%5Butm_medium%5D=insert_bottom&utms%5Butm_campaign%5D=3BSOOF&utms%5Butm_content%5D=4514820&_=1655892828539

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3370f7b93fb5b9f3374cae2d032f0c189838f973a7bf685ec685d1745164b762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:49 GMT
access-control-request-method: *
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 95926c45-2bf6-46bd-85bf-206b5c93b192
x-runtime: 0.007320
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3370f7b93fb5b9f3374cae2d032f0c18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FI%2FhVcD7QnthcZJhrGtj2Yx0MYgpbifPXE3qc08RNSp9SYUC6SfGPAW%2BxT43TrG62ydO9GlN57OeoDGb1r63CY4%2FA7dYrL3fG5oHGc89%2FYHXC44daGXtWZSN3nnNd6bsFe5UfIpeMApxjX3TARbFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
via: 1.1 vegur
cache-control: max-age=0, private, must-revalidate
cf-ray: 71f436a669ac9b51-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 create Show response
app.convertflow.co/websites/36338/contacts/ 77 B
816 B 306ms
300ms Script
text/javascript 2606:4700:20::ac43:4770
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertflow.co/websites/36338/contacts/create?callback=jQuery351048293541812832896_1655892828540&contact%5Bwebsite_id%5D=36338&contact%5Bvisitor_token%5D=324490ae-adce-4fb0-adac-c09df2666c35&contact%5Bemail%5D=gsheard%40bcbsm.com&_=1655892828541

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4770 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ef4d6092480d42bd936a3cb56dcc72988c21fbd8a9003a32b67772aad17364f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:49 GMT
access-control-request-method: *
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: aa6745b6-e9af-4a93-a6e3-3bde1c519761
x-runtime: 0.006769
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0ef4d6092480d42bd936a3cb56dcc729"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6pl3N1SGQYyY2Zu%2BY4M%2BOC9KRcQgaL6qD3tXoB4ZT7R6YPqvReSVbAb5X%2FIPN9zE2OblAVVaLai5QVSW62IH5QIcdOO7fTVoHpKWgllvfqDaSH%2F7LFbkPqPXXqmC%2Ft5KFrthLRXczm1Fz7aunfAxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
via: 1.1 vegur
cache-control: max-age=0, private, must-revalidate
cf-ray: 71f436a669ab9b51-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H/1.1 200
OK /
intof.io/iocmap/ 43 B
411 B 97ms
97ms Image
image/gif 54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intof.io/iocmap/?iocid=null&iocmap=null
Requested by: Host: cryptorocketsalerts.com
URL: https://cryptorocketsalerts.com/lp/war-room/?utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Jun 2022 10:13:49 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 43

POST
H2 200 / Show response
api.amplitude.com/ 7 B
204 B 168ms
168ms XHR
text/html 44.239.247.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-4.4.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.247.156 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-247-156.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://cryptorocketsalerts.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Jun 2022 10:13:49 GMT
trace-id: Root=1-62b2eb5d-77cdc1d45213d0074af9e0a2
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 checkout.minimal.css
tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/embed/v1/ Frame B6C3 89 KB
16 KB 9ms
7ms Stylesheet
text/css 65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/embed/v1/checkout.minimal.css
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8358fed89d6ac5c039c6a9f8c5b3c8c55231181562bd23164392fa20de3bc330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 21:59:07 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 21:58:22 GMT
server: nginx
age: 562482
etag: W/"62aa55fe-16442"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: mcS6fCip6ghVXhceDNmlEmyXVMUc4b9tqg7qb2CqdY2am6HTDxmq4w==
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
expires: Fri, 15 Jul 2022 21:59:07 GMT

GET
H2 200 all.min.css
tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/static/assets/fontawesome-5.15.2/css/ Frame B6C3 170 KB
33 KB 9ms
6ms Stylesheet
text/css 65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/static/assets/fontawesome-5.15.2/css/all.min.css
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: caf2756a13f8fee24efb8378994a43a44150c14fa06dc7ac372e24226b03c220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 21:59:05 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 21:58:21 GMT
server: nginx
age: 562484
etag: W/"62aa55fd-2a8fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: pLGKOeZChbiUjXJONc0HMTeV1xZtungu6DzFT714B_L5b5Wi2GZa4g==
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
expires: Fri, 15 Jul 2022 21:59:05 GMT

GET
H2 200 widgets.css
tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/plugins/core.template.v2/assets/ Frame B6C3 588 KB
40 KB 15ms
12ms Stylesheet
text/css 65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/plugins/core.template.v2/assets/widgets.css
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 66ebd781c901aae90ce4144c258bd42ebc192e98d5ca30cd76ad5dfc58800ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 21:59:05 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 21:58:22 GMT
server: nginx
age: 562484
etag: W/"62aa55fe-931bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: aNrhvYat0fp-u6jbngTRQs5092_mWXeIxAql1oYmfC7Is-JrdQ9pZw==
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
expires: Fri, 15 Jul 2022 21:59:05 GMT

GET
H2 200 style.css
tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/plugins/core.template.v2/templates/embed/assets/ Frame B6C3 124 KB
11 KB 15ms
13ms Stylesheet
text/css 65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/plugins/core.template.v2/templates/embed/assets/style.css
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4f0f22abbe6c548a03d64cf7f3a3fffbf68a2a68d813ee11d4d13352a80d42a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 21:59:30 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 21:58:22 GMT
server: nginx
age: 562459
etag: W/"62aa55fe-1f090"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: kVTnYWUXwUVLH06hH7WEMV_Pr9TzOsJxngLqvi1gJNLSHz-1aCKMDA==
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
expires: Fri, 15 Jul 2022 21:59:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B6C3 4 KB
518 B 56ms
27ms Stylesheet
text/css 2a00:1450:400e:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext

Requested by

Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b0e12db768dea860ca3ab97866d50d6f3f9cc5ac7f03ce3ee7145556d7c8a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 10:13:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Jun 2022 10:13:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Jun 2022 10:13:49 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame B6C3 726 B
376 B 50ms
21ms Stylesheet
text/css 2a00:1450:400e:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?display=swap&family=DM+Sans&subset=latin-ext

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69f5c6a36a2c3779e8d124d8a02b4899a3b47e60169dfaf4a722a5a83f1c3df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 08:41:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Jun 2022 10:13:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Jun 2022 10:13:49 GMT

GET
H2 200 contentWindow.js Show response
tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/embed/v1/scripts/iframeResizer/ Frame B6C3 13 KB
5 KB 14ms
13ms Script
application/javascript 65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/embed/v1/scripts/iframeResizer/contentWindow.js
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c69e891536bb25b9c636f6a5f1e377ba428a6d2e0c24822d60f77d972e6c6518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 21:59:24 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 21:58:22 GMT
server: nginx
age: 562465
etag: W/"62aa55fe-334d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: lEn4WkCIgsEUbsn_4qpmzhtG0Z-mxI_I7QOQq6q2rFMZG-ExyM_BPA==
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
expires: Fri, 15 Jul 2022 21:59:24 GMT

GET
H2 200 user_assets%2FT4F2RD5O%2Fuploads%2Fimages%2Fdiamondhands-1638240054.png
spark.thrivecart.com/500x0/ Frame B6C3 87 KB
87 KB 42ms
11ms Image
image/png 65.9.66.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spark.thrivecart.com/500x0/user_assets%2FT4F2RD5O%2Fuploads%2Fimages%2Fdiamondhands-1638240054.png
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-29.fra56.r.cloudfront.net
Software: /
Resource Hash: 5764fa6f2fcc36ef4404db6a94e0eb27339474529841a85e4ae8f08eec29c09b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 04:43:16 GMT
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront), 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
etag: "7dd7385a0552c4db526565da52955a84b7bb1af0"
age: 624633
x-amzn-requestid: 24f0bce5-d259-41cd-b8b2-c8f99618e055
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
x-amzn-trace-id: Root=1-62a96363-5c05b78b3a0870b6142de785;Sampled=0
x-amz-cf-pop: FRA56-C1, FRA56-C1
content-length: 88785
x-amz-apigw-id: Tvx3kEZhIAMFwaQ=
x-amzn-remapped-date: Wed, 15 Jun 2022 04:43:15 GMT
x-amz-cf-id: iTZuCkgDaPx43LIpSBsuboiG6r-xMkgMISWiSlRIbCnf90yXPSnYmw==
expires: Thu, 15 Jun 2023 04:43:16 GMT

GET
H2 200 cards_limited.png
tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/plugins/core.template.v2/widgets/core_fields_buy_button/frontend/ Frame B6C3 8 KB
8 KB 14ms
14ms Image
image/png 65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/plugins/core.template.v2/widgets/core_fields_buy_button/frontend/cards_limited.png
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 1beb1ffc4631dc233334ae5761d9504dc38ede5e85ade396dcc35613ed146507

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 21:59:07 GMT
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified: Wed, 15 Jun 2022 21:58:22 GMT
server: nginx
age: 562482
etag: "62aa55fe-1f0e"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 7950
x-amz-cf-id: Nqk193qym5O1iWQwJSIG9CH-bOXy7_zRcoXAvfIQP2mzFqeqsaX09w==
expires: Fri, 15 Jul 2022 21:59:07 GMT

GET
H2 200 cards_full.png
tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/plugins/core.template.v2/widgets/core_fields_buy_button/frontend/ Frame B6C3 10 KB
10 KB 13ms
12ms Image
image/png 65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/plugins/core.template.v2/widgets/core_fields_buy_button/frontend/cards_full.png
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b2362f1c2a377dd386a3929b9fb2dc5fabfbc2a7f102e29009bfe09c6833849c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 21:59:07 GMT
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified: Wed, 15 Jun 2022 21:58:22 GMT
server: nginx
age: 562482
etag: "62aa55fe-27ff"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10239
x-amz-cf-id: FBaRHholuRSRmlnTx5DFOq6WGy17jhcbCe681TPpPpA5RcHCkI9DWw==
expires: Fri, 15 Jul 2022 21:59:07 GMT

GET
H3 200 rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame B6C3 18 KB
18 KB 21ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://millionairepub.thrivecart.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 21:01:45 GMT
x-content-type-options: nosniff
age: 479524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18212
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jun 2023 21:01:45 GMT

GET
H3 200 rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame B6C3 18 KB
18 KB 26ms
12ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://millionairepub.thrivecart.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 21:01:43 GMT
x-content-type-options: nosniff
age: 479526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18096
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jun 2023 21:01:43 GMT

GET
DATA 200
OK truncated
/ Frame B6C3 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo-translucent.png
tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/static/images/ Frame B6C3 9 KB
10 KB 7ms
7ms Image
image/png 65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/static/images/logo-translucent.png
Requested by: Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/plugins/core.template.v2/templates/embed/assets/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0178efc1cd691a4412d88770fcca9ec0c7355669113c7b4d707fa4b21bb9df9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/plugins/core.template.v2/templates/embed/assets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 21:59:07 GMT
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified: Wed, 15 Jun 2022 21:58:21 GMT
server: nginx
age: 562482
etag: "62aa55fd-24c8"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 9416
x-amz-cf-id: UiETaE4AGM94losW4osLedTnrGXGdt9WT4lxQ5IKCOhhX000tx67UA==
expires: Fri, 15 Jul 2022 21:59:07 GMT

GET
H3 200 rP2Cp2ywxg089UriAWCrCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame B6C3 18 KB
18 KB 13ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriAWCrCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,400i,500,500i,700,700i&display=block&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6997f451bbf8012dea5fb3b9f2e974a2f86861364126915097d81096392c800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://millionairepub.thrivecart.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 21:15:01 GMT
x-content-type-options: nosniff
age: 478728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18240
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:54:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jun 2023 21:15:01 GMT

GET
H2 200 common.js Show response
tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/embed/v1/ Frame B6C3 153 KB
47 KB 7ms
7ms Script
application/javascript 65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/embed/v1/common.js
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 16728d621fbc75db0ee37a0aeca0b588162d1a0057cf9433d05e229518a5fb4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 21:59:05 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 21:58:22 GMT
server: nginx
age: 562484
etag: W/"62aa55fe-2659d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 78xsDch9UFNHphBrdOgdtYDMJJHtk6yFLlPCrZ5jtYLGqlCN5Yqu9Q==
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
expires: Fri, 15 Jul 2022 21:59:05 GMT

GET
H2 200 checkout.v2.js Show response
tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/embed/v1/ Frame B6C3 124 KB
26 KB 8ms
7ms Script
application/javascript 65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/embed/v1/checkout.v2.js
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c53af9be44c73334e9e3bf0229fc0c12aad967841b914e4494652a4ba5f37677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 21:59:07 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 21:58:22 GMT
server: nginx
age: 562482
etag: W/"62aa55fe-1f07c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: L8yYCGeXO6uutspvUarmNZzTFZGnP9Fk-oM9TbAxrPhUb1H3qsJsmA==
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
expires: Fri, 15 Jul 2022 21:59:07 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame B6C3 312 KB
83 KB 72ms
9ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4028da4e65de4454ab391dca150c6ed693a868dc8b9151dbec5efbea75af0ee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 37
x-cache: Hit from cloudfront
date: Wed, 22 Jun 2022 10:13:12 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 20:13:44 GMT
server: Cloudfront
etag: W/"ff5a72ca7683de1a4134b879e86e1488"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: 9oGSBo6RZJRedAeIHoH6KHODVdMG2mv8NpryfNruF0xq6hCwxJ-AiA==

GET
H2 200 widgets.js Show response
tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/plugins/core.template.v2/assets/ Frame B6C3 230 KB
54 KB 8ms
8ms Script
application/javascript 65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/plugins/core.template.v2/assets/widgets.js
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0a26fef0e357be97292a660af66e2d3feb74ea8aa40f8bf6abe499a41399b2d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 21:59:07 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 21:58:22 GMT
server: nginx
age: 562482
etag: W/"62aa55fe-39743"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ifXskHiPLQlqJjUHTEub-EotB8956LBlWFvt5DH-Hk4eQiJDkAxSPQ==
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
expires: Fri, 15 Jul 2022 21:59:07 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1766169567&t=pageview&_s=1&dl=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Dinsert_bottom%26utm_content%3D4514820%26utm_campaign%3D3BSOOF%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&ul=en-us&de=UTF-8&dt=%245%20Crypto%20Webinar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABQAAAAC~&jid=&gjid=&cid=28566373.1655892829&tid=UA-111298202-10&_gid=119855345.1655892829&gtm=2wg6f0W3F3RN9&z=277754941

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 11:18:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82493
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 11:18:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82493
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 11:18:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82493
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 11:18:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82493
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 poll Show response
millionairepub.thrivecart.com/api/v1/plugin/call/core.stock/ Frame B6C3 49 B
422 B 166ms
165ms XHR
application/json 3.90.135.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://millionairepub.thrivecart.com/api/v1/plugin/call/core.stock/poll
Requested by: Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/embed/v1/common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.90.135.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-135-121.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5acd1e76eab36ae57e68e66d401cde8c038308e10e28a533fc33696644f49b6b

Request headers

Accept: application/json, text/javascript
Referer: https://millionairepub.thrivecart.com/26/?1=1&_embeddable=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard%40bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&redir=y
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 10:13:49 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://millionairepub.thrivecart.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1766169567&t=event&ni=0&_s=1&dl=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Dinsert_bottom%26utm_content%3D4514820%26utm_campaign%3D3BSOOF%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&ul=en-us&de=UTF-8&dt=%245%20Crypto%20Webinar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Event&ea=1000px%20Scrolled&el=https%3A%2F%2Fcryptorocketsalerts.com%2Flp%2Fwar-room%2F%3Futm_source%3Demail%26utm_medium%3Dinsert_bottom%26utm_content%3D4514820%26utm_campaign%3D3BSOOF%26email%3Dgsheard%2540bcbsm.com%26passthrough%255Bcustomer_email%255D%3Dgsheard%2540bcbsm.com%26redir%3Dy&ev=0&_u=aEDAAEABQAAAAC~&jid=&gjid=&cid=28566373.1655892829&tid=UA-111298202-10&_gid=119855345.1655892829&gtm=2wg6f0W3F3RN9&z=19201007

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 11:18:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82493
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 11:18:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82493
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 11:18:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82493
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptorocketsalerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Jun 2022 11:18:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82493
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-6262077c14f753400d607dc30e70f1af.html Show response
js.stripe.com/v3/ Frame 5667 240 B
979 B 8ms
8ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://millionairepub.thrivecart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 729
cache-control: max-age=31536000
content-length: 240
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 22 Jun 2022 10:01:41 GMT
etag: "6262077c14f753400d607dc30e70f1af"
last-modified: Fri, 10 Jun 2022 18:43:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-id: yF8xG0VqSaYlOa6_kK5HOcBCSBWrjbK07K-U2YqGnFM3vHuWKmRNww==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-f120d3929fed1aaee49c9c6738108283.html Show response
js.stripe.com/v3/ Frame A922 349 B
1 KB 8ms
8ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-f120d3929fed1aaee49c9c6738108283.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

324e9568da6ec886cdaf4c862ab61950060fa25939726adc0a25aadfed9ae50a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://millionairepub.thrivecart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8
cache-control: max-age=60
content-length: 349
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 22 Jun 2022 10:13:49 GMT
etag: "f120d3929fed1aaee49c9c6738108283"
last-modified: Tue, 21 Jun 2022 19:49:07 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-id: 4768RU1F44hTRO-qFU1rp_C9ass044I44aBD_V2AfxfOPErfP6LF4g==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 select-arrow.png
tinder.thrivecart.com/embed/v1/images/ Frame B6C3 637 B
1 KB 8ms
8ms Image
image/png 65.9.66.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tinder.thrivecart.com/embed/v1/images/select-arrow.png
Requested by: Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/embed/v1/checkout.minimal.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-18.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4ff40fb5a2aea4aee1a72ed5c530e9e6db69247d05424747e76343c82b827a7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/embed/v1/checkout.minimal.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 22:00:12 GMT
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified: Wed, 15 Jun 2022 21:58:22 GMT
server: nginx
age: 562417
etag: "62aa55fe-27d"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 637
x-amz-cf-id: ApyN2V79DSzGWf_oDiSyBdUXRyNVe0GJb7VMHKjiRXG4jNFTmC9fAQ==
expires: Fri, 15 Jul 2022 22:00:12 GMT

GET
H2 200 elements-inner-card-6bc9f0b82d679fa338a25b0352443621.html Show response
js.stripe.com/v3/ Frame 5CA6 807 B
2 KB 9ms
8ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-6bc9f0b82d679fa338a25b0352443621.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

632bb9aa87c6d5a4e306ea26ba7120360eab83e1ba779be394d3bca4e2452478

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://millionairepub.thrivecart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1405
cache-control: max-age=31536000
content-length: 807
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 22 Jun 2022 10:07:48 GMT
etag: "6bc9f0b82d679fa338a25b0352443621"
last-modified: Tue, 21 Jun 2022 19:49:07 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-id: TagnTDNKNxgWLEe3LiBxrOhlvl36hu3hdOwwSChmHk9umDLgUvQ_pQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 5667 0
570 B 478ms
157ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Jun 2022 10:13:50 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 tccon_v1.0.0.js Show response
hgevt001.cryptorocketsalerts.com/ Frame B6C3 35 KB
13 KB 70ms
69ms Script
application/javascript 2606:4700:3035::ac43:8879
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hgevt001.cryptorocketsalerts.com/tccon_v1.0.0.js
Requested by: Host: millionairepub.thrivecart.com
URL: https://millionairepub.thrivecart.com/26/?_embeddable=1&1=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard@bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&page_id=war-room-cart&funnel_id=cyr_wr&ref=3BSOOF&utm_source=email&utm_medium=insert_bottom&utm_content=4514820&utm_campaign=3BSOOF&email=gsheard%40bcbsm.com&passthrough%5Bcustomer_email%5D=gsheard%40bcbsm.com&redir=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d92ac6c496a5c1f7ffd0fc9574cce0d9431764e851cb30e5a54283d42e21b67d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:49 GMT
via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Sep 2021 08:50:28 GMT
server: cloudflare
etag: W/"5abb4633bb17c8f060fe9024213951cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BH9xrWr8IpDPzGarM1euTzR4b9P1qMfgsixcnm1KnGHnZgB8nC9lcNXRcz5hAwCtTs8qqSfQUZ8dtWWWuBPfjqgWhs0HTkOM4yM4UqPnnpUORSC4VU88jbFwYcX7Y4FyfpgZQke8M8aCdZQmrx1JlOWu5TZEJJKtoh9rWlAROw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 71f436aacd329061-FRA
x-amz-cf-id: YrETfBw4iveHU81dEfiaO3n-lSrPmB9_jeiX1TiJzUvXVDbu1rIMIA==

POST
H2 200 csp-report
q.stripe.com/ Frame A922 0
570 B 464ms
158ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Jun 2022 10:13:50 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5667 1 KB
1 KB 8ms
8ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 42
x-cache: Hit from cloudfront
date: Wed, 22 Jun 2022 10:13:13 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 18:43:57 GMT
server: Cloudfront
etag: W/"77711798ecf99b8bb8207cf88a10d73c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: zehx3NsfVyUe4UX63jbOu7lwNvnVHC0xQVyNaRLoxTcc6ZrLJ_afiA==

POST
H2 200 csp-report
q.stripe.com/ Frame 5CA6 0
571 B 456ms
157ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Jun 2022 10:13:50 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-4aac866fe22798d8caa40ada6c1a4e9c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A922 219 KB
60 KB 13ms
13ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-4aac866fe22798d8caa40ada6c1a4e9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-f120d3929fed1aaee49c9c6738108283.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

515b028b9295fd5571fb010ff1bb73f0ce070b3050e945b363fada81dacdfea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-f120d3929fed1aaee49c9c6738108283.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 17
x-cache: Hit from cloudfront
date: Wed, 22 Jun 2022 10:13:49 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 19:48:30 GMT
server: Cloudfront
etag: W/"1a018a0ada58176427496b75f817acd5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: 5gWo0Z8Z7GJ-MbJ3r5f68sGNq5ZUvR1aKP2GMglA1FZZ7tAPgwuTag==

GET
H2 200 controller-460e454deb3ccc4b5b2d4b70ca6f4a1b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A922 390 KB
104 KB 8ms
7ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-460e454deb3ccc4b5b2d4b70ca6f4a1b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-f120d3929fed1aaee49c9c6738108283.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c5b484dc69bb39ed8e5dc6e189a7d0ea9a33232ab83279320de51f5a3e3910c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-f120d3929fed1aaee49c9c6738108283.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 23
x-cache: Hit from cloudfront
date: Wed, 22 Jun 2022 10:13:26 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 19:48:39 GMT
server: Cloudfront
etag: W/"3cdedf8bf50acfab0c7c9f1242281061"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: Kx2E75uDWmyYg3fxkkF_gUWBgDZT8-Gd3aLso6DHX36yi1fzk0Skyg==

GET
H2 200 track Show response
millionairepub.thrivecart.com/api/v1/statistics/ Frame B6C3 87 B
452 B 291ms
291ms XHR
application/json 3.90.135.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://millionairepub.thrivecart.com/api/v1/statistics/track?viewer_id=&user_id=d7ecca1e-49e8-456e-9785-7fdc868466f1&browser=chrome&os=windows&entity_id=26&entity_type=product&account_id=11407&mode=2&campaign_id=3BSOOF&affiliate_id=&tc_flow=&tco=&tcv=&uv=8&event_meta%5Burl%5D=https%3A%2F%2Fmillionairepub.thrivecart.com%2F26%2F%3F1%3D1%26_embeddable%3D1%26weet_sid%3Dc2005de2-fb1a-47fb-9902-f260bfba5aab%26funnel_id%3Dcyr_wr%26page_id%3Dwar-room-cart%26email%3Dgsheard%2540bcbsm.com%26utm_source%3Demail%26utm_medium%3Dinsert_bottom%26utm_campaign%3D3BSOOF%26utm_content%3D4514820%26redir%3Dy&event_meta%5Buser_agent%5D=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F102.0.5005.115+Safari%2F537.36&event_meta%5Bfbp%5D=.&event_meta%5Bfbc%5D=.&event_meta%5Boffer_type%5D=product&event_meta%5Boffer_ref%5D=26&event_meta%5Bevent_time%5D=1655892830&event_meta%5Bpage_load_time%5D=1655892829&event_type=checkout_view
Requested by: Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/embed/v1/common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.90.135.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-135-121.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 701dbda9557d6b02fc18949822ce78cf2ff9e34aa22f878843daef83da2b9b47

Request headers

Accept: application/json, text/javascript
Referer: https://millionairepub.thrivecart.com/26/?1=1&_embeddable=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard%40bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&redir=y
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 10:13:50 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://*.thrivecart.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ui-shared-dcc7704820e24909c78df35eed5aea96.css
js.stripe.com/v3/fingerprinted/css/ Frame 5CA6 18 KB
3 KB 12ms
11ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-dcc7704820e24909c78df35eed5aea96.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6bc9f0b82d679fa338a25b0352443621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

49f542f6b15c29f0dad8a9982664eac92652cd51da8e8592f8ecbaa7a3dff9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6bc9f0b82d679fa338a25b0352443621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 57
x-cache: Hit from cloudfront
date: Wed, 22 Jun 2022 10:13:49 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 18:43:48 GMT
server: Cloudfront
etag: W/"d8a33a9503618fb1361fd34772563167"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: W-WUevJn0MiqymE9OPoyjMl8I-WpGAoxI6Hce2ZplaTCW0HKdktBHQ==

GET
H2 200 elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
js.stripe.com/v3/fingerprinted/css/ Frame 5CA6 5 KB
2 KB 11ms
10ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6bc9f0b82d679fa338a25b0352443621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6bc9f0b82d679fa338a25b0352443621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 59
x-cache: Hit from cloudfront
date: Wed, 22 Jun 2022 10:13:49 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Cloudfront
etag: W/"0de3030d19b9e3517790795cb6ccc87d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: goO5kh69U_AZ6iavqpRdyf6VuYXhYC5bSmV0oYT5olxx0JQNlqMVog==

GET
H2 200 shared-4aac866fe22798d8caa40ada6c1a4e9c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5CA6 219 KB
60 KB 10ms
8ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-4aac866fe22798d8caa40ada6c1a4e9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6bc9f0b82d679fa338a25b0352443621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

515b028b9295fd5571fb010ff1bb73f0ce070b3050e945b363fada81dacdfea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6bc9f0b82d679fa338a25b0352443621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 17
x-cache: Hit from cloudfront
date: Wed, 22 Jun 2022 10:13:49 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Jun 2022 19:48:30 GMT
server: Cloudfront
etag: W/"1a018a0ada58176427496b75f817acd5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: ZCLbtVwYU9TXLlIXfSsl8V8qfn3XwbxDIsbiOGNCjANUY_8bIA-Mpw==

GET
H2 200 ui-shared-9dc40390df3aeec4aef388bc7e32d06b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5CA6 214 KB
65 KB 12ms
11ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-9dc40390df3aeec4aef388bc7e32d06b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6bc9f0b82d679fa338a25b0352443621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

aa966d14d5e31f62d152301cc6dee961f94171d2eae54b77216f31b68207d775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6bc9f0b82d679fa338a25b0352443621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 39
x-cache: Hit from cloudfront
date: Wed, 22 Jun 2022 10:13:49 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Wed, 15 Jun 2022 20:17:23 GMT
server: Cloudfront
etag: W/"90b2fd10a40deca5815600b5f8d90fa6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: hRKLnYqcKWdZQzqfkY5EHJNmgcvHcRe5A6AA4ZHXTUyM_Cmr8F5bww==

GET
H2 200 elements-inner-card-9adaca75c873040fe191ef23246372b6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5CA6 47 KB
12 KB 12ms
11ms Script
application/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-9adaca75c873040fe191ef23246372b6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-6bc9f0b82d679fa338a25b0352443621.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

703a0d2d286674489fe257551ad01817353e8f6275dcdd0535e9cb5092cbe55a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-6bc9f0b82d679fa338a25b0352443621.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 36
x-cache: Hit from cloudfront
date: Wed, 22 Jun 2022 10:13:49 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Wed, 15 Jun 2022 20:17:33 GMT
server: Cloudfront
etag: W/"a32f56b16dc575ba1caa6bbc29988c6a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: pZSf_a_b3fy0vO03Fcza8gqc4b87A2UsDvmotV0RCCDHe4rP7Nx9eA==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 142F 930 B
1 KB 42ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 74
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 22 Jun 2022 10:13:49 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 118
x-content-type-options: nosniff
x-request-id: 5bf8813a-040e-4007-a6cf-b3124bec843c
x-served-by: cache-hhn4051-HHN
x-timer: S1655892830.952127,VS0,VE0

POST
H2 200 0 Show response
r.stripe.com/ Frame A922 0
127 B 630ms
310ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4aac866fe22798d8caa40ada6c1a4e9c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 22 Jun 2022 10:13:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame 142F 0
344 B 377ms
158ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 10:13:50 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame A922 0
128 B 543ms
310ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4aac866fe22798d8caa40ada6c1a4e9c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 22 Jun 2022 10:13:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A922 0
127 B 545ms
312ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4aac866fe22798d8caa40ada6c1a4e9c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 22 Jun 2022 10:13:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A922 0
127 B 543ms
311ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4aac866fe22798d8caa40ada6c1a4e9c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 22 Jun 2022 10:13:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A922 0
127 B 545ms
313ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4aac866fe22798d8caa40ada6c1a4e9c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 22 Jun 2022 10:13:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A922 0
127 B 545ms
313ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4aac866fe22798d8caa40ada6c1a4e9c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 22 Jun 2022 10:13:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A922 0
127 B 542ms
312ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4aac866fe22798d8caa40ada6c1a4e9c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 22 Jun 2022 10:13:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A922 0
127 B 542ms
312ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4aac866fe22798d8caa40ada6c1a4e9c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 22 Jun 2022 10:13:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 142F 86 KB
16 KB 7ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 288
x-cache: HIT
content-length: 16031
x-request-id: 8f19157f-8378-4c5a-a85e-359d44eb3ee6
x-served-by: cache-hhn4051-HHN
server: Fastly
x-timer: S1655892830.051228,VS0,VE0
date: Wed, 22 Jun 2022 10:13:50 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 407

POST
H2 200 regev Show response
ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/ Frame B6C3 61 B
270 B 1012ms
1012ms XHR
application/json 54.83.133.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/regev
Requested by: Host: hgevt001.cryptorocketsalerts.com
URL: https://hgevt001.cryptorocketsalerts.com/tccon_v1.0.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.133.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-133-90.compute-1.amazonaws.com
Software: /
Resource Hash: a3f2d86d97ebc340f4fa01f3a64dfa09bdc26007a2896e182803b318c0fb5daa

Request headers

Accept: application/json, text/plain, */*
Referer: https://millionairepub.thrivecart.com/
X-Server-Dbg: false
accept-language: de-DE,de;q=0.9
Sttracker-Key: UV5pQG9AencxZEhuekdremIzZnpyIVppWT1vLUguQVR2OiVIOlJJfV91azVFNGlxKXVTalcsOHAzajohUHM+cQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 22 Jun 2022 10:13:51 GMT
x-amzn-requestid: 024eda42-771e-49e2-8af4-e041e4f62fa0
x-amz-apigw-id: UHm2wF68oAMF5DQ=
x-amzn-trace-id: Root=1-62b2eb5e-618e1b3967b24b2f0b73a16f;Sampled=0
content-length: 61
content-type: application/json

OPTIONS
H2 200 regev
ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/ Frame 0
0 101ms
101ms Preflight
application/json 54.83.133.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ky85ws0f10.execute-api.us-east-1.amazonaws.com/prod/regev
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.133.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-133-90.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sttracker-key,x-server-dbg
Access-Control-Request-Method: POST
Origin: https://millionairepub.thrivecart.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-headers: Sttracker-Key,X-Server-Dbg,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Wed, 22 Jun 2022 10:13:50 GMT
x-amz-apigw-id: UHm2vFTWoAMF5OA=
x-amzn-requestid: 345fa668-23af-4c43-8e45-0456336725bb

POST
H2 200 0 Show response
r.stripe.com/ Frame A922 0
127 B 520ms
312ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4aac866fe22798d8caa40ada6c1a4e9c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 22 Jun 2022 10:13:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A922 0
127 B 516ms
311ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4aac866fe22798d8caa40ada6c1a4e9c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 22 Jun 2022 10:13:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame A922 0
127 B 515ms
313ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4aac866fe22798d8caa40ada6c1a4e9c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 22 Jun 2022 10:13:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 10024418-10025485.js Show response
cdn-3.convertexperiments.com/js/ Frame B6C3 192 KB
60 KB 14ms
14ms Script
application/javascript 96.16.134.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-3.convertexperiments.com/js/10024418-10025485.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.134.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-134-166.deploy.static.akamaitechnologies.com

Software

Resource Hash

5f83317f036e0793608e7b3d15f936e04863f0d822903a75881e1938bdcd4ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://millionairepub.thrivecart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 10:13:50 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=80
strict-transport-security: max-age=15768000
content-length: 61214
x-privacy-policy: You can find our privacy policy at https://www.convert.com/privacy-notice/

POST
H2 200 0 Show response
r.stripe.com/ Frame A922 0
127 B 512ms
311ms XHR
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-4aac866fe22798d8caa40ada6c1a4e9c.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 22 Jun 2022 10:13:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 6 Show response
m.stripe.com/ Frame 142F 156 B
522 B 487ms
164ms XHR
application/json 52.34.194.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.34.194.100 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-194-100.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3c96cea15d5518326456a838dd62f5f6c7ddc1b4c7d6f5f55236a3eb75ec37cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 22 Jun 2022 10:13:50 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 heartbeat Show response
millionairepub.thrivecart.com/api/v1/statistics/ Frame B6C3 24 B
389 B 261ms
260ms XHR
application/json 3.90.135.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://millionairepub.thrivecart.com/api/v1/statistics/heartbeat?data%5Baccount_id%5D=11407&data%5Bviewer_id%5D=429583657636092557&data%5Bproduct_id%5D=26&data%5Btc_flow%5D=&data%5Btco%5D=&data%5Btcv%5D=&data%5Bping_id%5D=&data%5Buv%5D=8
Requested by: Host: tinder.thrivecart.com
URL: https://tinder.thrivecart.com/v22956b3cb5e6c114f488672477c4dec5cbf14285/embed/v1/common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.90.135.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-90-135-121.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 917db5df2a3aca1786d94bdc0f12147dc3b77ff9dbffc71373bc4a0804d68313

Request headers

Accept: application/json, text/javascript
Referer: https://millionairepub.thrivecart.com/26/?1=1&_embeddable=1&weet_sid=c2005de2-fb1a-47fb-9902-f260bfba5aab&funnel_id=cyr_wr&page_id=war-room-cart&email=gsheard%40bcbsm.com&utm_source=email&utm_medium=insert_bottom&utm_campaign=3BSOOF&utm_content=4514820&redir=y
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 22 Jun 2022 10:13:51 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://*.thrivecart.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.timsykes.com/	1970-01-20 12:43:48	Name: iterableEndUserId Value: gsheard%40bcbsm.com
.timsykes.com/	1970-01-20 03:59:39	Name: iterableEmailCampaignId Value: 4514820
.timsykes.com/	1970-01-20 03:59:39	Name: iterableTemplateId Value: 6136158
.timsykes.com/	1970-01-20 03:59:39	Name: iterableMessageId Value: f2fb46d26f0f4ded9a272c0739bdce59
links.timsykes.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 1e5ad2ef8bd6fb6e7c185b224717c09714b1687f-1655892827667-d900615663bca176302370a8
cryptorocketsalerts.com/	1969-12-31 23:59:59	Name: X-Mapping-oihobbed Value: FFAE417850257D74AEED7820DA2C4F6A
.cryptorocketsalerts.com/	1970-01-20 08:21:00	Name: _conv_v Value: vi%3A1sc%3A1cs%3A1655892829fs%3A1655892829pv%3A1
.cryptorocketsalerts.com/	1970-01-20 03:58:14	Name: _conv_s Value: si%3A1sh%3A1655892828514-0.005662039022298115pv%3A1
.cryptorocketsalerts.com/	1970-01-20 08:17:24	Name: _conv_r Value: s%3Aemailm%3Ainsert_bottomt%3A*c%3A3bsoof
cryptorocketsalerts.com/	1970-01-20 04:41:24	Name: sid Value: c2005de2-fb1a-47fb-9902-f260bfba5aab
cryptorocketsalerts.com/	1970-01-20 04:41:24	Name: fte Value: gsheard@bcbsm.com
cryptorocketsalerts.com/	1970-01-20 04:41:24	Name: fts Value: email
cryptorocketsalerts.com/	1970-01-20 04:41:24	Name: ftm Value: insert_bottom
cryptorocketsalerts.com/	1970-01-20 04:41:24	Name: ftca Value: 3BSOOF
cryptorocketsalerts.com/	1970-01-20 04:41:24	Name: ftco Value: 4514820
cryptorocketsalerts.com/	1970-01-20 04:41:24	Name: pid Value: war-room-cart
cryptorocketsalerts.com/	1970-01-20 04:41:24	Name: fid Value: cyr_wr
cryptorocketsalerts.com/	1970-01-22 22:42:14	Name: amp_uid Value: gsheard@bcbsm.com
.cryptorocketsalerts.com/	1970-01-23 19:34:12	Name: amplitude_id_f20f5ffa6dcc1a76609e1a5b37fc4bbbcryptorocketsalerts.com Value: eyJkZXZpY2VJZCI6IjJhNmU2NDFlLTUzZDktNDNkOC1iYjYzLThhZjg0YWZmMWYzOFIiLCJ1c2VySWQiOiJnc2hlYXJkQGJjYnNtLmNvbSIsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY1NTg5MjgyODc2OCwibGFzdEV2ZW50VGltZSI6MTY1NTg5MjgyODc3MiwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MSwic2VxdWVuY2VOdW1iZXIiOjJ9
.cryptorocketsalerts.com/	1970-01-20 21:29:24	Name: _ga Value: GA1.2.28566373.1655892829
.cryptorocketsalerts.com/	1970-01-20 03:59:39	Name: _gid Value: GA1.2.119855345.1655892829
.cryptorocketsalerts.com/	1970-01-20 03:58:12	Name: _gat_UA-111298202-10 Value: 1
.doubleclick.net/	1970-01-20 03:58:13	Name: test_cookie Value: CheckForPermission
.cryptorocketsalerts.com/	1970-01-27 11:10:12	Name: cf_36338_id Value: 324490ae-adce-4fb0-adac-c09df2666c35
.cryptorocketsalerts.com/	1969-12-31 23:59:59	Name: cf_36338_person_last_update Value: 1655892829177
.thrivecart.com/	1969-12-31 23:59:59	Name: thrivecart_v2 Value: q9moq0hdglempp0kmfd1egqsc4
millionairepub.thrivecart.com/	1970-01-20 04:41:24	Name: fid Value: cyr_wr
millionairepub.thrivecart.com/	1970-01-20 04:41:24	Name: pid Value: war-room-cart
millionairepub.thrivecart.com/	1970-01-20 04:41:24	Name: fte Value: gsheard@bcbsm.com
millionairepub.thrivecart.com/	1970-01-20 04:41:24	Name: fts Value: email
millionairepub.thrivecart.com/	1970-01-20 04:41:24	Name: ftm Value: insert_bottom
millionairepub.thrivecart.com/	1970-01-20 04:41:24	Name: ftca Value: 3BSOOF
millionairepub.thrivecart.com/	1970-01-20 04:41:24	Name: ftco Value: 4514820
millionairepub.thrivecart.com/	1970-01-20 04:41:24	Name: sid Value: c2005de2-fb1a-47fb-9902-f260bfba5aab
m.stripe.com/	1970-01-20 21:29:24	Name: m Value: e28dbab2-ba10-46f3-8eab-98c94bf43bce4cee68

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.amplitude.com
app.convertflow.co
cdn-3.convertexperiments.com
cdn.amplitude.com
cryptorocketsalerts.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hgevt001.cryptorocketsalerts.com
intof.io
js.convertflow.co
js.stripe.com
ky85ws0f10.execute-api.us-east-1.amazonaws.com
links.timsykes.com
m.stripe.com
m.stripe.network
maxcdn.bootstrapcdn.com
millionairepub.thrivecart.com
q.stripe.com
r.stripe.com
spark.thrivecart.com
timsykes-supernova.com
tinder.thrivecart.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
142.250.186.66
143.204.214.206
151.101.192.176
2606:4700:20::ac43:4770
2606:4700:3035::ac43:8879
2606:4700::6812:acf
2a00:1450:4001:801::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200e
2a00:1450:400e:811::200a
2a06:98c1:3120::3
3.218.62.178
3.90.135.121
44.239.247.156
52.34.194.100
54.156.254.128
54.186.23.98
54.187.119.242
54.83.133.90
65.9.66.18
65.9.66.29
96.16.134.166
99.86.4.76
0178efc1cd691a4412d88770fcca9ec0c7355669113c7b4d707fa4b21bb9df9c
03266bd2ee7f7efa219940ae4cb280c86fd71ed1a1c14dc9259e5f207ecc5f9f
053f4637e6693cd44af22da6130d2298e1dea144fdfcccebe4115935fa12c058
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
0a26fef0e357be97292a660af66e2d3feb74ea8aa40f8bf6abe499a41399b2d8
0b0e12db768dea860ca3ab97866d50d6f3f9cc5ac7f03ce3ee7145556d7c8a23
0c7ed17553f6c92ed218c5984a18b2dee9a628229a13e9f36f6873b08f8d0010
0ef4d6092480d42bd936a3cb56dcc72988c21fbd8a9003a32b67772aad17364f
1075582bf8cef63f6d823cfd9629237b402cb57091247e11e51cde381586eb5c
16728d621fbc75db0ee37a0aeca0b588162d1a0057cf9433d05e229518a5fb4d
1beb1ffc4631dc233334ae5761d9504dc38ede5e85ade396dcc35613ed146507
251fdcadce75ca82c08da7eef61e4bd0015431861f9d91fbbb9b2b603051b0d9
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
283c628ed6aa6a31be0b32457569448867fbe07baff0bbee2e656020e479d381
315ad4f60dc2f53e889b70c45ea86fd238d0dd7f944b035bb3f2d272f7a91257
324e9568da6ec886cdaf4c862ab61950060fa25939726adc0a25aadfed9ae50a
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
333a09adebdf648e8fa46284a3b6b4868eb0395ac8106b5d5dc4153e2c798774
3370f7b93fb5b9f3374cae2d032f0c189838f973a7bf685ec685d1745164b762
3c20ae5493ed1e32cde0e88466c38a8af055e1bbc7a1fc2999a1532562c2b19d
3c96cea15d5518326456a838dd62f5f6c7ddc1b4c7d6f5f55236a3eb75ec37cb
4028da4e65de4454ab391dca150c6ed693a868dc8b9151dbec5efbea75af0ee7
49f542f6b15c29f0dad8a9982664eac92652cd51da8e8592f8ecbaa7a3dff9ad
4f0f22abbe6c548a03d64cf7f3a3fffbf68a2a68d813ee11d4d13352a80d42a3
4ff40fb5a2aea4aee1a72ed5c530e9e6db69247d05424747e76343c82b827a7d
515b028b9295fd5571fb010ff1bb73f0ce070b3050e945b363fada81dacdfea6
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5764fa6f2fcc36ef4404db6a94e0eb27339474529841a85e4ae8f08eec29c09b
5acd1e76eab36ae57e68e66d401cde8c038308e10e28a533fc33696644f49b6b
5e515001321f61b8020d15e0f2ad617bd173bcb30de0e927ecfdd3e4d21a7d1f
5f83317f036e0793608e7b3d15f936e04863f0d822903a75881e1938bdcd4ee3
632bb9aa87c6d5a4e306ea26ba7120360eab83e1ba779be394d3bca4e2452478
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
667c3acb0917904bd49e8fbb630b4d776b96772494121d9dcb1a03b75d3cd610
66ebd781c901aae90ce4144c258bd42ebc192e98d5ca30cd76ad5dfc58800ef2
69f5c6a36a2c3779e8d124d8a02b4899a3b47e60169dfaf4a722a5a83f1c3df4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6f04bcf40e01ce3e80fbc56c19312c7b700322cf28863fb3d437ad3a75ce0450
701dbda9557d6b02fc18949822ce78cf2ff9e34aa22f878843daef83da2b9b47
703a0d2d286674489fe257551ad01817353e8f6275dcdd0535e9cb5092cbe55a
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b8c129bc7bd626c00626ce44d8b9171a8bdc4908a2e037183e3b36bb352f9eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8358fed89d6ac5c039c6a9f8c5b3c8c55231181562bd23164392fa20de3bc330
917db5df2a3aca1786d94bdc0f12147dc3b77ff9dbffc71373bc4a0804d68313
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91bf78345c55ec05de11377a4b3a8a5789ef302d73124a401cef84edbce178cd
989757984a5bfb0e922e7ce7fbb779eed0feda7cc273507dfd1b0ad959324ad8
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3f2d86d97ebc340f4fa01f3a64dfa09bdc26007a2896e182803b318c0fb5daa
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4d27e0d0c0172667e24d953344b058b7f16c6ef7dcc54a8910878f1d050cae
aa966d14d5e31f62d152301cc6dee961f94171d2eae54b77216f31b68207d775
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b2362f1c2a377dd386a3929b9fb2dc5fabfbc2a7f102e29009bfe09c6833849c
b565ed534c772bf8806d812da3d3997ca7d144c1663588a3d928d5b2a81da1c2
c3eb6a8edfabae5a1b88ce52d9d6b7816f7a64ff73580a3a8cff9744588f9fb4
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c53af9be44c73334e9e3bf0229fc0c12aad967841b914e4494652a4ba5f37677
c5b484dc69bb39ed8e5dc6e189a7d0ea9a33232ab83279320de51f5a3e3910c3
c69e891536bb25b9c636f6a5f1e377ba428a6d2e0c24822d60f77d972e6c6518
caf2756a13f8fee24efb8378994a43a44150c14fa06dc7ac372e24226b03c220
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
d92ac6c496a5c1f7ffd0fc9574cce0d9431764e851cb30e5a54283d42e21b67d
e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6997f451bbf8012dea5fb3b9f2e974a2f86861364126915097d81096392c800
eb58df192534d01efde401d27c4130029de09c7860184ea86669db46a6f1909f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9680676b66eebf37d28648e71984614f7754286a915dd7f62cc1c83d0496c5b
fa1cb237372d86c71a568f5fcd882d5470963e32ea235917147143fc0d7f5317
fb0ccb7be6110a4913b8ac50b37999c886f6e066fc42933b5c02eb6111b1b11e

cryptorocketsalerts.com Open in urlscan Pro 2606:4700:3035::ac43:8879 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

99 %HTTPS

46 %IPv6

21 Domains

30 Subdomains

28 IPs

3 Countries

1745 kBTransfer

5376 kBSize

35 Cookies

0 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cryptorocketsalerts.com Open in urlscan Pro
2606:4700:3035::ac43:8879 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

99 %
HTTPS

46 %
IPv6

21
Domains

30
Subdomains

28
IPs

3
Countries

1745 kB
Transfer

5376 kB
Size

35
Cookies

108 HTTP transactions
1 data transactions