investor-invasion.safechkout.net Open in urlscan Pro
209.170.211.182  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

• https://i.ontraport.com/21828.1a67476272aeaa36e86f6c58b9f6d7a1.PNG?ops=768 HTTP 302
• https://i.ontraport.com/21828.1a67476272aeaa36e86f6c58b9f6d7a1.PNG

Request Chain 34

• https://i.ontraport.com/21828.2a28a7cf2b7f1e73293299bcae94e234.PNG?ops=1200 HTTP 302
• https://i.ontraport.com/21828.2a28a7cf2b7f1e73293299bcae94e234.PNG

Request Chain 35

• https://i.ontraport.com/21828.c06a6d378d8d570b910a54e0d942b5f0.PNG?ops=1000 HTTP 302
• https://i.ontraport.com/21828.c06a6d378d8d570b910a54e0d942b5f0.PNG

Request Chain 36

• https://i.ontraport.com/21828.b2406a0d1f88c9dec7cc6ab5c9e545ab.PNG?ops=745 HTTP 302
• https://i.ontraport.com/21828.b2406a0d1f88c9dec7cc6ab5c9e545ab.PNG

Request Chain 37

• https://i.ontraport.com/21828.5973d8deb3ae286e8b99b35cadd7018b.PNG?ops=745 HTTP 302
• https://i.ontraport.com/21828.5973d8deb3ae286e8b99b35cadd7018b.PNG

Request Chain 38

• https://i.ontraport.com/21828.d84809fd91b5673a0a91e46eb69459a0.PNG?ops=745 HTTP 302
• https://i.ontraport.com/21828.d84809fd91b5673a0a91e46eb69459a0.PNG

Request Chain 39

• https://i.ontraport.com/21828.1b465cf02049e6bacfafccdd1fbef8b7.PNG?ops=768 HTTP 302
• https://i.ontraport.com/21828.1b465cf02049e6bacfafccdd1fbef8b7.PNG

Request Chain 50

• https://conversionfly.com/GPSI/a6.php?tc=1223&refurl=https%3A%2F%2Finvestor-invasion.safechkout.net%2Fedge%3Fmc_cid%3Dbd70b6f2fc%26mc_eid%3DUNIQID)&user=GPSI HTTP 302
• https://conversionfly.com/1x1.gif

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request edge Show response investor-invasion.safechkout.net/	125 KB 26 KB	728ms 420ms	Document text/html	209.170.211.182 ASN-FLEXENTIAL
General Check archive.org Show headers Download Go to Full URL https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 209.170.211.182 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US), Reverse DNS Software Ontraport / Resource Hash 47ec069a789a451b4fbef3ec10937cff9d2a81ba0d6230580769afa6f47c9325 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 18 Apr 2024 03:21:01 GMT P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Server Ontraport Transfer-Encoding chunked Vary Accept-Encoding Accept-Encoding Accept-Encoding X-op-ca 138.199.38.134
GET H/1.1	200 OK	cmc.js Show response cdn.clkmc.com/	20 KB 21 KB	60ms 7ms	Script application/javascript	13.32.99.48 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.clkmc.com/cmc.js Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.32.99.48 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-48.fra60.r.cloudfront.net Software nginx / Resource Hash d97ec039cd2fe452d4a13f9e62eeae176eeb827cbdbf3f0e9f24b0ccb44dce34 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 29 Mar 2024 20:40:59 GMT Via 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000 X-Permitted-Cross-Domain-Policies none X-Amz-Cf-Pop FRA60-P3 Age 1665602 X-Cache Hit from cloudfront Connection keep-alive Content-Length 20285 X-XSS-Protection 1; mode=block Pragma public Referrer-Policy strict-origin-when-cross-origin Last-Modified Fri, 29 Mar 2024 20:40:20 GMT Server nginx ETag "66072734-4f3d" Access-Control-Max-Age 300 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/javascript X-Frame-Options SAMEORIGIN Cache-Control max-age=2592000, public, no-transform Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type X-Amz-Cf-Id mlUHL4Ed1MTTAagShmTV-B0RAFXWhNWkDK_bMpP_TFJgvaP33dYBuQ== Expires Sun, 28 Apr 2024 20:40:59 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	219 KB 79 KB	43ms 22ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-10793098225 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bd6db334bcc09248fcfd3a585d0ec7efaa3554110180c33beba25921a4cc0d25 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 80142 x-xss-protection 0 last-modified Thu, 18 Apr 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 18 Apr 2024 03:21:01 GMT
GET H2	200	wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js Show response widget.wickedreports.com/v2/602/	422 B 798 B	46ms 7ms	Script text/javascript	18.172.112.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.wickedreports.com/v2/602/wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-58.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 0011caa87105379dd3c7b19f0a5671dc75de6e10ff84d6cacf214ff5495760f6 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 17 Apr 2024 07:43:11 GMT via 1.1 7b2737d1601ba8c676e6f68b6aa113d8.cloudfront.net (CloudFront) last-modified Tue, 03 Oct 2023 14:31:04 GMT server AmazonS3 x-amz-cf-pop FRA60-P8 age 70671 x-amz-server-side-encryption AES256 etag "b29408317c74a493f73f8f09bcff864a" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript accept-ranges bytes content-length 422 x-amz-cf-id ex7tfeMd7Xqr8aoqvW7VAkrllm-y4a2rmgaMagUX92VaENskWG3F8w==
GET		a.php conversionfly.com/GPSI/	0 0
GET H2	200	opt-styles.min.css optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/	472 KB 48 KB	55ms 28ms	Stylesheet text/css	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1713387634 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d04e1d59586098881e32430ff7615c60e53c0a0c22006963355136698503f66 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT content-encoding br cf-cache-status HIT age 6651 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.33.23 last-modified Wed, 17 Apr 2024 20:56:05 GMT server cloudflare etag W/"66203765-76086" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 876185b9ab691c8b-FRA expires Thu, 18 Apr 2024 11:21:01 GMT
GET H2	200	tracking.js Show response optassets.ontraport.com/	8 KB 3 KB	21ms 20ms	Script application/javascript	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/tracking.js Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4bd4db5489f52f092ac687a50c5afd570c768acad3636a0955149b949c4bb32f Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT content-encoding br cf-cache-status HIT age 5673 cf-polished origSize=12107 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.33.125 cf-bgj minify last-modified Wed, 17 Apr 2024 20:51:36 GMT server cloudflare etag W/"66203658-2f4b" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 876185b9eb9c1c8b-FRA expires Thu, 18 Apr 2024 11:21:01 GMT
GET H2	200	opt_default_image.png app.ontraport.com/images/	2 KB 2 KB	216ms 186ms	Image image/webp	172.64.146.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.ontraport.com/images/opt_default_image.png Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.146.119 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e52dfee8b8ea50c75794e755848a3b03f69f871832c8764f8e406e3f81104bfe Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT cf-cache-status REVALIDATED cf-polished origFmt=png, origSize=5891 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-disposition inline; filename="opt_default_image.webp" content-length 2058 x-op-ca 172.69.33.130 cf-bgj imgq:100,h2pri last-modified Wed, 17 Apr 2024 20:51:39 GMT server cloudflare etag "6620365b-1703" vary Accept access-control-allow-methods GET, POST, OPTIONS content-type image/webp access-control-allow-origin * cache-control public, max-age=1200 access-control-allow-credentials true accept-ranges bytes cf-ray 876185b9aaa73a9d-FRA expires Thu, 18 Apr 2024 03:41:01 GMT
GET H2	200	21828.5dfc7dccffa713553a58cbbf5fb329ab.PNG i.ontraport.com/	574 KB 575 KB	59ms 20ms	Image image/webp	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.ontraport.com/21828.5dfc7dccffa713553a58cbbf5fb329ab.PNG Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f279b0490a177e5147c06d88c5c162be7ec5ba219e287fc306d5d2e793939dc8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT via 1.1 72c8c6bd2753cbcc88d313a4f2598ff0.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop LHR50-P6 x-amz-request-id 4KBC3DAPY8RYH215 cf-polished origFmt=png, origSize=907970 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront age 24235 content-disposition inline; filename="21828.webp" content-length 587966 x-amz-id-2 xGfN/jg14wjif/WdzlcxkH0Jzufg9LHlo8ABra6frYLH5fH6Au8MQQliZZsoe0iV9dkXFYQoXus= cf-bgj imgq:85,h2pri last-modified Tue, 10 Oct 2023 18:18:33 GMT server cloudflare etag "ac1c7404e95e74985f9406b550603b90" vary Accept access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=2678400 accept-ranges bytes cf-ray 876185ba2dbd9f52-FRA x-amz-cf-id QnlE4LprDpessb3yyW9qMe42rYIATop8Eu5hkP8Bwmrm-8j8y2vDDQ== expires Sun, 19 May 2024 03:21:01 GMT
GET H2	200	anime.js Show response optassets.ontraport.com/opt_assets/static/js/	14 KB 6 KB	22ms 22ms	Script application/javascript	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/static/js/anime.js Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7150c03ffd06a64b39ed90b98d84d9bec76de87fe7828bf45570012fdf91c354 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT content-encoding br cf-cache-status HIT age 6338 cf-polished origSize=16752 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.33.77 cf-bgj minify last-modified Wed, 17 Apr 2024 20:51:42 GMT server cloudflare etag W/"6620365e-4170" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=1800 access-control-allow-credentials true cf-ray 876185b9db891c8b-FRA expires Thu, 18 Apr 2024 03:51:01 GMT
GET H2	200	jquery-3.2.1.min.js Show response optassets.ontraport.com/opt_assets/static/js/	85 KB 31 KB	27ms 25ms	Script application/javascript	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/static/js/jquery-3.2.1.min.js Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT content-encoding br cf-cache-status HIT age 2211 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.33.61 last-modified Wed, 17 Apr 2024 20:51:42 GMT server cloudflare etag W/"6620365e-15285" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=1800 access-control-allow-credentials true cf-ray 876185b9eb981c8b-FRA expires Thu, 18 Apr 2024 03:51:01 GMT
GET H2	200	opt-assets.js Show response optassets.ontraport.com/opt_assets/static/js/	367 KB 108 KB	35ms 33ms	Script application/javascript	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1713387634 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b54a04e5b234da2db53a33df3b024424a19f283af57f60eb661c22857c6ab201 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT content-encoding br cf-cache-status HIT age 6639 cf-polished origSize=377003 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.40.164 cf-bgj minify last-modified Wed, 17 Apr 2024 20:55:44 GMT server cloudflare etag W/"66203750-5c0ab" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=1800 access-control-allow-credentials true cf-ray 876185b9eb9a1c8b-FRA expires Thu, 18 Apr 2024 03:51:01 GMT
GET H2	200	custom-elements.min.js Show response optassets.ontraport.com/opt_assets/static/js/	18 KB 5 KB	26ms 24ms	Script application/javascript	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/static/js/custom-elements.min.js Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT content-encoding br cf-cache-status HIT age 1507 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.34.43 last-modified Wed, 17 Apr 2024 20:51:42 GMT server cloudflare etag W/"6620365e-47a8" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=1800 access-control-allow-credentials true cf-ray 876185b9eb9b1c8b-FRA expires Thu, 18 Apr 2024 03:51:01 GMT
GET H/1.1	200 OK	/ Show response www.clkmc.com/api/	26 B 709 B	777ms 186ms	XHR text/plain	44.241.73.155 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.clkmc.com/api/?uid=101868&vid=3458030827&hid=4159344535&vid_info=on&cmc_ref=orderpage79&utm_source=organic&version=2.40.00&utm_medium=organic&utm_campaign=none&disabled=0&cmc_project=Investor%20Invasion&page_url=https%3A%2F%2Finvestor-invasion.safechkout.net%2Fedge Requested by Host: cdn.clkmc.com URL: https://cdn.clkmc.com/cmc.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.73.155 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-73-155.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 2cf9b5ba7fd801d61e8a891c8234031c824ac2aabc42dc8399ec9e5debf018f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 03:21:02 GMT X-CM-FE httpfe-1 X-Content-Type-Options nosniff Server nginx X-Permitted-Cross-Domain-Policies none Access-Control-Max-Age 300 Access-Control-Allow-Methods GET, POST, OPTIONS P3P CP="This is not a P3P policy! See http://www.clkmc.com for more info." Access-Control-Allow-Origin https://investor-invasion.safechkout.net Content-Type text/plain; charset=UTF-8 Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Content-Length 26 X-XSS-Protection 1; mode=block
GET H2	200	gtm.js Show response www.googletagmanager.com/	173 KB 63 KB	24ms 23ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5NW398H Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 878bb9f14061c1382779a5f195de28bed8b648ae5c0f02935ab3e25c71100a42 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64463 x-xss-protection 0 last-modified Thu, 18 Apr 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 18 Apr 2024 03:21:01 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	223 KB 75 KB	26ms 26ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MGL2B6P Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 47cd5360550a0b776cac3280d48f5301fbe39baf799c3494651b238d8d305477 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 76953 x-xss-protection 0 last-modified Thu, 18 Apr 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 18 Apr 2024 03:21:01 GMT
GET H2	200	urlcheckJson.php Show response conversionfly.com/GPSI/	1 KB 810 B	528ms 494ms	Script text/html	2606:4700:20::ac43:4746 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://conversionfly.com/GPSI/urlcheckJson.php?callback=_conversionflyMagic.redirectCallback&url=https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.13, PleskLin Resource Hash cf148e3be7b390d6fc14578adfbe53a8758d31ad8040981a7c43511736bbc9c3 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:02 GMT content-encoding gzip ms-author-via DAV cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.13, PleskLin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=10SQhyRSUosok4R2IUqrbYSSnVYdgArFNF%2BZLHx4rOFqa2fLxXiqKW1Ksf9M%2BtZMlWg4uBcy%2BprYAUcAO%2Fw3ol6IQvZeRvCk1rsIXvxFZw%2B2%2BIL2Jvbqdjr2LDhndPVe87N25XIMtjRCNCHcFeHV"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin *, * cf-ray 876185ba2d214d5a-FRA
GET H2	200	a.php conversionfly.com/GPSI/	0 448 B	519ms 485ms	Image text/html	2606:4700:20::ac43:4746 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://conversionfly.com/GPSI/a.php?tc=43249904039924260000 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.13, PleskLin Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:02 GMT ms-author-via DAV cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.13, PleskLin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mnBLAnCC%2FOLOZUqsU1bC8NRXNQ40zZ%2BqJGLTiCVVLksI7MPOmkFpz9MlvHM8V7ee9SeQHEbyA7QmhAnmRWOADnwcSy1ZIO7ZZrWS7RzcMvuCo%2BPv4pBVBaCXkGfG2ZFVOClwGrzVES09ZwgZUN%2B8"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cf-ray 876185ba2d224d5a-FRA content-length 0
GET H2	200	roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2 optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/	49 KB 49 KB	205ms 189ms	Font application/octet-stream	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2 Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1713387634 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9dcacf1d025168ee2f84aaf40bad826f08b43c94db12eb59dbe2a06a3e98bfb2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1713387634 Origin https://investor-invasion.safechkout.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT cf-cache-status REVALIDATED last-modified Wed, 17 Apr 2024 20:51:42 GMT server cloudflare etag W/"6620365e-c4a4" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * content-type application/octet-stream cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 876185ba4ec59bc2-FRA x-op-ca 172.69.33.135 expires Thu, 18 Apr 2024 11:21:01 GMT
GET H2	200	roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2 optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/	49 KB 50 KB	198ms 182ms	Font application/octet-stream	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2 Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1713387634 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d4d175f498b00516c629ce8af152cbe745d73932fa58cc9fdfc8e4b49c0da368 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1713387634 Origin https://investor-invasion.safechkout.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT cf-cache-status REVALIDATED last-modified Wed, 17 Apr 2024 20:51:42 GMT server cloudflare etag W/"6620365e-c52c" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * content-type application/octet-stream cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 876185ba4ec69bc2-FRA x-op-ca 172.68.192.131 expires Thu, 18 Apr 2024 11:21:01 GMT
GET H3	200	inspectlet.js Show response cdn.inspectlet.com/	188 KB 63 KB	438ms 417ms	Script text/javascript	2606:4700:10::6816:39f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.inspectlet.com/inspectlet.js?wid=36371617&r=475947 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:39f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:02 GMT via 1.1 vegur content-encoding gzip cf-cache-status MISS nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} last-modified Thu, 18 Apr 2024 03:21:02 GMT server cloudflare vary Accept-Encoding report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713410461&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=%2FwpOJfyE%2FK%2FO8WWUxUwwwVgoMGQ9urnW4eYmhe0T3Mw%3D"}]} content-type text/javascript;charset=UTF-8 cache-control s-maxage=60, max-age=14400 cf-ray 876185ba4f6a1d94-FRA alt-svc h3=":443"; ma=86400 reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1713410461&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=%2FwpOJfyE%2FK%2FO8WWUxUwwwVgoMGQ9urnW4eYmhe0T3Mw%3D
GET H2	200	roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-500.woff2 optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/	50 KB 50 KB	186ms 185ms	Font application/octet-stream	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/roboto-v30-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-500.woff2 Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1713387634 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4fc8591cc545b7b4f70d80b085bf6577fad41d5d30ddd4f0d0c8ab792084c35e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1713387634 Origin https://investor-invasion.safechkout.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT cf-cache-status REVALIDATED last-modified Wed, 17 Apr 2024 20:51:42 GMT server cloudflare etag W/"6620365e-c6d4" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * content-type application/octet-stream cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 876185ba5ed29bc2-FRA x-op-ca 162.158.110.204 expires Thu, 18 Apr 2024 11:21:01 GMT
GET H2	200	work-sans-v18-vietnamese_latin-ext_latin-700.woff2 optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/	40 KB 40 KB	625ms 625ms	Font application/octet-stream	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/hosted_fonts/work-sans-v18-vietnamese_latin-ext_latin-700.woff2 Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1713387634 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a5e8b664cfbf77a904b55e9df3a51ece39e2f4d215d34b8ef66ebe046c1c200 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1713387634 Origin https://investor-invasion.safechkout.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:02 GMT cf-cache-status REVALIDATED last-modified Wed, 17 Apr 2024 20:51:42 GMT server cloudflare etag W/"6620365e-9f30" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * content-type application/octet-stream cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 876185ba5ed39bc2-FRA x-op-ca 172.69.33.141 expires Thu, 18 Apr 2024 11:21:02 GMT
GET H2	200	fontawesome-webfont.woff2 optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/	75 KB 76 KB	184ms 184ms	Font application/octet-stream	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/opt_boilerplates/fonts/fontawesome-webfont.woff2 Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1713387634 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css?1713387634 Origin https://investor-invasion.safechkout.net Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT cf-cache-status REVALIDATED last-modified Wed, 17 Apr 2024 20:51:42 GMT server cloudflare etag W/"6620365e-12d68" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * content-type application/octet-stream cache-control public, max-age=28800 access-control-allow-credentials true cf-ray 876185ba5ed49bc2-FRA x-op-ca 172.69.34.39 expires Thu, 18 Apr 2024 11:21:01 GMT
GET H2	200	logging.js Show response optassets.ontraport.com/opt_assets/static/js/	1023 B 584 B	51ms 50ms	Script application/javascript	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/static/js/logging.js Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1713387634 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 990f9545e109622866e56b8152c0ce6317c77ab9bf5851b2310f3e79b2096283 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT content-encoding br cf-cache-status HIT age 6004 cf-polished origSize=1923 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.33.251 cf-bgj minify last-modified Wed, 17 Apr 2024 20:51:42 GMT server cloudflare etag W/"6620365e-783" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=1800 access-control-allow-credentials true cf-ray 876185ba7be71c8b-FRA expires Thu, 18 Apr 2024 03:51:01 GMT
GET H2	200	document-register-element.js Show response optassets.ontraport.com/opt_assets/templates/custom-elements/document-register-element/build/	4 KB 2 KB	19ms 19ms	Script application/javascript	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/templates/custom-elements/document-register-element/build/document-register-element.js Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1713387634 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f529488b0a173e191a903d72f756f72d4d4da3f3574043048c06ef9a99afd59 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT content-encoding br cf-cache-status HIT age 3320 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.33.227 last-modified Wed, 17 Apr 2024 20:51:42 GMT server cloudflare etag W/"6620365e-ff6" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=300 access-control-allow-credentials true cf-ray 876185ba7be81c8b-FRA expires Thu, 18 Apr 2024 03:26:01 GMT
GET H2	200	moonrayform.paymentplandisplay.js Show response optassets.ontraport.com/opt_assets/static/js/	216 KB 54 KB	31ms 31ms	Script application/javascript	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/static/js/moonrayform.paymentplandisplay.js Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1713387634 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a31f514fd90fcdc0badd9223fcf4fa29ef0271e8e0805aeab4c678f035a0da6 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT content-encoding br cf-cache-status HIT age 6025 cf-polished origSize=220844 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.71.250.95 cf-bgj minify last-modified Wed, 17 Apr 2024 20:55:41 GMT server cloudflare etag W/"6620374d-35eac" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=1800 access-control-allow-credentials true cf-ray 876185ba7be91c8b-FRA expires Thu, 18 Apr 2024 03:51:01 GMT
GET H2	200	order-summary.js Show response optassets.ontraport.com/opt_assets/templates/custom-elements/ontraport-order-summary/dist/	15 KB 4 KB	21ms 21ms	Script application/javascript	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/templates/custom-elements/ontraport-order-summary/dist/order-summary.js Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1713387634 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c722bb93344865786410df2b82cbd1e50d2d8916ce40bd61872274454ff04c44 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT content-encoding br cf-cache-status HIT age 9835 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-op-ca 172.69.34.57 last-modified Wed, 17 Apr 2024 20:54:57 GMT server cloudflare etag W/"66203721-3d3f" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=300 access-control-allow-credentials true cf-ray 876185ba7bea1c8b-FRA expires Thu, 18 Apr 2024 03:26:01 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	293 KB 97 KB	27ms 27ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGL2B6P Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 864215218c54bc9738b69e7a46d7c5c1793d17d8370a60a1cae88985b005200d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 99250 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 18 Apr 2024 03:21:01 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	218 KB 59 KB	27ms 7ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 85f407912384186334577f65bf6bb88045bd96f5222d7c696cc71303d65c826a Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 18 Apr 2024 03:21:01 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57850 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2761, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug getBjzWfm0b0x9qk3McAWTqXVlm3ExpyWEc3B6y1Xwh/86Kgs5AT/t9XimJIJpFXh1VFMBrYpMyRQ+Suqud9Eg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	6 KB 3 KB	309ms 261ms	Script application/javascript	2.17.22.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKJ832JC77UF4DIA1ETG&lib=ttq Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.22.8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-22-8.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 8669b2bad6cc0dc2933f5de5cc2cf430b6ebd67d4a7aba2a37490c3bb651922d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id ce860bd.e9699e9 date Thu, 18 Apr 2024 03:21:02 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240418032102D60513C8ACFA433F74A3-3786B0B7246543E9-00 x-cache TCP_MISS from a2-17-22-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) x-parent-response-time 248,2.17.22.4 server-timing cdn-cache; desc=MISS, edge; dur=240, origin; dur=8, inner; dur=4 content-length 2010 pragma no-cache server nginx x-tt-logid 20240418032102D60513C8ACFA433F74A3 x-cache-remote TCP_MISS from a184-28-17-145.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 8,184.28.17.145 x-tt-trace-host 01ca5754d83224ad6ee886f811f6500308f6f33d01b4fc77f533cf432509a8f31eccee94cd811a5f7b57c0c19d4b5a4ff89082030437f3c1936c17d72bf9bc453c099480884e1d9170f503cc2f75bee995c4bff986be100f5b8320961d381fde1c697ddd3d07145795d5df244b44c7a8d8 expires Thu, 18 Apr 2024 03:21:02 GMT
GET H2	200	widget.js Show response widget.wickedreports.com/	25 KB 9 KB	7ms 7ms	Script application/javascript	18.172.112.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.wickedreports.com/widget.js Requested by Host: widget.wickedreports.com URL: https://widget.wickedreports.com/v2/602/wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-58.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 97f03aa7de4112351586ed0089fbd8d2c1b14f3031346b70c130d07b488b0e8b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 17 Apr 2024 13:22:02 GMT content-encoding gzip via 1.1 7b2737d1601ba8c676e6f68b6aa113d8.cloudfront.net (CloudFront) last-modified Wed, 17 Apr 2024 13:21:57 GMT server AmazonS3 x-amz-cf-pop FRA60-P8 age 50340 etag W/"a573e0323f255d4ff82173d608f94309" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id qr_l2cJei3CKC4Cdus-qL26hd5JzfRjqlqZDsbI4suTwR3LO0d8LOQ==
GET H2	200	logtxn_paths.json Show response optassets.ontraport.com/opt_assets/static/language_pack/paths/	1 KB 313 B	213ms 213ms	XHR application/json	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/static/language_pack/paths/logtxn_paths.json Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/static/js/moonrayform.paymentplandisplay.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0729d7e27f1ef1a862a5c7ae4e81e22df072ba11a9405fd836897c4ddbf3ab23 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:02 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 17 Apr 2024 20:51:42 GMT server cloudflare etag W/"6620365e-425" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * content-type application/json access-control-allow-credentials true cf-ray 876185baef159bc2-FRA x-op-ca 172.69.34.156
GET H2	200	logtxn_en-US.json Show response optassets.ontraport.com/opt_assets/static/language_pack/	48 KB 10 KB	197ms 196ms	XHR application/json	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://optassets.ontraport.com/opt_assets/static/language_pack/logtxn_en-US.json Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/opt_assets/static/js/moonrayform.paymentplandisplay.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6cf244986d9175a1f2b9c29e585a68e31d3a698982a8cb871ae6d89a064cad11 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:02 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 17 Apr 2024 20:51:42 GMT server cloudflare etag W/"6620365e-bf0b" vary Accept-Encoding, Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * content-type application/json access-control-allow-credentials true cf-ray 876185bc3fc09bc2-FRA x-op-ca 172.69.33.237
GET H2	200	21828.1a67476272aeaa36e86f6c58b9f6d7a1.PNG i.ontraport.com/ Redirect Chain https://i.ontraport.com/21828.1a67476272aeaa36e86f6c58b9f6d7a1.PNG?ops=768 https://i.ontraport.com/21828.1a67476272aeaa36e86f6c58b9f6d7a1.PNG	50 KB 51 KB	16ms 16ms	Image image/png	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.ontraport.com/21828.1a67476272aeaa36e86f6c58b9f6d7a1.PNG Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50ca4d042f42e4915da87470efb795878aac390e811f26909e33b2372c9cc6f1 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://investor-invasion.safechkout.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Thu, 18 Apr 2024 03:21:03 GMT via 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop DUS51-P1 x-amz-request-id FA9YTCTVBDD7DS61 cf-polished origSize=57638, status=webp_bigger age 282472 x-cache Miss from cloudfront content-length 51640 x-amz-id-2 WLO9EBgmusjlWoSVB91Qi4ncubweL7FS/YkWVm007bg541Asg6HoOvGPN3MrTvV6bInEAYDZa4Q= cf-bgj imgq:85,h2pri last-modified Thu, 21 Apr 2022 14:26:56 GMT server cloudflare etag "30bae422050556087571acf2c179ebd2" vary Accept-Encoding access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control public, max-age=2678400 accept-ranges bytes cf-ray 876185c4ac0a9f52-FRA x-amz-cf-id TZWgWmyBg4mbQClSgDOs88tvxrcbTSG6Fpl26mGaZ5sbfSxfo4dCOQ== expires Sun, 19 May 2024 03:21:03 GMT Redirect headers date Thu, 18 Apr 2024 03:21:02 GMT via 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-request-id SJK63FGSCXZ62S9G x-amz-cf-pop FRA60-P9 x-cache Hit from cloudfront content-length 0 x-amz-id-2 gbKPavL1v81Ni8aP2Q8wxSGI8Egpr9Od5hq66ho8DSvsh97XYAIvFq36gmghx5XkdK0z1lQnESU= server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type image/png access-control-allow-origin * location /21828.1a67476272aeaa36e86f6c58b9f6d7a1.PNG cache-control public, max-age=2678400 cf-ray 876185bdbf9b9f52-FRA x-amz-cf-id FkS5p9VlOvuSbNPldHCMFkZwWnwDa6pDADgKQeswWK3zqRTvKLFYiw== expires Sun, 19 May 2024 03:21:02 GMT
GET H2	200	21828.2a28a7cf2b7f1e73293299bcae94e234.PNG i.ontraport.com/ Redirect Chain https://i.ontraport.com/21828.2a28a7cf2b7f1e73293299bcae94e234.PNG?ops=1200 https://i.ontraport.com/21828.2a28a7cf2b7f1e73293299bcae94e234.PNG	631 KB 633 KB	19ms 19ms	Image image/webp	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.ontraport.com/21828.2a28a7cf2b7f1e73293299bcae94e234.PNG Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 335c6e4e28ef78d62a23693ed2f60ee466c39316d080983ad9d7c210655c819c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://investor-invasion.safechkout.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Thu, 18 Apr 2024 03:21:03 GMT via 1.1 e1af02661708034e962bd39b357a50aa.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA60-P9 x-amz-request-id B22EDS3HK8TY7N8R cf-polished origFmt=png, origSize=925472 age 16024 x-cache RefreshHit from cloudfront content-disposition inline; filename="21828.webp" content-length 646600 x-amz-id-2 mYbQD1myKK4czO+1fCxKLnf0gw3rbhog3Ut9v9hsV/3PJ8xn7hgnPFBFhKVPShLh3bH0NJ5dI5o= cf-bgj imgq:85,h2pri last-modified Wed, 27 Apr 2022 15:24:04 GMT server cloudflare etag "270dea1db0e03a894966f4a205ca35c8" vary Accept access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=2678400 accept-ranges bytes cf-ray 876185c77dc89f52-FRA x-amz-cf-id 0-Bgqf_G3dq90zud6-VG1ygpi0ywEguN88UwDx2RF2MizuxYvTwKGA== expires Sun, 19 May 2024 03:21:03 GMT Redirect headers date Thu, 18 Apr 2024 03:21:03 GMT via 1.1 ccd3e547bd5d86bbfbaca15b4307ce70.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-request-id 09VFX4YCSPBG0F2C x-amz-cf-pop FRA60-P9 x-cache Miss from cloudfront content-length 0 x-amz-id-2 i6dHYQECTJet/iw9tB09YZhBcCtqqaXqqkXfbmfr+5SA2oK23w5FPMgAKOyT0wV0QicarlQ84nQ= server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type image/png access-control-allow-origin * location /21828.2a28a7cf2b7f1e73293299bcae94e234.PNG cache-control public, max-age=2678400 cf-ray 876185bdbf9d9f52-FRA x-amz-cf-id 2w1I5A6cH8pQfXLCym07TU91im8pbIjxHYKaee0hvlI_pEG913lY1g== expires Sun, 19 May 2024 03:21:03 GMT
GET H2	200	21828.c06a6d378d8d570b910a54e0d942b5f0.PNG i.ontraport.com/ Redirect Chain https://i.ontraport.com/21828.c06a6d378d8d570b910a54e0d942b5f0.PNG?ops=1000 https://i.ontraport.com/21828.c06a6d378d8d570b910a54e0d942b5f0.PNG	1022 KB 1024 KB	1330ms 1330ms	Image image/png	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.ontraport.com/21828.c06a6d378d8d570b910a54e0d942b5f0.PNG Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb66185fcea754987fe0c61aa274907e51dde9291b448bb321de549decb963d4 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://investor-invasion.safechkout.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Thu, 18 Apr 2024 03:21:05 GMT via 1.1 d2c570942164f5ee69dab53f43b0f1d2.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-request-id B4YWJT0ESYZQ451H x-amz-cf-pop FRA60-P9 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 1046650 x-amz-id-2 jABMmDaYvpwLr+KXxO2VgZKdi73/QvqvQrHneL5eqCC4gec/ilHY4+f0dXNi/nVVe+nqtoWjct0= last-modified Tue, 20 Feb 2024 18:53:03 GMT server cloudflare etag "e1e2069983693ce3566e41c4150a4a93" vary Accept-Encoding access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control public, max-age=2678400 accept-ranges bytes cf-ray 876185c75da59f52-FRA x-amz-cf-id sByS18kQz72OM78YaDRARjL29KwnNJ5oJPDnx6tyq_m2ZeUIh7c4Mg== expires Sun, 19 May 2024 03:21:05 GMT Redirect headers date Thu, 18 Apr 2024 03:21:03 GMT via 1.1 9bd2938ceb90e1a35f549d1165e84676.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-request-id 09V1PJ5W1Q6AM7Z0 x-amz-cf-pop FRA60-P9 x-cache Miss from cloudfront content-length 0 x-amz-id-2 d5nA3lwv7pKNIt9C/3B5fyo9R6rGSoyBPZmH9EEpnqTZLog5I4I1f8/JBlrrIQ4fIHDt/AyN/tc= server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type image/png access-control-allow-origin * location /21828.c06a6d378d8d570b910a54e0d942b5f0.PNG cache-control public, max-age=2678400 cf-ray 876185bdbf9e9f52-FRA x-amz-cf-id MVxVttOtNFxMC0gZqxLXP4iiHEaTwNyz4J5NFSiemqyyMN0gXDfT5g== expires Sun, 19 May 2024 03:21:03 GMT
GET H2	200	21828.b2406a0d1f88c9dec7cc6ab5c9e545ab.PNG i.ontraport.com/ Redirect Chain https://i.ontraport.com/21828.b2406a0d1f88c9dec7cc6ab5c9e545ab.PNG?ops=745 https://i.ontraport.com/21828.b2406a0d1f88c9dec7cc6ab5c9e545ab.PNG	167 KB 168 KB	22ms 21ms	Image image/webp	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.ontraport.com/21828.b2406a0d1f88c9dec7cc6ab5c9e545ab.PNG Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5dd82d60c682da8dca4ba20254bdef4850040fbec3061fd4cea263da58fe66d9 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://investor-invasion.safechkout.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Thu, 18 Apr 2024 03:21:03 GMT via 1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA60-P9 x-amz-request-id B4YGWQGQ5RAEWBEF cf-polished origFmt=png, origSize=271835 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront age 16030 content-disposition inline; filename="21828.webp" content-length 171460 x-amz-id-2 BtU/nRa9JqldGLK6gzG58aj0bjork18b5Xtjr9+M5n+rPoVY/knw6rRI2r0g+uvDNzGjT6yRpkg= cf-bgj imgq:85,h2pri last-modified Tue, 20 Feb 2024 18:52:48 GMT server cloudflare etag "0ec57cd8863f83b2ca547d081c6712f8" vary Accept access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=2678400 accept-ranges bytes cf-ray 876185c4ac089f52-FRA x-amz-cf-id lTBU61xjSuYEtlNp_Vk0wuaQO2RcYXVif6l5U4HPdLPCM9zwuyNpxQ== expires Sun, 19 May 2024 03:21:03 GMT Redirect headers date Thu, 18 Apr 2024 03:21:02 GMT via 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-request-id 8XJ0S8DG3EFH7QTY x-amz-cf-pop FRA60-P9 x-cache Hit from cloudfront content-length 0 x-amz-id-2 uyZF9QfhTkyXrRH4QkM7wm8KSYyq5koHY+9o7PY0sP/6eLP31HGVoqSMms2p+WBx8RI6nmrP92s= server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type image/png access-control-allow-origin * location /21828.b2406a0d1f88c9dec7cc6ab5c9e545ab.PNG cache-control public, max-age=2678400 cf-ray 876185bdbf9f9f52-FRA x-amz-cf-id XXldcZpEaeSsBszEhz483VkGYdH07XHqVEXhT4PW8gxttBaG0g3OuA== expires Sun, 19 May 2024 03:21:02 GMT
GET H2	200	21828.5973d8deb3ae286e8b99b35cadd7018b.PNG i.ontraport.com/ Redirect Chain https://i.ontraport.com/21828.5973d8deb3ae286e8b99b35cadd7018b.PNG?ops=745 https://i.ontraport.com/21828.5973d8deb3ae286e8b99b35cadd7018b.PNG	379 KB 380 KB	18ms 17ms	Image image/webp	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.ontraport.com/21828.5973d8deb3ae286e8b99b35cadd7018b.PNG Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 026d8e3756c8560924c71e4eca6c2e901c72f6405c3c96f0299b2bb289dcc143 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://investor-invasion.safechkout.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Thu, 18 Apr 2024 03:21:03 GMT via 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA60-P9 x-amz-request-id 0EWN5K5R5RF52TXJ cf-polished origFmt=png, origSize=556647 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront age 16029 content-disposition inline; filename="21828.webp" content-length 388180 x-amz-id-2 g3iRRef1/9zCjY+922So027DxyvhyR27j0sPoS1e6ZSCcsqXPYh4d8OA99sq1zauPsodzzXydMg= cf-bgj imgq:85,h2pri last-modified Tue, 20 Feb 2024 18:52:53 GMT server cloudflare etag "ec634541f89b83b5670e00f2a71e49c5" vary Accept access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=2678400 accept-ranges bytes cf-ray 876185c4ac069f52-FRA x-amz-cf-id tVxCrmTObd4fPkJSmtUnxyKs9qg2iw6VkydWXtijtgJ5bg7GkGtRxg== expires Sun, 19 May 2024 03:21:03 GMT Redirect headers date Thu, 18 Apr 2024 03:21:02 GMT via 1.1 840e16b680c94fee8c48b15e01dda782.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-request-id 8XJD68SHQDKM93MK x-amz-cf-pop FRA60-P9 x-cache Hit from cloudfront content-length 0 x-amz-id-2 DCfH24we6eJrIcbgkdf+Fqz8tA6JTT4KIH3kHrJcUmsUdrzjo5oK/fB/1nB1MF9bMcyeI0KBMh8= server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type image/png access-control-allow-origin * location /21828.5973d8deb3ae286e8b99b35cadd7018b.PNG cache-control public, max-age=2678400 cf-ray 876185bdbfa09f52-FRA x-amz-cf-id 1_0dX3KyassrBIXLd81PI2GZxyFgYBLB_Dk9-w-cWWYktG3PhVPyqQ== expires Sun, 19 May 2024 03:21:02 GMT
GET H2	200	21828.d84809fd91b5673a0a91e46eb69459a0.PNG i.ontraport.com/ Redirect Chain https://i.ontraport.com/21828.d84809fd91b5673a0a91e46eb69459a0.PNG?ops=745 https://i.ontraport.com/21828.d84809fd91b5673a0a91e46eb69459a0.PNG	268 KB 269 KB	23ms 23ms	Image image/webp	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.ontraport.com/21828.d84809fd91b5673a0a91e46eb69459a0.PNG Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db7139527517d6848893d0641bcccc12d1b68872cb193451e728f4637dfc78f6 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://investor-invasion.safechkout.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Thu, 18 Apr 2024 03:21:03 GMT via 1.1 45e3ccd889272a7e8732f0eda13e87ca.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA60-P9 x-amz-request-id 5MC265T0KRCXTPFH cf-polished origFmt=png, origSize=424751 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront age 16030 content-disposition inline; filename="21828.webp" content-length 274658 x-amz-id-2 MANlvcExu7vxn0DTV6rY7xGTEBYxDJGdMLjf8pPx+NZHgYzgwfZYYfCFvC8AwFaWnfo/rs72dq4= cf-bgj imgq:85,h2pri last-modified Tue, 20 Feb 2024 18:52:51 GMT server cloudflare etag "2d2a9c546efd53933e4adeeaddfb3cbd" vary Accept access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=2678400 accept-ranges bytes cf-ray 876185c4ac079f52-FRA x-amz-cf-id 3nq5f57J6qrxQUlKiN-9xlS2TzMFjV3YY8jZvTw2RBbramsL8Q0NBw== expires Sun, 19 May 2024 03:21:03 GMT Redirect headers date Thu, 18 Apr 2024 03:21:02 GMT via 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-request-id V5RTSY1ZY7GBWDEA x-amz-cf-pop FRA60-P9 x-cache Hit from cloudfront content-length 0 x-amz-id-2 6olIOFLUZ/zgM7UmLO5ghR/DVd1nFlC13DqjSxALIukPoAFc7KEP7KL/qEBmvFt14jzuiHo+/nE= server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type image/png access-control-allow-origin * location /21828.d84809fd91b5673a0a91e46eb69459a0.PNG cache-control public, max-age=2678400 cf-ray 876185bdbfa19f52-FRA x-amz-cf-id h_uhwXgHEHTUrEMqpiLl_znVGKtARIZlG4-4dLRCn-yT9CIb54KSnQ== expires Sun, 19 May 2024 03:21:02 GMT
GET H2	200	21828.1b465cf02049e6bacfafccdd1fbef8b7.PNG i.ontraport.com/ Redirect Chain https://i.ontraport.com/21828.1b465cf02049e6bacfafccdd1fbef8b7.PNG?ops=768 https://i.ontraport.com/21828.1b465cf02049e6bacfafccdd1fbef8b7.PNG	136 KB 136 KB	23ms 23ms	Image image/webp	104.18.41.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.ontraport.com/21828.1b465cf02049e6bacfafccdd1fbef8b7.PNG Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Server 104.18.41.137 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b516d7c35a505d2596a2ac00490c30c7bd9858435cb9650c5b37b185e5d44161 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://investor-invasion.safechkout.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Thu, 18 Apr 2024 03:21:03 GMT via 1.1 af1c2193a818b5824fd85ddd651620a8.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA60-P9 x-amz-request-id PMNYFQ4C5FZ4WX3T cf-polished origFmt=png, origSize=185096 age 16029 x-cache Miss from cloudfront content-disposition inline; filename="21828.webp" content-length 138904 x-amz-id-2 jGPUzwVqGhHmG/hVvBDoQDmjQYyyfD6LPCW1roCvvdGYMJcu+Z81MfPVrWWoniwxfHOfSZ8dPkQ= cf-bgj imgq:85,h2pri last-modified Fri, 22 Apr 2022 14:05:59 GMT server cloudflare etag "3a933ca9392d689607b92e44b86d46d4" vary Accept access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control public, max-age=2678400 accept-ranges bytes cf-ray 876185c4ac099f52-FRA x-amz-cf-id WGRA2VuO6gErwvchfAntBoNRv-KftT4IJj9OIWK2r3DqRWsE-mzESg== expires Sun, 19 May 2024 03:21:03 GMT Redirect headers date Thu, 18 Apr 2024 03:21:02 GMT via 1.1 2e8126aebd83e92e3cf50c4f9c832912.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-request-id V5RR4HGZFKR3HG3Z x-amz-cf-pop FRA60-P9 x-cache Hit from cloudfront content-length 0 x-amz-id-2 rQ2iSEEU978L7K4LRHmGk1I8jAK5Iqlv0byU8n+UAF3gH1YTgVIfD2lnv1tTMPjXt3wVstQ3OGo= server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type image/png access-control-allow-origin * location /21828.1b465cf02049e6bacfafccdd1fbef8b7.PNG cache-control public, max-age=2678400 cf-ray 876185bdbfa29f52-FRA x-amz-cf-id PHxepBzArswgiO7dfpTYbFq5oW3KkNXG3M1xyXZkr5OQFgIsNoES8A== expires Sun, 19 May 2024 03:21:02 GMT
GET H2	200	1357489168502278 Show response connect.facebook.net/signals/config/	65 KB 14 KB	88ms 87ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1357489168502278?v=2.9.154&r=stable&domain=investor-invasion.safechkout.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 8b1389bd063040d39bc36c79b969d5e90d93e4366776f018665c2beef483a51d Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 18 Apr 2024 03:21:02 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1326, tbw=63179, tp=-1, tpl=-1, uplat=80, ullat=0 pragma public x-fb-debug AVMRbr++asUssMdsQFo4+iSm/iJTOLcYZ37IpwmxQRs+0rbcO0peWf+Wy7273edK0f8ahxw4jUGfU6Dt9gM5hg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	main.MTFhN2NkNDczMQ.js Show response analytics.tiktok.com/i18n/pixel/static/	431 KB 114 KB	14ms 14ms	Script application/javascript	2.17.22.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKJ832JC77UF4DIA1ETG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.22.8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-22-8.deploy.static.akamaitechnologies.com Software nginx / Resource Hash ed6d3879e83eea603a014f1a6918ebfbec89aa7abc0abc1a51daee288a10715f Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id e969b07 date Thu, 18 Apr 2024 03:21:02 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 2024040812453852661685282FAA785322 x-tt-trace-id 00-24040812453852661685282FAA785322-4111CA2CEF9FB376-00 vary Accept-Encoding x-cache TCP_HIT from a2-17-22-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01d46e2a9ddfeb0dbba18d4736236158abf86c0ea9f7ed69a3223d8dea49eec19a5bd143d4aeabd81b5c5f76a82b60ae698aa1e3581a235a03212a1b00fa78c51637c11aa9e096191a7db86c0d4fb6dfbf17dee3da472d7d2ebd9388bbfcd1ff74 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=70 content-length 116026
POST H2	204	collect region1.analytics.google.com/g/	0 256 B	42ms 14ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-8SJNWV4ZSP&gtm=45je44f0v878195527z8870991869za200&_p=1713410461741&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1897830572.1713410462&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713410462&sct=1&seg=0&dl=https%3A%2F%2Finvestor-invasion.safechkout.net%2Fedge%3Fmc_cid%3Dbd70b6f2fc%26mc_eid%3DUNIQID)&dt=Join%20Investor%20Invasion%20Today!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1466 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 18 Apr 2024 03:21:02 GMT server Golfe2 content-type text/plain access-control-allow-origin https://investor-invasion.safechkout.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 256 B	57ms 16ms	Ping text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8SJNWV4ZSP&cid=1897830572.1713410462&gtm=45je44f0v878195527z8870991869za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 18 Apr 2024 03:21:02 GMT server Golfe2 content-type text/plain access-control-allow-origin https://investor-invasion.safechkout.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	a www.googletagmanager.com/	0 11 B	15ms 14ms	Image text/html	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=G-8SJNWV4ZSP&v=3&t=t&pid=153179819&cv=1&rv=44f0&tc=22&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=investor-invasion.safechkout.net%2Fedge&tdp=G-8SJNWV4ZSP;78195527;1;6;0&rtg=70991869&rlo=13&slo=9&z=0 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:02 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	204	td www.googletagmanager.com/	0 15 B	15ms 13ms	Image image/gif	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/td?id=G-8SJNWV4ZSP&v=3&t=t&pid=153179819&cv=1&rv=44f0&tc=22&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=investor-invasion.safechkout.net%2Fedge&tdp=G-8SJNWV4ZSP;78195527;1;6;0&rtg=70991869&rlo=13&slo=9&z=0 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 18 Apr 2024 03:21:02 GMT server Golfe2 content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	a www.googletagmanager.com/	0 11 B	15ms 14ms	Image text/html	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=G-8SJNWV4ZSP&v=3&t=t&pid=153179819&cv=1&rv=44f0&tc=22&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaadslink.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ccdautoredact.2ccdgalast&z=0 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:02 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	33ms 16ms	Image image/gif	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8SJNWV4ZSP&cid=1897830572.1713410462&gtm=45je44f0v878195527z8870991869za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=110121918 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 18 Apr 2024 03:21:02 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	a www.googletagmanager.com/	0 11 B	15ms 15ms	Image text/html	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=G-8SJNWV4ZSP&v=3&t=t&pid=153179819&cv=1&rv=44f0&tc=22&es=1&e=gtag.config&eid=1&u=AAAAAAAAAAAAACA&h=Ag&epr=1G.2G&tr=1gct&ti=1gct&z=0 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:02 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	a www.googletagmanager.com/	0 11 B	16ms 15ms	Image text/html	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=G-8SJNWV4ZSP&v=3&t=t&pid=153179819&cv=1&rv=44f0&tc=22&es=1&e=gtag.config&eid=2&u=AAAAAAAAAAAAACA&h=Ag&z=0 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:02 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	1x1.gif Show response conversionfly.com/ Redirect Chain https://conversionfly.com/GPSI/a6.php?tc=1223&refurl=https%3A%2F%2Finvestor-invasion.safechkout.net%2Fedge%3Fmc_cid%3Dbd70b6f2fc%26mc_eid%3DUNIQID)&user=GPSI https://conversionfly.com/1x1.gif	43 B 448 B	480ms 479ms	XHR image/gif	2606:4700:20::ac43:4746 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://conversionfly.com/1x1.gif Requested by Host: conversionfly.com URL: https://conversionfly.com/GPSI/urlcheckJson.php?callback=_conversionflyMagic.redirectCallback&url=https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://investor-invasion.safechkout.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Thu, 18 Apr 2024 03:21:03 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PleskLin content-length 43 ms-author-via DAV last-modified Mon, 07 Mar 2022 20:20:36 GMT x-accel-version 0.01 server cloudflare etag "2b-5d9a698e6a233" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uDwawYX9RynSChNDLE8%2FTbeqim0fn5p6FQ3MXiNKSB6Ni%2FcMUREWMjdYwmqxW5JvaLaztVQ8rJVARUrZwgifXog8j79lGIi1ZarTolbllfL3J9MiTod38PwGD2RjkaJp0Zbh9pCmn%2Bqjv5tEt3bz"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 876185c19d702ba6-FRA Redirect headers date Thu, 18 Apr 2024 03:21:02 GMT ms-author-via DAV cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.13, PleskLin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vqu%2Bk0BVgWzS7ZyhljRftfwFNBHWsIH5dOAEczS%2B99uQebvsQpj6UHdODqq6atU91PEBAoDhKZRCLQz5WpdWhK2udhb1%2B1CrVN9BLLDUOLGFq4%2FXzW1Yq0ErJpW9uuDXVEWdmEC%2BMauL6QPiU6a%2B"}],"group":"cf-nel","max_age":604800} p3p CP="NOI DSP COR NID CUR OUR NOR" location https://conversionfly.com/1x1.gif access-control-allow-origin * content-type text/html; charset=UTF-8 cf-ray 876185be2b1f2ba6-FRA content-length 0
GET H2	200	url-check.php Show response conversionfly.com/GPSI/cfly-callbacks/magic/	53 B 378 B	1014ms 1014ms	Script text/html	2606:4700:20::ac43:4746 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://conversionfly.com/GPSI/cfly-callbacks/magic/url-check.php?pause=&callback=_conversionflyMagic.redirectCallback&url=https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID)&referrer= Requested by Host: conversionfly.com URL: https://conversionfly.com/GPSI/urlcheckJson.php?callback=_conversionflyMagic.redirectCallback&url=https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.13, PleskLin Resource Hash d99393877213e78fe05555f3394ea3c929df046b2c0384fc54679753a10eb342 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:04 GMT content-encoding gzip ms-author-via DAV cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.13, PleskLin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PF9VkY9Usz6Ga3eJG4U2xqjsZB4h6Qr4vVKorMBXiIWBTouMERGZTg4PIdVOfAdFNLtnTOByj%2FA9xZRLTF2V8XrngcG0O32LAxucoBY%2FkC2YVkpjN8OD6PR9V0xc1%2FV9NW5PdK%2BznI3fGF3M8UJD"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cf-ray 876185c49bd54d5a-FRA
GET H3	200	a www.googletagmanager.com/	0 11 B	14ms 14ms	Image text/html	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=G-8SJNWV4ZSP&v=3&t=t&pid=153179819&cv=1&rv=44f0&tc=22&es=1&e=gtm.dom&eid=5&u=AAAAAAAAAAAAACA&h=Ag&z=0 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:03 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	a www.googletagmanager.com/	0 11 B	14ms 14ms	Image text/html	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=G-8SJNWV4ZSP&v=3&t=t&pid=153179819&cv=1&rv=44f0&tc=22&e=gtm.init&eid=0&u=AAAAAAAAAAAAACA&h=Ag&tr=5ogt1pdatav2.5ccdgafirst.5setproductsettings.5ccdgaadslink.5ogtgooglesignals.5ccdgaregscope.5ccdemdownload.5ccdemoutboundclick.5ccdempageview.5ccdemscroll.5ccdemsitesearch.5ccdemvideo.5ccdconversionmarking.5ogteventcreate.5ogteventcreate.5ogteventcreate.5ogteventcreate.5ogteventcreate.5ogteventcreate.5ccdautoredact.5ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ccdautoredact.2ccdgalast&z=0 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:03 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	/ www.facebook.com/tr/	0 273 B	31ms 6ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1357489168502278&ev=PageView&dl=https%3A%2F%2Finvestor-invasion.safechkout.net%2Fedge%3Fmc_cid%3Dbd70b6f2fc%26mc_eid%3DUNIQID)&rl=&if=false&ts=1713410463471&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1713410463470.1134111525&cs_est=true&ler=empty&cdl=API_unavailable&it=1713410462372&coo=false&rqm=GET Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1326, tbw=2754, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 18 Apr 2024 03:21:03 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H3	200	36371617 Show response hn.inspectlet.com/ginit/	212 B 837 B	246ms 236ms	XHR application/json	2606:4700:10::6816:39f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hn.inspectlet.com/ginit/36371617 Requested by Host: cdn.inspectlet.com URL: https://cdn.inspectlet.com/inspectlet.js?wid=36371617&r=475947 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:39f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 75153882740d5a6c6ff4bb3d3befcc047859faf9b60e62a58dcf5934eaa42f2e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept application/json, text/javascript, */*; q=0.01 Referer https://investor-invasion.safechkout.net/ sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:03 GMT via 1.1 vegur content-encoding gzip cf-cache-status DYNAMIC nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} x-powered-by Express alt-svc h3=":443"; ma=86400 reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1713410463&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=ztE9b0WkdsVlSwC3kOOrJMZ1Hh%2B8kFqUlum9n86Wu1I%3D server cloudflare etag W/"d4-JjjxfxbQpPodQIMeKh8E9g" report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713410463&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=ztE9b0WkdsVlSwC3kOOrJMZ1Hh%2B8kFqUlum9n86Wu1I%3D"}]} content-type application/json; charset=utf-8 access-control-allow-origin https://investor-invasion.safechkout.net access-control-allow-methods GET, POST cache-control no-cache access-control-allow-credentials true cf-ray 876185c4dcce1d94-FRA access-control-allow-headers X-Requested-With, Content-Type
GET H2	200	identify_38a7e.js Show response analytics.tiktok.com/i18n/pixel/static/	139 KB 37 KB	14ms 14ms	Script application/javascript	2.17.22.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_38a7e.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.22.8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-22-8.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id e969c52 date Thu, 18 Apr 2024 03:21:03 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 2024040812453952661685282FAA7853BD x-tt-trace-id 00-24040812453952661685282FAA7853BD-617A42CFF7425236-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a2-17-22-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01d46e2a9ddfeb0dbba18d4736236158abf86c0ea9f7ed69a3223d8dea49eec19a5bd143d4aeabd81b5c5f76a82b60ae69f3d82200b7e68136c80f58770def1644aaa7772dea80d311d27eb323c383246a6042e0c3546f258c32c640d63f023059 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2 content-length 37116
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 837 B	255ms 255ms	Ping text/plain	2.17.22.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.22.8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-22-8.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 483dab7.e969c58 date Thu, 18 Apr 2024 03:21:03 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2404180321037050E2D7B8C74929DA0A-625E0CC85E333F4B-00 x-cache TCP_MISS from a2-17-22-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) x-parent-response-time 238,2.17.22.4 server-timing cdn-cache; desc=MISS, edge; dur=210, origin; dur=34, inner; dur=26 content-length 0 pragma no-cache server nginx x-tt-logid 202404180321037050E2D7B8C74929DA0A x-cache-remote TCP_MISS from a23-201-31-197.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 34,23.201.31.197 x-tt-trace-host 01ca5754d83224ad6ee886f811f6500308989fab913743c5ffabe1ebfe99a0fa0bcbb8d3561e14687868c929a3cd6c89cf39030fbd5713c0b5b305e842f935e9ead22c29b8366b8a1c2a1c9ead64a06e75ae7aed40bed98462b9cd43152b3792451f1d223e9e36c28c8d232f5cc4a4fca3 access-control-allow-headers Authorization,* expires Thu, 18 Apr 2024 03:21:03 GMT
POST H3	200	getfid Show response hn.inspectlet.com/	18 B 678 B	226ms 213ms	XHR application/json	2606:4700:10::ac43:aac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hn.inspectlet.com/getfid Requested by Host: cdn.inspectlet.com URL: https://cdn.inspectlet.com/inspectlet.js?wid=36371617&r=475947 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:aac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash be11258e361959a183e29c26b38c5de94dce7befb0a4cf5e568d91b8d36c873d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept application/json, text/javascript, */*; q=0.01 Referer https://investor-invasion.safechkout.net/ sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:03 GMT via 1.1 vegur cf-cache-status DYNAMIC nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} x-powered-by Express alt-svc h3=":443"; ma=86400 content-length 18 reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1713410463&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=ztE9b0WkdsVlSwC3kOOrJMZ1Hh%2B8kFqUlum9n86Wu1I%3D server cloudflare etag W/"12-DtPMuvERe2amwWdJHi/jow" report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713410463&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=ztE9b0WkdsVlSwC3kOOrJMZ1Hh%2B8kFqUlum9n86Wu1I%3D"}]} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-methods GET, POST cache-control no-cache cf-ray 876185c66c8237f2-FRA access-control-allow-headers X-Requested-With, Content-Type
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 838 B	253ms 253ms	Ping text/plain	2.17.22.8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.22.8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-22-8.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 27fda627.e969c88 date Thu, 18 Apr 2024 03:21:04 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240418032103FED79C837C30AE283A30-727D1D33463FFDC2-00 x-cache TCP_MISS from a2-17-22-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) x-parent-response-time 235,2.17.22.4 server-timing cdn-cache; desc=MISS, edge; dur=216, origin; dur=25, inner; dur=22 content-length 0 pragma no-cache server nginx x-tt-logid 20240418032103FED79C837C30AE283A30 x-cache-remote TCP_MISS from a23-48-100-209.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 25,23.48.100.209 x-tt-trace-host 01ca5754d83224ad6ee886f811f65003081f9adbc944d9c2738a3cf71a9115f1305381d88b85c8238a703aa1fab49e4de1b57c1e424ca742903ada338c48cf1aaa523a5b75969ea0a4459a4f7b760479716a9705c7e883da43a0592ceee7d3c59f20f864318f77443ec042cfd1099b27ab access-control-allow-headers Authorization,* expires Thu, 18 Apr 2024 03:21:04 GMT
GET H3	200	fa hn.inspectlet.com/	35 B 570 B	202ms 201ms	Image image/gif	2606:4700:10::6816:39f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hn.inspectlet.com/fa?w=36371617&r=1231707858&farc=1&isfpayload=eyJmb3JtaWQiOjExMjY4ODQzNjcsIm10Ijoic2VlbiIsInYiOjF9&isfnum=1&isftotal=1&rrtn=1713410463957 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:39f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:04 GMT via 1.1 vegur cf-cache-status DYNAMIC nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} server cloudflare x-powered-by Express report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713410464&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=0jpeejS7Z5U2R2FZVvA1ZihueL9E27jr%2FmclxuyN0LY%3D"}]} cache-control no-cache cf-ray 876185c7ce791d94-FRA alt-svc h3=":443"; ma=86400 content-length 35 reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1713410464&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=0jpeejS7Z5U2R2FZVvA1ZihueL9E27jr%2FmclxuyN0LY%3D
GET H3	200	fa hn.inspectlet.com/	35 B 570 B	206ms 206ms	Image image/gif	2606:4700:10::6816:39f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hn.inspectlet.com/fa?w=36371617&r=1231707858&farc=2&isfpayload=W3siZm9ybWlkIjoxMTI2ODg0MzY3LCJtdCI6InNlZW4iLCJpaWQiOiJbXCJpZFwiLFwibzJlNGQ5ZWM0NWIyNC1maXJzdG5hbWVcIl0iLCJpcG9zIjozNjMsInYiOiIwIn0seyJmb3JtaWQiOjExMjY4ODQzNjcsIm10Ijoic2VlbiIsImlpZCI6IltcImlkXCIsXCJvMmU0ZDllYzQ1YjI0LWxhc3RuYW1lXCJdIiwiaXBvcyI6MzcxLCJ2IjoiMCJ9LHsiZm9ybWlkIjoxMTI2ODg0MzY3LCJtdCI6InNlZW4iLCJpaWQiOiJbXCJpZFwiLFwibzJlNGQ5ZWM0NWIyNC1lbWFpbFwiXSIsImlwb3MiOjM4MCwidiI6IjAifSx7ImZvcm1pZCI6MTEyNjg4NDM2NywibXQiOiJzZWVuIiwiaWlkIjoiW1wiaWRcIixcIm8yZTRkOWVjNDViMjQtZjEzNTlcIl0iLCJpcG9zIjozODksInYiOiIwIn0seyJmb3JtaWQiOjExMjY4ODQzNjcsIm10Ijoic2VlbiIsImlpZCI6IltcImlkXCIsXCJvMmU0ZDllYzQ1YjI0LWFkZHJlc3NcIl0iLCJpcG9zIjozOTgsInYiOiIwIn0seyJmb3JtaWQiOjExMjY4ODQzNjcsIm10Ijoic2VlbiIsImlpZCI6IltcImlkXCIsXCJvMmU0ZDllYzQ1YjI0LXBheW1lbnRfbmFtZVwiXSIsImlwb3MiOjQwNywidiI6IjAifSx7ImZvcm1pZCI6MTEyNjg4NDM2NywibXQiOiJzZWVuIiwiaWlkIjoiW1wiaWRcIixcIm8yZTRkOWVjNDViMjQtcGF5bWVudF9udW1iZXJcIl0iLCJpcG9zIjo0MTYsInYiOiIwIn0seyJmb3JtaWQiOjExMjY4ODQzNjcsIm10Ijoic2VlbiIsImlwb3MiOjQyNiwidiI6IjAifSx7ImZvcm1pZCI6MTEyNjg4NDM2NywibXQiOiJzZWVuIiwiaWlkIjoiW1wiaWRcIixcIm8yZTRkOWVjNDViMjQtcGF5bWVudF9leHBpcmVfbW9udGhcIl0iLCJpcG9zIjo0NTcsInYiOiIwIn0seyJmb3JtaWQiOjExMjY4ODQzNjcsIm10Ijoic2VlbiIsImlwb3MiOjQ3OCwidiI6IjAifSx7ImZvcm1pZCI6MTEyNjg4NDM2NywibXQiOiJzZWVuIiwiaWlkIjoiW1wiaWRcIixcIm8yZTRkOWVjNDViMjQtcGF5bWVudF9leHBpcmVfeWVhclwiXSIsImlwb3MiOjUzNywidiI6IjAifSx7ImZvcm1pZCI6MTEyNjg4NDM2NywibXQiOiJzZWVuIiwiaWlkIjoiW1wiaWRcIixcIm8yZTRkOWVjNDViMjQtcGF5bWVudF9jb2RlXCJdIiwiaXBvcyI6NTcyLCJ2IjoiMCJ9LHsiZm9ybWlkIjoxMTI2ODg0MzY3LCJtdCI6InNlZW4iLCJpcG9zIjo1ODMsInYiOiIwIn0seyJmb3JtaWQiOjExMjY4ODQzNjcsIm10Ijoic2VlbiIsImlwb3MiOjU5OCwidiI6IjAifSx7ImZvcm1pZCI6MTEyNjg4NDM2NywibXQiOiJzZWVuIiwiaWlkIjoiW1wiaWRcIixcIm8yZTRkOWVjNDViMjQtZjE3NDVcIl0iLCJpcG9zIjo2MzksInYiOiIwIn1d&isfnum=1&isftotal=1&rrtn=1713410463961 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:39f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:04 GMT via 1.1 vegur cf-cache-status DYNAMIC nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} server cloudflare x-powered-by Express report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713410464&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=0jpeejS7Z5U2R2FZVvA1ZihueL9E27jr%2FmclxuyN0LY%3D"}]} cache-control no-cache cf-ray 876185c7ce7c1d94-FRA alt-svc h3=":443"; ma=86400 content-length 35 reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1713410464&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=0jpeejS7Z5U2R2FZVvA1ZihueL9E27jr%2FmclxuyN0LY%3D
GET H3	200	a www.googletagmanager.com/	0 11 B	14ms 13ms	Image text/html	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=G-8SJNWV4ZSP&v=3&t=t&pid=153179819&cv=1&rv=44f0&tc=22&e=gtag.config&eid=1&u=AAAAAAAAAAAAACA&h=Ag&tr=5gct&ti=1gct&z=0 Requested by Host: investor-invasion.safechkout.net URL: https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:03 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H/1.1	200 OK	track.php Show response tracking.ontraport.com/	774 B 1 KB	517ms 189ms	Script text/html	209.170.211.179 ASN-FLEXENTIAL
General Check archive.org Show headers Download Go to Full URL https://tracking.ontraport.com/track.php?mid=21828&llc=https%253A%252F%252Finvestor-invasion.safechkout.net%252Fedge%253Fmc_cid%253Dbd70b6f2fc%2526mc_eid%253DUNIQID)&first_visit=1&referral_page=&s=r5b4kypwvwzxzzmthd26&l=investor-invasion.safechkout.net/edge&ti=Join%20Investor%20Invasion%20Today!&forms%5Bp2c21828lp535.0.bida45305f5-de81-cb12-19b0-2e4d9ec45b24%5D=0&is_unique=1 Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/tracking.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 209.170.211.179 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US), Reverse DNS mail9.ontramail.com Software ONTRAport / Resource Hash 6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 03:21:05 GMT Content-Encoding gzip Server ONTRAport Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding, Accept-Encoding P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html; charset=UTF-8 X-op-release 3 Access-Control-Allow-Credentials true Connection keep-alive X-op-class hosted X-op-ca 138.199.38.134
GET H/1.1	200 OK	track.php Show response tracking.ontraport.com/	774 B 1 KB	527ms 200ms	Script text/html	209.170.211.179 ASN-FLEXENTIAL
General Check archive.org Show headers Download Go to Full URL https://tracking.ontraport.com/track.php?mid=21828_lp535.0_2&llc=https%253A%252F%252Finvestor-invasion.safechkout.net%252Fedge%253Fmc_cid%253Dbd70b6f2fc%2526mc_eid%253DUNIQID)&s=r5b4kypwvwzxzzmthd26&l=investor-invasion.safechkout.net/edge&ti=Join%20Investor%20Invasion%20Today!&forms%5Bp2c21828lp535.0.bida45305f5-de81-cb12-19b0-2e4d9ec45b24%5D=0&is_unique=1 Requested by Host: optassets.ontraport.com URL: https://optassets.ontraport.com/tracking.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 209.170.211.179 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US), Reverse DNS mail9.ontramail.com Software ONTRAport / Resource Hash 6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 03:21:05 GMT Content-Encoding gzip Server ONTRAport Transfer-Encoding chunked Vary Accept-Encoding, Accept-Encoding, Accept-Encoding P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html; charset=UTF-8 X-op-release 3 Access-Control-Allow-Credentials true Connection keep-alive X-op-class hosted X-op-ca 138.199.38.134
GET H/1.1	404 Not Found	favicon.ico investor-invasion.safechkout.net/	552 B 927 B	152ms 152ms	Other text/html	209.170.211.182 ASN-FLEXENTIAL
General Check archive.org Show headers Download Go to Full URL https://investor-invasion.safechkout.net/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 209.170.211.182 Las Vegas, United States, ASN13649 (ASN-FLEXENTIAL, US), Reverse DNS Software Ontraport / Resource Hash a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/edge?mc_cid=bd70b6f2fc&mc_eid=UNIQID) Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 03:21:05 GMT Server Ontraport Access-Control-Allow-Methods GET, POST, OPTIONS P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type text/html Access-Control-Allow-Credentials true Connection keep-alive Content-Length 552 X-op-ca 138.199.38.134
GET H3	200	a www.googletagmanager.com/	0 11 B	13ms 13ms	Image text/html	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=G-8SJNWV4ZSP&v=3&t=t&pid=153179819&cv=1&rv=44f0&tc=22&es=1&e=gtm.load&eid=11&u=AAAAAAAAAAAAACA&h=Ag&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://investor-invasion.safechkout.net/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 03:21:05 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

conversionfly.com

URL

https://conversionfly.com/GPSI/a.php