insiders-exposed.com Open in urlscan Pro
2606:4700:20::ac43:451c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hawkeyetraders.ontraport.com/c/s/KA3/v85hH/U/s1bU/CJH/6XWvoZ/bmlZY8uRq/P/P/0Y/bXU9aHR0cHMlM0ElMkYlMkZpbnNpZGVycy1leHBvc2VkLmN...
Effective URL:
https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Submission: On June 26 via api (June 26th 2023, 2:52:50 am UTC) from BE — Scanned from DE

Summary HTTP 111 Redirects Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 36 domains to perform 111 HTTP transactions. The main IP is 2606:4700:20::ac43:451c, located in United States and belongs to CLOUDFLARENET, US. The main domain is insiders-exposed.com. The Cisco Umbrella rank of the primary domain is 719120.
TLS certificate: Issued by GTS CA 1P5 on May 23rd 2023. Valid for: 3 months.

This is the only time insiders-exposed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	209.170.211.179 209.170.211.179	13649 (ASN-VINS) (ASN-VINS)
3 16	2606:4700:20:... 2606:4700:20::ac43:451c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3 10	54.156.254.128 54.156.254.128	14618 (AMAZON-AES) (AMAZON-AES)
11	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1 1	35.168.45.42 35.168.45.42	14618 (AMAZON-AES) (AMAZON-AES)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	50.112.28.9 50.112.28.9	16509 (AMAZON-02) (AMAZON-02)
1	104.16.20.19 104.16.20.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
2	18.66.147.125 18.66.147.125	16509 (AMAZON-02) (AMAZON-02)
1 5	2606:4700:20:... 2606:4700:20::ac43:4746	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	184.86.103.216 184.86.103.216	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	23.37.34.233 23.37.34.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	52.14.123.13 52.14.123.13	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	154.59.122.94 154.59.122.94	174 (COGENT-174) (COGENT-174)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
4	146.75.122.109 146.75.122.109	54113 (FASTLY) (FASTLY)
3	146.75.118.109 146.75.118.109	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 3	35.158.39.51 35.158.39.51	16509 (AMAZON-02) (AMAZON-02)
1	3.126.109.67 3.126.109.67	16509 (AMAZON-02) (AMAZON-02)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
1 1	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	54.76.136.163 54.76.136.163	16509 (AMAZON-02) (AMAZON-02)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
111	41

3 209.170.211.179 (Las Vegas, United States) 1 redirects

ASN13649 (ASN-VINS, US)
PTR: mail9.ontramail.com

hawkeyetraders.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::ac43:451c (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

insiders-exposed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.156.254.128 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-254-128.compute-1.amazonaws.com

intof.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.45.42 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-45-42.compute-1.amazonaws.com

deadlinefunnel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

a.deadlinefunnel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.112.28.9 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-28-9.us-west-2.compute.amazonaws.com

gblprftsystm-prom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.20.19 (None, )

ASN13335 (CLOUDFLARENET, US)

optassets.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-125.fra60.r.cloudfront.net

widget.wickedreports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:4746 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

conversionfly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.86.103.216 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-216.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.34.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-34-233.deploy.static.akamaitechnologies.com

origin.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.14.123.13 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-14-123-13.us-east-2.compute.amazonaws.com

track.wickedreports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.59.122.94 (United States)

ASN174 (COGENT-174, US)

e.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.122.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.75.118.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.158.39.51 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-39-51.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.109.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-109-67.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 154.59.122.79 (United States)

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.75.62.37 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.136.163 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-136-163.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	insiders-exposed.com 3 redirects insiders-exposed.com — Cisco Umbrella Rank: 719120	80 MB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	737 KB
10	intof.io 3 redirects intof.io — Cisco Umbrella Rank: 212681	20 KB
8	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 3596 i.vimeocdn.com — Cisco Umbrella Rank: 3508 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3611	359 KB
8	acuityplatform.com origin.acuityplatform.com — Cisco Umbrella Rank: 18754 e.acuityplatform.com — Cisco Umbrella Rank: 14579 ums.acuityplatform.com — Cisco Umbrella Rank: 1501	7 KB
8	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1832 www.google-analytics.com — Cisco Umbrella Rank: 60	21 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 124 cm.g.doubleclick.net — Cisco Umbrella Rank: 244	4 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 716	119 KB
5	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2890 www.google.com — Cisco Umbrella Rank: 3	1 KB
5	conversionfly.com conversionfly.com — Cisco Umbrella Rank: 473002 Failed	3 KB
4	ontraport.com 1 redirects hawkeyetraders.ontraport.com — Cisco Umbrella Rank: 881597 optassets.ontraport.com — Cisco Umbrella Rank: 87177 tracking.ontraport.com — Cisco Umbrella Rank: 280403	7 KB
3	gstatic.com www.gstatic.com	30 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 513	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 4835	626 B
3	wickedreports.com widget.wickedreports.com — Cisco Umbrella Rank: 42358 track.wickedreports.com — Cisco Umbrella Rank: 64396	9 KB
3	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2001 vimeo.com — Cisco Umbrella Rank: 1879	22 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 785	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 340	125 B
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 1519	551 B
2	lijit.com ce.lijit.com — Cisco Umbrella Rank: 1036	622 B
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 381	478 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	136 KB
2	deadlinefunnel.com 1 redirects deadlinefunnel.com — Cisco Umbrella Rank: 57027 a.deadlinefunnel.com — Cisco Umbrella Rank: 62283	1 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 997	70 KB
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 421	140 B
1	pubmatic.com 1 redirects image2.pubmatic.com — Cisco Umbrella Rank: 1020	437 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1137	344 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 653	492 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1801	462 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 172	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 771	30 KB
1	gblprftsystm-prom.com gblprftsystm-prom.com — Cisco Umbrella Rank: 829563
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 422	31 KB
111	36

	Domain	Requested by
16	insiders-exposed.com	3 redirects insiders-exposed.com code.jquery.com
11	www.googletagmanager.com	insiders-exposed.com www.googletagmanager.com
10	intof.io	3 redirects insiders-exposed.com intof.io
6	analytics.tiktok.com	insiders-exposed.com analytics.tiktok.com
5	ums.acuityplatform.com	insiders-exposed.com
5	region1.google-analytics.com	www.googletagmanager.com
5	conversionfly.com	insiders-exposed.com conversionfly.com
4	f.vimeocdn.com	player.vimeo.com
3	www.gstatic.com	f.vimeocdn.com www.gstatic.com
3	pixel.tapad.com	3 redirects
3	x.bidswitch.net	3 redirects
3	www.google.de	insiders-exposed.com
3	region1.analytics.google.com	www.googletagmanager.com
3	i.vimeocdn.com	player.vimeo.com insiders-exposed.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tracking.ontraport.com	optassets.ontraport.com
2	dpm.demdex.net	2 redirects
2	sync.search.spotxchange.com	1 redirects insiders-exposed.com
2	www.google.com	1 redirects insiders-exposed.com
2	ups.analytics.yahoo.com	insiders-exposed.com
2	pixel.advertising.com	2 redirects
2	ce.lijit.com	insiders-exposed.com
2	cm.g.doubleclick.net	insiders-exposed.com
2	pixel.rubiconproject.com	insiders-exposed.com
2	www.facebook.com	insiders-exposed.com
2	e.acuityplatform.com	origin.acuityplatform.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	connect.facebook.net	insiders-exposed.com connect.facebook.net
2	widget.wickedreports.com	insiders-exposed.com widget.wickedreports.com
2	player.vimeo.com	insiders-exposed.com
2	maxcdn.bootstrapcdn.com	insiders-exposed.com maxcdn.bootstrapcdn.com
1	vimeo.com	f.vimeocdn.com
1	eb2.3lift.com	insiders-exposed.com
1	image2.pubmatic.com	1 redirects
1	fresnel.vimeocdn.com	f.vimeocdn.com
1	ps.eyeota.net	insiders-exposed.com
1	tags.bluekai.com	1 redirects
1	crb.kargo.com	insiders-exposed.com
1	www.googleadservices.com	www.googletagmanager.com
1	track.wickedreports.com	widget.wickedreports.com
1	origin.acuityplatform.com	insiders-exposed.com
1	code.jquery.com	insiders-exposed.com
1	optassets.ontraport.com	insiders-exposed.com
1	gblprftsystm-prom.com	insiders-exposed.com
1	a.deadlinefunnel.com	insiders-exposed.com
1	deadlinefunnel.com	1 redirects
1	ajax.googleapis.com	insiders-exposed.com
1	hawkeyetraders.ontraport.com	1 redirects
111	49

This site contains no links.

Subject Issuer	Validity	Valid
insiders-exposed.com GTS CA 1P5	`2023-05-23` - `2023-08-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gblprftsystm-prom.com AlphaSSL CA - SHA256 - G4	`2023-02-07` - `2024-03-10`	a year	crt.sh
*.ontraport.com Go Daddy Secure Certificate Authority - G2	`2022-10-31` - `2023-11-21`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
widget.wickedreports.com Amazon RSA 2048 M02	`2023-02-24` - `2023-08-29`	6 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
*.intof.io GeoTrust TLS RSA CA G1	`2023-04-19` - `2024-04-21`	a year	crt.sh
*.acuityplatform.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-30` - `2024-02-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
track.wickedreports.com Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-18` - `2024-03-21`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2022-09-21` - `2023-09-20`	a year	crt.sh
tracking.ontraport.com R3	`2023-05-28` - `2023-08-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Frame ID: 150D46545740886A8BFF3991FCBCB910
Requests: 96 HTTP requests in this frame

Frame: https://player.vimeo.com/video/657105780?controls=0
Frame ID: 70F7BEB13E7D498F615ADDDD955E2FA1
Requests: 13 HTTP requests in this frame

Frame: https://insiders-exposed.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Frame ID: D0A85121A43024397F95C45AFCA7E475
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webinar Live BroadCast

Page URL History Show full URLs

https://hawkeyetraders.ontraport.com/c/s/KA3/v85hH/U/s1bU/CJH/6XWvoZ/bmlZY8uRq/P/P/0Y/bXU9aHR0cHMlM0ElMkYlMkZpbnN... HTTP 302
https://insiders-exposed.com/IE-1click.php?email=verdacht@safeonweb.be&utm_campaign=IE-Webinar-Event&utm_... HTTP 302
https://insiders-exposed.com/live-event/1?pageid=1996&email=verdacht@safeonweb.be HTTP 301
https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

86 %
HTTPS

33 %
IPv6

36
Domains

49
Subdomains

41
IPs

6
Countries

84008 kB
Transfer

87569 kB
Size

47
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hawkeyetraders.ontraport.com/c/s/KA3/v85hH/U/s1bU/CJH/6XWvoZ/bmlZY8uRq/P/P/0Y/bXU9aHR0cHMlM0ElMkYlMkZpbnNpZGVycy1leHBvc2VkLmNvbSUyRklFLTFjbGljay5waHAlM0ZlbWFpbCUzRHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJTI2dXRtX2NhbXBhaWduJTNESUUtV2ViaW5hci1FdmVudCUyNnV0bV9tZWRpdW0lM0RlbWFpbC1kZWRpY2F0ZWQlMjZ1dG1fc291cmNlJTNEQkVQJTI2dXRtX2NvbnRlbnQlM0Rwcml6ZWQtY2hpbGQtbGluay00JTI2dXRtX3Rlcm0lM0RPbnRyYXBvcnQlMjZvcCUzRGdwc2kmbWg9NTI1MzQyYWU5ODkyODg=/Z HTTP 302
https://insiders-exposed.com/IE-1click.php?email=verdacht@safeonweb.be&utm_campaign=IE-Webinar-Event&utm_medium=email-dedicated&utm_source=BEP&utm_content=prized-child-link-4&utm_term=Ontraport&op=gpsi HTTP 302
https://insiders-exposed.com/live-event/1?pageid=1996&email=verdacht@safeonweb.be HTTP 301
https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://intof.io/itag HTTP 301
https://intof.io/itag/?id=itag

Request Chain 8

https://deadlinefunnel.com/pixel/145221 HTTP 302
https://a.deadlinefunnel.com/pixel/1x1.png

Request Chain 35

https://intof.io/itag HTTP 301
https://intof.io/itag/?id=itag

Request Chain 40

https://conversionfly.com/GPSI/a6.php?tc=1223&refurl=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&user=GPSI HTTP 302
https://conversionfly.com/1x1.gif

Request Chain 45

https://intof.io/itag HTTP 301
https://intof.io/itag/?id=itag

Request Chain 56

https://insiders-exposed.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://insiders-exposed.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

Request Chain 75

https://x.bidswitch.net/sync?dsp_id=236&user_id=794212116229&expires=30&user_group=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=236&user_id=794212116229&expires=30&user_group=1 HTTP 302
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=00185c04-8e42-41e0-8791-3976d7289d18&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

Request Chain 79

https://pixel.tapad.com/idsync/ex/receive?partner_id=3150&partner_device_id=794212116229&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D794212116229%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3150&partner_device_id=794212116229&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D794212116229%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://ums.acuityplatform.com/sum?umid=64&auid=794212116229&uid=db763ace-efbc-4d7a-b604-f8d5c826accd

Request Chain 80

https://tags.bluekai.com/site/37592?id=123456&limit=0&redir=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D49%26auid%3D794212116229%26uid%3D%24_BK_UUID HTTP 302
https://ums.acuityplatform.com/sum?umid=49&auid=794212116229&uid=$_BK_UUID

Request Chain 81

https://pixel.advertising.com/ups/55950/sync?uid=794212116229&_origin=1 HTTP 301
https://ups.analytics.yahoo.com/ups/55950/sync?uid=794212116229&_origin=1

Request Chain 85

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10793098225/?random=149303821&cv=11&fst=1687747956436&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&label=C0MwCMLJuoADEPG3xpoo&hn=www.googleadservices.com&frm=0&tiba=Webinar%20Live%20BroadCast&value=0&auid=526169399.1687747955&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=dP2YZJuML7S4lQeX8JXYDA&sscte=1&crd=&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E_BV7aEIpXmjqQ3StrdOVBCR0kiu1rAubQ&pscrd=EkxDaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVVBcTlpUmh3cGdXSGNDNTFIMkt3Z21VTi0taGsxdG9WN1RjQ3lJY2dxRmE4SzZRTmVDGlhDaEVJOE12ZnBBWVF5TUtqbHBHTjlfWGlBUkl0QUNHZWlNLWZueW1EaFhvenZOYTd3TWZPLUFhdEc5eGxrdFZwNDhiam9YanJQQ2dlUXVBal9GYUpqYkpuIhMIm5a8i_ff_wIVNFzlCh0XeAXL HTTP 302
https://www.google.com/pagead/1p-conversion/10793098225/?random=149303821&cv=11&fst=1687747956436&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&label=C0MwCMLJuoADEPG3xpoo&hn=www.googleadservices.com&frm=0&tiba=Webinar%20Live%20BroadCast&value=0&auid=526169399.1687747955&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVVBcTlpUmh3cGdXSGNDNTFIMkt3Z21VTi0taGsxdG9WN1RjQ3lJY2dxRmE4SzZRTmVDGlhDaEVJOE12ZnBBWVF5TUtqbHBHTjlfWGlBUkl0QUNHZWlNLWZueW1EaFhvenZOYTd3TWZPLUFhdEc5eGxrdFZwNDhiam9YanJQQ2dlUXVBal9GYUpqYkpuIhMIm5a8i_ff_wIVNFzlCh0XeAXL&is_vtc=1&ocp_id=dP2YZJuML7S4lQeX8JXYDA&cid=CAQSKQBygQiDpmTtny5CW9pwCT8cd1xW0v0XniIfECHmbk6gJQKjri7cjV2S&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E98CrqUnsKdy1DJeRf0P3ow49VAeStlfH8&random=3850264547 HTTP 302
https://www.google.de/pagead/1p-conversion/10793098225/?random=149303821&cv=11&fst=1687747956436&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&label=C0MwCMLJuoADEPG3xpoo&hn=www.googleadservices.com&frm=0&tiba=Webinar%20Live%20BroadCast&value=0&auid=526169399.1687747955&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVVBcTlpUmh3cGdXSGNDNTFIMkt3Z21VTi0taGsxdG9WN1RjQ3lJY2dxRmE4SzZRTmVDGlhDaEVJOE12ZnBBWVF5TUtqbHBHTjlfWGlBUkl0QUNHZWlNLWZueW1EaFhvenZOYTd3TWZPLUFhdEc5eGxrdFZwNDhiam9YanJQQ2dlUXVBal9GYUpqYkpuIhMIm5a8i_ff_wIVNFzlCh0XeAXL&is_vtc=1&ocp_id=dP2YZJuML7S4lQeX8JXYDA&cid=CAQSKQBygQiDpmTtny5CW9pwCT8cd1xW0v0XniIfECHmbk6gJQKjri7cjV2S&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E98CrqUnsKdy1DJeRf0P3ow49VAeStlfH8&random=3850264547&ipr=y

Request Chain 90

https://pixel.tapad.com/idsync/ex/receive?partner_id=3150&partner_device_id=794219065372&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D794219065372%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://ums.acuityplatform.com/sum?umid=64&auid=794219065372&uid=db763ace-efbc-4d7a-b604-f8d5c826accd

Request Chain 91

https://pixel.advertising.com/ups/55950/sync?uid=794219065372&_origin=1 HTTP 301
https://ups.analytics.yahoo.com/ups/55950/sync?uid=794219065372&_origin=1

Request Chain 92

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NyZ0bD0xMjk2MDA=&piggybackCookie=uid:794219065372&r=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D6%26auid%3D794219065372%26uid%3D%24%7BPUBMATIC_UID%7D HTTP 302
https://ums.acuityplatform.com/sum?umid=6&auid=794219065372&uid=${PUBMATIC_UID}

Request Chain 93

https://x.bidswitch.net/sync?dsp_id=236&user_id=794219065372&expires=30&user_group=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7310&uid=00185c04-8e42-41e0-8791-3976d7289d18 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7310&uid=00185c04-8e42-41e0-8791-3976d7289d18&__user_check__=1&sync_id=821ada0b-13cc-11ee-aedb-1e87ce780306

Request Chain 97

https://dpm.demdex.net/ibs:dpid=12105&dpuuid=794219065372&redir=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D41%26auid%3D794219065372%26uid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=12105&dpuuid=794219065372&redir=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D41%26auid%3D794219065372%26uid%3D%24%7BDD_UUID%7D HTTP 302
https://ums.acuityplatform.com/sum?umid=41&auid=794219065372&uid=37360198952781278970159076068912691884

111 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
insiders-exposed.com/live-event/1/
Redirect Chain

https://hawkeyetraders.ontraport.com/c/s/KA3/v85hH/U/s1bU/CJH/6XWvoZ/bmlZY8uRq/P/P/0Y/bXU9aHR0cHMlM0ElMkYlMkZpbnNpZGVycy1leHBvc2VkLmNvbSUyRklFLTFjbGljay5waHAlM0ZlbWFpbCUzRHZlcmRhY2h0JTQwc2FmZW9ud2V...
https://insiders-exposed.com/IE-1click.php?email=verdacht@safeonweb.be&utm_campaign=IE-Webinar-Event&utm_medium=email-dedicated&utm_source=BEP&utm_content=prized-child-link-4&utm_term=Ontraport&op=...
https://insiders-exposed.com/live-event/1?pageid=1996&email=verdacht@safeonweb.be
https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

27 KB
8 KB

122ms
122ms

Document
text/html

2606:4700:20::ac43:451c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:451c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dedd9aa6c90f3f3b1e69bf2ae1153fad9b9f1dbe50c921998ec64f40a67bf701

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7dd227a7bf0a695b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Jun 2023 02:52:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2NkOTFIN7Jrov2v0jwCxFFuzbqBWNKj8yKOF%2BoWgcJZf%2Bf0uVRH7WhPqfgJDkFmBJ6VVb59IcPSiWxdwU2qWFJpMvG8nwEaZw98JG%2BCx0hT58fSs%2F1sGGm%2BjoXrdN%2BjqFaUsr0zRp5bmJfkkq6VdFIF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7dd227a70e99695b-FRA
content-type: text/html
date: Mon, 26 Jun 2023 02:52:33 GMT
location: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhMApQjk9xiuoTExcLxQPJrfzvqOlzgrHnrYq7VIzPx8AzN3vHQzFH0lPQKf96i%2FwrkR5NJGauNtFlWzbSDX0G0TR2ouE7KK4EN3KWFOcpkLSizSFfTVQ3qmNM54mw2BA2Sa3tA8%2B%2BDbGCBGf0apBNBW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 bootstrap.min.css
insiders-exposed.com/live-event/1/css/css/ 152 KB
24 KB 494ms
494ms Stylesheet
text/css 2606:4700:20::ac43:451c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insiders-exposed.com/live-event/1/css/css/bootstrap.min.css

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:451c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Thu, 07 Jul 2022 13:31:05 GMT
server: cloudflare
etag: W/"62c6e019-2606e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGVP64tT33pishD%2BFdGaTYAApR5WCJU29a52yqQx1slJxR6AnSTeyJHuzl9mHMjGXGSBwXadVgo%2Bpr9EGmtgpCQ8C2z0pQZPBJQaW4LwGIVq6358pD1vztJ0LAEcqcrIlc%2BHz6aynyPKqyo4ucZNIXZ%2F"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7dd227a89fa6695b-FRA
expires: Tue, 25 Jun 2024 02:52:34 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 35ms
16ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617
age: 13114645
cdn-cachedat: 2021-04-13 02:48:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3e4766ad0ddfa4bdecb1b0dc22b73ef7
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7dd227a8bd70bc01-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 61ms
19ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 07:59:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jun 2024 07:59:23 GMT

GET a.php
conversionfly.com/GPSI/ 0
0

GET
H2 200 jquery.nice-select.js Show response
insiders-exposed.com/live-event/1/js/ 6 KB
2 KB 367ms
367ms Script
application/javascript 2606:4700:20::ac43:451c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insiders-exposed.com/live-event/1/js/jquery.nice-select.js

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:451c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cebb7776fb386c1fc6f0ef7168aa12642441058942bf91e0403ed1b15665ed37

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Sat, 20 Nov 2021 09:15:51 GMT
server: cloudflare
etag: W/"6198bcc7-16c1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tTTYiUXrwKTH8E4FpXdU%2Fx0O1Jd0EM%2FFE21zjKQnEVrAnhiyM41%2Bx63CNHqRfadTLQz%2BxUMzadOAvuYPiCkwyCMHvcRMfAwhPPHTbfYwVKdN%2BQfSAEuLcEpp9s33u52mEJCAHKWuDLh6lJz7TP2CGnQ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7dd227a91ff2695b-FRA
expires: Tue, 25 Jun 2024 02:52:34 GMT

GET
H2 200 nice-select.css
insiders-exposed.com/live-event/1/css/ 4 KB
1 KB 370ms
370ms Stylesheet
text/css 2606:4700:20::ac43:451c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insiders-exposed.com/live-event/1/css/nice-select.css

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:451c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Sat, 20 Nov 2021 09:15:49 GMT
server: cloudflare
etag: W/"6198bcc5-fa7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCk3kJu9JPrEFw6AM8MYHKICHPyLdaPiz9wKTMX93I20huN56cA%2B0KHZWA9NQtK%2BOkHieGZp3qvjMVqcqeQLvv8z7Il2scVUxxxqDcreu9buVvZBaN3klb4SdAgh%2FOYhS1%2FAu6jfoYGoMAujbjtGSq2I"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7dd227ab6952695b-FRA
expires: Tue, 25 Jun 2024 02:52:34 GMT

GET
H/1.1

200
OK

/ Show response
intof.io/itag/
Redirect Chain

https://intof.io/itag
https://intof.io/itag/?id=itag

6 KB
6 KB

105ms
105ms

Script
application/javascript

54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://intof.io/itag/?id=itag
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: fa1cb237372d86c71a568f5fcd882d5470963e32ea235917147143fc0d7f5317

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 02:50:14 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 5643

Redirect headers

Location: https://intof.io/itag/?id=itag
Date: Mon, 26 Jun 2023 02:50:14 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 238
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
82 KB 68ms
29ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P4C5FRHY76

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c43cf2f241fcd121cdc0d6118c0ebc8f7df00d64e3162f00011f1c61ced0c252

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jun 2023 02:52:34 GMT

GET
H2

200

1x1.png
a.deadlinefunnel.com/pixel/
Redirect Chain

https://deadlinefunnel.com/pixel/145221
https://a.deadlinefunnel.com/pixel/1x1.png

95 B
397 B

324ms
10ms

Image
image/png

151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.deadlinefunnel.com/pixel/1x1.png
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: ba78444bfbd7c20f571088bc949f4d6f0fc0a30dcc92e42bccc821c3216abbef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:36 GMT
x-amz-version-id: null
last-modified: Fri, 19 Feb 2021 17:57:24 GMT
server: AmazonS3
x-amz-request-id: 2RAR6A9C7X4KB2XF
etag: "f4585e4dc0a19cd25b84b5992a50bf31"
x-hw: 1687747956.cds322.fr8.hn,1687747956.cds108.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 95
x-amz-id-2: h0dUitUxsETsB3Jxk4ALdOcm/ilDInNhgDcYpQLqHsyXgVP/uYSbqyHdHLjQjA7m6IzKbLBlcRM=

Redirect headers

x-served-by: deadlinefunnel.com
date: Mon, 26 Jun 2023 02:52:35 GMT
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
location: https://a.deadlinefunnel.com/pixel/1x1.png
access-control-allow-origin: *
cache-control: no-cache, private
x-ua-compatible: IE=Edge

GET
H/1.1 503
Service Unavailable p.ashx
gblprftsystm-prom.com/ 0
0 729ms
175ms Script
text/html 50.112.28.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gblprftsystm-prom.com/p.ashx?a=424&f=js&e=326&t=TRANSACTION_ID
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.112.28.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-112-28-9.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 webinar.css
insiders-exposed.com/live-event/1/ 387 KB
48 KB 608ms
604ms Stylesheet
text/css 2606:4700:20::ac43:451c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insiders-exposed.com/live-event/1/webinar.css?1687747953

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:451c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abd0ce615d48c609081fc782295fa2244bede6af41d46a822f8b4acf30685853

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:35 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Sat, 20 Nov 2021 09:15:48 GMT
server: cloudflare
etag: W/"6198bcc4-60b32"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvmvwsyXFbPgkTS%2FO94WPaIV6XaYXm83eMHAIanE6RQ7vnN4AqqWMyNpmugFwS64GuWZn3uJrJdnsTsi%2Fucu18%2Fk6VpoBiH1CsRhbSgb0IXlRaibhWvj8GAHBnORu%2B1qHE3vC4BAWTK2rGOLiJxARhgW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7dd227abf9a4695b-FRA
expires: Tue, 25 Jun 2024 02:52:34 GMT

GET
H2 200 tracking.js Show response
optassets.ontraport.com/ 8 KB
3 KB 97ms
28ms Script
application/javascript 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/tracking.js
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bd4db5489f52f092ac687a50c5afd570c768acad3636a0955149b949c4bb32f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:34 GMT
content-encoding: br
cf-cache-status: HIT
age: 62
cf-polished: origSize=12107
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 0
x-op-ca: 10.2.80.206
cf-bgj: minify
last-modified: Fri, 23 Jun 2023 22:24:20 GMT
server: cloudflare
etag: W/"64961b94-2f4b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=28800
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 7dd227ac5b8c3721-FRA
expires: Mon, 26 Jun 2023 10:52:34 GMT

GET
H2 200 Button5.gif
insiders-exposed.com/wp-content/uploads/2022/05/ 73 MB
73 MB 631ms
628ms Image
image/gif 2606:4700:20::ac43:451c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insiders-exposed.com/wp-content/uploads/2022/05/Button5.gif
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:451c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb322f7e8bb5c53ef8ca9b7341d87f819abfc233d4ba95c0a709bd3e89b58a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:35 GMT
cf-cache-status: MISS
last-modified: Thu, 19 May 2022 14:39:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6286568b-48a45f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6SEFSV0aaoNv3GOgAFaOZMBRZK9DvXxR%2BT8BmK%2FTiRUwWdOBT2EqHnprDPsmXarBpG4CtTO0jtZbGhX0nVu%2FJFNdAlEEzikHT44o5D6M76XCjuMqr8487jEuhsxKp0G0zwXGUAHuCJ3Cwh8DwVJ5fzC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7dd227abf9a6695b-FRA
content-length: 76170743
expires: Wed, 26 Jul 2023 02:52:34 GMT

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 37 KB
12 KB 78ms
30ms Script
application/javascript 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e67b7c00d3ed50871865e8acf0381d72b909eb2360b56261061c9be60bde9e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-varnish-cache: 1
Date: Mon, 26 Jun 2023 02:52:34 GMT
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
CF-Cache-Status: DYNAMIC
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
Age: 266
X-Cache: HIT
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Mon, 26 Jun 2023 02:50:08 GMT
x-host: player-596996844b-rc67d
Connection: keep-alive
x-vserver: player-varnish-prod-varnish-3
Content-Length: 11160
x-xss-protection: 1; mode=block
X-Served-By: cache-fra-eddf8230111-FRA
X-Player-Backend: p
Server: cloudflare
X-Timer: S1687747955.606178,VS0,VE0
x-backend-proxy: playproxy4
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: player-596996844b-rc67d
Accept-Ranges: bytes
CF-RAY: 7dd227ac3ff79b3f-FRA
X-Cache-Hits: 54

GET
H2 200 DevicesmockupWeb.png
insiders-exposed.com/live-event/1/ 8 MB
8 MB 552ms
549ms Image
image/png 2606:4700:20::ac43:451c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insiders-exposed.com/live-event/1/DevicesmockupWeb.png
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:451c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8dc1c5380a71fb358cb060072040a895f70abeabeee522960967816f970ac1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:35 GMT
cf-cache-status: MISS
last-modified: Wed, 24 Nov 2021 19:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "619e9324-7a12dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLvThEEhpt3mbLfOWs%2FiGJiM3s%2BA%2Bg6x6s3uviN8%2FCP3pK1gk%2BE6mMpXINlDBG%2FBHQnM1XRNsbIfWzfVIrSk0XQsmTduaJLkZm12JxeDYVOIYT%2FYaWRtFadFstwWm41CmkUYIAAdKy27nQ7Afp0n%2B5WC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7dd227abf9a7695b-FRA
content-length: 8000221
expires: Wed, 26 Jul 2023 02:52:34 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 59ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://insiders-exposed.com/
Origin: https://insiders-exposed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:34 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15d84"
vary: Accept-Encoding
x-hw: 1687747954.dop264.fr8.t,1687747954.cds056.fr8.hn,1687747954.cds327.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 bootstrap.bundle.min.js Show response
insiders-exposed.com/live-event/1/css/js/ 77 KB
23 KB 27ms
23ms Script
application/javascript 2606:4700:20::ac43:451c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insiders-exposed.com/live-event/1/css/js/bootstrap.bundle.min.js

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:451c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5569
content-encoding: br
last-modified: Thu, 07 Jul 2022 13:31:12 GMT
server: cloudflare
etag: W/"62c6e020-1332b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTGPBAFWMPTiYLnhKTdDamNuWuijmnMYtfcaJ%2FOCie2t9T7CbmvLQRX%2BbLMUFQLxqYKgMk2OQauGOo24YxvThr36BKNdpM7%2FVbD9ZfmFEiab8DpZhuVruXt2rcHmNzenbQQZOMiRPm77qj79lTg3L3wE"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7dd227abf9a5695b-FRA
expires: Tue, 25 Jun 2024 01:19:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 140 KB
54 KB 58ms
21ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1070781524

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e0e2d05f5b70f7dd4d350266bb9c20903874dfb1a5c702ee511414479efa5fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54922
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Jun 2023 02:52:34 GMT

GET
H2 200 wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js Show response
widget.wickedreports.com/v2/602/ 405 B
754 B 56ms
8ms Script
text/javascript 18.66.147.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/v2/602/wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-125.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d52bc856b96c89d1892b70c3924592060434fdfaf98d9a9f7d4840aec159f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 07:12:38 GMT
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
last-modified: Tue, 02 Mar 2021 16:11:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 70797
etag: "95f752a9a74a81348c21ef5b41ded41d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 405
x-amz-cf-id: WAfccUkrnDTD8R9992pDXKbR7CGt6GOkhenJObyIfkXigKSd9RxHBw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 151 KB
56 KB 76ms
41ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5NW398H

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

458d27b54f5d3dee904a296779dc29aec735cd5a34786d519211b6157ee962ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56868
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Jun 2023 02:52:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
46 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MGL2B6P

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17772f71a66b5d86fecfb5b548ffac72ad6614d162b68179edc9afdcc83464a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46902
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Jun 2023 02:52:34 GMT

GET
H2 200 urlcheckJson.php Show response
conversionfly.com/GPSI/ 1 KB
988 B 478ms
478ms Script
text/html 2606:4700:20::ac43:4746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conversionfly.com/GPSI/urlcheckJson.php?callback=_conversionflyMagic.redirectCallback&url=https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.13, PleskLin
Resource Hash: cf148e3be7b390d6fc14578adfbe53a8758d31ad8040981a7c43511736bbc9c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:35 GMT
content-encoding: gzip
ms-author-via: DAV
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.13, PleskLin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5K8znG%2BN3yJQcwuPvB1M%2FTe0uromc9Vg41dj8urNsIyF24S%2FRVFrlVk2AGyjA7ycZyiadPMGEbcLIO4Su6lKMyOT2bgSnOAyS6ulP914vKMGk%2BUwHsiPOspMwVPSAC%2BV3B5G92eYZmpHICFXCcHx"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *, *
cf-ray: 7dd227ac483f9164-FRA

GET
H2 200 a.php
conversionfly.com/GPSI/ 0
264 B 488ms
488ms Image
text/html 2606:4700:20::ac43:4746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conversionfly.com/GPSI/a.php?tc=93400845670106370000
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.13, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:35 GMT
ms-author-via: DAV
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.13, PleskLin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2cPyFmOw9xtOOpyfjXm%2BQJZ3LKazq6VKot6b%2FWiyZMiiQQLISf4ezoIzijtnmHKhKvgGTNhcbrssYV6yxoyE%2FlCF5NIpoT3d0DhD2fc%2FzDX6lvPJUURwZGRuowAJRnlG1spgNLzY6NdcTSA9RXn"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 7dd227ac48459164-FRA
content-length: 0

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 174ms
110ms Script
application/javascript 184.86.103.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCN5SKRC77UB4C8P5R50&lib=ttq
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-216.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3ec107d0f9ea3800a94077a246b1295450b1cb8bb37c5769390c0e246eaa3d4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-akamai-request-id: 6883c1ca.687bf15a
date: Mon, 26 Jun 2023 02:52:34 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-86-102-216.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 92,184.86.102.216
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=5, inner; dur=3
content-length: 1593
pragma: no-cache
server: nginx
x-tt-logid: 20230626025234F1ACA727A10F4E9B0FB5
x-cache-remote: TCP_MISS from a104-78-78-103.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,104.78.78.103
x-tt-trace-host: 01ac0cb4c2515a456399eade58df901ce5779a6ed30ad4599659e3f8946a9d4946b017e66419661ae327b24c5829ed93b59bc20f0f76642c33af2fd233907b8b7836cd80f5391d37799959aad76d027bf2989b2ebdfa7877b2ba8a503fd54999da1eca45785497ef1c349554c3617d6bf2
expires: Mon, 26 Jun 2023 02:52:34 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 176ms
115ms Script
application/javascript 184.86.103.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCN66G3C77U3QS7T7LS0&lib=ttq
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-216.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8f9060c178fe5edcfbe9c6bf9be114367b308228235d286028df88c4f5c4326f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-akamai-request-id: 6883c2a0.687bf15b
date: Mon, 26 Jun 2023 02:52:34 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-86-102-216.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 97,184.86.102.216
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=6, inner; dur=3
content-length: 1603
pragma: no-cache
server: nginx
x-tt-logid: 20230626025234F1ACA727A10F4E9B0FB6
x-cache-remote: TCP_MISS from a104-78-78-103.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,104.78.78.103
x-tt-trace-host: 01ac0cb4c2515a456399eade58df901ce5779a6ed30ad4599659e3f8946a9d4946b017e66419661ae327b24c5829ed93b59bc20f0f76642c33af2fd233907b8b784d8e588e6f716158b0012b38b814bf0ecf90d081882a480a0cc25f43875625b0e51e8976f6a7f27082a7b70e38f86e1b
expires: Mon, 26 Jun 2023 02:52:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
82 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGL2B6P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99852345225304df70967ed55233e225b125f04f91c22471cefe66a94fccc302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83993
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jun 2023 02:52:34 GMT

GET
H2 200 widget.js Show response
widget.wickedreports.com/ 25 KB
8 KB 8ms
8ms Script
application/javascript 18.66.147.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.wickedreports.com/widget.js
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/v2/602/wr-a2c20b58dba8a66cd3c2d4dca4c93a24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-125.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3abea336b370d8cd22e08bfcb5bf3455781080c5242e9aee261d6b4abb05ac36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 08:26:56 GMT
content-encoding: gzip
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
last-modified: Wed, 21 Jun 2023 08:26:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 66339
x-amz-server-side-encryption: AES256
etag: W/"3e262d481181476e2546379d244cb4d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: fHY9JMTCkG_h6TvgcUZ6XFt2hV2pBADhCxFzFJqcyasR1CED6gFg9g==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 39ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8SJNWV4ZSP&gtm=45je36l0&_p=1063304413&cid=430568690.1687747955&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687747954&sct=1&seg=0&dl=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&dt=Webinar%20Live%20BroadCast&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insiders-exposed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWE4ZjFkYTAyMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 310 KB
82 KB 17ms
17ms Script
application/javascript 184.86.103.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE4ZjFkYTAyMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCN5SKRC77UB4C8P5R50&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-216.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a755080ac27c65d216be0aa2a896fb5d2612f2695f6cee15b4d241944c9eebc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-akamai-request-id: 687bf1e5
date: Mon, 26 Jun 2023 02:52:34 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023061512091256BB572695A3B4AFA7BD
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a184-86-102-216.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 011d623ffa0e375a2f2c57f19ea6aa1bc3dfab4ffe6a7878c48178aefe9d9a672e07d5e65ca354519881074b6270761289878b972eff76a548d7e7c41b44e2590f930f44cb3aec3aebe90469b9088e8481d05f331303a31783ed467a18a48f5676
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=12
content-length: 83495

GET
H2 200 identify_f7fa8.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 18ms
17ms Script
application/javascript 184.86.103.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_f7fa8.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE4ZjFkYTAyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-216.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-akamai-request-id: 687bf22b
date: Mon, 26 Jun 2023 02:52:34 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230615120911D11EADB0BFD402CE0414
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a184-86-102-216.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01ef050e99a4914964323c81f8a0cd69e1b7c208deee5c5cf8587a50623cb45a2273c531753be656c33c0aa864bd100241d4d8403fe4fd80852758dd9cfe12ea590c48e0498b9db8b1bec469c7dbb0d3233c20eea6064a2c2626620a564dfbe8dd
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=4
content-length: 30844

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
697 B 260ms
260ms Ping
text/plain 184.86.103.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE4ZjFkYTAyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-216.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://insiders-exposed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 977563f5.687bf25f
date: Mon, 26 Jun 2023 02:52:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-86-102-216.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 231,184.86.102.216
server-timing: cdn-cache; desc=MISS, edge; dur=106, origin; dur=134, inner; dur=122
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023062602523537017A8498D8257319F4
x-cache-remote: TCP_MISS from a23-218-223-5.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 134,23.218.223.5
x-tt-trace-host: 01ac0cb4c2515a456399eade58df901ce539ad98ead09d39a795d8c9fac3ff8284361c728f4e89b6d43d0461e44385f554dd6ba8849da6fe6ba70de57022f687335168c0bed9fa922353a4128fd187a538e642bb0b62b3056a6bda7ba13a9f508858b0f047e08749d5ee8467e72d7ce209
expires: Mon, 26 Jun 2023 02:52:35 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
698 B 234ms
234ms Ping
text/plain 184.86.103.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE4ZjFkYTAyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-216.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://insiders-exposed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 75a49383.687bf264
date: Mon, 26 Jun 2023 02:52:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-86-102-216.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 213,184.86.102.216
server-timing: cdn-cache; desc=MISS, edge; dur=42, origin; dur=175, inner; dur=116
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230626025235FEA7BBAA92F236928F68
x-cache-remote: TCP_MISS from a104-78-78-69.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 175,104.78.78.69
x-tt-trace-host: 01ac0cb4c2515a456399eade58df901ce5779a6ed30ad4599659e3f8946a9d4946559a7fcc64c2c05df5720dd54a66bec44659f5838731390dbfd5270dbfa2444b6c3e0c6e15ed9ad76abb0c1667b2f34a4e88a56743f87fd509c2c83f5842d05d712d1b4bab8a7aa797ff4261da569e8f
expires: Mon, 26 Jun 2023 02:52:35 GMT

GET
H/1.1 200
OK /
intof.io/iocmap/ 43 B
411 B 106ms
105ms Image
image/gif 54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intof.io/iocmap/?iocid=null&iocmap=null
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 02:50:14 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 43

GET
H/1.1 200
OK 0
intof.io/s2s/724/null/ 43 B
289 B 306ms
103ms Image
image/gif 54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intof.io/s2s/724/null/0
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 02:52:35 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
Connection: Keep-Alive
X-Powered-By: PHP/7.0.25
Content-Length: 43
Keep-Alive: timeout=5, max=100
Content-Type: image/gif

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P4C5FRHY76&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NW398H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8fabfe944b5ebc5bedcb20beb8b186b4d95ef852ec1704a541905d1650d19e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83235
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jun 2023 02:52:35 GMT

GET
H/1.1

200
OK

/ Show response
intof.io/itag/
Redirect Chain

https://intof.io/itag
https://intof.io/itag/?id=itag

6 KB
6 KB

114ms
114ms

Script
application/javascript

54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://intof.io/itag/?id=itag
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: fa1cb237372d86c71a568f5fcd882d5470963e32ea235917147143fc0d7f5317

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 02:52:35 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 5643

Redirect headers

Location: https://intof.io/itag/?id=itag
Date: Mon, 26 Jun 2023 02:50:14 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 238
Content-Type: text/html; charset=iso-8859-1

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-537465-22&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4C5FRHY76

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a34f130db79d9219ebf91009ea0dec069c099dc4a0128439404b823d51dfa08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65063
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Jun 2023 02:52:35 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P4C5FRHY76&gtm=45je36l0&_p=1063304413&cid=430568690.1687747955&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687747955&sct=1&seg=0&dl=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&dt=Webinar%20Live%20BroadCast&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4C5FRHY76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insiders-exposed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
78 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EZM341WP65&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-537465-22&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2c6d9a5d9f7d9bb4f8c544ed12f2c2f22fe8b0719a778e4d50b08c15f4b8f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79489
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jun 2023 02:52:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 39ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-537465-22&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Jun 2023 02:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1033
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 26 Jun 2023 04:35:22 GMT

GET
H2

200

1x1.gif Show response
conversionfly.com/
Redirect Chain

https://conversionfly.com/GPSI/a6.php?tc=1223&refurl=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&user=GPSI
https://conversionfly.com/1x1.gif

43 B
434 B

150ms
150ms

XHR
image/gif

2606:4700:20::ac43:4746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conversionfly.com/1x1.gif
Requested by: Host: conversionfly.com
URL: https://conversionfly.com/GPSI/urlcheckJson.php?callback=_conversionflyMagic.redirectCallback&url=https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:35 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
content-length: 43
ms-author-via: DAV
last-modified: Mon, 07 Mar 2022 20:20:36 GMT
x-accel-version: 0.01
server: cloudflare
etag: "2b-5d9a698e6a233"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zmeJBIhPfUAgCflDay4FaTmmOr%2BIEEc8xjwmnHRhZEqOJNV6WDEgrfwuPNszCDmWSPv%2B61%2FObzWYPBP2MNPJ0OubMgZ3%2FS2oy0hM%2BhGC7%2F5QAZHMmCWyWlPDnkD%2FJk4iA4XT5ThAS7UzXAfHjV0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7dd227b279181bc3-FRA

Redirect headers

date: Mon, 26 Jun 2023 02:52:35 GMT
ms-author-via: DAV
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.13, PleskLin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKxR%2B6LTFhaXGsvETF8XsYoJYxm5XQYWq8PJOE7E49gweDKqDemJbTY07RgwPdgnFlJOmVvi7NoKkirnCJpRsmIDIRWLRmeeJfiu2s%2Ft4YWFkONP2WPaJJvuDYxKvvzeFxXBq%2BcEQemzYRcT6xsz"}],"group":"cf-nel","max_age":604800}
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://conversionfly.com/1x1.gif
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cf-ray: 7dd227af7e661bc3-FRA
content-length: 0

GET
H2 200 url-check.php Show response
conversionfly.com/GPSI/cfly-callbacks/magic/ 53 B
375 B 416ms
416ms Script
text/html 2606:4700:20::ac43:4746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conversionfly.com/GPSI/cfly-callbacks/magic/url-check.php?pause=&callback=_conversionflyMagic.redirectCallback&url=https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be&referrer=
Requested by: Host: conversionfly.com
URL: https://conversionfly.com/GPSI/urlcheckJson.php?callback=_conversionflyMagic.redirectCallback&url=https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.13, PleskLin
Resource Hash: d99393877213e78fe05555f3394ea3c929df046b2c0384fc54679753a10eb342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:36 GMT
content-encoding: gzip
ms-author-via: DAV
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.13, PleskLin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3wE%2B0gIb8a2Yyuj4gUDOTUcxlrFjj%2BgJlHYVoINMUQyX4OiNCdKSNoPvOg1HOC3ulgXEu%2B8MZVeu8K7LLinGB93yi7COfujVsahyxQmZL6qfpnHNF8c7cqpCmnNwy3oicedurafnxTY7bXx6TBE"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 7dd227b37d059164-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 44ms
40ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1063304413&t=pageview&_s=1&dl=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&ul=en-us&de=UTF-8&dt=Webinar%20Live%20BroadCast&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=851261243&gjid=201380146&cid=430568690.1687747955&tid=UA-537465-22&_gid=591946661.1687747956&_r=1&gtm=457e36l0&jsscut=1&z=765059141

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://insiders-exposed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insiders-exposed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 32ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EZM341WP65&gtm=45je36l0&_p=1063304413&cid=430568690.1687747955&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687747955&sct=1&seg=0&dl=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&dt=Webinar%20Live%20BroadCast&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EZM341WP65&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insiders-exposed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
intof.io/iocmap/ 43 B
411 B 117ms
116ms Image
image/gif 54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intof.io/iocmap/?iocid=null&iocmap=null
Requested by: Host: intof.io
URL: https://intof.io/itag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 02:52:35 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 43

GET
H/1.1

200
OK

/ Show response
intof.io/itag/
Redirect Chain

https://intof.io/itag
https://intof.io/itag/?id=itag

6 KB
6 KB

118ms
117ms

Script
application/javascript

54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://intof.io/itag/?id=itag
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: fa1cb237372d86c71a568f5fcd882d5470963e32ea235917147143fc0d7f5317

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 02:50:15 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 5643

Redirect headers

Location: https://intof.io/itag/?id=itag
Date: Mon, 26 Jun 2023 02:50:15 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 238
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK /
intof.io/iocmap/ 43 B
411 B 106ms
106ms Image
image/gif 54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intof.io/iocmap/?iocid=null&iocmap=null
Requested by: Host: intof.io
URL: https://intof.io/itag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 02:50:15 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
X-Powered-By: PHP/7.0.25
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 43

GET
H/1.1 200
OK pixel.js Show response
origin.acuityplatform.com/event/v2/ 2 KB
3 KB 133ms
30ms Script
application/javascript 23.37.34.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.acuityplatform.com/event/v2/pixel.js
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.34.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-34-233.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 /
Resource Hash: 89cf66cb9de8da20fc15e9953845dd4d1de2c0fb465c827a09d818449222c533

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 02:52:36 GMT
Last-Modified: Wed, 04 Jan 2023 18:57:40 GMT
Server: nginx/1.14.0
ETag: "63b5cc24-978"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2424

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 151 KB
57 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9TFFQL

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

767a9db31121319381bcc0d1603779a6ce3fcedafd2565ac7ec3ef993c638d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57907
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Jun 2023 02:52:36 GMT

GET
H/1.1 200
OK 657105780 Show response
player.vimeo.com/video/ Frame 70F7 20 KB
9 KB 188ms
187ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/657105780?controls=0

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fe7f83a513cde203079b2aea8e3542f14a22f1cb67525f4c5f091b8ddcebe28

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app/ https://.hivestreaming.com/ https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://insiders-exposed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 7dd227b62eb89b3f-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 26 Jun 2023 02:52:36 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-fra-eddf8230111-FRA
X-Timer: S1687747956.196710,VS0,VE150
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://*.hivestreaming.com/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://*.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*
expires: Fri, 15 Dec 1985 19:30:00 GMT
link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-5d7ff955f6-2xpkb
x-content-type-options: nosniff
x-host: player-backend-5d7ff955f6-2xpkb
x-player-backend: g
x-xss-protection: 1; mode=block

GET
H2 404 body_bg.jpg
insiders-exposed.com/live-event/img/ 373 B
373 B 438ms
438ms Image
text/html 2606:4700:20::ac43:451c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insiders-exposed.com/live-event/img/body_bg.jpg
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/webinar.css?1687747953
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:451c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 014290e68d7c7fa12dd2d510484b46972bf2b2528d845b59613babfad8ca1a96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/live-event/1/webinar.css?1687747953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJeyXbBYEzbHZ9q2rO2sZAY0K3Sk7ozEquH5FCZLxILAqGXN1D401XZjLpjIiiZvf9hgIQpVMeg1aO837GBhsNWQCQ2w5rMMcZpqybkldbikjEqzg4OYAgCxlrnZ4XFPFP%2BuXjjRTCLhWjMQHWLhh1SV"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 7dd227b62fc3695b-FRA

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
64 KB 204ms
166ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin: https://insiders-exposed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
cdn-cachedat: 06/09/2022 10:24:04
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 64464
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a25fe4eeec8edadd7d7c5841b281df63
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7dd227b6a8623620-FRA
cdn-requestpullsuccess: True

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 112 KB
29 KB 114ms
39ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21d4a80744b439cb8dd504b6d5f1dd6fd9fe1ddcca9e46ab98d156f51e893c1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 26 Jun 2023 02:52:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28307
x-xss-protection: 0
pragma: public
x-fb-debug: PL7HQvZIG5T1E1LRUQFB4wSv/V38L1EGS+mFGisE0z9sO3WQKAf8GjEVsuWaTnTIF1L0eFqV+hvx0e9uQuuWlA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 140 KB
54 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1070781524&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NW398H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

036addd765992ade2b8024d4e31219d10757db5acce8f28d3da38d9d094d2e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54893
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Jun 2023 02:52:36 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 34ms
33ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1063304413&t=pageview&_s=1&dl=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&ul=en-us&de=UTF-8&dt=Webinar%20Live%20BroadCast&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAAUABAAAAACAAI~&jid=2090229694&gjid=1454343790&cid=430568690.1687747955&tid=UA-537465-21&_gid=591946661.1687747956&_r=1&_slc=1&z=996325990

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://insiders-exposed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insiders-exposed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070781524/ 3 KB
2 KB 409ms
128ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070781524/?random=1687747956331&cv=11&fst=1687747956331&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&hn=www.googleadservices.com&frm=0&tiba=Webinar%20Live%20BroadCast&auid=526169399.1687747955&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1070781524

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ec47c7cc29f95fec8a4b148675ea98a73ba2714ce2b1ecc8b9f5a0db51d4a99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

invisible.js Show response
insiders-exposed.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/ Frame D0A8
Redirect Chain

https://insiders-exposed.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://insiders-exposed.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

7 KB
4 KB

47ms
43ms

Script
application/javascript

2606:4700:20::ac43:451c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insiders-exposed.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Server

2606:4700:20::ac43:451c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc1f4bfbbf054145195de2887b469abbbf2f9d237b1b10ce9eabcfebc369e9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alX%2FwHGc4o%2Bo6lqk2zMgjMEvFkmOJ78rgbRr2z4EO7HEJw2PlyMz0AzXIj01B3JQWwdYN%2FnuU56gTyPGl%2BJ9xoXi4ChTuLlLWjmySD8%2BANynKBV0zGv9vRLAZqt575XlE132tHhYd%2FOehnAPj%2FcD16KA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7dd227b7f908695b-FRA

Redirect headers

date: Mon, 26 Jun 2023 02:52:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOL4JSQwDnTjhG46YXMgUVzQpxsfP1%2FbqSZxfhdKv70MIXkWnnAmYR1vYryofFtN%2B%2FPok6Bqjwj7vbEjEvrYYsq4MajUJHZSRXcQFJNUU90dihn4zhe6cLABEiP4Milssz%2FmI0hREH7eObvvHyZ0%2Bih8"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
cache-control: max-age=300, public
cf-ray: 7dd227b7588e695b-FRA

GET
H2 200 index.php Show response
track.wickedreports.com/ 118 B
342 B 427ms
140ms XHR
text/html 52.14.123.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.wickedreports.com/index.php?WickedClientID=602&WickedEmail=verdacht%40safeonweb.be&WickedTrackingDate=1687747956366&WickedURL=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&WickedReferrerURL=
Requested by: Host: widget.wickedreports.com
URL: https://widget.wickedreports.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.123.13 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-14-123-13.us-east-2.compute.amazonaws.com
Software: nginx / PHP/7.3.27
Resource Hash: 970cfb363d75f22566fbdeffd9c839cd0ec889193513bd251c2404a08f9af0e0

Request headers

Referer: https://insiders-exposed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jun 2023 02:52:36 GMT
server: nginx
x-powered-by: PHP/7.3.27
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 252ms
186ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-537465-21&cid=430568690.1687747955&jid=2090229694&gjid=1454343790&_gid=591946661.1687747956&_u=aDDAAUABAAAAACAAI~&z=1717133063

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://insiders-exposed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 26 Jun 2023 02:52:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insiders-exposed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-38BN4YS6G6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9TFFQL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e4e10b41453cf541bca4c0bb93b28193a89f9212fca66e9d6c35bd343dd0967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85616
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Jun 2023 02:52:36 GMT

POST
H2 200 server_get.php Show response
insiders-exposed.com/live-event/1/ 1 KB
548 B 210ms
209ms XHR
text/html 2606:4700:20::ac43:451c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insiders-exposed.com/live-event/1/server_get.php?f_e=verdacht@safeonweb.be&pageid=1996

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:451c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f40e1d992cc57b6d3e5e2de5daa59ce77250e6040faddef9bf80f2c7c967f6b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQKw2ZFULkziJeuDAgXIeUmAFXeivPJRAy%2BHNItFQP3KX7FZHHzhz4vuxNxnq1mEXExbV9BvbmLOz2rBI%2B519UXodAKtAthJV98i6KAhNWJtpLhDm81XvjIryfpzsRL0Z4SXF%2BPaiOadt8ARic0I53Y5"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cf-ray: 7dd227b7a8ca695b-FRA

GET
H/1.1 200
OK pj Show response
e.acuityplatform.com/ 1 KB
2 KB 230ms
20ms Script
text/javascript 154.59.122.94
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://e.acuityplatform.com/pj?pk=3996226716333854069&pu=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be
Requested by: Host: origin.acuityplatform.com
URL: https://origin.acuityplatform.com/event/v2/pixel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.59.122.94 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: 72d6a3b352f4e121eef5db7928d7982cccf9fd959c111fdc0267c9b9d9cc612d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Content-Length: 1130
Content-Type: text/javascript

GET
H/1.1 200
OK pj Show response
e.acuityplatform.com/ 1 KB
2 KB 502ms
272ms Script
text/javascript 154.59.122.94
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://e.acuityplatform.com/pj?pk=3996226716333854069&pu=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&pg=10044
Requested by: Host: origin.acuityplatform.com
URL: https://origin.acuityplatform.com/event/v2/pixel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.59.122.94 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: a00a74f475e9c6a5fb320694166548d52e2aa382d5f06ba7517d8da1ea883e15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Content-Length: 1361
Content-Type: text/javascript

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10793098225/ 3 KB
2 KB 351ms
28ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10793098225/?random=1687747956436&cv=11&fst=1687747956436&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&label=C0MwCMLJuoADEPG3xpoo&hn=www.googleadservices.com&frm=0&tiba=Webinar%20Live%20BroadCast&value=0&bttype=purchase&auid=526169399.1687747955&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9TFFQL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

0dfb45d4236559a541fc7a075447e59286f7efd42fa3968f416f63a7a2786f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1665
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.24.0/js/ Frame 70F7 515 KB
124 KB 74ms
7ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.24.0/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/657105780?controls=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 03350a3e8f231f3382128f09021e525d625d0fc6c5677fbfab7cc64b92578d21

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000159-IAD, cache-fra-etou8220071-FRA
date: Mon, 26 Jun 2023 02:52:36 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 292433
x-timer: S1687747957.550562,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 126703
x-cache-hits: 12, 57747

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.24.0/js/ Frame 70F7 395 KB
96 KB 78ms
11ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.24.0/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/657105780?controls=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a4badce5be7c52243551796c980dae1306ee4ea300f4d86aaa0712a1f4dc968d

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000031-IAD, cache-fra-etou8220071-FRA
date: Mon, 26 Jun 2023 02:52:36 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 292433
x-timer: S1687747957.550628,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 97690
x-cache-hits: 12, 62881

GET
H2 200 player.css
f.vimeocdn.com/p/4.24.0/css/ Frame 70F7 207 KB
21 KB 74ms
8ms Stylesheet
text/css 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.24.0/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/657105780?controls=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3ed8bba1caf9e33a4ed228e08e239195cf75f511b9456a352e2587f61057a311

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100109-IAD, cache-fra-etou8220105-FRA
date: Mon, 26 Jun 2023 02:52:36 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 292433
x-timer: S1687747957.550371,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21491
x-cache-hits: 14, 64164

GET
H2 200 1326559557-316729245065c76a27d9182e45336a1dd319a029003cbfdc7393091e36776783-d.jpg
i.vimeocdn.com/video/ Frame 70F7 2 KB
2 KB 72ms
11ms Image
image/jpeg 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1326559557-316729245065c76a27d9182e45336a1dd319a029003cbfdc7393091e36776783-d.jpg?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/657105780?controls=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 019e65f9a8e699c8ac8413064cba0ba1dc2ab19c787890846be126e6561ab06e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:36 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 2151121
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1818
viewmaster-server: viewmaster-us-central1-9rhf
x-served-by: cache-dfw-kdfw8210121-DFW, cache-fra-eddf8230036-FRA
x-timer: S1687747957.550555,VS0,VE1
etag: 40ff3fa967447a000edcf7b025431d89
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 121, 1

GET
H2 200 187804185085753 Show response
connect.facebook.net/signals/config/ 376 KB
108 KB 29ms
26ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/187804185085753?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc123085eb70368fbc0528bcdab967789908a77678fe02b5c41a39c7a0637d16

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 26 Jun 2023 02:52:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 109937
x-xss-protection: 0
pragma: public
x-fb-debug: zpFsgs1saS6JfvcK8wz9o7cMQTalzqXR4tvlIkAOYVx8Z8q/aobqMhmeRNfPgwNrjxjAPTFBjvOEgszoLBVUBg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 54ms
41ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-38BN4YS6G6&gtm=45je36l0&_p=1063304413&_gaz=1&cid=430568690.1687747955&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687747956&sct=1&seg=0&dl=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&dt=Webinar%20Live%20BroadCast&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-38BN4YS6G6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insiders-exposed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 98ms
97ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-38BN4YS6G6&cid=430568690.1687747955&gtm=45je36l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-38BN4YS6G6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insiders-exposed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 46ms
41ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-38BN4YS6G6&gtm=45je36l0&_p=1063304413&cid=430568690.1687747955&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1687747956&sct=1&seg=0&dl=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&dt=Webinar%20Live%20BroadCast&en=Lead&_c=1&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-38BN4YS6G6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insiders-exposed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 349ms
43ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-38BN4YS6G6&cid=430568690.1687747955&gtm=45je36l0&aip=1&z=2019530896

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 7dd227a7bf0a695b Show response
insiders-exposed.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame D0A8 0
487 B 55ms
54ms XHR
text/plain 2606:4700:20::ac43:451c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insiders-exposed.com/cdn-cgi/challenge-platform/h/g/cv/result/7dd227a7bf0a695b
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:451c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Jun 2023 02:52:36 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7dd227b999eb695b-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fkI4FbNMfM0Ix5wD7Si7wStbMvSAZ%2Bkb1bl4Nc%2ButMtDZXTmmkssU%2FVHL3ZRL9y2R7LWToC5Z7uzWWyqUtrnxZJ7YcYv9TR7GsqG9ktOu%2BNKrAoDwdm4VZeRaNOKHv7ons26Xh7seBl2urX9YkW4JKN"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 75ms
26ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=187804185085753&ev=PageView&dl=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522email%2522%255D%252C%2522restrictedParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1687747956759&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.1.1687747956757.515706981&cs_est=true&it=1687747956495&coo=false&rqm=GET

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Jun 2023 02:52:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

451
Unavailable For Legal Reasons

bswsync
crb.kargo.com/api/v1/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=236&user_id=794212116229&expires=30&user_group=1
https://x.bidswitch.net/ul_cb/sync?dsp_id=236&user_id=794212116229&expires=30&user_group=1
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=00185c04-8e42-41e0-8791-3976d7289d18&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

0
462 B

117ms
25ms

Image
text/plain

3.126.109.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/bswsync?bsw_uuid=00185c04-8e42-41e0-8791-3976d7289d18&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Server: 3.126.109.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-109-67.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Jun 2023 02:52:37 GMT
X-Accel-Expires: 0
Vary: Origin
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: //crb.kargo.com/api/v1/bswsync?bsw_uuid=00185c04-8e42-41e0-8791-3976d7289d18&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
date: Mon, 26 Jun 2023 02:52:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ 0
239 B 134ms
24ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=794212116229&expires=30
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 118ms
41ms Image
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=794212116229

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content merge
ce.lijit.com/ 0
311 B 134ms
35ms Image
text/plain 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=66&3pid=794212116229
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Mon, 26 Jun 2023 02:52:36 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

204
No Content

sum
ums.acuityplatform.com/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3150&partner_device_id=794212116229&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D794212116229%26uid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3150&partner_device_id=794212116229&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D794212116229%26uid%3D%24%7...
https://ums.acuityplatform.com/sum?umid=64&auid=794212116229&uid=db763ace-efbc-4d7a-b604-f8d5c826accd

0
27 B

499ms
410ms

Image
text/plain

154.59.122.79
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ums.acuityplatform.com/sum?umid=64&auid=794212116229&uid=db763ace-efbc-4d7a-b604-f8d5c826accd
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Server: 154.59.122.79 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

date: Mon, 26 Jun 2023 02:52:36 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://ums.acuityplatform.com/sum?umid=64&auid=794212116229&uid=db763ace-efbc-4d7a-b604-f8d5c826accd
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

204
No Content

sum
ums.acuityplatform.com/
Redirect Chain

https://tags.bluekai.com/site/37592?id=123456&limit=0&redir=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D49%26auid%3D794212116229%26uid%3D%24_BK_UUID
https://ums.acuityplatform.com/sum?umid=49&auid=794212116229&uid=$_BK_UUID

0
27 B

68ms
21ms

Image
text/plain

154.59.122.79
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ums.acuityplatform.com/sum?umid=49&auid=794212116229&uid=$_BK_UUID
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Server: 154.59.122.79 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

location: https://ums.acuityplatform.com/sum?umid=49&auid=794212116229&uid=$_BK_UUID
date: Mon, 26 Jun 2023 02:52:37 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55950/
Redirect Chain

https://pixel.advertising.com/ups/55950/sync?uid=794212116229&_origin=1
https://ups.analytics.yahoo.com/ups/55950/sync?uid=794212116229&_origin=1

0
110 B

27ms
13ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55950/sync?uid=794212116229&_origin=1

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:37 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55950/sync?uid=794212116229&_origin=1
date: Mon, 26 Jun 2023 02:52:36 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.57
content-length: 355
content-language: en

GET
H/1.1 200
OK match
ps.eyeota.net/ 0
344 B 988ms
8ms Image
text/plain 52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=bcgd9g1&uid=794212116229
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 02:52:37 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 /
www.google.com/pagead/1p-user-list/1070781524/ 42 B
455 B 65ms
46ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1070781524/?random=1687747956331&cv=11&fst=1687744800000&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&frm=0&tiba=Webinar%20Live%20BroadCast&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=67731532&rmt_tld=0&ipr=y

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1070781524/ 42 B
154 B 23ms
20ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1070781524/?random=1687747956331&cv=11&fst=1687744800000&bg=ffffff&guid=ON&async=1&gtm=45be36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&frm=0&tiba=Webinar%20Live%20BroadCast&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=67731532&rmt_tld=1&ipr=y

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/10793098225/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10793098225/?random=149303821&cv=11&fst=1687747956436&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fins...
https://www.google.com/pagead/1p-conversion/10793098225/?random=149303821&cv=11&fst=1687747956436&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Finsiders-exposed.com%2Fl...
https://www.google.de/pagead/1p-conversion/10793098225/?random=149303821&cv=11&fst=1687747956436&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Finsiders-exposed.com%2Fli...

42 B
64 B

30ms
29ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10793098225/?random=149303821&cv=11&fst=1687747956436&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&label=C0MwCMLJuoADEPG3xpoo&hn=www.googleadservices.com&frm=0&tiba=Webinar%20Live%20BroadCast&value=0&auid=526169399.1687747955&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVVBcTlpUmh3cGdXSGNDNTFIMkt3Z21VTi0taGsxdG9WN1RjQ3lJY2dxRmE4SzZRTmVDGlhDaEVJOE12ZnBBWVF5TUtqbHBHTjlfWGlBUkl0QUNHZWlNLWZueW1EaFhvenZOYTd3TWZPLUFhdEc5eGxrdFZwNDhiam9YanJQQ2dlUXVBal9GYUpqYkpuIhMIm5a8i_ff_wIVNFzlCh0XeAXL&is_vtc=1&ocp_id=dP2YZJuML7S4lQeX8JXYDA&cid=CAQSKQBygQiDpmTtny5CW9pwCT8cd1xW0v0XniIfECHmbk6gJQKjri7cjV2S&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E98CrqUnsKdy1DJeRf0P3ow49VAeStlfH8&random=3850264547&ipr=y

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10793098225/?random=149303821&cv=11&fst=1687747956436&bg=ffffff&guid=ON&async=1&gtm=45He36l0&u_w=1600&u_h=1200&url=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&label=C0MwCMLJuoADEPG3xpoo&hn=www.googleadservices.com&frm=0&tiba=Webinar%20Live%20BroadCast&value=0&auid=526169399.1687747955&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE12ZnBBWVE1NGVLajV2NTVLbGFFaVVBcTlpUmh3cGdXSGNDNTFIMkt3Z21VTi0taGsxdG9WN1RjQ3lJY2dxRmE4SzZRTmVDGlhDaEVJOE12ZnBBWVF5TUtqbHBHTjlfWGlBUkl0QUNHZWlNLWZueW1EaFhvenZOYTd3TWZPLUFhdEc5eGxrdFZwNDhiam9YanJQQ2dlUXVBal9GYUpqYkpuIhMIm5a8i_ff_wIVNFzlCh0XeAXL&is_vtc=1&ocp_id=dP2YZJuML7S4lQeX8JXYDA&cid=CAQSKQBygQiDpmTtny5CW9pwCT8cd1xW0v0XniIfECHmbk6gJQKjri7cjV2S&eitems=ChEI8MvfpAYQ5KGFy8vn8Nn0ARIdAPl51E98CrqUnsKdy1DJeRf0P3ow49VAeStlfH8&random=3850264547&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 70F7 2 KB
1 KB 7ms
7ms Script
application/javascript 146.75.122.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/657105780?controls=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-etou8220105-FRA
date: Mon, 26 Jun 2023 02:52:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 79570
x-timer: S1687747957.026020,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 985
x-cache-hits: 27, 15143

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 70F7 4 KB
2 KB 118ms
49ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.24.0/js/vendor.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 02:52:37 GMT

GET
H2 200 1326559557-316729245065c76a27d9182e45336a1dd319a029003cbfdc7393091e36776783-d
i.vimeocdn.com/video/ Frame 70F7 113 KB
113 KB 29ms
29ms Image
image/avif 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1326559557-316729245065c76a27d9182e45336a1dd319a029003cbfdc7393091e36776783-d
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 42e4d4f565d7b10922efbd1aa1fbc16ae152cb6083871280a64838cccb928679

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:37 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 989842
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 115666
viewmaster-server: viewmaster-us-central1-9stt
x-served-by: cache-dfw-kdfw8210092-DFW, cache-fra-eddf8230036-FRA
x-timer: S1687747957.066783,VS0,VE1
etag: f0b2c8ce1586e80a491f4eb5644ae6da
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 54, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 70F7 0
142 B 640ms
569ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=2ea5b3fb318321b99203bb47f26ae721b011bdad1687747956
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.24.0/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Mon, 26 Jun 2023 02:52:37 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

204
No Content

sum
ums.acuityplatform.com/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3150&partner_device_id=794219065372&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D794219065372%26uid%3D%24%7BTA_DE...
https://ums.acuityplatform.com/sum?umid=64&auid=794219065372&uid=db763ace-efbc-4d7a-b604-f8d5c826accd

0
27 B

191ms
37ms

Image
text/plain

154.59.122.79
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ums.acuityplatform.com/sum?umid=64&auid=794219065372&uid=db763ace-efbc-4d7a-b604-f8d5c826accd
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Server: 154.59.122.79 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

date: Mon, 26 Jun 2023 02:52:37 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://ums.acuityplatform.com/sum?umid=64&auid=794219065372&uid=db763ace-efbc-4d7a-b604-f8d5c826accd
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55950/
Redirect Chain

https://pixel.advertising.com/ups/55950/sync?uid=794219065372&_origin=1
https://ups.analytics.yahoo.com/ups/55950/sync?uid=794219065372&_origin=1

0
15 B

26ms
25ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55950/sync?uid=794219065372&_origin=1

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:37 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55950/sync?uid=794219065372&_origin=1
date: Mon, 26 Jun 2023 02:52:37 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.57
content-length: 355
content-language: en

GET
H/1.1

204
No Content

sum
ums.acuityplatform.com/
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NyZ0bD0xMjk2MDA=&piggybackCookie=uid:794219065372&r=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D6%26auid%3D794...
https://ums.acuityplatform.com/sum?umid=6&auid=794219065372&uid=${PUBMATIC_UID}

0
27 B

128ms
37ms

Image
text/plain

154.59.122.79
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ums.acuityplatform.com/sum?umid=6&auid=794219065372&uid=${PUBMATIC_UID}
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Server: 154.59.122.79 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

location: https://ums.acuityplatform.com/sum?umid=6&auid=794219065372&uid=${PUBMATIC_UID}
date: Mon, 26 Jun 2023 02:52:36 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=236&user_id=794219065372&expires=30&user_group=1
https://sync.search.spotxchange.com/partner?adv_id=7310&uid=00185c04-8e42-41e0-8791-3976d7289d18
https://sync.search.spotxchange.com/partner?adv_id=7310&uid=00185c04-8e42-41e0-8791-3976d7289d18&__user_check__=1&sync_id=821ada0b-13cc-11ee-aedb-1e87ce780306

43 B
549 B

1023ms
1023ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7310&uid=00185c04-8e42-41e0-8791-3976d7289d18&__user_check__=1&sync_id=821ada0b-13cc-11ee-aedb-1e87ce780306
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 02:52:37 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 107
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 26 Jun 2023 02:52:37 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7310&uid=00185c04-8e42-41e0-8791-3976d7289d18&__user_check__=1&sync_id=821ada0b-13cc-11ee-aedb-1e87ce780306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 49
Connection: keep-alive
Content-Length: 0

GET
H/1.1 204
No Content merge
ce.lijit.com/ 0
311 B 282ms
281ms Image
text/plain 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=66&3pid=794219065372
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Mon, 26 Jun 2023 02:52:37 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
232 B 123ms
122ms Image
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=794219065372

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ 0
239 B 35ms
34ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=794219065372&expires=30
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

sum
ums.acuityplatform.com/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=12105&dpuuid=794219065372&redir=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D41%26auid%3D794219065372%26uid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=12105&dpuuid=794219065372&redir=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D41%26auid%3D794219065372%26uid%3D%24%7BDD_UUID%7D
https://ums.acuityplatform.com/sum?umid=41&auid=794219065372&uid=37360198952781278970159076068912691884

0
27 B

45ms
44ms

Image
text/plain

154.59.122.79
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ums.acuityplatform.com/sum?umid=41&auid=794219065372&uid=37360198952781278970159076068912691884
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Server: 154.59.122.79 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

DCS: dcs-prod-irl1-1-v049-080db7a7f.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: aOHLJbeUTVw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://ums.acuityplatform.com/sum?umid=41&auid=794219065372&uid=37360198952781278970159076068912691884
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 getuid
eb2.3lift.com/ 37 B
140 B 325ms
15ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D23%26auid%3D794219065372%26uid%3D%24UID
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 70F7 0
903 B 207ms
161ms Ping
text/plain 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=2ea5b3fb318321b99203bb47f26ae721b011bdad1687747956

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sun, 25 Jun 2023 14:52:37 GMT
Date: Mon, 26 Jun 2023 02:52:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kcgs7200045-IAD, cache-fra-eddf8230119-FRA
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1687747957.168768,VS0,VE122
x-backend-proxy: webproxy18
x-frame-options: sameorigin
Vary: User-Agent
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-7bdf584445-bq6zg
Accept-Ranges: bytes
CF-RAY: 7dd227bc3fac9945-FRA
X-Cache-Hits: 0, 0

GET
H2 200 1326559557-316729245065c76a27d9182e45336a1dd319a029003cbfdc7393091e36776783-d.jpg
i.vimeocdn.com/video/ Frame 70F7 2 KB
2 KB 32ms
31ms Image
image/jpeg 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1326559557-316729245065c76a27d9182e45336a1dd319a029003cbfdc7393091e36776783-d.jpg?mw=80&q=85
Requested by: Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 019e65f9a8e699c8ac8413064cba0ba1dc2ab19c787890846be126e6561ab06e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:37 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 2151122
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1818
viewmaster-server: viewmaster-us-central1-9rhf
x-served-by: cache-dfw-kdfw8210121-DFW, cache-fra-eddf8230036-FRA
x-timer: S1687747957.242941,VS0,VE0
etag: 40ff3fa967447a000edcf7b025431d89
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 121, 2

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 70F7 35 KB
12 KB 303ms
303ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 26 Jun 2023 02:52:37 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/114/ Frame 70F7 51 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/114/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 17:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15225
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 15:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 26 Jun 2023 17:21:06 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 12ms
12ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=187804185085753&ev=Microdata&dl=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&rl=&if=false&ts=1687747959027&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Webinar%20Live%20BroadCast%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.109&r=stable&ec=1&o=30&fbp=fb.1.1687747956757.515706981&it=1687747956495&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: insiders-exposed.com
URL: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Jun 2023 02:52:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK track.php Show response
tracking.ontraport.com/ 774 B
1 KB 517ms
181ms Script
text/html 209.170.211.179
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.ontraport.com/track.php?mid=21828&llc=https%253A%252F%252Finsiders-exposed.com%252Flive-event%252F1%252F%253Fpageid%253D1996%2526email%253Dverdacht%2540safeonweb.be&first_visit=1&referral_page=&s=mqq8t9ftfp9rs940whhg&l=insiders-exposed.com/live-event/1/&ti=Webinar%20Live%20BroadCast&gcid=430568690.1687747955&is_unique=0
Requested by: Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 209.170.211.179 Las Vegas, United States, ASN13649 (ASN-VINS, US),
Reverse DNS: mail9.ontramail.com
Software: ONTRAport /
Resource Hash: 6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 02:52:39 GMT
Content-Encoding: gzip
Server: ONTRAport
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
X-op-release: 0
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-op-class: hosted
X-op-ca: 37.58.58.248

GET
H/1.1 200
OK track.php Show response
tracking.ontraport.com/ 774 B
1 KB 521ms
178ms Script
text/html 209.170.211.179
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.ontraport.com/track.php?mid=21828&llc=https%253A%252F%252Finsiders-exposed.com%252Flive-event%252F1%252F%253Fpageid%253D1996%2526email%253Dverdacht%2540safeonweb.be&s=mqq8t9ftfp9rs940whhg&l=insiders-exposed.com/live-event/1/&ti=Webinar%20Live%20BroadCast&gcid=430568690.1687747955&gcid=430568690.1687747955&is_unique=0
Requested by: Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 209.170.211.179 Las Vegas, United States, ASN13649 (ASN-VINS, US),
Reverse DNS: mail9.ontramail.com
Software: ONTRAport /
Resource Hash: 6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 26 Jun 2023 02:52:39 GMT
Content-Encoding: gzip
Server: ONTRAport
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
X-op-release: 0
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-op-class: hosted
X-op-ca: 37.58.58.248

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 15ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8SJNWV4ZSP&gtm=45je36l0&_p=1063304413&cid=430568690.1687747955&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1687747954&sct=1&seg=0&dl=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&dt=Webinar%20Live%20BroadCast&en=scroll&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SJNWV4ZSP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insiders-exposed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 15ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P4C5FRHY76&gtm=45je36l0&_p=1063304413&cid=430568690.1687747955&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1687747955&sct=1&seg=0&dl=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&dt=Webinar%20Live%20BroadCast&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P4C5FRHY76
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insiders-exposed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 17ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-38BN4YS6G6&gtm=45je36l0&_p=1063304413&cid=430568690.1687747955&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1687747956&sct=1&seg=0&dl=https%3A%2F%2Finsiders-exposed.com%2Flive-event%2F1%2F%3Fpageid%3D1996%26email%3Dverdacht%40safeonweb.be&dt=Webinar%20Live%20BroadCast&en=scroll&epn.percent_scrolled=90&_et=37
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-38BN4YS6G6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://insiders-exposed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jun 2023 02:52:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://insiders-exposed.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 server_get.php Show response
insiders-exposed.com/live-event/1/ 1 KB
435 B 155ms
155ms XHR
text/html 2606:4700:20::ac43:451c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insiders-exposed.com/live-event/1/server_get.php?f_e=verdacht@safeonweb.be&pageid=1996

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:451c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f40e1d992cc57b6d3e5e2de5daa59ce77250e6040faddef9bf80f2c7c967f6b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://insiders-exposed.com/live-event/1/?pageid=1996&email=verdacht@safeonweb.be
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:52:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxqlgc01tsmNySIcYnsM%2B%2BWLUgY8TFeGlP8Jkw%2B5KSLz2D9S6PQHEyXs7CshiLm%2FPzWDME0%2BQK%2FAVhYcZLKZvNuOVW4fSB55TGzujezVlXnVh48%2Fj6e8j%2BWzXKJE9MYKDiz0FMegrAqsWCDm%2BuzCQCk3"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cf-ray: 7dd227f4ce8e695b-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: conversionfly.com
URL: https://conversionfly.com/GPSI/a.php

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hawkeyetraders.ontraport.com/	1970-01-20 21:34:43	Name: contact_identity_id Value: 220936
hawkeyetraders.ontraport.com/	1970-01-20 21:34:43	Name: op_id_ver Value: %242a%2408%24WSzrR.RKcjH5Xb8Bgu5cie3gO7uyulqmggs33Zsp3Axsa.2lulPBC
hawkeyetraders.ontraport.com/	1970-01-20 13:32:19	Name: sess_ Value: gc9853fpwrsf14qcb
hawkeyetraders.ontraport.com/	1969-12-31 23:59:59	Name: contact_id Value: 220936
.vimeo.com/	1970-01-20 12:49:09	Name: __cf_bm Value: mDOqrrkOaSW16P_oCcl9tT3CrxQmvHsSg__xFhBWcBQ-1687747954-0-AXZ/56CAPpVG0Gpbmv3Fgp9tNx6VP8DgjLVIbdyVx4/Kw1tBY5oxMRrINUkNczG6PTjZUpY2heHnfWmA7ez7nnQ=
.insiders-exposed.com/	1970-01-20 14:58:43	Name: _gcl_au Value: 1.1.526169399.1687747955
.insiders-exposed.com/	1970-01-20 22:25:07	Name: _ga_8SJNWV4ZSP Value: GS1.1.1687747954.1.0.1687747954.0.0.0
.tiktok.com/	1970-01-20 22:10:43	Name: _ttp Value: 2RizznJdGWWmnJokwG076wQmIq9
.insiders-exposed.com/	1970-01-20 22:10:43	Name: _tt_enable_cookie Value: 1
.insiders-exposed.com/	1970-01-20 22:10:43	Name: _ttp Value: kjEg6aiCbMqxXUceRnyz-ozlq6B
.insiders-exposed.com/	1970-01-20 22:25:07	Name: _ga_P4C5FRHY76 Value: GS1.1.1687747955.1.0.1687747955.0.0.0
.deadlinefunnel.com/	1970-01-20 17:11:12	Name: df-ecdf3d6c4d Value: 123122332
.insiders-exposed.com/	1970-01-20 12:50:34	Name: _gid Value: GA1.2.591946661.1687747956
.insiders-exposed.com/	1970-01-20 12:49:08	Name: _gat_gtag_UA_537465_22 Value: 1
.insiders-exposed.com/	1970-01-20 22:25:07	Name: _ga_EZM341WP65 Value: GS1.1.1687747955.1.0.1687747955.0.0.0
insiders-exposed.com/	1970-01-20 22:25:07	Name: sess_ Value: mqq8t9ftfp9rs940whhg
insiders-exposed.com/	1970-01-20 22:25:07	Name: referral_page Value:
insiders-exposed.com/	1970-01-20 22:25:07	Name: vid Value:
insiders-exposed.com/	1970-01-20 22:25:07	Name: lastvisit Value: 1687747956
.insiders-exposed.com/	1970-01-20 12:49:08	Name: _gat Value: 1
.insiders-exposed.com/	1970-01-20 12:49:08	Name: wickedEmails323315698 Value: verdacht%40safeonweb.be
.insiders-exposed.com/	1970-01-20 22:25:07	Name: _ga Value: GA1.1.430568690.1687747955
.insiders-exposed.com/	1970-01-20 22:25:07	Name: _ga_38BN4YS6G6 Value: GS1.1.1687747956.1.0.1687747956.60.0.0
.insiders-exposed.com/	1970-01-20 14:58:43	Name: _fbp Value: fb.1.1687747956757.515706981
.insiders-exposed.com/	1970-01-20 12:49:09	Name: __cf_bm Value: QaAYaRDZBDhgJGBsSIIBfSv68gt6ti3sI25e_6wbtxc-1687747956-0-AXeJcwFVaLkQ5re0wZmXv9Jw4Ym8ut5D/snS3qCIBt4T/6oWw/kUJNv0QoAEWS5Uyw==
.doubleclick.net/	1970-01-20 22:10:43	Name: IDE Value: AHWqTUkd3EaCSyEtb_zGsW3G0UybVFRoFYkXsLxbstgnltkZU-vnhAAW9dAg6kXt
.bidswitch.net/	1970-01-20 21:34:43	Name: tuuid Value: 00185c04-8e42-41e0-8791-3976d7289d18
.bidswitch.net/	1970-01-20 21:34:43	Name: c Value: 1687747956
.bidswitch.net/	1970-01-20 21:34:43	Name: tuuid_lu Value: 1687747956
.tapad.com/	1970-01-20 14:15:31	Name: TapAd_TS Value: 1687747956877
.tapad.com/	1970-01-20 14:15:31	Name: TapAd_DID Value: db763ace-efbc-4d7a-b604-f8d5c826accd
.acuityplatform.com/	1970-01-20 21:34:43	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBNjT6jXVzZXJNYXRjaGluZ0lkJAKAkWxhc3REcm9wVGltZU1pbGxpcyUBRD0zYH2wmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMhj3RoaXJkUGFydHlVc2VySWQh+4ExN/pCJKJDJQFEPTNgfbBEIUUh+4Ay+kLEQyUBRD0zYH2wRCFFIfuCMTE0+kIkA6RDJQFEPTNgfbBEIUUh+4A0+kLIQyUBRD0zYH2wRCFFIfuANvpCzEMlAUQ9M2B9sEQhRSH7gTIz+kIkrkMlAUQ9M2B9sEQhRSH7gjEyMPpCJAOwQyUBRD0zYH2wRCFFIfuBNDH6QiQBkkMlAUQ9M2B9sEQhRSH7gTI3+kIktkMlAUQ9M2B9sEQhRSH7+4Z2ZXJzaW9uwvs="
.acuityplatform.com/	1970-01-20 21:34:43	Name: auid Value: 794219065372
.tapad.com/	1970-01-20 14:15:31	Name: TapAd_3WAY_SYNCS Value:
.advertising.com/	1970-01-20 21:35:05	Name: A3 Value: d=AQABBHT9mGQCEH1MAMAbV-wKH5pAONfVfsAFEgEBAQFOmmSiZOANyiMA_eMAAA&S=AQAAAtT7ukVrpdXG3o2boNappPM
.vimeo.com/	1970-01-20 22:25:07	Name: vuid Value: pl1055246036.1961821174
.kargo.com/	1970-01-20 21:34:43	Name: ktcid Value: 661b8f28-b04a-08e9-5e20-08173bb589c8
.pubmatic.com/	1970-01-20 14:58:43	Name: KRTBCOOKIE_469 Value: 8273-uid:794219065372&KRTB&23428-uid:794219065372
.pubmatic.com/	1970-01-20 13:32:19	Name: PugT Value: 1687747956
.spotxchange.com/	1970-01-20 13:29:27	Name: audience Value: 821ad9a6-13cc-11ee-aedb-1e87ce780306
.bluekai.com/	1970-01-20 17:12:39	Name: bku Value: tJ/99cE2ZsERm01h
.bluekai.com/	1970-01-20 17:12:39	Name: bkpa Value: KJyA0nWvQp9xOrY7mD5+dLH/OiA+Wii57DUD6Q1wJqA144+YrlNXEVq5s+rN9P5KKywgVkd+nvp2oDgq03kd38bjf/6xYqa/grKkLcfm45qUASHKeicWU/HLn1/gtzWaQodnpNNy1ees9TcQd6ky6d68MKBMI9T9ozX73y==
.demdex.net/	1970-01-20 17:08:19	Name: demdex Value: 37360198952781278970159076068912691884
.dpm.demdex.net/	1970-01-20 17:08:19	Name: dpm Value: 37360198952781278970159076068912691884
.eyeota.net/	1970-01-20 12:49:08	Name: SERVERID Value: 17885~DM
tracking.ontraport.com/	1970-01-20 17:08:19	Name: sess_ Value: mqq8t9ftfp9rs940whhg
tracking.ontraport.com/	1970-01-20 17:08:19	Name: mr_src Value: mr_

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gblprftsystm-prom.com/p.ashx?a=424&f=js&e=326&t=TRANSACTION_ID Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: https://insiders-exposed.com/live-event/img/body_bg.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://crb.kargo.com/api/v1/bswsync?bsw_uuid=00185c04-8e42-41e0-8791-3976d7289d18&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy= Message: Failed to load resource: the server responded with a status of 451 (Unavailable For Legal Reasons)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.deadlinefunnel.com
ajax.googleapis.com
analytics.tiktok.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
conversionfly.com
crb.kargo.com
deadlinefunnel.com
dpm.demdex.net
e.acuityplatform.com
eb2.3lift.com
f.vimeocdn.com
fresnel.vimeocdn.com
gblprftsystm-prom.com
googleads.g.doubleclick.net
hawkeyetraders.ontraport.com
i.vimeocdn.com
image2.pubmatic.com
insiders-exposed.com
intof.io
maxcdn.bootstrapcdn.com
optassets.ontraport.com
origin.acuityplatform.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
player.vimeo.com
ps.eyeota.net
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
sync.search.spotxchange.com
tags.bluekai.com
track.wickedreports.com
tracking.ontraport.com
ums.acuityplatform.com
ups.analytics.yahoo.com
vimeo.com
widget.wickedreports.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
conversionfly.com
104.16.20.19
13.248.245.213
142.250.186.34
146.75.118.109
146.75.122.109
151.139.128.10
154.59.122.79
154.59.122.94
162.159.128.61
162.159.138.60
172.217.18.2
18.66.147.125
184.86.103.216
185.94.180.125
198.47.127.205
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3a
209.170.211.179
216.52.2.39
23.37.34.233
2606:4700:20::ac43:451c
2606:4700:20::ac43:4746
2606:4700::6812:bcf
2a00:1450:4001:811::200e
2a00:1450:4001:827::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.126.109.67
3.75.62.37
34.111.113.62
34.120.202.204
35.158.39.51
35.168.45.42
50.112.28.9
52.14.123.13
52.57.150.20
54.156.254.128
54.76.136.163
69.173.144.165
72.246.169.24
014290e68d7c7fa12dd2d510484b46972bf2b2528d845b59613babfad8ca1a96
019e65f9a8e699c8ac8413064cba0ba1dc2ab19c787890846be126e6561ab06e
03350a3e8f231f3382128f09021e525d625d0fc6c5677fbfab7cc64b92578d21
036addd765992ade2b8024d4e31219d10757db5acce8f28d3da38d9d094d2e5d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dfb45d4236559a541fc7a075447e59286f7efd42fa3968f416f63a7a2786f9c
17772f71a66b5d86fecfb5b548ffac72ad6614d162b68179edc9afdcc83464a1
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
1e4e10b41453cf541bca4c0bb93b28193a89f9212fca66e9d6c35bd343dd0967
21d4a80744b439cb8dd504b6d5f1dd6fd9fe1ddcca9e46ab98d156f51e893c1b
3abea336b370d8cd22e08bfcb5bf3455781080c5242e9aee261d6b4abb05ac36
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3ec107d0f9ea3800a94077a246b1295450b1cb8bb37c5769390c0e246eaa3d4b
3ed8bba1caf9e33a4ed228e08e239195cf75f511b9456a352e2587f61057a311
42e4d4f565d7b10922efbd1aa1fbc16ae152cb6083871280a64838cccb928679
458d27b54f5d3dee904a296779dc29aec735cd5a34786d519211b6157ee962ed
4a34f130db79d9219ebf91009ea0dec069c099dc4a0128439404b823d51dfa08
4bd4db5489f52f092ac687a50c5afd570c768acad3636a0955149b949c4bb32f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec47c7cc29f95fec8a4b148675ea98a73ba2714ce2b1ecc8b9f5a0db51d4a99
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6b222004b4fb499f7d56a233f2481640017fac1029b3c79daa577eac84a34f48
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e0e2d05f5b70f7dd4d350266bb9c20903874dfb1a5c702ee511414479efa5fe
6fe7f83a513cde203079b2aea8e3542f14a22f1cb67525f4c5f091b8ddcebe28
72d6a3b352f4e121eef5db7928d7982cccf9fd959c111fdc0267c9b9d9cc612d
767a9db31121319381bcc0d1603779a6ce3fcedafd2565ac7ec3ef993c638d1b
7d52bc856b96c89d1892b70c3924592060434fdfaf98d9a9f7d4840aec159f49
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
89cf66cb9de8da20fc15e9953845dd4d1de2c0fb465c827a09d818449222c533
8f9060c178fe5edcfbe9c6bf9be114367b308228235d286028df88c4f5c4326f
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
970cfb363d75f22566fbdeffd9c839cd0ec889193513bd251c2404a08f9af0e0
98e67b7c00d3ed50871865e8acf0381d72b909eb2360b56261061c9be60bde9e
99852345225304df70967ed55233e225b125f04f91c22471cefe66a94fccc302
a00a74f475e9c6a5fb320694166548d52e2aa382d5f06ba7517d8da1ea883e15
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a4badce5be7c52243551796c980dae1306ee4ea300f4d86aaa0712a1f4dc968d
a755080ac27c65d216be0aa2a896fb5d2612f2695f6cee15b4d241944c9eebc2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abd0ce615d48c609081fc782295fa2244bede6af41d46a822f8b4acf30685853
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
ba78444bfbd7c20f571088bc949f4d6f0fc0a30dcc92e42bccc821c3216abbef
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c13280e79f74109c5e3854822c0f0c972d0a57245c95b0b3762f9788bd918f8d
c43cf2f241fcd121cdc0d6118c0ebc8f7df00d64e3162f00011f1c61ced0c252
cc123085eb70368fbc0528bcdab967789908a77678fe02b5c41a39c7a0637d16
cc1f4bfbbf054145195de2887b469abbbf2f9d237b1b10ce9eabcfebc369e9c0
cebb7776fb386c1fc6f0ef7168aa12642441058942bf91e0403ed1b15665ed37
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf148e3be7b390d6fc14578adfbe53a8758d31ad8040981a7c43511736bbc9c3
d2c6d9a5d9f7d9bb4f8c544ed12f2c2f22fe8b0719a778e4d50b08c15f4b8f59
d99393877213e78fe05555f3394ea3c929df046b2c0384fc54679753a10eb342
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dedd9aa6c90f3f3b1e69bf2ae1153fad9b9f1dbe50c921998ec64f40a67bf701
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8fabfe944b5ebc5bedcb20beb8b186b4d95ef852ec1704a541905d1650d19e6
eb322f7e8bb5c53ef8ca9b7341d87f819abfc233d4ba95c0a709bd3e89b58a84
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40e1d992cc57b6d3e5e2de5daa59ce77250e6040faddef9bf80f2c7c967f6b0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8dc1c5380a71fb358cb060072040a895f70abeabeee522960967816f970ac1a
fa1cb237372d86c71a568f5fcd882d5470963e32ea235917147143fc0d7f5317

insiders-exposed.com Open in urlscan Pro 2606:4700:20::ac43:451c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

86 %HTTPS

33 %IPv6

36 Domains

49 Subdomains

41 IPs

6 Countries

84008 kBTransfer

87569 kBSize

47 Cookies

0 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

insiders-exposed.com Open in urlscan Pro
2606:4700:20::ac43:451c Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

86 %
HTTPS

33 %
IPv6

36
Domains

49
Subdomains

41
IPs

6
Countries

84008 kB
Transfer

87569 kB
Size

47
Cookies

111 HTTP transactions
0 data transactions