secure.vantagemarkets.com Open in urlscan Pro
2606:4700:4400::ac40:946c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://secure.vantagemarkets.com/withdrawfunds
Effective URL:
https://secure.vantagemarkets.com/login
Submission: On December 20 via api (December 20th 2023, 7:58:55 am UTC) from US — Scanned from DE

Summary HTTP 278 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 72 IPs in 9 countries across 56 domains to perform 278 HTTP transactions. The main IP is 2606:4700:4400::ac40:946c, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.vantagemarkets.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 1st 2023. Valid for: a year.

This is the only time secure.vantagemarkets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	2606:4700:440... 2606:4700:4400::ac40:946c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
18	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	35.201.125.75 35.201.125.75	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	45.60.33.224 45.60.33.224	19551 (INCAPSULA) (INCAPSULA)
12	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:812::2013	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	18.239.67.100 18.239.67.100	16509 (AMAZON-02) (AMAZON-02)
4	52.211.23.179 52.211.23.179	16509 (AMAZON-02) (AMAZON-02)
14	104.126.37.42 104.126.37.42	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2 4	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 11	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:26f0:350... 2a02:26f0:3500:11::215:14d5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2600:9000:210... 2600:9000:2104:ca00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
15	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 15	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
4 9	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	54.217.155.246 54.217.155.246	16509 (AMAZON-02) (AMAZON-02)
1 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 9	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
3 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:7711	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	13.107.213.45 13.107.213.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a05:d018:cc3... 2a05:d018:cc3:fe05:6921:4b90:8b33:d122	16509 (AMAZON-02) (AMAZON-02)
3	20.10.16.51 20.10.16.51	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 8	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.227.219.30 13.227.219.30	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:45e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:7::... 2606:4700:7::a29f:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.241.75.195 34.241.75.195	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2606:4700:440... 2606:4700:4400::6812:216e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 5	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.192.232.229 18.192.232.229	16509 (AMAZON-02) (AMAZON-02)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	89.149.192.201 89.149.192.201	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	34.248.250.162 34.248.250.162	16509 (AMAZON-02) (AMAZON-02)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.76.135.177 54.76.135.177	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	54.228.144.151 54.228.144.151	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.57.65.193 52.57.65.193	16509 (AMAZON-02) (AMAZON-02)
1	18.205.39.5 18.205.39.5	14618 (AMAZON-AES) (AMAZON-AES)
1	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	35.158.3.214 35.158.3.214	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:58cc:8374:e56e:ee96	14618 (AMAZON-AES) (AMAZON-AES)
1	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.209.107.49 52.209.107.49	16509 (AMAZON-02) (AMAZON-02)
1	18.195.245.43 18.195.245.43	16509 (AMAZON-02) (AMAZON-02)
1	34.241.154.142 34.241.154.142	16509 (AMAZON-02) (AMAZON-02)
1	3.18.227.110 3.18.227.110	16509 (AMAZON-02) (AMAZON-02)
278	72

35 2606:4700:4400::ac40:946c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

secure.vantagemarkets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

prodstorage.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.125.75 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 75.125.201.35.bc.googleusercontent.com

cdn.insightech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.33.224 (United States)

ASN19551 (INCAPSULA, US)

simpleui-au.vixverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

us-1-api.insightech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.67.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-67-100.ams58.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.211.23.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-23-179.eu-west-1.compute.amazonaws.com

go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.126.37.42 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-42.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

tags.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

11450497.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:11::215:14d5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2104:ca00:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.172.123 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.217.155.246 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-155-246.eu-west-1.compute.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 103.132.192.30 (Singapore) 1 redirects

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sin.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:7711 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.213.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:cc3:fe05:6921:4b90:8b33:d122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.10.16.51 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

z.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.70.113 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.219.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-30.ams54.r.cloudfront.net

wa.onelink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:45e2 (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::a29f:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

js.maxmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.75.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-75-195.eu-west-1.compute.amazonaws.com

wa.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

cm.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:216e (United States)

ASN13335 (CLOUDFLARENET, US)

geoip-js.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

vantagefx8311.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.1.11 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.232.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-232-229.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.192.201 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.250.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-250-162.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.135.177 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-135-177.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.144.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-144-151.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.65.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-65-193.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.39.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-39-5.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.3.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-3-214.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:58cc:8374:e56e:ee96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.107.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-107-49.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.245.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-245-43.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.154.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-154-142.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.18.227.110 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-227-110.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	vantagemarkets.com 1 redirects secure.vantagemarkets.com	5 MB
18	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	2 MB
15	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 98	418 B
14	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	297 KB
13	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93	2 KB
13	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 11450497.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	8 KB
12	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189 www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
12	creativecdn.com 2 redirects tags.creativecdn.com — Cisco Umbrella Rank: 5350 asia.creativecdn.com — Cisco Umbrella Rank: 25274 cm.creativecdn.com — Cisco Umbrella Rank: 8129 sin.creativecdn.com — Cisco Umbrella Rank: 19109	9 KB
12	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	465 KB
11	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 2932 api.permutive.com — Cisco Umbrella Rank: 2205	141 KB
11	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 329 c.bing.com — Cisco Umbrella Rank: 228	57 KB
10	criteo.com 3 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3138 gum.criteo.com — Cisco Umbrella Rank: 424 Failed sslwidget.criteo.com — Cisco Umbrella Rank: 1761 dis.criteo.com — Cisco Umbrella Rank: 550	59 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 z.clarity.ms — Cisco Umbrella Rank: 7336 c.clarity.ms — Cisco Umbrella Rank: 1377	54 KB
9	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 478 ib.adnxs.com — Cisco Umbrella Rank: 229	7 KB
8	adroll.com s.adroll.com — Cisco Umbrella Rank: 3061 d.adroll.com — Cisco Umbrella Rank: 1380	232 KB
8	affec.tv 4 redirects go.affec.tv — Cisco Umbrella Rank: 7441 map.go.affec.tv — Cisco Umbrella Rank: 7853	6 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2043 ekr.zdassets.com — Cisco Umbrella Rank: 2264	349 KB
7	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	3 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6765	968 B
7	insightech.com cdn.insightech.com — Cisco Umbrella Rank: 636995 us-1-api.insightech.com — Cisco Umbrella Rank: 584524	19 KB
6	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1355 match.adsrvr.org — Cisco Umbrella Rank: 331 insight.adsrvr.org — Cisco Umbrella Rank: 557	6 KB
3	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 4632 wa.appsflyer.com — Cisco Umbrella Rank: 7099	20 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1462	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	140 B
2	onelink.me wa.onelink.me — Cisco Umbrella Rank: 9813	886 B
2	zendesk.com 1 redirects assets.zendesk.com — Cisco Umbrella Rank: 9154 vantagefx8311.zendesk.com	2 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 763	31 KB
2	vixverify.com simpleui-au.vixverify.com	43 KB
2	azureedge.net prodstorage.azureedge.net — Cisco Umbrella Rank: 994627	448 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2253	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 699	338 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1855	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2331	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4166	235 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2462	399 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	35 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 723	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 689	145 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 936	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1074	880 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10023	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 666	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	921 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 656	385 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1211	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2120	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1460	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	163 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 339	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 665	789 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	geoip-js.com geoip-js.com — Cisco Umbrella Rank: 15399	957 B
1	maxmind.com js.maxmind.com — Cisco Umbrella Rank: 27538	1 KB
1	ipapi.co ipapi.co — Cisco Umbrella Rank: 15570	651 B
278	56

	Domain	Requested by
35	secure.vantagemarkets.com	1 redirects secure.vantagemarkets.com
18	www.googletagmanager.com	secure.vantagemarkets.com www.googletagmanager.com
15	www.facebook.com	1 redirects secure.vantagemarkets.com
14	analytics.tiktok.com	secure.vantagemarkets.com analytics.tiktok.com
12	connect.facebook.net	secure.vantagemarkets.com connect.facebook.net
10	bat.bing.com	www.googletagmanager.com bat.bing.com secure.vantagemarkets.com
9	api.permutive.com	cdn.permutive.com
9	region1.google-analytics.com	www.googletagmanager.com
8	asia.creativecdn.com	1 redirects secure.vantagemarkets.com tags.creativecdn.com
7	www.google.de	secure.vantagemarkets.com
6	static.zdassets.com	secure.vantagemarkets.com assets.zendesk.com static.zdassets.com
6	region1.analytics.google.com	www.googletagmanager.com
6	s.adroll.com	secure.vantagemarkets.com s.adroll.com
5	gum.criteo.com	dynamic.criteo.com gum.criteo.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com
5	secure.adnxs.com	3 redirects secure.vantagemarkets.com go.affec.tv
5	www.google.com	secure.vantagemarkets.com
5	us-1-api.insightech.com	cdn.insightech.com
4	ib.adnxs.com	1 redirects cdn.permutive.com
4	www.clarity.ms	bat.bing.com www.clarity.ms
4	map.go.affec.tv	4 redirects
4	11450497.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	go.affec.tv	www.googletagmanager.com go.affec.tv
4	googleads.g.doubleclick.net	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	z.clarity.ms	www.clarity.ms
3	match.adsrvr.org	secure.vantagemarkets.com js.adsrvr.org
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com
2	dis.criteo.com
2	c.clarity.ms	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	wa.onelink.me	websdk.appsflyer.com
2	d.adroll.com	s.adroll.com
2	cdn.permutive.com	go.affec.tv
2	adservice.google.com	11450497.fls.doubleclick.net
2	px4.ads.linkedin.com	secure.vantagemarkets.com
2	websdk.appsflyer.com	secure.vantagemarkets.com
2	dynamic.criteo.com	www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com
2	tags.creativecdn.com	www.googletagmanager.com
2	js.adsrvr.org	www.googletagmanager.com
2	simpleui-au.vixverify.com	secure.vantagemarkets.com
2	cdn.insightech.com	secure.vantagemarkets.com
2	prodstorage.azureedge.net	secure.vantagemarkets.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	match.sharethrough.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	insight.adsrvr.org	1 redirects
1	sslwidget.criteo.com	dynamic.criteo.com
1	c.bing.com	1 redirects
1	vantagefx8311.zendesk.com	static.zdassets.com
1	ekr.zdassets.com	assets.zendesk.com
1	geoip-js.com	js.maxmind.com
1	sin.creativecdn.com	secure.vantagemarkets.com
1	cm.creativecdn.com	1 redirects
1	wa.appsflyer.com	websdk.appsflyer.com
1	js.maxmind.com	secure.vantagemarkets.com
1	ipapi.co	secure.vantagemarkets.com
1	assets.zendesk.com	1 redirects
278	82

This site contains links to these domains. Also see Links.

Domain
www.vantagemarkets.com

Subject Issuer	Validity	Valid
vantagemarkets.com Cloudflare Inc ECC CA-3	`2023-09-01` - `2024-08-31`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.insightech.com GTS CA 1D4	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.vixverify.com Go Daddy Secure Certificate Authority - G2	`2023-02-15` - `2024-03-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-28` - `2023-12-27`	3 months	crt.sh
us-1-api.insightech.com GTS CA 1D4	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
affec.tv Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
1589314308.rsc.cdn77.org R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
api.permutive.com R3	`2023-12-15` - `2024-03-14`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.onelink.me Amazon RSA 2048 M02	`2023-06-05` - `2024-07-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
*.sdk.af-sdk.io Amazon RSA 2048 M02	`2023-09-26` - `2024-10-25`	a year	crt.sh
zdassets.com E1	`2023-10-23` - `2024-01-21`	3 months	crt.sh
vantagefx8311.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://secure.vantagemarkets.com/login
Frame ID: 955D87E457589F422EA03E9DD000F31D
Requests: 225 HTTP requests in this frame

Frame: https://11450497.fls.doubleclick.net/activityi;dc_pre=CPy839LFnYMDFZ3IOwIdjlgOfA;src=11450497;type=vantag00;cat=vanta0;ord=4714739535227;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds
Frame ID: 4E21045C2A0FC474EF2926428B1A32D9
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=secure.vantagemarkets.com&origin=onetag
Frame ID: 4F66F5A46521DE841D80AEC007C7115F
Requests: 1 HTTP requests in this frame

Frame: https://asia.creativecdn.com/ig-membership?ntk=qjPbEb-5rbYBOokqLkG9lhLPsJxYE9OIvcRaAJatukdlI595UDo4YPbSwpGN9hoMekEcZ4x0S_Z6t0JOj2hQ1v7meKjA0a3oOR56X1rL_Fs
Frame ID: FDED1FBB9A16214AE7222EA997C0F83A
Requests: 1 HTTP requests in this frame

Frame: https://asia.creativecdn.com/topics-membership?ntk=fmHvYKB67E14YtAQ8hAJ7Rgw4TjbHWMVD1YxlNlWbRLBQT0dIx8QpdyHe1EZGpa3uWC8oghvckm_VhiYobDOGA
Frame ID: 00B036FBE32C0F198867551D538CBF9F
Requests: 1 HTTP requests in this frame

Frame: https://11450497.fls.doubleclick.net/activityi;dc_pre=CLnu0dPFnYMDFf3eOwIdeUQJUQ;src=11450497;type=vantag00;cat=vanta0;ord=3794534339861;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin
Frame ID: 85182468968AF131A74104978BABDFEB
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: F268DCDB6AE790AB0697222C6B2A6230
Requests: 2 HTTP requests in this frame

Frame: https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: A2D9E57EAF8CC0F7A4B5F9DBD30F0004
Requests: 2 HTTP requests in this frame

Frame: https://asia.creativecdn.com/ig-membership?ntk=qjPbEb-5rbYBOokqLkG9lhLPsJxYE9OIvcRaAJatukdlI595UDo4YPbSwpGN9hoMekEcZ4x0S_Z6t0JOj2hQ1v7meKjA0a3oOR56X1rL_Fs
Frame ID: E62FE083D88ABD45BF64E189AAEC3D13
Requests: 1 HTTP requests in this frame

Frame: https://asia.creativecdn.com/topics-membership?ntk=fmHvYKB67E14YtAQ8hAJ7Rgw4TjbHWMVD1YxlNlWbRLBQT0dIx8QpdyHe1EZGpa3uWC8oghvckm_VhiYobDOGA
Frame ID: 381F927FA9F41A66C991463D16A20F6A
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Frame ID: 89504F320E339C44CF1F4869274EC503
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=secure.vantagemarkets.com&origin=onetag
Frame ID: 63A588106E240E86E7880490324BDEE6
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=l31qp9g&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=moppfxx&upv=1.1.0
Frame ID: 1859500AB501C93B05FFA826A8E7994A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HAoLxY7MZPOdLLHpu28sZ95Gqbkw-ZvWjkstHQ&google_gid=CAESEFhoOmGFCvjPR6c2PLsH8cY&google_cver=1&google_ula=913071,0
Frame ID: D7258CE3900B7D677B467995303860FF
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vantage Login Client Portal | Vantage

Page URL History Show full URLs

https://secure.vantagemarkets.com/withdrawfunds Page URL
https://secure.vantagemarkets.com/login Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

278
Requests

88 %
HTTPS

35 %
IPv6

56
Domains

82
Subdomains

72
IPs

9
Countries

8506 kB
Transfer

28612 kB
Size

82
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vantagemarkets.com/

Search URL Search Domain Scan URL

URL: https://www.vantagemarkets.com/open-live-account/
Title: Not A Client? Open Live Account

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://secure.vantagemarkets.com/withdrawfunds Page URL
https://secure.vantagemarkets.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://11450497.fls.doubleclick.net/activityi;src=11450497;type=vantag00;cat=vanta0;ord=4714739535227;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds HTTP 302
https://11450497.fls.doubleclick.net/activityi;dc_pre=CPy839LFnYMDFZ3IOwIdjlgOfA;src=11450497;type=vantag00;cat=vanta0;ord=4714739535227;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds

Request Chain 50

https://secure.adnxs.com/px?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&id=1622764&order_id=[order_id]&seg=31340040&t=1&value= HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_TCF_CONSENT_STRING%5D%26id%3D1622764%26order_id%3D%5Border_id%5D%26seg%3D31340040%26t%3D1%26value%3D

Request Chain 52

https://map.go.affec.tv/map/af/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65829eb7251a740001cce0f6%26chc%3Daf%26redirect_url%3D%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255BGDPR_TCF_CONSENT_STRING%255D&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D HTTP 302
https://map.go.affec.tv/map/an/5475512034805159887?ch=65829eb7251a740001cce0f6&chc=af&redirect_url=&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D

Request Chain 54

https://asia.creativecdn.com/tags/v2?type=json HTTP 307
https://asia.creativecdn.com/tags/v2?type=json&tc=1

Request Chain 57

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1703059127948&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1703059127948&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&tm=gtmv2&cookiesTest=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1703059127948&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&tm=gtmv2&cookiesTest=true&e_ipv6=AQL9fOJxCAMA6QAAAYyGO__DMnYlCwWGCmwOa01A-h4jF7jj6mTSQfuThTX_pcw1-kfPntIM3r1U8udOuW3RPi6J5eO16w

Request Chain 73

https://www.facebook.com/tr/?id=297039155598937&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&rl=&if=false&ts=1703059128046&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1703059127864.1819675210&cs_est=true&ler=empty&it=1703059127722&coo=false&rqm=GET HTTP 302
https://www.facebook.com/tr/?a=tmSimo-GTM-WebTemplate&coo=false&cs_est=true&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&ec=1&ev=PageView&fbp=fb.1.1703059127864.1819675210&id=297039155598937&if=false&it=1703059127722&ler=empty&o=4126&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1703059128046&v=2.9.138

Request Chain 132

https://11450497.fls.doubleclick.net/activityi;src=11450497;type=vantag00;cat=vanta0;ord=3794534339861;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin HTTP 302
https://11450497.fls.doubleclick.net/activityi;dc_pre=CLnu0dPFnYMDFf3eOwIdeUQJUQ;src=11450497;type=vantag00;cat=vanta0;ord=3794534339861;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin

Request Chain 152

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1703059129810&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1703059129810&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&tm=gtmv2&e_ipv6=AQItKMbgRhxdSAAAAYyGPAYsAb8wOJ5jhDPDmJ47vu8oi5FKYXh2Q9B9ZjF-5e93Dk9hGrop9IMVVva-ee1pnC_5Vjwigw

Request Chain 160

https://map.go.affec.tv/map/af/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65829eb966d5820001b441e1%26chc%3Daf%26redirect_url%3D%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255BGDPR_TCF_CONSENT_STRING%255D&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D HTTP 302
https://map.go.affec.tv/map/an/5475512034805159887?ch=65829eb966d5820001b441e1&chc=af&redirect_url=&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D

Request Chain 188

https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 189

https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=mlQq4X7Ud__0Wwz5r7cGlCpSRv9-fBBasw6DymFj7is&pi=adx&tdc=sin HTTP 302
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=sin&google_gid=CAESELs3YSYYBUJJ7OCzfxd-9_s&google_cver=1&google_ula=5153224,0 HTTP 302
https://sin.creativecdn.com/adx/cm?v=2&pi=adx&tdc=sin&google_gid=CAESELs3YSYYBUJJ7OCzfxd-9_s&google_cver=1&google_ula=5153224,0

Request Chain 227

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=264F8EE877854FF7B5BF73531FFDB7D0&RedC=c.clarity.ms&MXFR=124BEB8AAF5660641443F867AB566EDF HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=264F8EE877854FF7B5BF73531FFDB7D0&MUID=1DC0C52E863A621D1D3AD6C387E863C0

Request Chain 245

https://insight.adsrvr.org/track/up?adv=l31qp9g&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=moppfxx&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=l31qp9g&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=moppfxx&upv=1.1.0

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-HAoLxY7MZPOdLLHpu28sZ95Gqbkw-ZvWjkstHQ&google_cm&google_hm=ay1IQW9MeFk3TVpQT2RMTEhwdTI4c1o5NUdxYmt3LVp2V2prc3RIUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HAoLxY7MZPOdLLHpu28sZ95Gqbkw-ZvWjkstHQ&google_gid=CAESEFhoOmGFCvjPR6c2PLsH8cY&google_cver=1&google_ula=913071,0

Request Chain 248

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5475512034805159887

Request Chain 258

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SohXso7MZPOdLLHpu28sZ95GqblbnkxBqflHMg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SohXso7MZPOdLLHpu28sZ95GqblbnkxBqflHMg&C=1

Request Chain 259

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=UoaM8mrizXon3BLOi21_Oo66FZw5Lodi HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=UoaM8mrizXon3BLOi21_Oo66FZw5Lodi

Request Chain 275

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xGOSM08RA8FoxyJHrGZrkGXaj0IPJuTH

Request Chain 277

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=xdDdwQ4w0lw_sCVH_eIpgV8DHWMZqCB-

278 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 withdrawfunds Show response
secure.vantagemarkets.com/ 6 KB
2 KB 414ms
385ms Document
text/html 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4225c42173cff89461c8a2e6247464d5d67d3d4a77cc47402f487c610fe769

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 838657983c124dbd-FRA
content-encoding: br
content-type: text/html
date: Wed, 20 Dec 2023 07:58:47 GMT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 index.js Show response
secure.vantagemarkets.com/static/gtm/ 1 KB
434 B 33ms
32ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/gtm/index.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d020a39323529eb0ac441a1f8840eccaa198955277d4f556a9657fe3e8d7406f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/withdrawfunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4973
etag: W/"6581028e-5da"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8386579abedf4dbd-FRA
expires: Wed, 20 Dec 2023 11:58:47 GMT

GET
H2 200 index.js Show response
secure.vantagemarkets.com/static/insightech/ 398 B
303 B 31ms
30ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/insightech/index.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017dc97e6482b9894606807bf612f6423bfb074e8f21a361662cb12596a2d704

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/withdrawfunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4973
etag: W/"6581028e-18e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8386579abee14dbd-FRA
expires: Wed, 20 Dec 2023 11:58:47 GMT

GET
H2 200 widget-core.js Show response
prodstorage.azureedge.net/Widgets/lib/@1.0.0/ 737 KB
224 KB 79ms
16ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://prodstorage.azureedge.net/Widgets/lib/@1.0.0/widget-core.js

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/489A) / ASP.NET

Resource Hash

35c1fe8a83c356fbc4f90b1dfeaeb82f7817ae77e25eb0cd82e7c7d6c4cdf924

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
last-modified: Tue, 19 Dec 2023 15:01:30 GMT
server: ECAcc (ama/489A)
age: 59676
etag: "1da328c3f5982f4"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
accept-ranges: bytes
content-length: 229161
request-context: appId=cid-v1:c0a124e5-71c0-4ced-b978-78e4ff157a5c

GET
H2 200 styles.f1279af.css
secure.vantagemarkets.com/static/css/ 371 KB
55 KB 46ms
45ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/styles.f1279af.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d56c63af8cc610b142a0f3907aff1cca730f20592902c56dbafbdf96178605b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/withdrawfunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4973
etag: W/"6581028e-5cdeb"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 8386579abed74dbd-FRA
expires: Wed, 20 Dec 2023 11:58:47 GMT

GET
H2 200 app.9955973.css
secure.vantagemarkets.com/static/css/ 213 KB
15 KB 51ms
50ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/app.9955973.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37fd87129f0adcd446d8aeacd2b83640d2903e7b80259153109e327b837d0b05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/withdrawfunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4973
etag: W/"6581028e-352b9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 8386579abedb4dbd-FRA
expires: Wed, 20 Dec 2023 11:58:47 GMT

GET
H2 200 manifest.0f7f56c5669f6105ed56.js Show response
secure.vantagemarkets.com/static/js/ 9 KB
5 KB 31ms
31ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/manifest.0f7f56c5669f6105ed56.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce6a737634464e3562f4ce5dd95803b33acbb81eeda56e292ac1c326400b4cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/withdrawfunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4973
etag: W/"6581028e-2561"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8386579abee34dbd-FRA
expires: Wed, 20 Dec 2023 11:58:47 GMT

GET
H2 200 6.f2321b597a3e8cd19402.js Show response
secure.vantagemarkets.com/static/js/ 253 B
282 B 29ms
29ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/6.f2321b597a3e8cd19402.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a562eca8e8b51b2b72faa075f52376b29ee740de70cf38dde9c41e7e82aaeaec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/withdrawfunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4973
etag: W/"6581028e-fd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8386579abee44dbd-FRA
expires: Wed, 20 Dec 2023 11:58:47 GMT

GET
H2 200 53.acdbd97833253086dbfd.js Show response
secure.vantagemarkets.com/static/js/ 2 MB
478 KB 44ms
43ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/53.acdbd97833253086dbfd.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd52f7a64d19ea936751f3648a16d27506084f98ae3a2f936cf69c61ca0846d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/withdrawfunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4973
etag: W/"6581028e-1b51e1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8386579abee54dbd-FRA
expires: Wed, 20 Dec 2023 11:58:47 GMT

GET
H2 200 51.b043835ec4710de58917.js Show response
secure.vantagemarkets.com/static/js/ 4 MB
1 MB 37ms
36ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/51.b043835ec4710de58917.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 132638353a5224aabe97a33e3447cc6ddc58db8457c828c630fbb150e89b1f9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/withdrawfunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4973
etag: W/"6581028e-444871"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8386579abee64dbd-FRA
expires: Wed, 20 Dec 2023 11:58:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 356 KB
108 KB 60ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/gtm/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ece96d457726e7de8180257c3834656502b9c2c4d33705dcae240b1a6e60985f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110886
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Dec 2023 07:58:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
60 KB 25ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PZ99S37

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/gtm/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42f6974a82ddbb3471fabbedb6a54662e4cd0002f62ac8a1c719a920a23b6e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61502
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Dec 2023 07:58:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 198 KB
71 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MW5Q9CN

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/gtm/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88de49cd52bc5ce67bde80deb71a5002a21ab13cc244451f7c376f2b74ebef0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72133
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Dec 2023 07:58:47 GMT

GET
H2 200 insightech.mini.js Show response
cdn.insightech.com/ 27 KB
9 KB 38ms
8ms Script
text/javascript 35.201.125.75
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insightech.com/insightech.mini.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/insightech/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.125.75 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 75.125.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 37bad64b669ea34e33f9af47e6b88f47858f55c8dfec1a069d1ae06f6a4c9e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:52:40 GMT
content-encoding: br
age: 367
x-guploader-uploadid: ABPtcPpcwUyOnSzYsYKbostxn7WZBmkvQs4wOtDTfoatYfVAt9FOOLFQ_csvj338OppJqmge7k3_dMZJAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8296
last-modified: Fri, 10 Nov 2023 01:56:35 GMT
server: UploadServer
etag: W/"6dd063c18945eec26c8c373dee8012ba"
vary: Accept-Encoding
x-goog-generation: 1699581395507632
x-goog-hash: crc32c=FW8syA==, md5=bdBjwYlF7sJsjDc97oASug==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 27381
accept-ranges: none
expires: Wed, 20 Dec 2023 08:52:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 329 KB
99 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

260c330152b15a79f1527ae9f19a4705aa9b7e588119f9cfe8b9f81ec57af4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101288
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Dec 2023 07:58:47 GMT

GET
H/1.1 200
OK greenid.css
simpleui-au.vixverify.com/df/assets/stylesheets/ 189 KB
22 KB 1272ms
1224ms Stylesheet
text/css 45.60.33.224
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleui-au.vixverify.com/df/assets/stylesheets/greenid.css

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/css/app.9955973.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.224 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2530526878c08a1bc1d828cd06acdf3de779b1b87519e84c6c602bb62448d92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 07:58:48 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,OPTIONS,POST
Content-Type: text/css
Access-Control-Allow-Origin: *
X-Iinfo: 5-89521584-89505158 2NNN RT(1703059127257 8) q(0 0 0 1) r(12 12)
Cache-Control: max-age=3600
x-incap-sess-cookie-hdr: uMYKM9XkJTbxiJLJwP2TBriegmUAAAAAus/On9lue4FdxtoaSayNkQ==
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: thelott.com www.google.com *.gstatic.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Connection: keep-alive
Access-Control-Allow-Headers: x-requested-with,content-type,Cache-Control,Pragma,Date

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4PGVH7BC9T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW5Q9CN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7899b2ed33554b730e340f85c708ad2f676bb1dabaadfc15afd5d9f11d938b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92122
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 07:58:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 07:58:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: o1uS92dfiB1ZpfoZlgzsr1Hm53J00Eg0bcNiV8NZ7VP9eLJwfr61y4c/KAM7a+/XpFgFNxqoSNQaN4ZTpF8TlQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 0 Show response
us-1-api.insightech.com/pageview/9a8c75816/18c863bfd75.8b06c/18c863bfd75.9b931/ 61 B
331 B 276ms
211ms XHR
application/json 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-1-api.insightech.com/pageview/9a8c75816/18c863bfd75.8b06c/18c863bfd75.9b931/0
Requested by: Host: cdn.insightech.com
URL: https://cdn.insightech.com/insightech.mini.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 902a264cfa07d9fb4bfe3e9b4e3992af8029b0dffdb70217eb1a1a443fa5a5c3

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
x-cloud-trace-context: 7cb7b862d766a1a87ac5bda55af0548c
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Alt-Referer
content-length: 82

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/842673740/ 3 KB
2 KB 67ms
46ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842673740/?random=1703059127682&cv=11&fst=1703059127682&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77324082&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&hn=www.googleadservices.com&frm=0&tiba=Secure%20Client%20Portal&auid=538659299.1703059128&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4de7025b1b6d455c4e4cd7e66c7ff53bb29a200c306f20a7c39b8fbf1c996fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11008820483/ 3 KB
1 KB 66ms
46ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11008820483/?random=1703059127685&cv=11&fst=1703059127685&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77324082&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&hn=www.googleadservices.com&frm=0&tiba=Secure%20Client%20Portal&auid=538659299.1703059128&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee95adfc3ccbed539ff4813e210050e0fa590ae23ae99787619a7d83ccbc57b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 54ms
13ms Script
application/x-javascript 18.239.67.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.67.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-67-100.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 01:34:58 GMT
Content-Encoding: gzip
Via: 1.1 13676fca7076b460ad3ad018e40a51da.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 Dec 2023 01:34:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS58-P4
Age: 23030
ETag: W/"b7474eac210849250426a8f6a39d00f3"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: TzDGO3lKRoNPY6b29fkJD02FlrKCTxUmFNMsS6eY9rsJn9asxtXS_w==

GET
H2 200 631865b36c616ff5444608da Show response
go.affec.tv/j/ 763 B
814 B 98ms
30ms Script
application/javascript 52.211.23.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/j/631865b36c616ff5444608da?ver=Retail&pnm=[product_name]&pid=[product_id]&pscat=[product_sub_cat_name]&pscid=[product_sub_cat_id]&pct=[product_category]&cid=[product_category_id]&rev=[revenue]&cur=[currency]&cpn=[voucher_code]&url=[url]&mem=[membership]&oid=[order_id]&qty=[quantity]&custom1=[custom1]&custom2=[custom2]&custom3=[custom3]&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.23.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-23-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5239a8f1ecc947602a25e41ced0214cea0d0e186b7d498bae0809dbc6310ca85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
content-type: application/javascript
cache-control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
content-length: 445
expires: Wed, 04 Apr 1990 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 180ms
99ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFTVE0RC77UEE0VEQL1G&lib=ttq
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bddd558c7d5db8cc918adf0c3eb7e2d9baaee0b71688c0ed44358ab2c966afeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 8c35a942.2eff3513
date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23122007584773BC20B01C28C3D64154-35FC1E1A9816ED07-00
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 90,104.126.37.38
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=5, inner; dur=1
content-length: 1529
pragma: no-cache
server: nginx
x-tt-logid: 2023122007584773BC20B01C28C3D64154
x-cache-remote: TCP_MISS from a23-218-220-145.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.218.220.145
x-tt-trace-host: 0100825f2de55336f17e5f56eeb30998178af31377a36b3e133f7dac428578bf8198b87fca41cb99d618970cd5d1824710f51db76e6f1dbe65047a4249a1f75cc251f95be668e648040a7afc686d83dfaaf62d5c1e730ca775a56951faf4684d49146cc96fa256e44f27d2b61273b4f847
expires: Wed, 20 Dec 2023 07:58:47 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 186ms
105ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFTVPCRC77U30697BAK0&lib=ttq
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ea634a6efb8db59790efba6f490e0fcbe5a9acdb5be13f90204efdff45813f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 2eff3518
date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=dyn
x-tt-trace-id: 00-2312200758472AD55116EB7999F73EB7-7BEC15D3A356A14C-00
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=92
pragma: no-cache
server: nginx
x-tt-logid: 202312200758472AD55116EB7999F73EB7
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 93,104.126.37.38
x-tt-trace-host: 0100825f2de55336f17e5f56eeb30998173755d5c55a0df412e4064659e1966fb0550c554be9711a124111cacfd6e36b98082ad871dcd56d13bdea4d3ee9a3d74bc83dffbb6b41f5538e61702bef8ec79d0fed1d7a96e785cca325bf6f82970e1e
expires: Wed, 20 Dec 2023 07:58:47 GMT

GET
H2 200 gJKbT9N3FwF2LliEdMKV.js Show response
tags.creativecdn.com/ 4 KB
2 KB 113ms
13ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/gJKbT9N3FwF2LliEdMKV.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: gzip
x-age-lb: 1233
x-guploader-uploadid: ABPtcPo6TXYZHLjO8YUgUOOYB7kf8h1vtwcHVgQVMhX4_DVNjsP-N0K-fH_W0jUa5jhpPwN4VbUf_Wn3SruR_2YjvkOHKw
x-77-cache: HIT
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
x-accel-date: 1703057894
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-77-nzt: EQwBw7WvJwH30QQAAA
x-accel-expires: @1703061484
x-77-age: 1233
x-cache-lb: HIT
last-modified: Tue, 20 Sep 2022 08:37:31 GMT
server: CDN77-Turbo
etag: W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray: 25b02131d85beee7b79e82657ea2f12f
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1663663050931942
content-type: application/javascript
x-goog-hash: crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control: public, max-age=3600
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 1741
expires: Tue, 24 Oct 2023 13:03:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
91 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H4QYCECT8W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77fd971dd99fc7a772bc0ddd0e262c187e79a40ac87cc6dd7acc5d4926665b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93529
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 07:58:47 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N5DW4FZP31&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f87abda533e99d0351cb9b51c8f20e55711b1fb038dd83063816d68df0bd798d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93072
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 07:58:47 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RYEFEW2YRY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

348acb78379fa4d1f43310b072b9dde55e0cc7f2b0bc34fbc4a707dec8d4e769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 07:58:47 GMT

GET
H2

200

activityi;dc_pre=CPy839LFnYMDFZ3IOwIdjlgOfA;src=11450497;type=vantag00;cat=vanta0;ord=4714739535227;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds;gtm=45He3b... Show response
11450497.fls.doubleclick.net/ Frame 4E21
Redirect Chain

https://11450497.fls.doubleclick.net/activityi;src=11450497;type=vantag00;cat=vanta0;ord=4714739535227;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds;gtm=45H...
https://11450497.fls.doubleclick.net/activityi;dc_pre=CPy839LFnYMDFZ3IOwIdjlgOfA;src=11450497;type=vantag00;cat=vanta0;ord=4714739535227;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagem...

578 B
646 B

51ms
50ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11450497.fls.doubleclick.net/activityi;dc_pre=CPy839LFnYMDFZ3IOwIdjlgOfA;src=11450497;type=vantag00;cat=vanta0;ord=4714739535227;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

1e5cc824b554e64a3fef6a274cc6689268a45d401eb609f6308d1f704f6e52b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.vantagemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 306
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 07:58:47 GMT
expires: Wed, 20 Dec 2023 07:58:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 07:58:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11450497.fls.doubleclick.net/activityi;dc_pre=CPy839LFnYMDFZ3IOwIdjlgOfA;src=11450497;type=vantag00;cat=vanta0;ord=4714739535227;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 42 KB
15 KB 59ms
19ms Script
application/javascript 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 13:09:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=44710
accept-ranges: bytes
content-length: 15541

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 57ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 20 Dec 2023 07:58:46 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A126F5EEEA8D450293D4D00A46A9172A Ref B: FRAEDGE1212 Ref C: 2023-12-20T07:58:47Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 46ms
13ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

602a019472a69b4fde0a1f6ab3e6e3ca0a52075e0dca120b4c9952754e983ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 34 KB
10 KB 67ms
16ms Script
application/javascript 2a02:26f0:3500:11::215:14d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=pba&
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ccf80229bbe586853232059978b67c1dbe6ccd7f6b4b8585b34bbcf2d9f195f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 07:58:47 GMT
Content-Encoding: gzip
x-amz-request-id: TNFWN7JAHP2EBEJM
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 9575
x-amz-id-2: rNwspp0GeeuGCVY8uOjVgWk/J3XTDq5+TTLu3jZaoCKMw4CAD3WOCSz6cVuBQQ9yvpK6HO0IqDY=
Last-Modified: Wed, 14 Jun 2023 06:58:46 GMT
Server: AmazonS3
ETag: "d4e7f1ffd74e53e33a46a668c2e9d67c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3388
Accept-Ranges: bytes
X-DataStream-Cache-Status: 1
Expires: Wed, 20 Dec 2023 08:55:15 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/ 103 KB
30 KB 53ms
16ms Script
text/javascript 2600:9000:2104:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/roundtrip.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1dfd3161a22dd3dc13b6749e8260a05967a96335d80de3894f5678a0c7911f86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: GuiVnuW6l45qIpW47EKay__.O6BzHLyA
Content-Encoding: gzip
Via: 1.1 5e828cc6ff056cb59ec35c3467ec45f4.cloudfront.net (CloudFront)
Date: Wed, 20 Dec 2023 07:43:37 GMT
Age: 1031
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 20 Dec 2023 03:37:48 GMT
Server: AmazonS3
Etag: W/"2b5018a755c367aec47ad21a75b70078"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 705_oCSrNXFZd0-i7rTVPO9MzKbASWvMEG5VRxukv_4ohnKWFVzWfw==

POST
H2 200 0 Show response
us-1-api.insightech.com/pageview/089a28b851/18c863bfd75.8b06c/18c863bfda1.eb985/ 1 KB
683 B 293ms
270ms XHR
application/json 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-1-api.insightech.com/pageview/089a28b851/18c863bfd75.8b06c/18c863bfda1.eb985/0
Requested by: Host: cdn.insightech.com
URL: https://cdn.insightech.com/insightech.mini.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 00f82bc8952adf4ae01885f22ed69ef82cc72b1126613b700822ee555ad99204

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
x-cloud-trace-context: 9fb16de0c36c45076cb668620f2e54e3
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Alt-Referer
content-length: 488
expires: Wed, 20 Dec 2023 07:58:47 GMT

GET
H2 200 1233809420752100 Show response
connect.facebook.net/signals/config/ 146 KB
37 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1233809420752100?v=2.9.138&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2741ed6d258dc346b30b5f87a5c9eec0f1061d822b6a946cd7f1806213d43ebe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 07:58:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37751
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: nPSwLa745T0tCpbrFqcNXSCPxeSXDahpOHpmKzTYf0JQlfy9l7IxMUywcjR5pzxM1juXZsREzPTRa9Od0qvxew==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 36ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4PGVH7BC9T&gtm=45je3bt0v872622761z8867254625&_p=1703059127499&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703059127&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=700
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PGVH7BC9T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 65ms
20ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4PGVH7BC9T&cid=208694154.1703059128&gtm=45je3bt0v872622761z8867254625&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PGVH7BC9T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 37ms
17ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4PGVH7BC9T&cid=208694154.1703059128&gtm=45je3bt0v872622761z8867254625&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=33068997

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N5DW4FZP31&gtm=45je3bt0v9133159399z8899419796&_p=1703059127499&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703059127&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=page_view&_fv=1&_ss=1&tfd=797
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N5DW4FZP31&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H4QYCECT8W&gtm=45je3bt0v899400763z8899419796&_p=1703059127499&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703059127&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=page_view&_fv=1&_ss=1&tfd=812
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H4QYCECT8W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 21ms
21ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H4QYCECT8W&cid=208694154.1703059128&gtm=45je3bt0v899400763z8899419796&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H4QYCECT8W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H4QYCECT8W&cid=208694154.1703059128&gtm=45je3bt0v899400763z8899419796&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1974511706

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 942301047150897 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/942301047150897?v=2.9.138&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

32ea04182950de0229533655055083d5f9349d3cc92459b29732df2714627910

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 07:58:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35664
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: pfBPHTspeLtelosw49lyFSKKJJyN3SATY18+deANTLz2bDyzbwvq8jzjGyZzmsOoV9KsIyDXnlxv+QkKui5/Wg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 22ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1233809420752100&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&rl=&if=false&ts=1703059127865&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1703059127864.1819675210&cs_est=true&ler=empty&it=1703059127722&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 07:58:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/842673740/ 42 B
108 B 47ms
20ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/842673740/?random=1703059127682&cv=11&fst=1703055600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77324082&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_WURTsZKdWPpN62qoHFW4elgVwAzB2A&random=3308618542&rmt_tld=0&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/842673740/ 42 B
154 B 21ms
14ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/842673740/?random=1703059127682&cv=11&fst=1703055600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77324082&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_WURTsZKdWPpN62qoHFW4elgVwAzB2A&random=3308618542&rmt_tld=1&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11008820483/ 42 B
455 B 45ms
18ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11008820483/?random=1703059127685&cv=11&fst=1703055600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77324082&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_fojxyC11oLtQ89OCwAj9-rtBk0s1Nw&random=362706710&rmt_tld=0&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11008820483/ 42 B
108 B 22ms
16ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11008820483/?random=1703059127685&cv=11&fst=1703055600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77324082&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_fojxyC11oLtQ89OCwAj9-rtBk0s1Nw&random=362706710&rmt_tld=1&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&id=1622764&order_id=[order_id]&seg=31340040&t=1&value=
https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_TCF_CONSENT_STRING%5D%26id%3D1622764%26order_id%3D%5Border_id%5D%26seg%3D31340040%26t%3D1%26value%3D

0
807 B

7ms
7ms

Script
application/javascript

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_TCF_CONSENT_STRING%5D%26id%3D1622764%26order_id%3D%5Border_id%5D%26seg%3D31340040%26t%3D1%26value%3D

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
an-x-request-uuid: fad33335-ae1a-417a-b36e-731b5077f503
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.75; 45.141.152.75; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
an-x-request-uuid: c6d4733f-1085-4048-86d2-b97eec2fdf29
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_TCF_CONSENT_STRING%5D%26id%3D1622764%26order_id%3D%5Border_id%5D%26seg%3D31340040%26t%3D1%26value%3D
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.75; 45.141.152.75; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
go.affec.tv/per/ 846 B
916 B 35ms
28ms Script
application/javascript 52.211.23.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/per/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&k=56f9565d-0f2f-47a3-83f7-67113ce28926&p=ecb70aab-c31d-4b23-8884-19234515ebbe
Requested by: Host: go.affec.tv
URL: https://go.affec.tv/j/631865b36c616ff5444608da?ver=Retail&pnm=[product_name]&pid=[product_id]&pscat=[product_sub_cat_name]&pscid=[product_sub_cat_id]&pct=[product_category]&cid=[product_category_id]&rev=[revenue]&cur=[currency]&cpn=[voucher_code]&url=[url]&mem=[membership]&oid=[order_id]&qty=[quantity]&custom1=[custom1]&custom2=[custom2]&custom3=[custom3]&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.23.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-23-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 26cf6c841718583dc3a8b45f65cad15a5432b572d78f3b73f1547f888ebb8186

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
content-type: application/javascript
cache-control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
content-length: 548
expires: Wed, 04 Apr 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://map.go.affec.tv/map/af/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65829eb7251a740001cce0f6%26chc%3Daf%26redirect_url%3D%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255B...
https://map.go.affec.tv/map/an/5475512034805159887?ch=65829eb7251a740001cce0f6&chc=af&redirect_url=&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&gdpr=[GDPR_APPLIES]&gdpr_conse...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D

70 B
149 B

102ms
32ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:48 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D
date: Wed, 20 Dec 2023 07:58:48 GMT
content-encoding: gzip
content-length: 174
vary: Accept-Encoding
content-type: text/html; charset=utf-8

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RYEFEW2YRY&gtm=45je3bt0v9133161829z8899419796&_p=1703059127499&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703059127&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=page_view&_fv=1&_ss=1&tfd=893
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYEFEW2YRY&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2

200

v2
asia.creativecdn.com/tags/
Redirect Chain

https://asia.creativecdn.com/tags/v2?type=json
https://asia.creativecdn.com/tags/v2?type=json&tc=1

457 B
851 B

172ms
171ms

Fetch
application/json

103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json&tc=1
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/withdrawfunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:49 GMT, Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-max-age: 3600
access-control-allow-methods: GET, POST
access-control-allow-origin: https://secure.vantagemarkets.com
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 343
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 20 Dec 2023 07:58:48 GMT
vary: Origin
access-control-max-age: 3600
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-allow-methods: GET, POST
location: https://asia.creativecdn.com/tags/v2?type=json&tc=1
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 v2
asia.creativecdn.com/tags/ Frame 0
0 496ms
163ms Preflight 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.vantagemarkets.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-max-age: 3600
content-length: 0
date: Wed, 20 Dec 2023 07:58:48 GMT
vary: Origin

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
704 B 137ms
105ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Dec 2023 07:58:47 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 0774448E597B4B069A637BB72E25B4DF Ref B: FRAEDGE1407 Ref C: 2023-12-20T07:58:47Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://secure.vantagemarkets.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYM7FpbitCwP73u2Q84Aw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1703059127948&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1703059127948&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&tm=gtmv2&cookiesTest=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1703059127948&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&tm=gtmv2&cookiesTest=true&e_ipv6=AQL9fOJxCAMA6QAAAYyGO__DM...

0
265 B

206ms
184ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1703059127948&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&tm=gtmv2&cookiesTest=true&e_ipv6=AQL9fOJxCAMA6QAAAYyGO__DMnYlCwWGCmwOa01A-h4jF7jj6mTSQfuThTX_pcw1-kfPntIM3r1U8udOuW3RPi6J5eO16w
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7294058D534E4A21A446B2BB7D3284E6 Ref B: FRAEDGE2006 Ref C: 2023-12-20T07:58:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYM7FpiHt8edu7kWY+NQg==

Redirect headers

date: Wed, 20 Dec 2023 07:58:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: EE7E134F47C24110811492EDEDF196F0 Ref B: FRAEDGE1407 Ref C: 2023-12-20T07:58:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1703059127948&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&tm=gtmv2&cookiesTest=true&e_ipv6=AQL9fOJxCAMA6QAAAYyGO__DMnYlCwWGCmwOa01A-h4jF7jj6mTSQfuThTX_pcw1-kfPntIM3r1U8udOuW3RPi6J5eO16w
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYM7Fpe+JxendjiijAouA==

GET
H2 200 dc_pre=CPy839LFnYMDFZ3IOwIdjlgOfA;src=11450497;type=vantag00;cat=vanta0;ord=4714739535227;auiddc=*;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;d...
adservice.google.com/ddm/fls/z/ Frame 4E21 42 B
401 B 73ms
46ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPy839LFnYMDFZ3IOwIdjlgOfA;src=11450497;type=vantag00;cat=vanta0;ord=4714739535227;auiddc=*;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds

Requested by

Host: 11450497.fls.doubleclick.net
URL: https://11450497.fls.doubleclick.net/activityi;dc_pre=CPy839LFnYMDFZ3IOwIdjlgOfA;src=11450497;type=vantag00;cat=vanta0;ord=4714739535227;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11450497.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 137024296.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 32ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137024296.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c9d127ce387ea898823297ad8fc13e3d43469d95dfaf58793978fbb707c29fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 20 Dec 2023 07:58:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 823E4254ACF34F129143F7C9100F2B87 Ref B: FRAEDGE1212 Ref C: 2023-12-20T07:58:47Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 11ms
11ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFTVE0RC77UEE0VEQL1G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 2eff3609
date: Wed, 20 Dec 2023 07:58:47 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090731269DFE9262F7CE1AE7E72D
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014180c1b37eddca8e54ac1a7d395ce7715048e8a1793aff10a86a694e1a7e85b294d4179dae9c55d8a6970b5d9e52768129554676b6ccacbeecb68a8a21211b3b4888301bfbbf1d480412cb99e96bbb5b2f81c615810089fc190d6a2b485ac8a5
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=17
content-length: 108174

GET
H3 200 912515836934678 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/912515836934678?v=2.9.138&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42483e309cf6248eadf544aed29137c655e8313cab144e904065fc321746bbe9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 07:58:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35613
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8TB2EiYuxUr/LVpewu3uEYUIGPYuPyFIdNdhaBcvsUKD7ST1EXVEJ7XSIn9ltAjPDVRryHqjokrFox0ogAu5tQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
6ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=942301047150897&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&rl=&if=false&ts=1703059127964&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703059127864.1819675210&ler=empty&it=1703059127722&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 07:58:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ecb70aab-c31d-4b23-8884-19234515ebbe-async.js Show response
cdn.permutive.com/ 250 KB
70 KB 72ms
41ms Script
application/javascript 2606:4700::6811:7711
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Requested by: Host: go.affec.tv
URL: https://go.affec.tv/per/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&k=56f9565d-0f2f-47a3-83f7-67113ce28926&p=ecb70aab-c31d-4b23-8884-19234515ebbe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3daed38dbc41f5bd7030caa2fbfb7a9308a7878f2e73f3e1fd5b2835abf06f99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:48 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: ecb70aab-c31d-4b23-8884-19234515ebbe
age: 0
x-guploader-uploadid: ABPtcPozxdrj1XlpGS0ht8L5qaQ5-Muvaf0RaJzKV4klaGua_8AowHEIpAsfjaylELpVjxdI2cI
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Mon, 13 Mar 2023 10:17:52 GMT
server: cloudflare
etag: W/"2531ddd69278d89386833e5f0c1e0294"
vary: Accept-Encoding
x-goog-generation: 1678702672966055
content-type: application/javascript
x-goog-hash: crc32c=sP0XyQ==, md5=JTHd1pJ42JOGgz5fDB4ClA==
cache-control: public, max-age=900
x-goog-stored-content-length: 71868
timing-allow-origin: *
cf-ray: 8386579dfeab1db3-FRA
expires: Wed, 20 Dec 2023 08:13:48 GMT

GET
H3 200 297039155598937 Show response
connect.facebook.net/signals/config/ 146 KB
37 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/297039155598937?v=2.9.138&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a13a93bbce3f13997a064fdbf05ea9fdb033ce667a7ae86acea6d34a69a4a4b1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 07:58:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37799
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 0xBpobI6wpOo8WlvZsfZl1g3ac3pP+libIaBOMJ1D+US1tpHcWhgnQxGjdwY+MuKlDmK6ez91f3TotkcaRgLDA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=912515836934678&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&rl=&if=false&ts=1703059127982&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1703059127864.1819675210&ler=empty&it=1703059127722&coo=false&tm=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 07:58:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 9ms
9ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 2eff362a
date: Wed, 20 Dec 2023 07:58:48 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073127516758C986DC33DFD9A5
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014180c1b37eddca8e54ac1a7d395ce7715048e8a1793aff10a86a694e1a7e85b2afc7d9db99d51beb50669848a3f2a9b3fb457d3904dec909b090691496411534f6c38000ced9b7e2fe367b4c632bc879b55a5d88147333a8016508a61ae8fb49
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=12
content-length: 35971

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
705 B 140ms
139ms Ping
text/plain 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2eff364b
date: Wed, 20 Dec 2023 07:58:48 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=dyn
x-tt-trace-id: 00-23122007584812BB6FFE92DF7AB96865-3EF8C84AB7CD6AE3-00
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=39, cdn-cache; desc=MISS, edge; dur=4, origin; dur=128
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023122007584812BB6FFE92DF7AB96865
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 128,104.126.37.38
x-tt-trace-host: 0100825f2de55336f17e5f56eeb30998173755d5c55a0df412e4064659e1966fb03bc94fd302950bbb90790e0a8c2ccc02adf9d13a0906c8bf9b9811877aa2f9b12210d48cf8b84c86cd072ae268467bc6ff096af69583edd8e6e534169d885fba
access-control-allow-headers: Authorization,*
expires: Wed, 20 Dec 2023 07:58:48 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
703 B 137ms
137ms Ping
text/plain 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2eff364e
date: Wed, 20 Dec 2023 07:58:48 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=dyn
x-tt-trace-id: 00-2312200758482AD55116EB7999F73EBF-7BEC15D3A356A24C-00
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=35, cdn-cache; desc=MISS, edge; dur=5, origin; dur=123
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312200758482AD55116EB7999F73EBF
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 123,104.126.37.38
x-tt-trace-host: 0100825f2de55336f17e5f56eeb30998173755d5c55a0df412e4064659e1966fb0550c554be9711a124111cacfd6e36b98082ad871dcd56d13bdea4d3ee9a3d74b86820c2f33c3e7ab9d1897d794c3055a75aed79491bda8db72f89dcdeb20ce9b
access-control-allow-headers: Authorization,*
expires: Wed, 20 Dec 2023 07:58:48 GMT

GET
H2 200 137024296 Show response
www.clarity.ms/tag/uet/ 829 B
1 KB 624ms
165ms Script
application/x-javascript 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/137024296
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/137024296.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 65d19c8a6e869f375492467053ca8871a2c58e8cc5e668e58c4a533a20aa3217

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: -1
date: Wed, 20 Dec 2023 07:58:48 GMT
x-azure-ref: 20231220T075848Z-qbpqbqhacx3y1frs6dgesg4zxg00000003dg000000004q8s
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 246091794286726 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/246091794286726?v=2.9.138&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

327326c3233868633bf379134097c010f44eff9439a0c02144dc85a331d0df90

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 07:58:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35405
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: iQCygBdfgcV0IXp5PgRR3OWF/jzUItf39SecCCd0RG3Yj5JHmRH0sp4TiAtDxmjtxC/D7D8dijwqKYlnVZqMew==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=297039155598937&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&rl=&if=false&ts=1703059128032&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1703059127864.1819675210&cs_est=true&ler=empty&it=1703059127722&coo=false&tm=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 07:58:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=912515836934678&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&rl=&if=false&ts=1703059128045&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1703059127864.1819675210&ler=empty&it=1703059127722&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 07:58:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=297039155598937&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&rl=&if=false&ts=1703059128046&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-...
https://www.facebook.com/tr/?a=tmSimo-GTM-WebTemplate&coo=false&cs_est=true&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&ec=1&ev=PageView&fbp=fb.1.1703059127864.1819675210&id=29703915...

0
15 B

7ms
7ms

Image
text/plain

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?a=tmSimo-GTM-WebTemplate&coo=false&cs_est=true&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&ec=1&ev=PageView&fbp=fb.1.1703059127864.1819675210&id=297039155598937&if=false&it=1703059127722&ler=empty&o=4126&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1703059128046&v=2.9.138

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 07:58:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
content-type: text/plain
location: /tr/?a=tmSimo-GTM-WebTemplate&coo=false&cs_est=true&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&ec=1&ev=PageView&fbp=fb.1.1703059127864.1819675210&id=297039155598937&if=false&it=1703059127722&ler=empty&o=4126&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1703059128046&v=2.9.138
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i
expires: 0

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=246091794286726&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&rl=&if=false&ts=1703059128046&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703059127864.1819675210&ler=empty&it=1703059127722&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 07:58:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 getuidj Show response
ib.adnxs.com/ 29 B
710 B 26ms
25ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b1ae170b45f6eb123ad0cbe5db8e2905fec59c9ecae8c603fd14fad5c4d855fd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:48 GMT
an-x-request-uuid: 0e9ed74e-c81c-462b-9c59-1cd560107e0c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.75; 45.141.152.75; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 29
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 246 B
360 B 36ms
15ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: f0a83b6becd906b85b94429b38e4a2211ee929a9b51cbb262328cb7b89c926c3

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 20 Dec 2023 07:58:48 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168

GET
BLOB 200
OK 44c6ae17-b75e-4a6f-a74c-638df709b3e5
https://secure.vantagemarkets.com/ 47 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.vantagemarkets.com/44c6ae17-b75e-4a6f-a74c-638df709b3e5
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 168409daa5c5a8dcca6ebcb730c6d7c7e1df6475c0727eedade75eafb8c40116

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 47721
Content-Type

GET
BLOB 200
OK 52f7dc9d-1470-44c4-8ccb-e5ef58a6910a
https://secure.vantagemarkets.com/ 47 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.vantagemarkets.com/52f7dc9d-1470-44c4-8ccb-e5ef58a6910a
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 168409daa5c5a8dcca6ebcb730c6d7c7e1df6475c0727eedade75eafb8c40116

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 47721
Content-Type

GET
H2 200 D4PKUQWCWNCJPDENWUB3VX Show response
d.adroll.com/consent/check/ 554 B
647 B 102ms
32ms Script
application/javascript 2a05:d018:cc3:fe05:6921:4b90:8b33:d122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/D4PKUQWCWNCJPDENWUB3VX?pv=87221508858.80058&arrfrr=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&_s=11a40f14a110757812cc59c1db7723b6&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:6921:4b90:8b33:d122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 4af3463ab3774d1c4f6b8e85175e88bdedeba6c1a92fd38a751f8452db93d1ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:48 GMT
server: nginx/1.22.1
content-length: 554
content-type: application/javascript

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
261 B 30ms
16ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 8852e13b88f81cdd5d9520f55c4480d575efe2c84a9299c9261ad717e6532fdc

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 20 Dec 2023 07:58:48 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

POST
H2 200 audiences Show response
api.permutive.com/audience-matching/v1/id/62f802cc-639c-47bd-9e5c-804a75c93252/ 12 B
66 B 85ms
85ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/audience-matching/v1/id/62f802cc-639c-47bd-9e5c-804a75c93252/audiences?k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 20 Dec 2023 07:58:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12
content-type: application/json

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 407 KB
83 KB 14ms
14ms Script
text/javascript 2600:9000:2104:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b117d83a80faf1b382ea93574869ce88e5d7c64564c9c7e5e9bf848707a5206

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: crNc63Gv0u92JMWh0Shd6y2KbRGKZNX.
Content-Encoding: gzip
Via: 1.1 5e828cc6ff056cb59ec35c3467ec45f4.cloudfront.net (CloudFront)
Date: Wed, 20 Dec 2023 07:56:53 GMT
Age: 133
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 17 Nov 2023 19:37:04 GMT
Server: AmazonS3
Etag: W/"e993329a4c7e4890d9ff6e0b28807da2"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: G2VW1kLW3I1xGZDx0hKmWaadrhWzSnAstWiKzil-QIeqSf7J4f4p1Q==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 14ms
14ms Image
image/png 2600:9000:2104:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Tue, 19 Dec 2023 23:31:19 GMT
Via: 1.1 5e828cc6ff056cb59ec35c3467ec45f4.cloudfront.net (CloudFront)
Age: 34909
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: -mq_Q0F3xlpyJ3HOeQrh6BP5Py-sztMlGmMdxfOukOpymD9EF9i--A==

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
702 B 144ms
144ms Ping
text/plain 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2eff374c
date: Wed, 20 Dec 2023 07:58:48 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=dyn
x-tt-trace-id: 00-231220075848E125A994249555EDF30C-513F547183B6890F-00
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=38, cdn-cache; desc=MISS, edge; dur=5, origin; dur=132
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231220075848E125A994249555EDF30C
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 132,104.126.37.38
x-tt-trace-host: 0100825f2de55336f17e5f56eeb30998173755d5c55a0df412e4064659e1966fb013df4cb351eff87344a17b5346c115ef346e3e98ee3f2702f209b12ec2a1289f78004ca40a9945a1049ea5f524dd0525aa1fb17ffbe28be32f0cdcd88152e8eb
access-control-allow-headers: Authorization,*
expires: Wed, 20 Dec 2023 07:58:48 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
129 B 16ms
16ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 2c461a5a4107a9a3e249f169db1465f666d64adfdeb1b469309e20e41d50e3c5

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 20 Dec 2023 07:58:48 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 88ms
88ms Script
application/javascript 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/137024296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:48 GMT
content-encoding: br
last-modified: Wed, 13 Dec 2023 19:57:52 GMT
etag: W/"0x8DBFC15CAB825ED"
vary: Accept-Encoding
x-azure-ref: 20231220T075848Z-qbpqbqhacx3y1frs6dgesg4zxg00000003dg000000004q8x
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: daaa8e79-801e-0005-62cc-30fc00000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
305 B 294ms
97ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.vantagemarkets.com
Date: Wed, 20 Dec 2023 07:58:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

OPTIONS
H2 200 v2
asia.creativecdn.com/tags/ Frame 0
0 163ms
162ms Preflight 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.vantagemarkets.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-max-age: 3600
content-length: 0
date: Wed, 20 Dec 2023 07:58:49 GMT
vary: Origin

GET syncframe
gum.criteo.com/ Frame 4F66 0
0

POST
H3 200 state
api.permutive.com/v1.0/ 0
34 B 81ms
81ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2 200 Primary Request login Show response
secure.vantagemarkets.com/ 6 KB
2 KB 115ms
115ms Document
text/html 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/login
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/51.b043835ec4710de58917.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c6c1839ee98e56110b7712d9aa541e94d2ff2615d35d6f1b09a8ac1d4c087d3

Request headers

Referer: https://secure.vantagemarkets.com/withdrawfunds
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 838657a69c604dbd-FRA
content-encoding: br
content-type: text/html
date: Wed, 20 Dec 2023 07:58:49 GMT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
vary: Accept-Encoding

POST 1
us-1-api.insightech.com/pageview/089a28b851/18c863bfd75.8b06c/18c863bfda1.eb985/ 0
0

POST
H2 201 events
api.permutive.com/v2.0/ 0
0 16ms
16ms Ping
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/events?enrich=false&sdkp=false&k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 204 0
bat.bing.com/action/ 0
285 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137024296&tm=gtm002&Ver=2&mid=e8645363-92ff-4b1c-beaa-bcc327ff9489&sid=9be2c7609f0d11eeb81ceb5e79bf90c8&vid=9be2d8209f0d11eea1236ba58f9e412d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Secure%20Client%20Portal&p=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&r=&evt=pageLoad&sv=1&rn=518506

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 20 Dec 2023 07:58:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 39E516146318471EBA118DD936817AC6 Ref B: FRAEDGE1212 Ref C: 2023-12-20T07:58:49Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 07:48:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 635
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 20 Dec 2023 09:48:14 GMT

GET
H2 200 bat.js
bat.bing.com/ 45 KB
13 KB 44ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 20 Dec 2023 07:58:48 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8BD96689924742FDB6C875D85232CE92 Ref B: FRAEDGE1212 Ref C: 2023-12-20T07:58:49Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET ig-membership
asia.creativecdn.com/ Frame FDED 0
0

GET topics-membership
asia.creativecdn.com/ Frame 00B0 0
0

GET
H2 200 setuid
ib.adnxs.com/ 43 B
856 B 9ms
6ms Image
image/gif 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=315&code=mlQq4X7Ud__0Wwz5r7cGlCpSRv9-fBBasw6DymFj7is

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:49 GMT
an-x-request-uuid: 50244ebe-cf21-477d-b1ca-7f7dbeeee21b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.75; 45.141.152.75; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
235 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137024296&tm=gtm002&Ver=2&mid=e8645363-92ff-4b1c-beaa-bcc327ff9489&sid=9be2c7609f0d11eeb81ceb5e79bf90c8&vid=9be2d8209f0d11eea1236ba58f9e412d&vids=0&msclkid=N&gtm_tag_source=ua&ec=Scroll%20Depth&el=Scroll%20Depth&gc=USD&tpp=1&en=Y&p=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&sw=1600&sh=1200&sc=24&evt=custom&rn=619443

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 20 Dec 2023 07:58:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F8DAEA15A1FF4D3D84E2A691A452414D Ref B: FRAEDGE1212 Ref C: 2023-12-20T07:58:49Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
region1.analytics.google.com/g/ 0
0

POST collect
region1.google-analytics.com/g/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

POST collect
region1.google-analytics.com/g/ 0
0

POST collect
z.clarity.ms/ 0
0

POST 0
bat.bing.com/actionp/ 0
0

POST 3
us-1-api.insightech.com/pageview/089a28b851/18c863bfd75.8b06c/18c863bfda1.eb985/ 0
0

GET
H2 200 index.js Show response
secure.vantagemarkets.com/static/gtm/ 1 KB
421 B 30ms
28ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/gtm/index.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d020a39323529eb0ac441a1f8840eccaa198955277d4f556a9657fe3e8d7406f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4975
etag: W/"6581028e-5da"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 838657a76d654dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 index.js Show response
secure.vantagemarkets.com/static/insightech/ 398 B
317 B 29ms
27ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/insightech/index.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017dc97e6482b9894606807bf612f6423bfb074e8f21a361662cb12596a2d704

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4975
etag: W/"6581028e-18e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 838657a76d664dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 widget-core.js Show response
prodstorage.azureedge.net/Widgets/lib/@1.0.0/ 737 KB
224 KB 15ms
14ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://prodstorage.azureedge.net/Widgets/lib/@1.0.0/widget-core.js

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/489A) / ASP.NET

Resource Hash

35c1fe8a83c356fbc4f90b1dfeaeb82f7817ae77e25eb0cd82e7c7d6c4cdf924

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
last-modified: Tue, 19 Dec 2023 15:01:30 GMT
server: ECAcc (ama/489A)
age: 59678
etag: "1da328c3f5982f4"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
accept-ranges: bytes
content-length: 229161
request-context: appId=cid-v1:c0a124e5-71c0-4ced-b978-78e4ff157a5c

GET
H2 200 styles.f1279af.css
secure.vantagemarkets.com/static/css/ 371 KB
54 KB 41ms
40ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/styles.f1279af.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d56c63af8cc610b142a0f3907aff1cca730f20592902c56dbafbdf96178605b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4975
etag: W/"6581028e-5cdeb"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 838657a76d604dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 app.9955973.css
secure.vantagemarkets.com/static/css/ 213 KB
15 KB 31ms
30ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/app.9955973.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37fd87129f0adcd446d8aeacd2b83640d2903e7b80259153109e327b837d0b05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4975
etag: W/"6581028e-352b9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 838657a76d634dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 manifest.0f7f56c5669f6105ed56.js Show response
secure.vantagemarkets.com/static/js/ 9 KB
5 KB 34ms
33ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/manifest.0f7f56c5669f6105ed56.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce6a737634464e3562f4ce5dd95803b33acbb81eeda56e292ac1c326400b4cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4975
etag: W/"6581028e-2561"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 838657a76d684dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 6.f2321b597a3e8cd19402.js Show response
secure.vantagemarkets.com/static/js/ 253 B
204 B 30ms
29ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/6.f2321b597a3e8cd19402.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a562eca8e8b51b2b72faa075f52376b29ee740de70cf38dde9c41e7e82aaeaec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4975
etag: W/"6581028e-fd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 838657a76d694dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 53.acdbd97833253086dbfd.js Show response
secure.vantagemarkets.com/static/js/ 2 MB
478 KB 44ms
44ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/53.acdbd97833253086dbfd.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd52f7a64d19ea936751f3648a16d27506084f98ae3a2f936cf69c61ca0846d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4975
etag: W/"6581028e-1b51e1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 838657a76d6b4dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 51.b043835ec4710de58917.js Show response
secure.vantagemarkets.com/static/js/ 4 MB
1 MB 37ms
37ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/51.b043835ec4710de58917.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 132638353a5224aabe97a33e3447cc6ddc58db8457c828c630fbb150e89b1f9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4975
etag: W/"6581028e-444871"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 838657a76d6c4dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 356 KB
108 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/gtm/index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd6add68ab337936642b4a6fd0206c1a30b02c246e29a6ac82ec67d15c3e4820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111010
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Dec 2023 07:58:49 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
60 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PZ99S37

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/gtm/index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42f6974a82ddbb3471fabbedb6a54662e4cd0002f62ac8a1c719a920a23b6e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61502
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Dec 2023 07:58:49 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
68 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MW5Q9CN

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/gtm/index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc0c07be75b89401d2f6409a6424403ef6786b43f1c1a68aace9c34eacb0ee20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69877
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Dec 2023 07:58:49 GMT

GET
H2 200 insightech.mini.js Show response
cdn.insightech.com/ 27 KB
8 KB 8ms
7ms Script
text/javascript 35.201.125.75
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insightech.com/insightech.mini.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/insightech/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.125.75 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 75.125.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 37bad64b669ea34e33f9af47e6b88f47858f55c8dfec1a069d1ae06f6a4c9e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:52:40 GMT
content-encoding: br
age: 369
x-guploader-uploadid: ABPtcPpcwUyOnSzYsYKbostxn7WZBmkvQs4wOtDTfoatYfVAt9FOOLFQ_csvj338OppJqmge7k3_dMZJAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8296
last-modified: Fri, 10 Nov 2023 01:56:35 GMT
server: UploadServer
etag: W/"6dd063c18945eec26c8c373dee8012ba"
vary: Accept-Encoding
x-goog-generation: 1699581395507632
x-goog-hash: crc32c=FW8syA==, md5=bdBjwYlF7sJsjDc97oASug==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 27381
accept-ranges: none
expires: Wed, 20 Dec 2023 08:52:40 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 329 KB
99 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

381290549a54202f8ec20b25eb94fe7f4389b214b4fa1dc5468c271b78a5d83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101285
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Dec 2023 07:58:49 GMT

GET
H/1.1 200
OK greenid.css
simpleui-au.vixverify.com/df/assets/stylesheets/ 189 KB
21 KB 311ms
311ms Stylesheet
text/css 45.60.33.224
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleui-au.vixverify.com/df/assets/stylesheets/greenid.css

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/css/app.9955973.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.224 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2530526878c08a1bc1d828cd06acdf3de779b1b87519e84c6c602bb62448d92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 07:58:49 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,OPTIONS,POST
Content-Type: text/css
Access-Control-Allow-Origin: *
X-Iinfo: 5-89521584-89505158 2NNN RT(1703059127257 1916) q(0 0 0 -1) r(3 3)
Cache-Control: max-age=3600
x-incap-sess-cookie-hdr: 12GfJcXCgCfxiJLJwP2TBrmegmUAAAAAOB2TFhincVsBH5ZbNlwv1Q==
Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: thelott.com www.google.com *.gstatic.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
Connection: keep-alive
Access-Control-Allow-Headers: x-requested-with,content-type,Cache-Control,Pragma,Date

POST
H2 200 0 Show response
us-1-api.insightech.com/pageview/9a8c75816/18c863bfd75.8b06c/18c863c04e6.c36eb/ 61 B
170 B 136ms
136ms XHR
application/json 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-1-api.insightech.com/pageview/9a8c75816/18c863bfd75.8b06c/18c863c04e6.c36eb/0
Requested by: Host: cdn.insightech.com
URL: https://cdn.insightech.com/insightech.mini.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 902a264cfa07d9fb4bfe3e9b4e3992af8029b0dffdb70217eb1a1a443fa5a5c3

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
x-cloud-trace-context: be41817e27af7806708688302a7cd8a1
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Alt-Referer
content-length: 82

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4PGVH7BC9T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW5Q9CN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7899b2ed33554b730e340f85c708ad2f676bb1dabaadfc15afd5d9f11d938b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92122
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 07:58:49 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
53 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 07:58:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: o1uS92dfiB1ZpfoZlgzsr1Hm53J00Eg0bcNiV8NZ7VP9eLJwfr61y4c/KAM7a+/XpFgFNxqoSNQaN4ZTpF8TlQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1233809420752100 Show response
connect.facebook.net/signals/config/ 146 KB
37 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1233809420752100?v=2.9.138&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2741ed6d258dc346b30b5f87a5c9eec0f1061d822b6a946cd7f1806213d43ebe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 07:58:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37751
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: nPSwLa745T0tCpbrFqcNXSCPxeSXDahpOHpmKzTYf0JQlfy9l7IxMUywcjR5pzxM1juXZsREzPTRa9Od0qvxew==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gJKbT9N3FwF2LliEdMKV.js Show response
tags.creativecdn.com/ 4 KB
2 KB 13ms
12ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/gJKbT9N3FwF2LliEdMKV.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: gzip
x-age-lb: 1235
x-guploader-uploadid: ABPtcPo6TXYZHLjO8YUgUOOYB7kf8h1vtwcHVgQVMhX4_DVNjsP-N0K-fH_W0jUa5jhpPwN4VbUf_Wn3SruR_2YjvkOHKw
x-77-cache: HIT
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
x-accel-date: 1703057894
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-77-nzt: EQwBw7WvJwH30wQAAA
x-accel-expires: @1703061484
x-77-age: 1235
x-cache-lb: HIT
last-modified: Tue, 20 Sep 2022 08:37:31 GMT
server: CDN77-Turbo
etag: W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray: 25b02131d85beee7b99e8265d4d0fe25
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1663663050931942
content-type: application/javascript
x-goog-hash: crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control: public, max-age=3600
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 1741
expires: Tue, 24 Oct 2023 13:03:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
91 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H4QYCECT8W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77fd971dd99fc7a772bc0ddd0e262c187e79a40ac87cc6dd7acc5d4926665b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93529
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 07:58:49 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N5DW4FZP31&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f87abda533e99d0351cb9b51c8f20e55711b1fb038dd83063816d68df0bd798d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93072
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 07:58:49 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RYEFEW2YRY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4a7d9a5ffed4338a00c26650366ec2679ae59c902da1c2d387bc338ffa82519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93101
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 07:58:49 GMT

GET
H3

200

activityi;dc_pre=CLnu0dPFnYMDFf3eOwIdeUQJUQ;src=11450497;type=vantag00;cat=vanta0;ord=3794534339861;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3bt0v89941... Show response
11450497.fls.doubleclick.net/ Frame 8518
Redirect Chain

https://11450497.fls.doubleclick.net/activityi;src=11450497;type=vantag00;cat=vanta0;ord=3794534339861;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3bt0v89...
https://11450497.fls.doubleclick.net/activityi;dc_pre=CLnu0dPFnYMDFf3eOwIdeUQJUQ;src=11450497;type=vantag00;cat=vanta0;ord=3794534339861;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagem...

562 B
326 B

50ms
50ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11450497.fls.doubleclick.net/activityi;dc_pre=CLnu0dPFnYMDFf3eOwIdeUQJUQ;src=11450497;type=vantag00;cat=vanta0;ord=3794534339861;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

c425a698ef32cfaaa603850210211e51e12417bf7acb32a8383a3f513d1d26ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.vantagemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 303
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 07:58:49 GMT
expires: Wed, 20 Dec 2023 07:58:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 07:58:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11450497.fls.doubleclick.net/activityi;dc_pre=CLnu0dPFnYMDFf3eOwIdeUQJUQ;src=11450497;type=vantag00;cat=vanta0;ord=3794534339861;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 42 KB
15 KB 20ms
20ms Script
application/javascript 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 13:09:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=44708
accept-ranges: bytes
content-length: 15541

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 31ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 20 Dec 2023 07:58:48 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E33539A1378249459EA1D9482BA9EF91 Ref B: FRAEDGE1212 Ref C: 2023-12-20T07:58:49Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 13ms
13ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

602a019472a69b4fde0a1f6ab3e6e3ca0a52075e0dca120b4c9952754e983ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 34 KB
10 KB 16ms
15ms Script
application/javascript 2a02:26f0:3500:11::215:14d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=pba&
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ccf80229bbe586853232059978b67c1dbe6ccd7f6b4b8585b34bbcf2d9f195f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 07:58:49 GMT
Content-Encoding: gzip
x-amz-request-id: TNFWN7JAHP2EBEJM
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 9575
x-amz-id-2: rNwspp0GeeuGCVY8uOjVgWk/J3XTDq5+TTLu3jZaoCKMw4CAD3WOCSz6cVuBQQ9yvpK6HO0IqDY=
Last-Modified: Wed, 14 Jun 2023 06:58:46 GMT
Server: AmazonS3
ETag: "d4e7f1ffd74e53e33a46a668c2e9d67c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3386
Accept-Ranges: bytes
X-DataStream-Cache-Status: 1
Expires: Wed, 20 Dec 2023 08:55:15 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/ 103 KB
30 KB 15ms
15ms Script
text/javascript 2600:9000:2104:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/roundtrip.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1dfd3161a22dd3dc13b6749e8260a05967a96335d80de3894f5678a0c7911f86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: GuiVnuW6l45qIpW47EKay__.O6BzHLyA
Content-Encoding: gzip
Via: 1.1 5e828cc6ff056cb59ec35c3467ec45f4.cloudfront.net (CloudFront)
Date: Wed, 20 Dec 2023 07:43:37 GMT
Age: 1033
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 20 Dec 2023 03:37:48 GMT
Server: AmazonS3
Etag: W/"2b5018a755c367aec47ad21a75b70078"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: mid4FNie9vv_IfphjpLShf87TMJOkFGdlt0wWbMOrbDLAm0Z3o3hNQ==

POST
H2 200 0 Show response
us-1-api.insightech.com/pageview/089a28b851/18c863bfd75.8b06c/18c863c055c.28c68/ 1 KB
677 B 164ms
164ms XHR
application/json 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-1-api.insightech.com/pageview/089a28b851/18c863bfd75.8b06c/18c863c055c.28c68/0
Requested by: Host: cdn.insightech.com
URL: https://cdn.insightech.com/insightech.mini.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 00f82bc8952adf4ae01885f22ed69ef82cc72b1126613b700822ee555ad99204

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
x-cloud-trace-context: 77e808a036cead88add001eb2c1ae9a9
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Alt-Referer
content-length: 488
expires: Wed, 20 Dec 2023 07:58:49 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/842673740/ 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842673740/?random=1703059129767&cv=11&fst=1703059129767&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77324082&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&hn=www.googleadservices.com&frm=0&tiba=Secure%20Client%20Portal&auid=538659299.1703059128&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f3770e09758165e9eec68a8fb454440cfba2ec2d5402557018eec88b3864578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1282
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11008820483/ 3 KB
1 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11008820483/?random=1703059129771&cv=11&fst=1703059129771&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77324082&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&hn=www.googleadservices.com&frm=0&tiba=Secure%20Client%20Portal&auid=538659299.1703059128&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96c7b9af93e7db2038f5376659ac30c876da6798bfdfb78426f1fb4c55b3038d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1282
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 13ms
13ms Script
application/x-javascript 18.239.67.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.67.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-67-100.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 01:34:58 GMT
Content-Encoding: gzip
Via: 1.1 13676fca7076b460ad3ad018e40a51da.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 Dec 2023 01:34:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS58-P4
Age: 23032
ETag: W/"b7474eac210849250426a8f6a39d00f3"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: BRlA1VqecnKU1cVKEKo2rJSphwO7uYk5qhsIp3q5JOtzJlhxlkrcow==

GET
H2 200 631865b36c616ff5444608da Show response
go.affec.tv/j/ 763 B
813 B 30ms
29ms Script
application/javascript 52.211.23.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/j/631865b36c616ff5444608da?ver=Retail&pnm=[product_name]&pid=[product_id]&pscat=[product_sub_cat_name]&pscid=[product_sub_cat_id]&pct=[product_category]&cid=[product_category_id]&rev=[revenue]&cur=[currency]&cpn=[voucher_code]&url=[url]&mem=[membership]&oid=[order_id]&qty=[quantity]&custom1=[custom1]&custom2=[custom2]&custom3=[custom3]&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.23.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-23-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5239a8f1ecc947602a25e41ced0214cea0d0e186b7d498bae0809dbc6310ca85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
content-type: application/javascript
cache-control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
content-length: 445
expires: Wed, 04 Apr 1990 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 101ms
100ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFTVE0RC77UEE0VEQL1G&lib=ttq
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9075f813ea6a77fc7dc9ffccda59638c023f9bdf3398263f30189f80bee2267d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 76fdd9fe.2eff3f1e
date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312200758498E99B08032ADFA9D8D01-2A953C0786008AA3-00
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 91,104.126.37.38
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=6, inner; dur=3
content-length: 1529
pragma: no-cache
server: nginx
x-tt-logid: 202312200758498E99B08032ADFA9D8D01
x-cache-remote: TCP_MISS from a23-218-220-146.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.218.220.146
x-tt-trace-host: 0100825f2de55336f17e5f56eeb30998178af31377a36b3e133f7dac428578bf8183b171f89b33e88ce1b24af24a17e78ebfeb455417b2c2fb11114de33240bea91cd5273c84d5295995f695bc7850f49cb1750ec754628053c44404182429ef6440d389885c7563188ff2068c04731b66
expires: Wed, 20 Dec 2023 07:58:49 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 105ms
105ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFTVPCRC77U30697BAK0&lib=ttq
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/withdrawfunds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4f1a1e31d64d4a03b96220ceceb8306233c229212ee010bdf2124e2c4fe86c3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: ae15516.2eff3f25
date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231220075849F63011B450F49C809C86-50086B598EFC12ED-00
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 93,104.126.37.38
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=8, inner; dur=4
content-length: 1531
pragma: no-cache
server: nginx
x-tt-logid: 20231220075849F63011B450F49C809C86
x-cache-remote: TCP_MISS from a23-218-220-137.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.218.220.137
x-tt-trace-host: 0100825f2de55336f17e5f56eeb30998178af31377a36b3e133f7dac428578bf81da37477b3074018f42fc08ec2ccce3112488dde8d66aa44267d955e10d17fbe2fb715ad876d0a1b7683d0551b3a581e2a8d7d09dcee98fb5b233549aaa801f2a0f06287e68f0e949f7169a9f68521d2d
expires: Wed, 20 Dec 2023 07:58:49 GMT

GET
H2 200 dc_pre=CLnu0dPFnYMDFf3eOwIdeUQJUQ;src=11450497;type=vantag00;cat=vanta0;ord=3794534339861;auiddc=*;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=s...
adservice.google.com/ddm/fls/z/ Frame 8518 42 B
107 B 46ms
45ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLnu0dPFnYMDFf3eOwIdeUQJUQ;src=11450497;type=vantag00;cat=vanta0;ord=3794534339861;auiddc=*;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin

Requested by

Host: 11450497.fls.doubleclick.net
URL: https://11450497.fls.doubleclick.net/activityi;dc_pre=CLnu0dPFnYMDFf3eOwIdeUQJUQ;src=11450497;type=vantag00;cat=vanta0;ord=3794534339861;auiddc=538659299.1703059128;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3bt0v899419796;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11450497.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 912515836934678 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/912515836934678?v=2.9.138&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42483e309cf6248eadf544aed29137c655e8313cab144e904065fc321746bbe9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 07:58:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35613
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8TB2EiYuxUr/LVpewu3uEYUIGPYuPyFIdNdhaBcvsUKD7ST1EXVEJ7XSIn9ltAjPDVRryHqjokrFox0ogAu5tQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1233809420752100&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&if=false&ts=1703059129777&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1703059127864.1819675210&cs_est=true&ler=empty&it=1703059129619&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 07:58:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 v2 Show response
asia.creativecdn.com/tags/ 533 B
787 B 167ms
167ms Fetch
application/json 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/gJKbT9N3FwF2LliEdMKV.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: 370c7dc9319a3cfee8bafd37b82c164853af944b1ac54495c1ded4553d1b7698

Request headers

Referer: https://secure.vantagemarkets.com/login
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT, Wed, 20 Dec 2023 07:58:50 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-max-age: 3600
access-control-allow-methods: GET, POST
access-control-allow-origin: https://secure.vantagemarkets.com
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 390
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 v2
asia.creativecdn.com/tags/ Frame 0
0 163ms
163ms Preflight 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.vantagemarkets.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-max-age: 3600
content-length: 0
date: Wed, 20 Dec 2023 07:58:49 GMT
vary: Origin

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4PGVH7BC9T&gtm=45je3bt0v872622761z8867254625&_p=1703059129529&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703059127&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=page_view&tfd=418
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PGVH7BC9T&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
145 B 185ms
185ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: BE82DC7EEFF64C3A8F01A6E4B4325D62 Ref B: FRAEDGE1407 Ref C: 2023-12-20T07:58:49Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://secure.vantagemarkets.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYM7Fp4GJ0puQXf7FqXjA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1703059129810&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&tm=gtmv2
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1703059129810&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&tm=gtmv2&e_ipv6=AQItKMbgRhxdSAAAAYyGPAYsAb8wOJ5jhDPDmJ47vu8oi5FKYX...

0
143 B

181ms
181ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1703059129810&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&tm=gtmv2&e_ipv6=AQItKMbgRhxdSAAAAYyGPAYsAb8wOJ5jhDPDmJ47vu8oi5FKYXh2Q9B9ZjF-5e93Dk9hGrop9IMVVva-ee1pnC_5Vjwigw
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 910AA26D3AA34E3C94FF8D176AF37424 Ref B: FRAEDGE2006 Ref C: 2023-12-20T07:58:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYM7Fp67HhCTNTG57G5HQ==

Redirect headers

date: Wed, 20 Dec 2023 07:58:49 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9E4B6B501B6D4DB7BB6B6699E9EF27DF Ref B: FRAEDGE1407 Ref C: 2023-12-20T07:58:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1703059129810&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&tm=gtmv2&e_ipv6=AQItKMbgRhxdSAAAAYyGPAYsAb8wOJ5jhDPDmJ47vu8oi5FKYXh2Q9B9ZjF-5e93Dk9hGrop9IMVVva-ee1pnC_5Vjwigw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYM7Fp4BKpp0am/fnGP0g==

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N5DW4FZP31&gtm=45je3bt0v9133159399z8899419796&_p=1703059129529&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703059127&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=page_view&tfd=459
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N5DW4FZP31&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RYEFEW2YRY&gtm=45je3bt0v9133161829z8899419796&_p=1703059129529&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703059127&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=page_view&tfd=461
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYEFEW2YRY&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 137024296.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 32ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137024296.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c9d127ce387ea898823297ad8fc13e3d43469d95dfaf58793978fbb707c29fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 20 Dec 2023 07:58:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB4ECC928FD9412E9FA40D01DB7955E6 Ref B: FRAEDGE1212 Ref C: 2023-12-20T07:58:49Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H3 200 297039155598937 Show response
connect.facebook.net/signals/config/ 146 KB
37 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/297039155598937?v=2.9.138&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a13a93bbce3f13997a064fdbf05ea9fdb033ce667a7ae86acea6d34a69a4a4b1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 07:58:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37799
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 0xBpobI6wpOo8WlvZsfZl1g3ac3pP+libIaBOMJ1D+US1tpHcWhgnQxGjdwY+MuKlDmK6ez91f3TotkcaRgLDA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=912515836934678&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&if=false&ts=1703059129840&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1703059127864.1819675210&ler=empty&it=1703059129619&coo=false&tm=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 07:58:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 px Show response
secure.adnxs.com/ 0
826 B 30ms
29ms Script
application/javascript 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/px?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&id=1622764&order_id=[order_id]&seg=31340040&t=1&value=

Requested by

Host: go.affec.tv
URL: https://go.affec.tv/j/631865b36c616ff5444608da?ver=Retail&pnm=[product_name]&pid=[product_id]&pscat=[product_sub_cat_name]&pscid=[product_sub_cat_id]&pct=[product_category]&cid=[product_category_id]&rev=[revenue]&cur=[currency]&cpn=[voucher_code]&url=[url]&mem=[membership]&oid=[order_id]&qty=[quantity]&custom1=[custom1]&custom2=[custom2]&custom3=[custom3]&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:49 GMT
an-x-request-uuid: bdb9bdff-1bbf-40f0-a885-b1b8daf77e6e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.75; 45.141.152.75; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
go.affec.tv/per/ 846 B
916 B 30ms
29ms Script
application/javascript 52.211.23.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/per/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&k=56f9565d-0f2f-47a3-83f7-67113ce28926&p=ecb70aab-c31d-4b23-8884-19234515ebbe
Requested by: Host: go.affec.tv
URL: https://go.affec.tv/j/631865b36c616ff5444608da?ver=Retail&pnm=[product_name]&pid=[product_id]&pscat=[product_sub_cat_name]&pscid=[product_sub_cat_id]&pct=[product_category]&cid=[product_category_id]&rev=[revenue]&cur=[currency]&cpn=[voucher_code]&url=[url]&mem=[membership]&oid=[order_id]&qty=[quantity]&custom1=[custom1]&custom2=[custom2]&custom3=[custom3]&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.23.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-23-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 26cf6c841718583dc3a8b45f65cad15a5432b572d78f3b73f1547f888ebb8186

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
content-type: application/javascript
cache-control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
content-length: 548
expires: Wed, 04 Apr 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://map.go.affec.tv/map/af/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65829eb966d5820001b441e1%26chc%3Daf%26redirect_url%3D%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255B...
https://map.go.affec.tv/map/an/5475512034805159887?ch=65829eb966d5820001b441e1&chc=af&redirect_url=&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&gdpr=[GDPR_APPLIES]&gdpr_conse...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D

70 B
148 B

32ms
32ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D
date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: gzip
content-length: 174
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 /
www.google.com/pagead/1p-user-list/11008820483/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11008820483/?random=1703059129771&cv=11&fst=1703055600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77324082&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_T-JMkKksA-s1jWYgww1ghiiYbHrmSOsv9dgpWF27xeObl8nI&random=421545253&rmt_tld=0&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/11008820483/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11008820483/?random=1703059129771&cv=11&fst=1703055600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77324082&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_T-JMkKksA-s1jWYgww1ghiiYbHrmSOsv9dgpWF27xeObl8nI&random=421545253&rmt_tld=1&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/842673740/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/842673740/?random=1703059129767&cv=11&fst=1703055600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77324082&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_YYOQqqylsI_ZClENZQ2XxKqy6xFDtmjNaU4K_aQcWtnPirTn&random=449346494&rmt_tld=0&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/842673740/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/842673740/?random=1703059129767&cv=11&fst=1703055600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77324082&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_YYOQqqylsI_ZClENZQ2XxKqy6xFDtmjNaU4K_aQcWtnPirTn&random=449346494&rmt_tld=1&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 246091794286726 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/246091794286726?v=2.9.138&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

327326c3233868633bf379134097c010f44eff9439a0c02144dc85a331d0df90

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 07:58:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35405
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: iQCygBdfgcV0IXp5PgRR3OWF/jzUItf39SecCCd0RG3Yj5JHmRH0sp4TiAtDxmjtxC/D7D8dijwqKYlnVZqMew==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=297039155598937&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&if=false&ts=1703059129854&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1703059127864.1819675210&cs_est=true&ler=empty&it=1703059129619&coo=false&tm=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 07:58:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 942301047150897 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/942301047150897?v=2.9.138&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

32ea04182950de0229533655055083d5f9349d3cc92459b29732df2714627910

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Dec 2023 07:58:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35664
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: pfBPHTspeLtelosw49lyFSKKJJyN3SATY18+deANTLz2bDyzbwvq8jzjGyZzmsOoV9KsIyDXnlxv+QkKui5/Wg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=912515836934678&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&if=false&ts=1703059129868&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1703059127864.1819675210&ler=empty&it=1703059129619&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 07:58:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=297039155598937&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&if=false&ts=1703059129869&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1703059127864.1819675210&cs_est=true&ler=empty&it=1703059129619&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 07:58:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=246091794286726&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&if=false&ts=1703059129869&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703059127864.1819675210&ler=empty&it=1703059129619&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 07:58:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 137024296 Show response
www.clarity.ms/tag/uet/ 879 B
1 KB 159ms
159ms Script
application/x-javascript 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/137024296
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/137024296.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cba5323ca76493805e0ee3a9861d4b71fea5ab6f74fb4d3bb8e3ad3f6f11632d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: -1
date: Wed, 20 Dec 2023 07:58:50 GMT
x-azure-ref: 20231220T075849Z-qbpqbqhacx3y1frs6dgesg4zxg00000003dg000000004qbg
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 879
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 ecb70aab-c31d-4b23-8884-19234515ebbe-async.js Show response
cdn.permutive.com/ 250 KB
70 KB 27ms
26ms Script
application/javascript 2606:4700::6811:7711
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Requested by: Host: go.affec.tv
URL: https://go.affec.tv/per/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&k=56f9565d-0f2f-47a3-83f7-67113ce28926&p=ecb70aab-c31d-4b23-8884-19234515ebbe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3daed38dbc41f5bd7030caa2fbfb7a9308a7878f2e73f3e1fd5b2835abf06f99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: ecb70aab-c31d-4b23-8884-19234515ebbe
age: 0
x-guploader-uploadid: ABPtcPozxdrj1XlpGS0ht8L5qaQ5-Muvaf0RaJzKV4klaGua_8AowHEIpAsfjaylELpVjxdI2cI
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Mon, 13 Mar 2023 10:17:52 GMT
server: cloudflare
etag: W/"2531ddd69278d89386833e5f0c1e0294"
vary: Accept-Encoding
x-goog-generation: 1678702672966055
content-type: application/javascript
x-goog-hash: crc32c=sP0XyQ==, md5=JTHd1pJ42JOGgz5fDB4ClA==
cache-control: public, max-age=900
x-goog-stored-content-length: 71868
timing-allow-origin: *
cf-ray: 838657a9bc7b1db3-FRA
expires: Wed, 20 Dec 2023 08:13:49 GMT

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 8ms
8ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFTVE0RC77UEE0VEQL1G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 2eff3f9b
date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090731269DFE9262F7CE1AE7E72D
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014180c1b37eddca8e54ac1a7d395ce7715048e8a1793aff10a86a694e1a7e85b294d4179dae9c55d8a6970b5d9e52768129554676b6ccacbeecb68a8a21211b3b4888301bfbbf1d480412cb99e96bbb5b2f81c615810089fc190d6a2b485ac8a5
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=17
content-length: 108174

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=942301047150897&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&if=false&ts=1703059129883&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703059127864.1819675210&ler=empty&it=1703059129619&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Dec 2023 07:58:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 140.2e1d7ec.css
secure.vantagemarkets.com/static/css/ 2 KB
843 B 29ms
28ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/140.2e1d7ec.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.0f7f56c5669f6105ed56.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05498d4b362a52304b6a609043aa4e079018c1badaa1a8380a510908acb2d5da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4972
etag: W/"6581028e-8e8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 838657aa488f4dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 140.e85f58fa336897407c82.js Show response
secure.vantagemarkets.com/static/js/ 2 KB
1 KB 30ms
28ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/140.e85f58fa336897407c82.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.0f7f56c5669f6105ed56.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec5113a4e0290eb250c2f64b02983d85cb4109a3f8888c0ff26ac2da0ee3b5ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4972
etag: W/"6581028e-979"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 838657aa48944dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 1.fa8dd254059b9b868b09.js Show response
secure.vantagemarkets.com/static/js/ 854 KB
188 KB 38ms
37ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/1.fa8dd254059b9b868b09.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.0f7f56c5669f6105ed56.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1d9681eb46c1dd8ecf66eb061e7c83605c0568a38b6395195b942f74a538707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4972
etag: W/"6581028e-d5722"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 838657aa48954dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 10.929c3cf438815e07886e.js Show response
secure.vantagemarkets.com/static/js/ 29 KB
7 KB 23ms
22ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/10.929c3cf438815e07886e.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.0f7f56c5669f6105ed56.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b22ef4a3bec9450dcd33538350c1633a819ae0484601228930fb2dacede575a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4972
etag: W/"6581028e-7449"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 838657aa48964dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 15.b585132.css
secure.vantagemarkets.com/static/css/ 84 KB
11 KB 26ms
26ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/15.b585132.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.0f7f56c5669f6105ed56.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daa1fcec7b10760204d3af5b71e7eac4a2dfdb265a44aeb11e1c3a2203d30cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4972
etag: W/"6581028e-14ff8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 838657aa48924dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 15.7930c16a9deb0b2774b5.js Show response
secure.vantagemarkets.com/static/js/ 37 KB
18 KB 30ms
29ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/15.7930c16a9deb0b2774b5.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.0f7f56c5669f6105ed56.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76e73dc6b9b86fea7906a5b6d32c255fc9cb1b872e6c6f414ed43de594297727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4972
etag: W/"6581028e-955c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 838657aa48994dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 40.ef09548.css
secure.vantagemarkets.com/static/css/ 23 KB
4 KB 31ms
30ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/40.ef09548.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.0f7f56c5669f6105ed56.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 326dcddce3b94dab81b6c513447b2bf6af4a3e3eb7859eacc93b48cb6c0be42f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4972
etag: W/"6581028e-5ac1"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 838657aa48934dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 40.9b11f0369631d0fb22bc.js Show response
secure.vantagemarkets.com/static/js/ 9 KB
3 KB 24ms
23ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/40.9b11f0369631d0fb22bc.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.0f7f56c5669f6105ed56.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcb62a900e603b9af625c46bf5b929e6ab789b0a83da2b33ce983269ca4e3e6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4972
etag: W/"6581028e-2429"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 838657aa489b4dbd-FRA
expires: Wed, 20 Dec 2023 11:58:49 GMT

GET
H2 200 D4PKUQWCWNCJPDENWUB3VX Show response
d.adroll.com/consent/check/ 554 B
646 B 33ms
33ms Script
application/javascript 2a05:d018:cc3:fe05:6921:4b90:8b33:d122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/D4PKUQWCWNCJPDENWUB3VX?pv=31662474706.18242&arrfrr=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&_s=130faa3d379c084a26a4012d10c0643a&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:6921:4b90:8b33:d122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 4af3463ab3774d1c4f6b8e85175e88bdedeba6c1a92fd38a751f8452db93d1ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:49 GMT
server: nginx/1.22.1
content-length: 554
content-type: application/javascript

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 10ms
10ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 2eff4016
date: Wed, 20 Dec 2023 07:58:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073127516758C986DC33DFD9A5
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014180c1b37eddca8e54ac1a7d395ce7715048e8a1793aff10a86a694e1a7e85b2afc7d9db99d51beb50669848a3f2a9b3fb457d3904dec909b090691496411534f6c38000ced9b7e2fe367b4c632bc879b55a5d88147333a8016508a61ae8fb49
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=12
content-length: 35971

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
843 B 144ms
144ms Ping
text/plain 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 70e4e7d2.2eff4025
date: Wed, 20 Dec 2023 07:58:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312200758500DC1A73F74F2B4CE5B80-15701A2C8886D999-00
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 133,104.126.37.38
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=47, inner; dur=42
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312200758500DC1A73F74F2B4CE5B80
x-cache-remote: TCP_MISS from a104-78-78-94.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 47,104.78.78.94
x-tt-trace-host: 0100825f2de55336f17e5f56eeb30998173755d5c55a0df412e4064659e1966fb01f3fd774cfd5a1e52ca008027c9c226b1b5ebd77c5648fd759b5cb1e877725d22f0f84aa6a21bd032047b872579211c1f9d4c623caa4df0c006944c32d92aadc0bc7d498e7a59b6414e725d7429d0994
access-control-allow-headers: Authorization,*
expires: Wed, 20 Dec 2023 07:58:50 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
704 B 145ms
145ms Ping
text/plain 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2eff4028
date: Wed, 20 Dec 2023 07:58:50 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=dyn
x-tt-trace-id: 00-231220075850DCE07987095D82D21D06-597723826EB42FFE-00
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=38, cdn-cache; desc=MISS, edge; dur=5, origin; dur=131
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231220075850DCE07987095D82D21D06
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 131,104.126.37.38
x-tt-trace-host: 0100825f2de55336f17e5f56eeb30998173755d5c55a0df412e4064659e1966fb0a1efd8c349e1f7dd95c1fbbddd9f382035afbba71eebd2457dd53faff4ddff1ff508f067f488d44ba16606cfab1e9a2bda173a7776188f544d5c5cec3159d9c6
access-control-allow-headers: Authorization,*
expires: Wed, 20 Dec 2023 07:58:50 GMT

POST
H2 200 1 Show response
us-1-api.insightech.com/pageview/089a28b851/18c863bfd75.8b06c/18c863c055c.28c68/ 17 B
105 B 302ms
301ms XHR
application/json 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-1-api.insightech.com/pageview/089a28b851/18c863bfd75.8b06c/18c863c055c.28c68/1
Requested by: Host: cdn.insightech.com
URL: https://cdn.insightech.com/insightech.mini.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 35c68ae34e6a648ce704a3619332aa10bee088b307d07d9d82b16942ffe8f906

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
server: Google Frontend
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
x-cloud-trace-context: 45177d275c09292cb788e3b5af661985
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Alt-Referer
content-length: 17

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/ Frame F268
Redirect Chain

https://assets.zendesk.com/embeddable_framework/main.js
https://static.zdassets.com/ekr/asset_composer.js

10 KB
5 KB

45ms
20ms

Script
application/javascript

104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
x-amz-version-id: UVyRrNCT14O0dfFWDj2LMoXLPgAxLFso
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: C8JQ3FZPYS9NTEVB
age: 45
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 0hGej/YeTNwT6GF3Bm2pm6SlcNVg3OcxslIMau6Q27nDaX/HDUYeqn1Bct3/HNx1k+hIVSKv0Vg=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNltjWWtvVMI0GduHGmwU5gA3GUz5OXr0%2BhflDtu1wPx4Y%2BuSRz%2F4dBoCGQjCfVPZPcgg78Gl8YUeI6LLicvwww5VdEOWwg6gD89wv6M%2BKEOXl2VOyvyCc0cOC4qUnZafpQ42mY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 838657ab3fb35c38-FRA

Redirect headers

date: Wed, 20 Dec 2023 07:58:50 GMT
strict-transport-security: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2w727NxTa3KUPMDaNkCyrut7uwcIo%2Fb1GxyIign5N4U%2FVUQBjgW2gr00ALkFVBzhTHyiNkaKi6Beorcg5mqKqdT0EHz%2Fts9MPz71ulbJgSiCmRiz30YkyGNu7%2BnokXKvp7Gpg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.zdassets.com/ekr/asset_composer.js
cache-control: max-age=3600
cf-ray: 838657aabf8e30c9-FRA
expires: Wed, 20 Dec 2023 08:58:50 GMT

GET
H2

200

main.js Show response
secure.vantagemarkets.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame A2D9
Redirect Chain

https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
3 KB

18ms
17ms

Script
application/javascript

2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Server

2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49bee912dcbbd3cc19abe681627e54c8517245f474d2d635465a7feed476cb5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 838657aab92a4dbd-FRA

Redirect headers

location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
date: Wed, 20 Dec 2023 07:58:50 GMT
cache-control: max-age=300, public
server: cloudflare
cf-ray: 838657aa98f24dbd-FRA
vary: accept-encoding

GET
H2 204 0
bat.bing.com/action/ 0
119 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137024296&tm=gtm002&Ver=2&mid=ceb6a809-4bbd-446b-a35b-9c1fb7ebc1a6&sid=9be2c7609f0d11eeb81ceb5e79bf90c8&vid=9be2d8209f0d11eea1236ba58f9e412d&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&kw=Vantage%20login,%20client%20portal&p=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&r=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&lt=636&evt=pageLoad&sv=1&rn=801981

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 20 Dec 2023 07:58:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 64A11A19E638425CA28FB806EDD78C11 Ref B: FRAEDGE1212 Ref C: 2023-12-20T07:58:50Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 onelink Show response
wa.onelink.me/v1/ 13 B
370 B 70ms
32ms XHR
application/json 13.227.219.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-30.ams54.r.cloudfront.net
Software: /
Resource Hash: 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
via: 1.1 bb1fd0922e473ba97ff6a00f6c71141a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 13
x-amz-cf-id: PHDaI-pdzqm0n7sHVcs_GNE3UyELTpGuoaorr58P_pJvQG0QOupMVg==

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 16ms
16ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 8852e13b88f81cdd5d9520f55c4480d575efe2c84a9299c9261ad717e6532fdc

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 20 Dec 2023 07:48:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 636
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 20 Dec 2023 09:48:14 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 32ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 20 Dec 2023 07:58:49 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9BC147CA84314327ABF8671EB0F4D0A1 Ref B: FRAEDGE1212 Ref C: 2023-12-20T07:58:50Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
BLOB 200
OK c850f32f-1cc3-4302-87b7-24858f4b1000
https://secure.vantagemarkets.com/ 47 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.vantagemarkets.com/c850f32f-1cc3-4302-87b7-24858f4b1000
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 168409daa5c5a8dcca6ebcb730c6d7c7e1df6475c0727eedade75eafb8c40116

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 47721
Content-Type

GET
BLOB 200
OK f612d07b-1fdd-4936-8a53-7a5e0a936cd0
https://secure.vantagemarkets.com/ 47 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.vantagemarkets.com/f612d07b-1fdd-4936-8a53-7a5e0a936cd0
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 168409daa5c5a8dcca6ebcb730c6d7c7e1df6475c0727eedade75eafb8c40116

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 47721
Content-Type

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 407 KB
83 KB 14ms
13ms Script
text/javascript 2600:9000:2104:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b117d83a80faf1b382ea93574869ce88e5d7c64564c9c7e5e9bf848707a5206

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: crNc63Gv0u92JMWh0Shd6y2KbRGKZNX.
Content-Encoding: gzip
Via: 1.1 5e828cc6ff056cb59ec35c3467ec45f4.cloudfront.net (CloudFront)
Date: Wed, 20 Dec 2023 07:56:53 GMT
Age: 135
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 17 Nov 2023 19:37:04 GMT
Server: AmazonS3
Etag: W/"e993329a4c7e4890d9ff6e0b28807da2"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 4KWpElT_y5vy2Aa-amMhCnGHhahd4sWFJr7i6i6hXE4pxNu06VYhkA==

GET
H2 429 / Show response
ipapi.co/json/ 116 B
651 B 215ms
191ms XHR
application/json 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json/

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/53.acdbd97833253086dbfd.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c40eb6d50cee55cd98e628b786109035413fef21587791221d06070e99e9e25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Host, origin
allow: GET, HEAD, OPTIONS, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZArIqfjYtWXu41Cn2LZ%2BJTI2X1W0qQEw4f6XboK%2FjZeRC%2Frme4bKTROv5FoAnPoV0x3G1jGfnwyyvPEfpAWy2d3FGSZjOjTZtigpMEq3p2rqt5aNtWTVqdn2qNE1nvyM9oT%2BYrfa"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 838657aaed841c0b-FRA
content-length: 116

GET
H2 200 geoip2.js Show response
js.maxmind.com/js/apis/geoip2/v2.1/ 3 KB
1 KB 52ms
26ms Script
application/javascript 2606:4700:7::a29f:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/140.e85f58fa336897407c82.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 07:30:12 GMT
server: cloudflare
age: 1718
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 838657ab3da165c2-FRA
expires: Wed, 20 Dec 2023 11:58:50 GMT

GET
H2 200 login-bg.c01546f.png
secure.vantagemarkets.com/static/img/ 366 KB
367 KB 38ms
38ms Image
image/webp 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.vantagemarkets.com/static/img/login-bg.c01546f.png

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/css/40.ef09548.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5fa0c18ab18f41d47d859e9c70d56511bb0af34e8cd1e8120788ba198e7645f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/static/css/40.ef09548.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1294
cf-polished: origFmt=png, origSize=442887
content-disposition: inline; filename="login-bg.webp"
content-length: 375108
cf-bgj: imgq:100,h2pri
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
etag: "6581028e-6c207"
vary: Accept
x-frame-options: deny
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 838657ab09884dbd-FRA
expires: Wed, 20 Dec 2023 11:58:50 GMT

GET
DATA 200
OK truncated
/ 772 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a865fd1ba2df994f7e390eaf20e4ebcd124412da91c8031f69688ba4061f522d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Gilroy-SemiBold.a5cf732.ttf
secure.vantagemarkets.com/static/fonts/ 137 KB
137 KB 24ms
23ms Font
application/octet-stream 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/fonts/Gilroy-SemiBold.a5cf732.ttf
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/css/15.b585132.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b4f5562de072aa2884798b9fdb2329ad4122d972a1bf2f58fe645b9623b0590

Request headers

Referer: https://secure.vantagemarkets.com/static/css/15.b585132.css
Origin: https://secure.vantagemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4972
etag: "6581028e-2222c"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 838657ab098a4dbd-FRA
content-length: 139820
expires: Wed, 20 Dec 2023 11:58:50 GMT

GET
H2 200 Gilroy-Regular.31ff7c1.ttf
secure.vantagemarkets.com/static/fonts/ 142 KB
142 KB 42ms
42ms Font
application/octet-stream 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/fonts/Gilroy-Regular.31ff7c1.ttf
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/css/15.b585132.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29d02f71307e5f9b4c1a0117d2716e810e411c3083daa7322d2caaf0536a0e87

Request headers

Referer: https://secure.vantagemarkets.com/static/css/15.b585132.css
Origin: https://secure.vantagemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4972
etag: "6581028e-236fc"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 838657ab098e4dbd-FRA
content-length: 145148
expires: Wed, 20 Dec 2023 11:58:50 GMT

GET
H2 200 element-icons.535877f.woff
secure.vantagemarkets.com/static/fonts/ 28 KB
28 KB 32ms
32ms Font
font/woff 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/fonts/element-icons.535877f.woff
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/css/styles.f1279af.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17

Request headers

Referer: https://secure.vantagemarkets.com/static/css/styles.f1279af.css
Origin: https://secure.vantagemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4972
etag: "6581028e-6e28"
vary: Accept-Encoding
content-type: font/woff
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 838657ab09914dbd-FRA
content-length: 28200
expires: Wed, 20 Dec 2023 11:58:50 GMT

GET
H2 200 Gilroy-Medium.c83281a.ttf
secure.vantagemarkets.com/static/fonts/ 140 KB
141 KB 28ms
28ms Font
application/octet-stream 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/fonts/Gilroy-Medium.c83281a.ttf
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/css/15.b585132.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b3c84352c6a0d8a3479b528b8d8336ddb1cef0da8b81dea0e41a930d56523fe

Request headers

Referer: https://secure.vantagemarkets.com/static/css/15.b585132.css
Origin: https://secure.vantagemarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
age: 4972
etag: "6581028e-2316c"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 838657ab19994dbd-FRA
content-length: 143724
expires: Wed, 20 Dec 2023 11:58:50 GMT

GET
H2 200 login-icon.2bb3ea7.png
secure.vantagemarkets.com/static/img/ 25 KB
25 KB 23ms
23ms Image
image/webp 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.vantagemarkets.com/static/img/login-icon.2bb3ea7.png

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

526ee964327392071152c05d9ec0f6d37660f23d84378b1c613ab7cd7aaca29e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4972
cf-polished: origFmt=png, origSize=31013
content-disposition: inline; filename="login-icon.webp"
content-length: 25590
cf-bgj: imgq:100,h2pri
last-modified: Tue, 19 Dec 2023 02:40:14 GMT
server: cloudflare
etag: "6581028e-7925"
vary: Accept
x-frame-options: deny
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 838657ab199a4dbd-FRA
expires: Wed, 20 Dec 2023 11:58:50 GMT

GET
DATA 200
OK truncated
/ 472 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ed81fdc8f79e97a06bde70eb5a893a2b020a1aa638bcb0457a659a6df69ad7c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 89ms
88ms Script
application/javascript 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/137024296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
content-encoding: br
last-modified: Wed, 13 Dec 2023 19:57:52 GMT
etag: W/"0x8DBFC15CAB825ED"
vary: Accept-Encoding
x-azure-ref: 20231220T075850Z-qbpqbqhacx3y1frs6dgesg4zxg00000003dg000000004qby
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: daaa8e79-801e-0005-62cc-30fc00000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H2 200 838657a69c604dbd Show response
secure.vantagemarkets.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A2D9 0
239 B 40ms
39ms XHR
text/plain 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/h/g/jsd/r/838657a69c604dbd
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
content-encoding: br
server: cloudflare
cf-ray: 838657abba4d4dbd-FRA
content-type: text/plain; charset=UTF-8

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
846 B 139ms
139ms Ping
text/plain 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8c35d7a6.2eff4155
date: Wed, 20 Dec 2023 07:58:50 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231220075850D970E87FB7DAF6AB2476-513F54718203D403-00
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 127,104.126.37.38
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=41, inner; dur=38
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231220075850D970E87FB7DAF6AB2476
x-cache-remote: TCP_MISS from a23-218-220-145.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 41,23.218.220.145
x-tt-trace-host: 0100825f2de55336f17e5f56eeb30998178af31377a36b3e133f7dac428578bf8198b87fca41cb99d618970cd5d18247101e4bbff87be6f3b63fe5ebb9e75e274dc1cafde9a1a7f4e9002a716f2c49c3b859b68953c79601d95164cfee06d9df2b755a781515cdbe6ef8d599ff581b2cad
access-control-allow-headers: Authorization,*
expires: Wed, 20 Dec 2023 07:58:50 GMT

GET
H2 204 0
bat.bing.com/action/ 0
119 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137024296&tm=gtm002&Ver=2&mid=ceb6a809-4bbd-446b-a35b-9c1fb7ebc1a6&sid=9be2c7609f0d11eeb81ceb5e79bf90c8&vid=9be2d8209f0d11eea1236ba58f9e412d&vids=0&msclkid=N&gtm_tag_source=ua&ec=Scroll%20Depth&el=Scroll%20Depth&gc=USD&tpp=1&en=Y&p=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&sw=1600&sh=1200&sc=24&evt=custom&rn=720989

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 20 Dec 2023 07:58:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 52E17C095EB342CF88041B80215E0491 Ref B: FRAEDGE1212 Ref C: 2023-12-20T07:58:50Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK events Show response
wa.appsflyer.com/ 82 B
538 B 135ms
33ms XHR
application/json 34.241.75.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.appsflyer.com/events?site-id=3763a30e-77f1-4099-9f29-c434b5efec6e
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.75.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-75-195.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 96839e953318899772c2884afe8eb082c2b23b9f09b98816565779f5b4c92b15

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://secure.vantagemarkets.com
Date: Wed, 20 Dec 2023 07:58:50 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 82
Content-Type: application/json

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 14ms
13ms Image
image/png 2600:9000:2104:ca00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ca00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Tue, 19 Dec 2023 23:31:19 GMT
Via: 1.1 5e828cc6ff056cb59ec35c3467ec45f4.cloudfront.net (CloudFront)
Age: 34911
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Rmrt5WRYEJU8-wpMg_9T42F6wiK4-S6I5ec1QchR2Ex5Nsd4h7lj3w==

GET
H2 200 ig-membership Show response
asia.creativecdn.com/ Frame E62F 2 KB
760 B 164ms
164ms Document
text/html 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/ig-membership?ntk=qjPbEb-5rbYBOokqLkG9lhLPsJxYE9OIvcRaAJatukdlI595UDo4YPbSwpGN9hoMekEcZ4x0S_Z6t0JOj2hQ1v7meKjA0a3oOR56X1rL_Fs
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/gJKbT9N3FwF2LliEdMKV.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: fdb1a68003e9a683e9785811bc0c3f565e3f3608106365fcf5826504e18f46ef

Request headers

Referer: https://secure.vantagemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 572
content-type: text/html;charset=utf-8
date: Wed, 20 Dec 2023 07:58:50 GMT Wed, 20 Dec 2023 07:58:50 GMT
expires: Thu, 21 Dec 2023 07:58:50 GMT
vary: Accept-Encoding

GET
H2 200 topics-membership Show response
asia.creativecdn.com/ Frame 381F 945 B
658 B 163ms
163ms Document
text/html 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/topics-membership?ntk=fmHvYKB67E14YtAQ8hAJ7Rgw4TjbHWMVD1YxlNlWbRLBQT0dIx8QpdyHe1EZGpa3uWC8oghvckm_VhiYobDOGA
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/gJKbT9N3FwF2LliEdMKV.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: 37ca67f497e4d79260bb2fdad16dea862196ba28d2cebeef6304ca8b9c986f6b

Request headers

Referer: https://secure.vantagemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 470
content-type: text/html;charset=utf-8
date: Wed, 20 Dec 2023 07:58:50 GMT Wed, 20 Dec 2023 07:58:50 GMT
expires: Thu, 21 Dec 2023 07:58:50 GMT
vary: Accept-Encoding

GET
H2

200

cm
sin.creativecdn.com/adx/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_cm&google_sc&google_ula=5153224&google_hm=mlQq4X7Ud__0Wwz5r7cGlCpSRv9-fBBasw6DymFj7is&pi=adx&tdc=sin
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=sin&google_gid=CAESELs3YSYYBUJJ7OCzfxd-9_s&google_cver=1&google_ula=5153224,0
https://sin.creativecdn.com/adx/cm?v=2&pi=adx&tdc=sin&google_gid=CAESELs3YSYYBUJJ7OCzfxd-9_s&google_cver=1&google_ula=5153224,0

42 B
243 B

169ms
163ms

Image
image/gif

103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sin.creativecdn.com/adx/cm?v=2&pi=adx&tdc=sin&google_gid=CAESELs3YSYYBUJJ7OCzfxd-9_s&google_cver=1&google_ula=5153224,0
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT, Wed, 20 Dec 2023 07:58:50 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://sin.creativecdn.com/adx/cm?v=2&pi=adx&tdc=sin&google_gid=CAESELs3YSYYBUJJ7OCzfxd-9_s&google_cver=1&google_ula=5153224,0
date: Wed, 20 Dec 2023 07:58:50 GMT
content-length: 0

GET
H2 200 me Show response
geoip-js.com/geoip/v2.1/country/ 757 B
957 B 66ms
40ms XHR
application/vnd.maxmind.com-country+json 2606:4700:4400::6812:216e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip-js.com/geoip/v2.1/country/me?referrer=https%3A%2F%2Fsecure.vantagemarkets.com

Requested by

Host: js.maxmind.com
URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:216e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae0569f236e8216c5b62283edab27d983dd3b579a9575b84a4fd7cc1b626cc67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/vnd.maxmind.com-country+json; charset=UTF-8; version=2.1
access-control-allow-origin: *
cf-ray: 838657ac4bcb2c57-FRA
content-length: 757

GET
H2 200 vantagefx8311.zendesk.com Show response
ekr.zdassets.com/compose/web_widget/ Frame F268 1 KB
1 KB 201ms
177ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/web_widget/vantagefx8311.zendesk.com

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4544c1307570ae74f7608632459f1ec99f2bb09c85700a5f070c26373e37b9d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8308f9454ff964fc-SEA, 8308f9454ff964fc-SEA
x-runtime: 0.006545
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"4544c1307570ae74f7608632459f1ec9"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgkxDpJntmMfm6fv0j3sDyW8ADWC0ic44Wlt6wxh75cEjUO7qbhBQggDnqDf4bF42VXPbRFoQPGGDABDWUtLAQricFpgWB4ojqbXRM%2BkcGRF36GOAF6NIg6YojYVh51CVAE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 838657ac3e0591d1-FRA

GET
H2 200 onelink Show response
wa.onelink.me/v1/ 51 B
516 B 32ms
32ms XHR
application/json 13.227.219.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink?af_id=982d5c58-7c78-48c8-be92-ee8d1974604c-p
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-30.ams54.r.cloudfront.net
Software: /
Resource Hash: 8c9fa4ef4a7e9d1626cfc120f5d3179405eb5171ca346ba0e180ec5deb1bd3b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
via: 1.1 bb1fd0922e473ba97ff6a00f6c71141a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 51
x-amz-cf-id: DPRzDQ2vDIeyFiIIMp_L48yr0HqXQFmCXDsQ9kQ-e10wFEdChZr07w==

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
305 B 96ms
96ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.vantagemarkets.com
Date: Wed, 20 Dec 2023 07:58:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 web-widget-main-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 8950 923 KB
265 KB 26ms
26ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
x-amz-version-id: PAflfXOdiQDrMRVYun69YoketTkl1xNU
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPBW7W4HNMQNRZQ
age: 1314594
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: wfPEdY9k/zcvsIza71zRAfGSA06ccGjnyFntR/pEQA5wKZJx4KMSIhZ1mIOYvRkIKiOLJAwMzi4=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"6f8511a72c96db8b22e6373718b842ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6mHdUwavOouWRRVp%2F9dfd%2BKCXGQezo0XHt45RgacR2DGDu1owmoP2itX8hkFdp3Ea%2FdmWAa5QM28kaV1eSRthyKTw1GddFX76ZDsWEG7urAMr48tiCxbSzs0Qk7vHzt%2F6%2BOy9Y0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 838657ad699b5c38-FRA
expires: Wed, 04 Dec 2024 00:24:09 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H4QYCECT8W&gtm=45je3bt0v899400763z8899419796&_p=1703059129529&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703059127&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=page_view&tfd=1094
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H4QYCECT8W&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=848963187&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ul=en-us&de=UTF-8&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=percent&el=Scroll%20Depth&_u=aADAAEABEAAAACAAI~&jid=257858059&gjid=1718551479&cid=208694154.1703059128&tid=UA-28849650-1&_gid=812570888.1703059130&_r=1&_slc=1&gtm=45He3bt0n81T38KSHMv77324082&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&z=2037304304

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us-json-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 8950 25 KB
6 KB 24ms
24ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
x-amz-version-id: Xo1h7j84vGmG9Gk_pCcj7jCQD2BwGUUO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPFGS4SBCJ216KA
age: 1314593
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: KPhHQZ5iIGydSOF/FRCx8eCn3ImV7hM3qo3KWavgH4MUbCLy67WRA+HVKMqLOfRNXjGgWGdXoIE=
last-modified: Tue, 05 Dec 2023 00:24:12 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTe8bgIxoqLzL6PSGiptfB1eYHwADShvJXGZMWOl5VzOiRHJrh77%2BPf8gW%2FqkqElnM9H1tCwOouhLBShSjVo9GzbNVJzFcwVwCLrEpcFTpwrwf3hEjYWRdQ1bQ26cT%2FHUzN1Vjg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 838657ae3a715c38-FRA
expires: Wed, 04 Dec 2024 00:24:11 GMT

GET
H2 200 config Show response
vantagefx8311.zendesk.com/embeddable/ Frame 8950 737 B
1 KB 806ms
779ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vantagefx8311.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59783d95484cdd576a541a2b88db000b549b71802ce27a47377304cb0d5b14d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:51 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-5b477d44b9-5q7kn
x-cached: STALE
x-request-id: 838652a68ddccab1-HAM
x-runtime: 0.002412
last-modified: Wed, 20 Dec 2023 07:46:07 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOe4xXkg%2Ff%2FAzLRtOhQL%2F%2B3qlrvZwjRqAfcovdXgAWU2QCn%2B6jfLilIyWxD%2Fa3RvC3Leo4s32OaEsNi2ZgNGa6XrNc3DyV%2BxvRVLcCQadz1St3x%2BWp4Y7x65%2BkeZeyOstjfvOUaon7llZsU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 838657ae6e303a5e-FRA

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28849650-1&cid=208694154.1703059128&jid=257858059&gjid=1718551479&_gid=812570888.1703059130&_u=aADAAEAAEAAAACAAI~&z=390829565

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 20 Dec 2023 07:58:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=264F8EE877854FF7B5BF73531FFDB7D0&RedC=c.clarity.ms&MXFR=124BEB8AAF5660641443F867AB566EDF
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=264F8EE877854FF7B5BF73531FFDB7D0&MUID=1DC0C52E863A621D1D3AD6C387E863C0

42 B
442 B

91ms
90ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=264F8EE877854FF7B5BF73531FFDB7D0&MUID=1DC0C52E863A621D1D3AD6C387E863C0
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:51 GMT
last-modified: Tue, 12 Dec 2023 19:03:29 GMT
server: Microsoft-IIS/10.0
etag: "e8d91e42d2dda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 712A5D4E7E4B4CC5884C031A07F7183A Ref B: FRAEDGE1212 Ref C: 2023-12-20T07:58:51Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=264F8EE877854FF7B5BF73531FFDB7D0&MUID=1DC0C52E863A621D1D3AD6C387E863C0
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-5QX5T4NLR6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c08793373d2e56d5b668bee7bc13f30be6d9a9de5b8c6ba0ec2099fe6d854c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81286
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 07:58:50 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-SQEL52NP0G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32dff884056ca129d76fa845e76965e080db192b2a4ae8fd58188f3b7b7be831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93150
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Dec 2023 07:58:50 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N5DW4FZP31&gtm=45je3bt0v9133159399&_p=1703059129529&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703059127&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=31&tfd=1242
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N5DW4FZP31&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H4QYCECT8W&gtm=45je3bt0v899400763&_p=1703059129529&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703059127&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=scroll&epn.percent_scrolled=90&_et=658&tfd=1245
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H4QYCECT8W&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RYEFEW2YRY&gtm=45je3bt0v9133161829&_p=1703059129529&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703059127&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=5&tfd=1248
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYEFEW2YRY&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
17ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-28849650-1&cid=208694154.1703059128&jid=257858059&_u=aADAAEAAEAAAACAAI~&z=865710725

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 21ms
20ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-28849650-1&cid=208694154.1703059128&jid=257858059&_u=aADAAEAAEAAAACAAI~&z=865710725

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-chat-sdk-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 8950 202 KB
51 KB 27ms
27ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
x-amz-version-id: TdcYv88Lf5u9m3AG8eAA2HBmnexgob8V
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 0X24BSPSV39D8D28
age: 1314593
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 1eGND/GjxrlQxia9pWdTTwHT8UuCrrKDdbJzZuma1/VkfAY1PcOzD5FH1w1FjTJn2c8rVgJg5Po=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"b8284a4b45e40625c2b90a641ebe4a68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKOpM50mgECceXGZ5kD%2F61DyqRG4%2F1Pkqei0x4CA10ECNRdkzhc3K2ZxjN3VNT4%2BeAVXF3AGbAR3nM6CqOAWUbubBDIieJtr%2B%2Fqsv86nxDEupZi2k2YXdj2tSwtT2LVidni4qW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 838657ae8aaf5c38-FRA
expires: Wed, 04 Dec 2024 00:24:09 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5QX5T4NLR6&gtm=45je3bt0v9114112407z8899419796&_p=1703059129529&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&cid=208694154.1703059128&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1703059130&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=tmbt_scroll_50&_fv=1&_ss=1&tfd=1323
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-5QX5T4NLR6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
129 B 16ms
16ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 89f8a926623d84ff3cf651695e6589468750fcde0f13903f0090887a787e2154

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SQEL52NP0G&gtm=45je3bt0v9132864540z8899419796&_p=1703059129529&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703059130&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=tmbt_scroll_50&_fv=1&_ss=1&tfd=1343
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-SQEL52NP0G&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SQEL52NP0G&gtm=45je3bt0v9132864540z8899419796&_p=1703059129529&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1703059130&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=tmbt_scroll_80&_et=2&tfd=1363
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-SQEL52NP0G&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 63A5 14 KB
6 KB 72ms
72ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=secure.vantagemarkets.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://secure.vantagemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 07:58:50 GMT
server: Kestrel
server-processing-duration-in-ticks: 461772
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 63A5 449 B
576 B 74ms
74ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=onetag&domain=vantagemarkets.com&sn=ChromeSyncframe&so=0&topUrl=secure.vantagemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=secure.vantagemarkets.com&origin=onetag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2424a8afd9a2d7df3e152cf69673ee548687272cac2ca89b938bbe0d3516968d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/syncframe?topUrl=secure.vantagemarkets.com&origin=onetag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1352113
expires: 0

GET
H2 200 web-widget-chat-incoming-message-notification-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 8950 236 B
588 B 19ms
19ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
x-amz-version-id: vFeMRdO_ves3AqXqcJa51X.kBsGbKmeW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: A4N17FH4T4Q3T2FA
age: 1314588
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: jj3IJP8SG1qYvE4k5/yGOQQcVY1t9fS2FwFAUdl7K5931Xd3flm5WF8IJiZ/yy12ah/e+h8TsYA=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzuQi8qRgYz1%2BTEf4LB1yYW%2FCDRvo82ADRu3xZj3yRJNJ2pRJQK%2BHUwMI%2BnOBpUuiGS4v4AT8eV5u4vHIWzi4zJyWZRJlrytkSPhqDItw00A3xLV04RyRpAIGvlALGHmp9fJOdo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 838657b08c735c38-FRA
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 8950 19 KB
20 KB 18ms
17ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
x-amz-version-id: 4bV_wFumuJbx5cco1BXg1VPt41lZHsX1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ZJZE7JMCCHH4D6TV
age: 1910817
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: eANrIaPqScX/HcTBuO9Ygxuy2PDIF5gMPbbtEnNP4r8awfJScAcJ08j4BwLBd4anl8viLy0rADU=
last-modified: Mon, 06 Nov 2023 00:49:00 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwvAkGDvW4JZAUYR7HY4yZaxLxLnc%2BriYbcy4NxPhX7MIH%2BWWjA0rIC%2BqPC%2BcAri07h32fU9Hdcs5TM2M%2FNY2VpZi5fIqDt7QrBFuwUXOyENWzL5mk9mSWOeSm9PLcNXFIwfnoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 838657b0ac8e5c38-FRA
expires: Tue, 05 Nov 2024 00:48:59 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 118 KB
11 KB 107ms
76ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=%5Ban%253Dweb-vantagemarkets.com%2526cn%253DSG%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DIN%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DVN%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DHK%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DNL%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DIT%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DCH%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DSE%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DCO%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DAE%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DJP%2526ln%253Dja%2Can%253Dweb-vantagemarkets.com%2526cn%253DAR%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DMX%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DID%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DSA%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DPH%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DTH%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DMY%2526ln%253Den%5D&v=5.20.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-custom&p3=e%3Ddis&adce=1&bundle=np4YeF81cklLcnA4bDhhMmZwTks3SWJKTUQ5RmliWnpOTDhNSVElMkJ1dTJCa1RaWERrMkNsNlhsMFBOd29DY3BPU2Y0aktoVnk2TVolMkJrMW9tS0pJcWJnY2tUeVpBejE3aTN1RW9HUUNzNmtZNUlsRFZJT2ptVE5JaWFQaTBxa0xadTFvYWxNYUxMTlZ0cmdHRVVSQlNBTWU5N3dIdEpaOG1kWFZnVHQ4TUdMUk9vM0RrJTNE&tld=vantagemarkets.com&dy=1&fu=https%253A%252F%252Fsecure.vantagemarkets.com%252Flogin&pu=https%253A%252F%252Fsecure.vantagemarkets.com%252Fwithdrawfunds&ceid=0bbc548c-0ff4-48ee-9e1d-af1ec7e381ba&dtycbr=85509

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe6c41f7a97276039a7512e7087f581fbf2dccab1d2134cd0900596f61c8dc88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 60525877
timing-allow-origin: *
expires: 0

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 1859
Redirect Chain

https://insight.adsrvr.org/track/up?adv=l31qp9g&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=moppfxx&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=l31qp9g&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=moppfxx&upv=1.1.0

0
59 B

32ms
32ms

Document
text/html

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=l31qp9g&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=moppfxx&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Wed, 20 Dec 2023 07:58:51 GMT
server: Kestrel

Redirect headers

content-length: 295
date: Wed, 20 Dec 2023 07:58:51 GMT
location: https://match.adsrvr.org/track/upb/?adv=l31qp9g&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=moppfxx&upv=1.1.0
server: Kestrel

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame D725
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-HAoLxY7MZPOdLLHpu28sZ95Gqbkw-ZvWjkstHQ&google_cm&google_hm=ay1IQW9MeFk3TVpQT2RMTEhwdTI4c1o5NUdxYmt3LVp2V...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HAoLxY7MZPOdLLHpu28sZ95Gqbkw-ZvWjkstHQ&google_gid=CAESEFhoOmGFCvjPR6c2PLsH8cY&google_cver=1&google_ula=913071,0

43 B
369 B

13ms
13ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HAoLxY7MZPOdLLHpu28sZ95Gqbkw-ZvWjkstHQ&google_gid=CAESEFhoOmGFCvjPR6c2PLsH8cY&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 630447
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-HAoLxY7MZPOdLLHpu28sZ95Gqbkw-ZvWjkstHQ&google_gid=CAESEFhoOmGFCvjPR6c2PLsH8cY&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame D725 43 B
146 B 33ms
7ms Image
image/gif 18.192.232.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-UoXftI7MZPOdLLHpu28sZ95GqblOnL40K1nx6A&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.232.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-232-229.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame D725
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5475512034805159887

43 B
370 B

15ms
14ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5475512034805159887

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1805809
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:51 GMT
an-x-request-uuid: 24f7f48a-7779-428e-a09e-a317e91c0f8f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5475512034805159887
x-proxy-origin: 45.141.152.75; 45.141.152.75; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame D725 57 B
789 B 530ms
493ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Fmq5lI7MZPOdLLHpu28sZ95Gqbn1PcLssP5suQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 07:58:51 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Wed, 20 Dec 2023 07:58:51 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame D725 0
239 B 65ms
10ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-VKb0R47MZPOdLLHpu28sZ95Gqbmewi08Ai4wtg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame D725 43 B
163 B 69ms
14ms Image
image/gif 89.149.192.201
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-vKnYcI7MZPOdLLHpu28sZ95GqblKFxKiewWW-g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.201 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D725 0
99 B 55ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-gmmbEI7MZPOdLLHpu28sZ95Gqblya0lxpcgTRg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12550

GET
H2 200 um
criteo-sync.teads.tv/ Frame D725 23 B
163 B 85ms
39ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-qK_QS47MZPOdLLHpu28sZ95GqblkC7X9Se8PIQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 20 Dec 2023 07:58:51 GMT
pragma: no-cache
date: Wed, 20 Dec 2023 07:58:51 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame D725 37 B
140 B 30ms
9ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-aTWWh47MZPOdLLHpu28sZ95GqbkuhmfYzoBYLQ&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame D725 0
125 B 42ms
9ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-W0udJo7MZPOdLLHpu28sZ95GqbkgVEh_NL6bgA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:51 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame D725 43 B
163 B 109ms
29ms Image
image/gif 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-mmgJl47MZPOdLLHpu28sZ95Gqbld0k0JqXisWw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:51 GMT
last-modified: Thu, 11 May 2023 08:48:09 GMT
server: nginx
accept-ranges: bytes
etag: "645cabc9-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame D725 49 B
385 B 116ms
36ms Image
image/gif 34.248.250.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-2iaFgo7MZPOdLLHpu28sZ95Gqbl1UYMmbk_z0g

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.250.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-250-162.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:51 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 6
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame D725
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SohXso7MZPOdLLHpu28sZ95GqblbnkxBqflHMg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SohXso7MZPOdLLHpu28sZ95GqblbnkxBqflHMg&C=1

43 B
331 B

29ms
28ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SohXso7MZPOdLLHpu28sZ95GqblbnkxBqflHMg&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PG5%2B09%2FqVnW3Z0L3SHUqevSV4zrL0ZS8fXN0%2FQTc5o%2F0YeuDmjn7Qnc9qRFOudp%2B1y4teiccqruhQw7lG%2FDm3cM%2Bg59ggTMnm2Y7ZEnx6UNx4air%2Fa%2BtCQbRYJPRGmBm9kb"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 838657b1ff4f9229-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPOUtbrg5IlkF2fhgPSuxNhxBrYcDvlSDOXmFfS5ArPmAsDgUHVARfA35Q1PGmzzRgllikycYW3rwRLn0hrcBCg%2BBaL5UL71pcJSPUMj78u0MJSbsypX4enA7g739MrFz4eA"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-SohXso7MZPOdLLHpu28sZ95GqblbnkxBqflHMg&C=1
cache-control: no-cache
cf-ray: 838657b1df349229-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame D725
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=UoaM8mrizXon3BLOi21_Oo66FZw5Lodi
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=UoaM8mrizXon3BLOi21_Oo66FZw5Lodi

42 B
717 B

34ms
34ms

Image
image/gif

54.76.135.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=UoaM8mrizXon3BLOi21_Oo66FZw5Lodi

Protocol

Server

54.76.135.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-135-177.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-047549938.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Wed, 20 Dec 2023 07:58:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: wIvmugALQK8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-074d8d8ae.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Wed, 20 Dec 2023 07:58:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: JiP2HhX6QI8=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=UoaM8mrizXon3BLOi21_Oo66FZw5Lodi
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame D725 43 B
921 B 30ms
8ms Image
image/gif 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-4JrmQY7MZPOdLLHpu28sZ95GqbkOMZqHRU5WbA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 20 Dec 2023 07:58:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame D725 43 B
199 B 110ms
30ms Image
image/gif 54.228.144.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-PL9qTY7MZPOdLLHpu28sZ95GqbmR8NlUlxubwg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.228.144.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-144-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 20 Dec 2023 07:58:51 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame D725 42 B
265 B 37ms
17ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-wgJMEY7MZPOdLLHpu28sZ95Gqblb-zHrTQFZvA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:50 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame D725 0
880 B 81ms
59ms Image
text/html 52.57.65.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-2sRVuI7MZPOdLLHpu28sZ95GqblUHrGvoXC6zA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.65.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-65-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:51 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame D725 43 B
423 B 326ms
98ms Image
image/gif 18.205.39.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-pc_kF47MZPOdLLHpu28sZ95GqbnRFTbXM_MYaw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.205.39.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-205-39-5.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:51 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame D725 0
145 B 375ms
87ms Image
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-KChBM47MZPOdLLHpu28sZ95GqbkAq5ProoDRZQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 07:58:51 GMT
Cache-Control: no-cache
X-TraceId: 030abd7ed664d21d1ff062a4166bf2c0
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame D725 0
225 B 49ms
14ms Image
text/html 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-JjlheI7MZPOdLLHpu28sZ95Gqbm0rzexzYuQsA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 20 Dec 2023 06:02:05 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame D725 0
35 B 37ms
8ms Image
text/plain 35.158.3.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-ma05vo7MZPOdLLHpu28sZ95GqbnuqfXTIU-7wA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.3.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-3-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:51 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame D725 43 B
399 B 299ms
96ms Image
image/gif 2600:1f18:612b:4232:58cc:8374:e56e:ee96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-MXAfbo7MZPOdLLHpu28sZ95GqbnRZE9JDNIepQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:58cc:8374:e56e:ee96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 20 Dec 2023 07:58:51 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame D725 0
235 B 87ms
53ms Image
text/plain 23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-MLF2pI7MZPOdLLHpu28sZ95Gqbk6is0nMGOVxQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Dec 2023 07:58:51 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Tue, 19 Dec 2023 07:58:51 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame D725 0
38 B 134ms
32ms Image
text/plain 52.209.107.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-m1EPo47MZPOdLLHpu28sZ95GqbkdwG4-b7KiFg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.107.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-107-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:51 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame D725 0
44 B 35ms
7ms Image
text/plain 18.195.245.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-MiU21o7MZPOdLLHpu28sZ95Gqbk_ZJJinq5QPg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.245.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-245-43.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:51 GMT
server: awselb/2.0

GET
H2 200 setuid
ib.adnxs.com/ Frame D725 43 B
929 B 6ms
6ms Image
image/gif 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-KUwFOI7MZPOdLLHpu28sZ95Gqbk45dnY93m37Q

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:51 GMT
an-x-request-uuid: b246e282-23af-436f-8c7d-71153203d570
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.75; 45.141.152.75; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame D725 0
15 B 10ms
10ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-W0udJo7MZPOdLLHpu28sZ95GqbkgVEh_NL6bgA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 07:58:51 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 16ms
16ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=false&k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 20 Dec 2023 07:58:51 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame D725
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xGOSM08RA8FoxyJHrGZrkGXaj0IPJuTH

0
338 B

114ms
31ms

Image
text/plain

34.241.154.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xGOSM08RA8FoxyJHrGZrkGXaj0IPJuTH
Protocol: H2
Server: 34.241.154.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-154-142.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: beacon-n020-dub-prod.krxd.net
date: Wed, 20 Dec 2023 07:58:51 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1703059131
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xGOSM08RA8FoxyJHrGZrkGXaj0IPJuTH
date: Wed, 20 Dec 2023 07:58:50 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 647752
content-length: 0

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
305 B 95ms
95ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.vantagemarkets.com
Date: Wed, 20 Dec 2023 07:58:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2

200

cs
s.thebrighttag.com/ Frame D725
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=xdDdwQ4w0lw_sCVH_eIpgV8DHWMZqCB-

35 B
268 B

323ms
104ms

Image
image/gif

3.18.227.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=xdDdwQ4w0lw_sCVH_eIpgV8DHWMZqCB-
Protocol: H2
Server: 3.18.227.110 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-18-227-110.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:51 GMT
x-bt-requestid: 9d5cf410-9f0d-11ee-9eee-0000ac1702fb
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=xdDdwQ4w0lw_sCVH_eIpgV8DHWMZqCB-
date: Wed, 20 Dec 2023 07:58:50 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 748750
content-length: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4PGVH7BC9T&gtm=45je3bt0v872622761&_p=1703059129529&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703059127&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=24&tfd=5418
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PGVH7BC9T&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 07:58:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=secure.vantagemarkets.com&origin=onetag

Domain: us-1-api.insightech.com
URL: https://us-1-api.insightech.com/pageview/089a28b851/18c863bfd75.8b06c/18c863bfda1.eb985/1

Domain: asia.creativecdn.com
URL: https://asia.creativecdn.com/ig-membership?ntk=qjPbEb-5rbYBOokqLkG9lhLPsJxYE9OIvcRaAJatukdlI595UDo4YPbSwpGN9hoMekEcZ4x0S_Z6t0JOj2hQ1v7meKjA0a3oOR56X1rL_Fs

Domain: asia.creativecdn.com
URL: https://asia.creativecdn.com/topics-membership?ntk=fmHvYKB67E14YtAQ8hAJ7Rgw4TjbHWMVD1YxlNlWbRLBQT0dIx8QpdyHe1EZGpa3uWC8oghvckm_VhiYobDOGA

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4PGVH7BC9T&gtm=45je3bt0v872622761&_p=1703059127499&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703059127&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=76&tfd=2443

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N5DW4FZP31&gtm=45je3bt0v9133159399&_p=1703059127499&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703059127&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=26&tfd=2445

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N5DW4FZP31&gtm=45je3bt0v9133159399&_p=1703059127499&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1703059127&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=user_engagement&_et=1620&tfd=2445

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H4QYCECT8W&gtm=45je3bt0v899400763&_p=1703059127499&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703059127&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=12&tfd=2445

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RYEFEW2YRY&gtm=45je3bt0v9133161829&_p=1703059127499&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703059127&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=17&tfd=2447

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RYEFEW2YRY&gtm=45je3bt0v9133161829&_p=1703059127499&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=208694154.1703059128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1703059127&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Fwithdrawfunds&dt=Secure%20Client%20Portal&en=user_engagement&_et=1535&tfd=2447

Domain: z.clarity.ms
URL: https://z.clarity.ms/collect

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=137024296&tm=gtm002&Ver=2&mid=e8645363-92ff-4b1c-beaa-bcc327ff9489&sid=9be2c7609f0d11eeb81ceb5e79bf90c8&vid=9be2d8209f0d11eea1236ba58f9e412d&vids=0&msclkid=N&evt=pageHide

Domain: us-1-api.insightech.com
URL: https://us-1-api.insightech.com/pageview/089a28b851/18c863bfd75.8b06c/18c863bfda1.eb985/3

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

82 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/af	1969-12-31 23:59:59	Name: oo Value: 1
.vantagemarkets.com/	1970-01-20 17:04:20	Name: __cf_bm Value: ZPtkeYNsIqpNPqBW5KymwbJ7yER0PxKOoyVHaWfj5yE-1703059127-1-Aez6wgTOZ1eOLYHIu3FGBm9hVkgo0b88aZRt45FRJbhYmppsw4/UF5znSiSikzUxV8KSEcY2F+Ob5mzeP6LGZQM=
.secure.vantagemarkets.com/	1970-01-21 02:40:19	Name: insightech_vid Value: 18c863bfd75.8b06c
.vantagemarkets.com/	1970-01-20 19:13:55	Name: _gcl_au Value: 1.1.538659299.1703059128
.go.affec.tv/	1970-01-21 01:49:55	Name: ck Value: 65829eb71cb9b90001467757
.doubleclick.net/	1970-01-21 02:25:55	Name: IDE Value: AHWqTUlhq1LXQn3WNdDFOkwtV3eFTeNYnh-WXTlXTYDANO6ka_atFwMX9xyaAfmDDBQ
.vantagemarkets.com/	1970-01-20 19:13:55	Name: _fbp Value: fb.1.1703059127864.1819675210
.tiktok.com/	1970-01-21 02:25:55	Name: _ttp Value: 2ZnY5cJvRnm7YoNn0x1dqjvcYIe
.adnxs.com/	1970-01-20 19:13:55	Name: uuid2 Value: 5475512034805159887
secure.vantagemarkets.com/	1970-01-21 01:49:58	Name: __rtbh.lid Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22l6Orfinn2n4USnYnrcW9%22%7D
.go.affec.tv/	1970-01-21 01:49:55	Name: oo Value: 1
us-1-api.insightech.com/	1970-01-21 02:40:19	Name: 089a28b851_vid Value: 18c863bfd75.8b06c
.vantagemarkets.com/	1970-01-21 02:25:55	Name: _tt_enable_cookie Value: 1
.vantagemarkets.com/	1970-01-21 02:25:55	Name: _ttp Value: HzaFPgOy7XATPvZZLsQ_hjDZfej
.facebook.com/	1970-01-20 19:13:55	Name: fr Value: 0gZNBbwBqaMqN6CRi..Blgp64...1.0.Blgp64.
.vantagemarkets.com/	1970-01-20 21:27:46	Name: permutive-id Value: 62f802cc-639c-47bd-9e5c-804a75c93252
.linkedin.com/	1970-01-20 19:13:55	Name: li_sugr Value: 99b36aeb-3d2d-4b43-9cba-01632e7ce5c6
.linkedin.com/	1970-01-21 01:49:55	Name: bcookie Value: "v=2&cc6b5aea-e9e5-45c5-8504-96831f542d0e"
.linkedin.com/	1970-01-20 17:05:45	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3045:u=1:x=1:i=1703059128:t=1703145528:v=2:sig=AQEoJ97B1-tsYw24FgboM4e58z02ZChQ"
.linkedin.com/	1970-01-20 21:23:31	Name: li_gc Value: MTswOzE3MDMwNTkxMjg7MjswMjGY0DM5Cs5Nu6PxkWvQqp+iVFXFYC56PDTzeojKhRZY3w==
www.clarity.ms/	1970-01-21 01:49:55	Name: CLID Value: bad53378398a47cfa437f1066f358fc8.20231220.20241219
.vantagemarkets.com/	1970-01-21 01:49:55	Name: _clck Value: 40dzlp%7C2%7Cfhp%7C0%7C1449
.vixverify.com/	1969-12-31 23:59:59	Name: nlbi_2338766 Value: 1aG2MwnUsR76TgxVa0UWxQAAAACbE0LtmZchL+M0h1mXaxdg
.vixverify.com/	1970-01-21 01:49:21	Name: visid_incap_2338766 Value: CTMC45SBT1uJjjZVGpR2rreegmUAAAAAQUIPAAAAAAA3w5NtiGupwuaFkPP98zUE
.vixverify.com/	1969-12-31 23:59:59	Name: incap_ses_474_2338766 Value: sUBlcu+rIg7xiJLJwP2TBriegmUAAAAAdRHZtRbzrhFsbnnHSaeZ6Q==
.creativecdn.com/	1970-01-21 01:49:55	Name: u Value: z451iRRlGjvdjp33zXTi
.creativecdn.com/	1970-01-21 01:49:55	Name: g Value: z451iRRlGjvdjp33zXTi_1703059128850
.creativecdn.com/	1970-01-21 01:49:55	Name: c Value: z451iRRlGjvdjp33zXTi_gJKbT9N3FwF2LliEdMKV_1703059128850
.creativecdn.com/	1970-01-21 01:49:55	Name: ts Value: 1703059128
.creativecdn.com/	1970-01-21 01:49:55	Name: ar_debug Value: 1
.bing.com/	1970-01-21 02:25:55	Name: MUID Value: 1DC0C52E863A621D1D3AD6C387E863C0
.bing.com/	1970-01-21 02:25:55	Name: MSPTC Value: BVa7NpARqpmi8_484cKdWEcBmCixUs65Sld4QFtouSY
.vantagemarkets.com/	1970-01-21 02:40:19	Name: _ga_4PGVH7BC9T Value: GS1.1.1703059127.1.1.1703059129.58.0.0
.go.affec.tv/	1970-01-21 01:49:55	Name: pt Value: eyJhbiI6eyJkdCI6MTcwMzA1OTEyOCwiaWQiOiI1NDc1NTEyMDM0ODA1MTU5ODg3IiwibHMiOjE3MDMwNTkxMjl9LCJ2IjowfQ==\|1703059129\|8500c40e54bb8aed94535688b3911fa3073b47c7
.vantagemarkets.com/	1970-01-20 17:05:45	Name: _uetsid Value: 9be2c7609f0d11eeb81ceb5e79bf90c8
.vantagemarkets.com/	1970-01-21 02:25:55	Name: _uetvid Value: 9be2d8209f0d11eea1236ba58f9e412d
.vantagemarkets.com/	1970-01-21 01:49:55	Name: cf_clearance Value: wrYiAbHhhJWb6Sz257SfAfzTGjB5rq44iaK91K8pMqQ-1703059130-0-1-6047eb65.21c8eeb6.3746b485-0.2.1703059130
.appsflyer.com/	1970-01-21 02:33:07	Name: af_id Value: 982d5c58-7c78-48c8-be92-ee8d1974604c-p
.vantagemarkets.com/	1970-01-21 02:40:19	Name: afUserId Value: 982d5c58-7c78-48c8-be92-ee8d1974604c-p
.onelink.me/	1970-01-21 02:40:19	Name: af_id Value: 982d5c58-7c78-48c8-be92-ee8d1974604c-p
.vantagemarkets.com/	1970-01-20 17:14:23	Name: AF_SYNC Value: 1703059130371
.vantagemarkets.com/	1970-01-20 17:05:45	Name: _clsk Value: 1bwcxgs%7C1703059130453%7C2%7C1%7Cz.clarity.ms%2Fcollect
.vantagemarkets.com/	1970-01-20 17:05:45	Name: _gid Value: GA1.2.812570888.1703059130
.vantagemarkets.com/	1970-01-20 17:04:19	Name: _gat_UA-28849650-1 Value: 1
.vantagemarkets.com/	1970-01-21 02:40:19	Name: _ga_N5DW4FZP31 Value: GS1.1.1703059127.1.1.1703059130.0.0.0
.vantagemarkets.com/	1970-01-21 02:40:19	Name: _ga_H4QYCECT8W Value: GS1.1.1703059127.1.1.1703059130.57.0.0
.vantagemarkets.com/	1970-01-21 02:40:19	Name: _ga_RYEFEW2YRY Value: GS1.1.1703059127.1.1.1703059130.0.0.0
.vantagemarkets.com/	1970-01-21 02:40:19	Name: _ga Value: GA1.1.208694154.1703059128
.vantagemarkets.com/	1970-01-21 02:40:19	Name: _ga_5QX5T4NLR6 Value: GS1.1.1703059130.1.0.1703059130.0.0.0
.vantagemarkets.com/	1970-01-21 02:40:19	Name: _ga_SQEL52NP0G Value: GS1.1.1703059130.1.0.1703059130.0.0.0
widget-mediator.zopim.com/	1970-01-20 17:14:23	Name: AWSALBCORS Value: /6j02XWttSNmlUNX/vdk3JnX/ZKtd/YepJHqMxEMvh5lesYwVLBe/FJmNwoaFU99lQ1vDJcvFr9pvwiDbZaRY4NfP81NJkyW1lK89miI4kRqIaXNzZeyl3nVKP+W
.criteo.com/	1970-01-21 02:25:55	Name: uid Value: ba2376e0-7040-49d3-a167-cdc75181047f
.criteo.com/	1970-01-21 02:25:55	Name: receive-cookie-deprecation Value: 1
.vantagemarkets.com/	1970-01-21 01:49:55	Name: __zlcmid Value: 1JPmMKWlQ8UVBnj
.vantagemarkets.com/	1970-01-21 02:33:43	Name: cto_bundle Value: np4YeF81cklLcnA4bDhhMmZwTks3SWJKTUQ5RmliWnpOTDhNSVElMkJ1dTJCa1RaWERrMkNsNlhsMFBOd29DY3BPU2Y0aktoVnk2TVolMkJrMW9tS0pJcWJnY2tUeVpBejE3aTN1RW9HUUNzNmtZNUlsRFZJT2ptVE5JaWFQaTBxa0xadTFvYWxNYUxMTlZ0cmdHRVVSQlNBTWU5N3dIdEpaOG1kWFZnVHQ4TUdMUk9vM0RrJTNE
.adsrvr.org/	1970-01-21 01:51:21	Name: TDID Value: 04b8c3f3-cf33-4dca-8d70-0dcf75d96023
.casalemedia.com/	1970-01-21 01:49:55	Name: CMID Value: ZYKeu5Ux5Z231LSLQTSJvgAA
.casalemedia.com/	1970-01-20 19:13:55	Name: CMPS Value: 5178
.casalemedia.com/	1970-01-20 19:13:55	Name: CMPRO Value: 5178
.omnitagjs.com/	1970-01-20 17:47:31	Name: ayl_visitor Value: 65e0580cc6698446d87ef29bf6eee37d
exchange.mediavine.com/	1970-01-20 17:24:28	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%229d00ca50-9f0d-11ee-afc3-c3233d71acac%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:24:28	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%229d00ca50-9f0d-11ee-afc3-c3233d71acac%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:24:28	Name: am_tokens Value: %7B%22mv_uuid%22%3A%229d00ca50-9f0d-11ee-afc3-c3233d71acac%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:24:28	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%229d00ca50-9f0d-11ee-afc3-c3233d71acac%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:24:28	Name: criteo Value: %7B%22id%22%3A%22k-2sRVuI7MZPOdLLHpu28sZ95GqblUHrGvoXC6zA%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/	1970-01-20 19:13:55	Name: anj Value: dTM7k!M40d<-p'ghqdmU(7T[^>5HX#CvC/Q2SRgg+86zQo/_[K(G(dXm3tdFQ-_g9%V`CFu!aLLbI28I+?y!HSUgkD[EwL=7g<4UCi+Mcx=[!G^3rP]R[]_Yq?kC_C@nNgQI_h%hBlw+:zo7>7bC2?l5V>$05D_?##pskk_JJ/jIL#f6=-#^eAz)N[UD!!(sr3xYh_
.demdex.net/	1970-01-20 21:23:31	Name: demdex Value: 89402343060180366273899848243380318201
.dpm.demdex.net/	1970-01-20 21:23:31	Name: dpm Value: 89402343060180366273899848243380318201
.postrelease.com/	1970-01-21 01:49:55	Name: opt_out Value: 1
.krxd.net/	1970-01-20 21:23:31	Name: _kuid_ Value: P_Fe-pol
.tremorhub.com/	1970-01-21 01:50:16	Name: tvid Value: af5c04201a3a4b129817a3dbe647580d
.tremorhub.com/	1970-01-20 17:47:31	Name: tv_UICR Value: k-MXAfbo7MZPOdLLHpu28sZ95GqbnRZE9JDNIepQ
.c.bing.com/	1970-01-20 17:14:23	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:25:55	Name: SRM_B Value: 1DC0C52E863A621D1D3AD6C387E863C0
.media.net/	1970-01-21 01:49:55	Name: visitor-id Value: 3460607315428356000V10
.media.net/	1970-01-20 17:47:31	Name: data-c-ts Value: 1703059131
.media.net/	1970-01-20 17:47:31	Name: data-c Value: k-Fmq5lI7MZPOdLLHpu28sZ95Gqbn1PcLssP5suQ~~3
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:25:55	Name: MUID Value: 1DC0C52E863A621D1D3AD6C387E863C0
.c.clarity.ms/	1970-01-20 17:14:23	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:04:19	Name: ANONCHK Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/1233809420752100?v=2.9.138&r=stable&domain=secure.vantagemarkets.com(Line 137) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://connect.facebook.net/signals/config/1233809420752100?v=2.9.138&r=stable&domain=secure.vantagemarkets.com(Line 137) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://ipapi.co/json/ Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11450497.fls.doubleclick.net
ad.360yield.com
ad.yieldlab.net
adservice.google.com
analytics.tiktok.com
api.permutive.com
asia.creativecdn.com
assets.zendesk.com
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn.insightech.com
cdn.permutive.com
cm.adform.net
cm.creativecdn.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d.adroll.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
ekr.zdassets.com
exchange.mediavine.com
geoip-js.com
go.affec.tv
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
insight.adsrvr.org
ipapi.co
jadserve.postrelease.com
js.adsrvr.org
js.maxmind.com
map.go.affec.tv
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
pixel.rubiconproject.com
prodstorage.azureedge.net
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.adroll.com
s.thebrighttag.com
secure.adnxs.com
secure.vantagemarkets.com
simage2.pubmatic.com
simpleui-au.vixverify.com
sin.creativecdn.com
snap.licdn.com
sslwidget.criteo.com
static.zdassets.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tags.creativecdn.com
ups.analytics.yahoo.com
us-1-api.insightech.com
vantagefx8311.zendesk.com
visitor.omnitagjs.com
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
z.clarity.ms
asia.creativecdn.com
bat.bing.com
gum.criteo.com
region1.analytics.google.com
region1.google-analytics.com
us-1-api.insightech.com
z.clarity.ms
103.132.192.30
104.126.37.42
104.16.51.111
104.18.70.113
104.75.89.75
13.107.213.45
13.107.42.14
13.227.219.30
141.226.228.48
142.250.186.130
162.19.138.117
172.64.151.101
178.250.1.11
178.250.1.9
18.192.232.229
18.195.245.43
18.205.39.5
18.239.67.100
185.184.8.90
198.47.127.205
20.10.16.51
2001:4860:4802:32::36
216.58.206.38
23.35.237.75
2600:1f18:612b:4232:58cc:8374:e56e:ee96
2600:9000:2104:ca00:6:9280:1080:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:20::ac43:45e2
2606:4700:4400::6812:216e
2606:4700:4400::ac40:946c
2606:4700:7::a29f:8616
2606:4700::6811:7711
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2013
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200e
2a00:1450:400c:c00::9c
2a02:2638:3::e
2a02:26f0:3500:11::215:14d5
2a02:26f0:3500:16::215:1495
2a02:6ea0:c700::11
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:cc3:fe05:6921:4b90:8b33:d122
3.18.227.110
3.33.220.150
3.75.62.37
34.107.254.252
34.117.157.22
34.241.154.142
34.241.75.195
34.248.250.162
35.158.3.214
35.201.125.75
37.157.6.243
37.252.172.123
45.60.33.224
52.209.107.49
52.211.23.179
52.57.65.193
54.217.155.246
54.228.144.151
54.76.135.177
68.219.88.97
69.173.144.138
70.42.32.95
76.223.111.18
89.149.192.201
95.101.148.20
00f82bc8952adf4ae01885f22ed69ef82cc72b1126613b700822ee555ad99204
017dc97e6482b9894606807bf612f6423bfb074e8f21a361662cb12596a2d704
05498d4b362a52304b6a609043aa4e079018c1badaa1a8380a510908acb2d5da
132638353a5224aabe97a33e3447cc6ddc58db8457c828c630fbb150e89b1f9a
168409daa5c5a8dcca6ebcb730c6d7c7e1df6475c0727eedade75eafb8c40116
1dfd3161a22dd3dc13b6749e8260a05967a96335d80de3894f5678a0c7911f86
1e5cc824b554e64a3fef6a274cc6689268a45d401eb609f6308d1f704f6e52b5
1ed81fdc8f79e97a06bde70eb5a893a2b020a1aa638bcb0457a659a6df69ad7c
2424a8afd9a2d7df3e152cf69673ee548687272cac2ca89b938bbe0d3516968d
2530526878c08a1bc1d828cd06acdf3de779b1b87519e84c6c602bb62448d92f
260c330152b15a79f1527ae9f19a4705aa9b7e588119f9cfe8b9f81ec57af4d3
26cf6c841718583dc3a8b45f65cad15a5432b572d78f3b73f1547f888ebb8186
2741ed6d258dc346b30b5f87a5c9eec0f1061d822b6a946cd7f1806213d43ebe
29d02f71307e5f9b4c1a0117d2716e810e411c3083daa7322d2caaf0536a0e87
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2bd52f7a64d19ea936751f3648a16d27506084f98ae3a2f936cf69c61ca0846d
2c461a5a4107a9a3e249f169db1465f666d64adfdeb1b469309e20e41d50e3c5
2ce6a737634464e3562f4ce5dd95803b33acbb81eeda56e292ac1c326400b4cb
326dcddce3b94dab81b6c513447b2bf6af4a3e3eb7859eacc93b48cb6c0be42f
327326c3233868633bf379134097c010f44eff9439a0c02144dc85a331d0df90
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32dff884056ca129d76fa845e76965e080db192b2a4ae8fd58188f3b7b7be831
32ea04182950de0229533655055083d5f9349d3cc92459b29732df2714627910
348acb78379fa4d1f43310b072b9dde55e0cc7f2b0bc34fbc4a707dec8d4e769
35c1fe8a83c356fbc4f90b1dfeaeb82f7817ae77e25eb0cd82e7c7d6c4cdf924
35c68ae34e6a648ce704a3619332aa10bee088b307d07d9d82b16942ffe8f906
370c7dc9319a3cfee8bafd37b82c164853af944b1ac54495c1ded4553d1b7698
37bad64b669ea34e33f9af47e6b88f47858f55c8dfec1a069d1ae06f6a4c9e49
37ca67f497e4d79260bb2fdad16dea862196ba28d2cebeef6304ca8b9c986f6b
37fd87129f0adcd446d8aeacd2b83640d2903e7b80259153109e327b837d0b05
381290549a54202f8ec20b25eb94fe7f4389b214b4fa1dc5468c271b78a5d83e
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
3b22ef4a3bec9450dcd33538350c1633a819ae0484601228930fb2dacede575a
3c4225c42173cff89461c8a2e6247464d5d67d3d4a77cc47402f487c610fe769
3daed38dbc41f5bd7030caa2fbfb7a9308a7878f2e73f3e1fd5b2835abf06f99
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
42483e309cf6248eadf544aed29137c655e8313cab144e904065fc321746bbe9
42f6974a82ddbb3471fabbedb6a54662e4cd0002f62ac8a1c719a920a23b6e25
4544c1307570ae74f7608632459f1ec99f2bb09c85700a5f070c26373e37b9d7
49bee912dcbbd3cc19abe681627e54c8517245f474d2d635465a7feed476cb5e
4af3463ab3774d1c4f6b8e85175e88bdedeba6c1a92fd38a751f8452db93d1ab
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6c1839ee98e56110b7712d9aa541e94d2ff2615d35d6f1b09a8ac1d4c087d3
4de7025b1b6d455c4e4cd7e66c7ff53bb29a200c306f20a7c39b8fbf1c996fe5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1a1e31d64d4a03b96220ceceb8306233c229212ee010bdf2124e2c4fe86c3f
5239a8f1ecc947602a25e41ced0214cea0d0e186b7d498bae0809dbc6310ca85
526ee964327392071152c05d9ec0f6d37660f23d84378b1c613ab7cd7aaca29e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59783d95484cdd576a541a2b88db000b549b71802ce27a47377304cb0d5b14d5
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
602a019472a69b4fde0a1f6ab3e6e3ca0a52075e0dca120b4c9952754e983ca9
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
65d19c8a6e869f375492467053ca8871a2c58e8cc5e668e58c4a533a20aa3217
6b117d83a80faf1b382ea93574869ce88e5d7c64564c9c7e5e9bf848707a5206
6f3770e09758165e9eec68a8fb454440cfba2ec2d5402557018eec88b3864578
76e73dc6b9b86fea7906a5b6d32c255fc9cb1b872e6c6f414ed43de594297727
77fd971dd99fc7a772bc0ddd0e262c187e79a40ac87cc6dd7acc5d4926665b3c
7899b2ed33554b730e340f85c708ad2f676bb1dabaadfc15afd5d9f11d938b64
7b3c84352c6a0d8a3479b528b8d8336ddb1cef0da8b81dea0e41a930d56523fe
7ccf80229bbe586853232059978b67c1dbe6ccd7f6b4b8585b34bbcf2d9f195f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2
8852e13b88f81cdd5d9520f55c4480d575efe2c84a9299c9261ad717e6532fdc
88de49cd52bc5ce67bde80deb71a5002a21ab13cc244451f7c376f2b74ebef0d
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89f8a926623d84ff3cf651695e6589468750fcde0f13903f0090887a787e2154
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b4f5562de072aa2884798b9fdb2329ad4122d972a1bf2f58fe645b9623b0590
8c08793373d2e56d5b668bee7bc13f30be6d9a9de5b8c6ba0ec2099fe6d854c5
8c9fa4ef4a7e9d1626cfc120f5d3179405eb5171ca346ba0e180ec5deb1bd3b3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
902a264cfa07d9fb4bfe3e9b4e3992af8029b0dffdb70217eb1a1a443fa5a5c3
9075f813ea6a77fc7dc9ffccda59638c023f9bdf3398263f30189f80bee2267d
94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
96839e953318899772c2884afe8eb082c2b23b9f09b98816565779f5b4c92b15
96c7b9af93e7db2038f5376659ac30c876da6798bfdfb78426f1fb4c55b3038d
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13a93bbce3f13997a064fdbf05ea9fdb033ce667a7ae86acea6d34a69a4a4b1
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a4a7d9a5ffed4338a00c26650366ec2679ae59c902da1c2d387bc338ffa82519
a562eca8e8b51b2b72faa075f52376b29ee740de70cf38dde9c41e7e82aaeaec
a865fd1ba2df994f7e390eaf20e4ebcd124412da91c8031f69688ba4061f522d
ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17
ae0569f236e8216c5b62283edab27d983dd3b579a9575b84a4fd7cc1b626cc67
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ae170b45f6eb123ad0cbe5db8e2905fec59c9ecae8c603fd14fad5c4d855fd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bddd558c7d5db8cc918adf0c3eb7e2d9baaee0b71688c0ed44358ab2c966afeb
c1d9681eb46c1dd8ecf66eb061e7c83605c0568a38b6395195b942f74a538707
c40eb6d50cee55cd98e628b786109035413fef21587791221d06070e99e9e25b
c425a698ef32cfaaa603850210211e51e12417bf7acb32a8383a3f513d1d26ac
c9d127ce387ea898823297ad8fc13e3d43469d95dfaf58793978fbb707c29fcf
cba5323ca76493805e0ee3a9861d4b71fea5ab6f74fb4d3bb8e3ad3f6f11632d
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d020a39323529eb0ac441a1f8840eccaa198955277d4f556a9657fe3e8d7406f
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d56c63af8cc610b142a0f3907aff1cca730f20592902c56dbafbdf96178605b1
daa1fcec7b10760204d3af5b71e7eac4a2dfdb265a44aeb11e1c3a2203d30cf0
dc0c07be75b89401d2f6409a6424403ef6786b43f1c1a68aace9c34eacb0ee20
dd6add68ab337936642b4a6fd0206c1a30b02c246e29a6ac82ec67d15c3e4820
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fa0c18ab18f41d47d859e9c70d56511bb0af34e8cd1e8120788ba198e7645f
ea634a6efb8db59790efba6f490e0fcbe5a9acdb5be13f90204efdff45813f02
ec5113a4e0290eb250c2f64b02983d85cb4109a3f8888c0ff26ac2da0ee3b5ca
ece96d457726e7de8180257c3834656502b9c2c4d33705dcae240b1a6e60985f
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ee95adfc3ccbed539ff4813e210050e0fa590ae23ae99787619a7d83ccbc57b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a83b6becd906b85b94429b38e4a2211ee929a9b51cbb262328cb7b89c926c3
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f87abda533e99d0351cb9b51c8f20e55711b1fb038dd83063816d68df0bd798d
fcb62a900e603b9af625c46bf5b929e6ab789b0a83da2b33ce983269ca4e3e6f
fdb1a68003e9a683e9785811bc0c3f565e3f3608106365fcf5826504e18f46ef
fe6c41f7a97276039a7512e7087f581fbf2dccab1d2134cd0900596f61c8dc88

secure.vantagemarkets.com Open in urlscan Pro 2606:4700:4400::ac40:946c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

278 Requests

88 %HTTPS

35 %IPv6

56 Domains

82 Subdomains

72 IPs

9 Countries

8506 kBTransfer

28612 kBSize

82 Cookies

2 Outgoing links

Page URL History

Redirected requests

278 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.vantagemarkets.com Open in urlscan Pro
2606:4700:4400::ac40:946c Public Scan

Screenshot
Live screenshot

Full Image

278
Requests

88 %
HTTPS

35 %
IPv6

56
Domains

82
Subdomains

72
IPs

9
Countries

8506 kB
Transfer

28612 kB
Size

82
Cookies

278 HTTP transactions
2 data transactions