secure.vantagemarkets.com Open in urlscan Pro
2606:4700:4400::ac40:946c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://secure.vantagemarkets.com/depositFunds
Effective URL:
https://secure.vantagemarkets.com/login
Submission: On October 14 via manual (October 14th 2023, 10:17:15 am UTC) from MA — Scanned from DE

Summary HTTP 432 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 76 IPs in 10 countries across 59 domains to perform 432 HTTP transactions. The main IP is 2606:4700:4400::ac40:946c, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.vantagemarkets.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 1st 2023. Valid for: a year.

This is the only time secure.vantagemarkets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	2606:4700:440... 2606:4700:4400::ac40:946c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
23	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	35.201.125.75 35.201.125.75	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	45.60.33.224 45.60.33.224	19551 (INCAPSULA) (INCAPSULA)
5	2a00:1450:400... 2a00:1450:4001:82a::2013	15169 (GOOGLE) (GOOGLE)
41	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 4	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 9	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:26f0:350... 2a02:26f0:3500:11::215:14d5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2600:9000:225... 2600:9000:225e:6600:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
10	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
2	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
4	52.208.246.207 52.208.246.207	16509 (AMAZON-02) (AMAZON-02)
14	104.126.37.43 104.126.37.43	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
23	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 7	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
9	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
2	2a05:d018:cc3... 2a05:d018:cc3:fe04:4b7a:87c2:3628:5d9f	16509 (AMAZON-02) (AMAZON-02)
1 99	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2600:9000:20e... 2600:9000:20eb:e800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 9	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	54.72.210.155 54.72.210.155	16509 (AMAZON-02) (AMAZON-02)
2 6	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
4	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6811:7611	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 6	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.208.185.27 52.208.185.27	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:45e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:7::... 2606:4700:7::a29f:8716	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.203.58.141 18.203.58.141	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:216e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.157.146.236 18.157.146.236	16509 (AMAZON-02) (AMAZON-02)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.29.178.177 52.29.178.177	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.153 185.86.138.153	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1	54.216.219.8 54.216.219.8	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.229.208.26 54.229.208.26	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	52.212.215.149 52.212.215.149	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.159.114.228 18.159.114.228	16509 (AMAZON-02) (AMAZON-02)
1	107.20.144.7 107.20.144.7	14618 (AMAZON-AES) (AMAZON-AES)
1	64.74.236.63 64.74.236.63	19024 (INTERNAP-...) (INTERNAP-BLK5)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4264:9ca0:e35:54d2:840d	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	184.30.17.243 184.30.17.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.246.73.161 34.246.73.161	16509 (AMAZON-02) (AMAZON-02)
1	52.215.100.89 52.215.100.89	16509 (AMAZON-02) (AMAZON-02)
1	3.13.229.41 3.13.229.41	16509 (AMAZON-02) (AMAZON-02)
432	76

32 2606:4700:4400::ac40:946c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

secure.vantagemarkets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

prodstorage.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.125.75 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 75.125.201.35.bc.googleusercontent.com

cdn.insightech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.33.224 (United States)

ASN19551 (INCAPSULA, US)

simpleui-au.vixverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

us-1-api.insightech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.198 (Plainview, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

11450497.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:11::215:14d5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:225e:6600:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

tags.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.208.246.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-246-207.eu-west-1.compute.amazonaws.com

go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.126.37.43 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-43.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 103.132.192.30 (Singapore) 1 redirects

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:cc3:fe04:4b7a:87c2:3628:5d9f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

99 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:20eb:e800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.210.101 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.72.210.155 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-210-155.eu-west-1.compute.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:7611 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:d::d (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.70.113 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.185.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-185-27.eu-west-1.compute.amazonaws.com

wa.onelink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:45e2 (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::a29f:8716 (United States)

ASN13335 (CLOUDFLARENET, US)

js.maxmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.58.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-58-141.eu-west-1.compute.amazonaws.com

wa.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:216e (United States)

ASN13335 (CLOUDFLARENET, US)

geoip-js.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

vantagefx8311.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.146.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-146-236.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.178.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-178-177.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.219.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-219-8.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.27.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.208.26 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-208-26.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.215.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-215-149.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.114.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-114-228.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.144.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-144-7.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.63 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:9ca0:e35:54d2:840d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.73.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-73-161.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.100.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-100-89.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.13.229.41 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-229-41.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
99	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 116	2 KB
41	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	1 MB
32	vantagemarkets.com 1 redirects secure.vantagemarkets.com	4 MB
23	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 118	2 KB
23	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	2 MB
17	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	42 KB
17	doubleclick.net 3 redirects 11450497.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	14 KB
14	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 766	283 KB
12	google.de www.google.de — Cisco Umbrella Rank: 6147	1 KB
12	criteo.com 4 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4198 gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541 sslwidget.criteo.com — Cisco Umbrella Rank: 2408 dis.criteo.com — Cisco Umbrella Rank: 648	58 KB
10	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 3138 api.permutive.com — Cisco Umbrella Rank: 2382	141 KB
10	adroll.com s.adroll.com — Cisco Umbrella Rank: 3302 d.adroll.com — Cisco Umbrella Rank: 1495	180 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 998 o.clarity.ms — Cisco Umbrella Rank: 7893 Failed c.clarity.ms — Cisco Umbrella Rank: 1548	53 KB
9	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 542 ib.adnxs.com — Cisco Umbrella Rank: 261	7 KB
9	creativecdn.com 1 redirects tags.creativecdn.com — Cisco Umbrella Rank: 8083 asia.creativecdn.com — Cisco Umbrella Rank: 27211	8 KB
9	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 427 c.bing.com — Cisco Umbrella Rank: 257	30 KB
8	affec.tv 4 redirects go.affec.tv — Cisco Umbrella Rank: 7116 map.go.affec.tv — Cisco Umbrella Rank: 7355	6 KB
8	adsrvr.org 2 redirects js.adsrvr.org — Cisco Umbrella Rank: 1808 match.adsrvr.org — Cisco Umbrella Rank: 402 insight.adsrvr.org — Cisco Umbrella Rank: 665	6 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2397 ekr.zdassets.com — Cisco Umbrella Rank: 2723	349 KB
7	insightech.com cdn.insightech.com — Cisco Umbrella Rank: 714483 us-1-api.insightech.com — Cisco Umbrella Rank: 790153	19 KB
5	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1230	2 KB
4	licdn.com snap.licdn.com — Cisco Umbrella Rank: 981	18 KB
3	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 5448 wa.appsflyer.com — Cisco Umbrella Rank: 7479	20 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 242	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1837	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 363	140 B
2	onelink.me wa.onelink.me — Cisco Umbrella Rank: 11390	839 B
2	zendesk.com 1 redirects assets.zendesk.com — Cisco Umbrella Rank: 9897 vantagefx8311.zendesk.com	2 KB
2	linkedin.com px4.ads.linkedin.com — Cisco Umbrella Rank: 6066 Failed px.ads.linkedin.com — Cisco Umbrella Rank: 416	561 B
2	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1613	735 B
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1380	15 KB
2	vixverify.com simpleui-au.vixverify.com	43 KB
2	azureedge.net prodstorage.azureedge.net	448 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2648	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 903	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2848	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4701	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 33274	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2985	399 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 959	578 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 900	145 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1252	422 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1304	877 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10624	274 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 761	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 470	921 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 773	385 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1279	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 434	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2637	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1598	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 621	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 409	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 780	785 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 387	146 B
1	geoip-js.com geoip-js.com — Cisco Umbrella Rank: 17664	946 B
1	maxmind.com js.maxmind.com — Cisco Umbrella Rank: 31322	1 KB
1	ipapi.co ipapi.co — Cisco Umbrella Rank: 17090	897 B
432	59

	Domain	Requested by
99	www.facebook.com	1 redirects secure.vantagemarkets.com
41	connect.facebook.net	secure.vantagemarkets.com connect.facebook.net
32	secure.vantagemarkets.com	1 redirects secure.vantagemarkets.com
23	www.googletagmanager.com	secure.vantagemarkets.com www.googletagmanager.com
14	analytics.tiktok.com	secure.vantagemarkets.com analytics.tiktok.com
12	www.google.de	secure.vantagemarkets.com
12	region1.analytics.google.com	www.googletagmanager.com
11	region1.google-analytics.com	www.googletagmanager.com
9	www.google.com	secure.vantagemarkets.com
8	api.permutive.com	cdn.permutive.com
8	googleads.g.doubleclick.net	www.googletagmanager.com
8	s.adroll.com	secure.vantagemarkets.com s.adroll.com
8	bat.bing.com	www.googletagmanager.com bat.bing.com secure.vantagemarkets.com
7	asia.creativecdn.com	1 redirects tags.creativecdn.com secure.vantagemarkets.com
6	static.zdassets.com	secure.vantagemarkets.com assets.zendesk.com static.zdassets.com
6	gum.criteo.com	4 redirects dynamic.criteo.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com secure.vantagemarkets.com
5	secure.adnxs.com	3 redirects secure.vantagemarkets.com go.affec.tv
5	cdn.linkedin.oribi.io	snap.licdn.com
5	us-1-api.insightech.com	cdn.insightech.com
4	ib.adnxs.com	1 redirects cdn.permutive.com secure.vantagemarkets.com
4	www.clarity.ms	bat.bing.com www.clarity.ms
4	match.adsrvr.org	secure.vantagemarkets.com js.adsrvr.org
4	map.go.affec.tv	4 redirects
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	go.affec.tv	www.googletagmanager.com go.affec.tv
4	snap.licdn.com	www.googletagmanager.com snap.licdn.com
4	11450497.fls.doubleclick.net	2 redirects www.googletagmanager.com
3	o.clarity.ms	www.clarity.ms
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com
2	dis.criteo.com
2	insight.adsrvr.org	2 redirects
2	c.clarity.ms	1 redirects
2	wa.onelink.me	websdk.appsflyer.com
2	cdn.permutive.com	go.affec.tv
2	d.adroll.com	s.adroll.com
2	adservice.google.com	11450497.fls.doubleclick.net
2	alb.reddit.com	secure.vantagemarkets.com
2	js.adsrvr.org	www.googletagmanager.com
2	www.redditstatic.com	www.googletagmanager.com
2	tags.creativecdn.com	www.googletagmanager.com
2	websdk.appsflyer.com	secure.vantagemarkets.com
2	dynamic.criteo.com	www.googletagmanager.com
2	simpleui-au.vixverify.com	secure.vantagemarkets.com
2	cdn.insightech.com	secure.vantagemarkets.com
2	prodstorage.azureedge.net	secure.vantagemarkets.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	cm.g.doubleclick.net	1 redirects
1	c.bing.com	1 redirects
1	sslwidget.criteo.com	dynamic.criteo.com
1	mug.criteo.com	secure.vantagemarkets.com
1	vantagefx8311.zendesk.com	static.zdassets.com
1	ekr.zdassets.com	assets.zendesk.com
1	geoip-js.com	js.maxmind.com
1	wa.appsflyer.com	websdk.appsflyer.com
1	px.ads.linkedin.com	1 redirects
1	js.maxmind.com	secure.vantagemarkets.com
1	ipapi.co	secure.vantagemarkets.com
1	assets.zendesk.com	1 redirects
1	px4.ads.linkedin.com	secure.vantagemarkets.com
432	84

This site contains links to these domains. Also see Links.

Domain
www.vantagemarkets.com

Subject Issuer	Validity	Valid
vantagemarkets.com Cloudflare Inc ECC CA-3	`2023-09-01` - `2024-08-31`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn.insightech.com GTS CA 1D4	`2023-09-05` - `2023-12-04`	3 months	crt.sh
*.vixverify.com Go Daddy Secure Certificate Authority - G2	`2023-02-15` - `2024-03-18`	a year	crt.sh
us-1-api.insightech.com GTS CA 1D4	`2023-10-14` - `2024-01-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
1589314308.rsc.cdn77.org R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
affec.tv Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
api.permutive.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
*.onelink.me Amazon RSA 2048 M02	`2023-02-04` - `2024-03-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
*.sdk.af-sdk.io Amazon RSA 2048 M02	`2023-09-26` - `2024-10-25`	a year	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2023-10-10` - `2024-10-09`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
vantagefx8311.zendesk.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-03-01` - `2023-12-25`	10 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://secure.vantagemarkets.com/login
Frame ID: BD37E56DB7C78191F644DC2977CD12CA
Requests: 406 HTTP requests in this frame

Frame: https://11450497.fls.doubleclick.net/activityi;dc_pre=CPz_os2n9YEDFTkGogMd-W0LsQ;src=11450497;type=vantag00;cat=vanta0;ord=191629382475;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds
Frame ID: 3C3586B1E424568D1AF587F17381D730
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=secure.vantagemarkets.com&origin=onetag
Frame ID: C685E560535BA548402358DEDBCC865B
Requests: 1 HTTP requests in this frame

Frame: https://11450497.fls.doubleclick.net/activityi;dc_pre=CJymnM6n9YEDFUMKogMd31EG0A;src=11450497;type=vantag00;cat=vanta0;ord=1454910930039;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin
Frame ID: 921F092958DE73933700E958A313E0C6
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: 1CBF130BE2385D9CB1C2E99115A58876
Requests: 2 HTTP requests in this frame

Frame: https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 9F05C42AEFA13B2FEFB217831ABD14A5
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Frame ID: E037698C96F9084114FFE76A2F5DA290
Requests: 6 HTTP requests in this frame

Frame: https://asia.creativecdn.com/fledge-igmembership?ntk=p-fPr3PMgGXChe64ltlBGannqlFLobmEz-Rzs7eRaax5Fvec6XIFeBG7kM1MVDdqDLPJ4IWcG-E5ZtExmJ4DCA
Frame ID: 2109286992BDC5F49EA3E7BE7A06EB76
Requests: 1 HTTP requests in this frame

Frame: https://asia.creativecdn.com/topics-membership?ntk=fmHvYKB67E14YtAQ8hAJ7Rgw4TjbHWMVD1YxlNlWbRLmWvfyrqYS0KNdos4GzcoFG3-DY3xEAaUc0KVkxW8K7w
Frame ID: D2DF1F9BF5C39B04249485B4280BE611
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=secure.vantagemarkets.com&origin=onetag
Frame ID: 8DE3D9421199462756D73E882F390418
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=l31qp9g&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=moppfxx&upv=1.1.0
Frame ID: 0D02EA723949F33EA012ED2BE1F7720A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=4fcy4l6&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=whcxxe2&upv=1.1.0
Frame ID: E8609EDEA4CE9806C9E8F4103A714B32
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-1o_MgpfL3vn07aaYMhBB9SFCF-QvKg-D1tKUEw&google_gid=CAESEJED4glZKYNkqBg3gTCi13g&google_cver=1&google_ula=913071,0
Frame ID: F3A2EA74FFF3E586137F6DF201B53E65
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vantage Login Client Portal | Vantage

Page URL History Show full URLs

https://secure.vantagemarkets.com/depositFunds Page URL
https://secure.vantagemarkets.com/login Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

432
Requests

91 %
HTTPS

37 %
IPv6

59
Domains

84
Subdomains

76
IPs

10
Countries

8846 kB
Transfer

32326 kB
Size

85
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vantagemarkets.com/

Search URL Search Domain Scan URL

URL: https://www.vantagemarkets.com/open-live-account/
Title: Not A Client? Open An Account Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://secure.vantagemarkets.com/depositFunds Page URL
https://secure.vantagemarkets.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://11450497.fls.doubleclick.net/activityi;src=11450497;type=vantag00;cat=vanta0;ord=191629382475;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds HTTP 302
https://11450497.fls.doubleclick.net/activityi;dc_pre=CPz_os2n9YEDFTkGogMd-W0LsQ;src=11450497;type=vantag00;cat=vanta0;ord=191629382475;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds

Request Chain 79

https://secure.adnxs.com/px?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&id=1622764&order_id=[order_id]&seg=31340040&t=1&value= HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_TCF_CONSENT_STRING%5D%26id%3D1622764%26order_id%3D%5Border_id%5D%26seg%3D31340040%26t%3D1%26value%3D

Request Chain 81

https://map.go.affec.tv/map/af/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D652a6aa3eb00800001fa534e%26chc%3Daf%26redirect_url%3D%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255BGDPR_TCF_CONSENT_STRING%255D&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D HTTP 302
https://map.go.affec.tv/map/an/5953564206032569238?ch=652a6aa3eb00800001fa534e&chc=af&redirect_url=&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D

Request Chain 83

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278627572&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278627572&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4935180%26time%3D1697278627572%26url%3Dhttps%253A%252F%252Fsecure.vantagemarkets.com%252FdepositFunds%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278627572&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278627572&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLCYjEV4xngOwAAAYstsJFybclSUXa5d_SXl1-rs-S_atjs-WpSIN4wgoyj6_X5d7oxX40

Request Chain 154

https://www.facebook.com/tr/?id=588528293409588&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628577&sw=1600&sh=1200&v=2.9.134&r=stable&ec=3&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET HTTP 302
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&ec=3&ev=CompleteRegistration&fbp=fb.1.1697278627560.1191031376&id=588528293409588&if=false&it=1697278627273&ler=empty&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1697278628577&v=2.9.134

Request Chain 191

https://11450497.fls.doubleclick.net/activityi;src=11450497;type=vantag00;cat=vanta0;ord=1454910930039;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin HTTP 302
https://11450497.fls.doubleclick.net/activityi;dc_pre=CJymnM6n9YEDFUMKogMd31EG0A;src=11450497;type=vantag00;cat=vanta0;ord=1454910930039;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin

Request Chain 228

https://asia.creativecdn.com/tags/v2?type=json HTTP 307
https://asia.creativecdn.com/tags/v2?type=json&tc=1

Request Chain 239

https://map.go.affec.tv/map/af/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D652a6aa5ccb52c000178bd7d%26chc%3Daf%26redirect_url%3D%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255BGDPR_TCF_CONSENT_STRING%255D&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D HTTP 302
https://map.go.affec.tv/map/an/5953564206032569238?ch=652a6aa5ccb52c000178bd7d&chc=af&redirect_url=&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING] HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D

Request Chain 241

https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 242

https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Request Chain 269

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278629910&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278629910&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&tm=gtmv2&e_ipv6=AQKPcvVMWiE0jgAAAYstsJhi1Qz3ZQIeRQYqn57QClZ-tsX6ItmTi8Eo4_SbXE2NdQTqN10

Request Chain 369

https://gum.criteo.com/sid/json?origin=onetag&domain=vantagemarkets.com&sn=ChromeSyncframe&so=0&topUrl=secure.vantagemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=FqgW-XxwelN5bFQ2NW9YZG1JN2k2RDc3ZWJGaTAyQVZERzFRL2NBSGRjZlUydWZlSzBuR2JUbE83YTh4SGRCZmNDYWtzamF1TFY5T01TWWkwQU8ySTBVSVNLREZwdFFwT3VYYWQ2d1lvQXJUbjZjOWFTeEdaQzdkcm41WERReW1wYXZjNld0N2JrVFdueGRZd3c0anhDYjVYZVlUOU9Td0NVRnNjVGpPYTdxMXc3dDZMOXZNbTFseGhvWVZZR1F2Y1oybDZsOCtYRmlQYk5aLzhqTHlYeGZLZ3owZWMvME9rWTFaZWZlemd0V0hMTGUzZVNTaWVwZXphRjNNQmczY0dVTWo5VW5yOXdMMDQ3SVpuUThDRnBpbnZYRExEY0tobFFkN1Vlamo1MFh2ZGtGWT18&cppv=2

Request Chain 415

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=52B90B9C530543AEB331FE70CC632E29&RedC=c.clarity.ms&MXFR=3E4FE3E38CD56DA422FEF04988D563C5 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=52B90B9C530543AEB331FE70CC632E29&MUID=0885377FBE36660D10AC24D5BF9A675B

Request Chain 416

https://insight.adsrvr.org/track/up?adv=l31qp9g&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=moppfxx&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=l31qp9g&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=moppfxx&upv=1.1.0

Request Chain 417

https://insight.adsrvr.org/track/up?adv=4fcy4l6&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=whcxxe2&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=4fcy4l6&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=whcxxe2&upv=1.1.0

Request Chain 418

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-1o_MgpfL3vn07aaYMhBB9SFCF-QvKg-D1tKUEw&google_cm&google_hm=ay0xb19NZ3BmTDN2bjA3YWFZTWhCQjlTRkNGLVF2S2ctRDF0S1VFdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-1o_MgpfL3vn07aaYMhBB9SFCF-QvKg-D1tKUEw&google_gid=CAESEJED4glZKYNkqBg3gTCi13g&google_cver=1&google_ula=913071,0

Request Chain 420

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5953564206032569238

Request Chain 431

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-E41AppfL3vn07aaYMhBB9SFCF-RuqraqlyHAcQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-E41AppfL3vn07aaYMhBB9SFCF-RuqraqlyHAcQ&C=1

Request Chain 432

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=yVCEO74KoYF9Vy6b02T7vPwBupWDIdnK HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yVCEO74KoYF9Vy6b02T7vPwBupWDIdnK

Request Chain 454

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=6XQVJAnDI2D-fAziBcayyLNJbYpWTPKi

Request Chain 455

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=9zaxCDqK_QfF9qoXrIkQVKjAcKPov4Ju

432 HTTP transactions
28 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 depositFunds Show response
secure.vantagemarkets.com/ 6 KB
2 KB 542ms
427ms Document
text/html 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3b815739f4ebe87acf9c29fec8a4e7b927487635844f5d393a1abae3ea1e02

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 815f12139d7ebb74-FRA
content-encoding: br
content-type: text/html
date: Sat, 14 Oct 2023 10:17:06 GMT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 index.js Show response
secure.vantagemarkets.com/static/gtm/ 1 KB
434 B 106ms
105ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/gtm/index.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d020a39323529eb0ac441a1f8840eccaa198955277d4f556a9657fe3e8d7406f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/depositFunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3825
etag: W/"65290e59-5da"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f12168965bb74-FRA
expires: Sat, 14 Oct 2023 14:17:06 GMT

GET
H2 200 index.js Show response
secure.vantagemarkets.com/static/insightech/ 398 B
369 B 60ms
59ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/insightech/index.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017dc97e6482b9894606807bf612f6423bfb074e8f21a361662cb12596a2d704

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/depositFunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3825
etag: W/"65290e59-18e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f12168969bb74-FRA
expires: Sat, 14 Oct 2023 14:17:06 GMT

GET
H2 200 widget-core.js Show response
prodstorage.azureedge.net/Widgets/lib/@1.0.0/ 736 KB
224 KB 205ms
56ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://prodstorage.azureedge.net/Widgets/lib/@1.0.0/widget-core.js

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CDF) / ASP.NET

Resource Hash

fc7d65e6c64d46771031947fb12ec0071649088d4cb0dd721b28716bb2e163fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
last-modified: Mon, 09 Oct 2023 12:13:28 GMT
server: ECAcc (frc/4CDF)
age: 424325
etag: "1d9faaa02addb15"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
accept-ranges: bytes
content-length: 228884
request-context: appId=cid-v1:c0a124e5-71c0-4ced-b978-78e4ff157a5c

GET
H2 200 styles.9f556ab.css
secure.vantagemarkets.com/static/css/ 364 KB
53 KB 194ms
192ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/styles.9f556ab.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f305fa6622115ed84944335086f2f8245a18a99e65d078587e3525f9a06c2a74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/depositFunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3825
etag: W/"65290e59-5ae16"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 815f12168966bb74-FRA
expires: Sat, 14 Oct 2023 14:17:06 GMT

GET
H2 200 app.e5b3744.css
secure.vantagemarkets.com/static/css/ 213 KB
15 KB 62ms
61ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/app.e5b3744.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82ffa597b3afcccae12313ca1fbcc613edb3528a3ca485e90c3a842b2d66d0af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/depositFunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3825
etag: W/"65290e59-352b2"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 815f12168968bb74-FRA
expires: Sat, 14 Oct 2023 14:17:06 GMT

GET
H2 200 manifest.30ec9e9f4165ee1ce012.js Show response
secure.vantagemarkets.com/static/js/ 9 KB
5 KB 105ms
104ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/manifest.30ec9e9f4165ee1ce012.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91f6701807bf3018cc99bc0220b82d91900e5dfecd54566c8b6ef578178bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/depositFunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3825
etag: W/"65290e59-241a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f1216896abb74-FRA
expires: Sat, 14 Oct 2023 14:17:06 GMT

GET
H2 200 13.822489dd8f87c98a407e.js Show response
secure.vantagemarkets.com/static/js/ 232 B
213 B 62ms
61ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/13.822489dd8f87c98a407e.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebd61d4d1bf027e84ffaa85b248be66eafd6fe2b9a8200f45852dda78946c8d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/depositFunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3825
etag: W/"65290e59-e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f1216896cbb74-FRA
expires: Sat, 14 Oct 2023 14:17:06 GMT

GET
H2 200 51.305dcba21b7cfcfc64a1.js Show response
secure.vantagemarkets.com/static/js/ 2 MB
478 KB 194ms
193ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/51.305dcba21b7cfcfc64a1.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb5275f58aba99f83f7d2679c19083d1f266cb27336a6401e6005c5bf58fff03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/depositFunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3825
etag: W/"65290e59-1b51e1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f1216896dbb74-FRA
expires: Sat, 14 Oct 2023 14:17:06 GMT

GET
H2 200 49.9c4210cc9bc5b04f0dc7.js Show response
secure.vantagemarkets.com/static/js/ 4 MB
1 MB 106ms
105ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/49.9c4210cc9bc5b04f0dc7.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a5576a7427067abc24851d5f871912662116688f21abc79113c83a4046484b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/depositFunds
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3825
etag: W/"65290e59-41ed01"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f1216896ebb74-FRA
expires: Sat, 14 Oct 2023 14:17:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 407 KB
113 KB 342ms
191ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/gtm/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

716cf2b8a33d546df9080182719b6e7b09eae2effb7bc4f51a55268106353fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115251
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Oct 2023 10:17:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 164 KB
59 KB 210ms
98ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PZ99S37

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/gtm/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b8a7110eb2fe3c263d9dc452ac2fae29e9db98fb5f9222bd3749a38996e72ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60665
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Oct 2023 10:17:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 190 KB
68 KB 167ms
56ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MW5Q9CN

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/gtm/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f310cc68312f8740142cec9700170bf9e00da937dd7cb806fd86e65d8e99f518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68968
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Oct 2023 10:17:06 GMT

GET
H2 200 insightech.mini.js Show response
cdn.insightech.com/ 27 KB
9 KB 152ms
41ms Script
text/javascript 35.201.125.75
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insightech.com/insightech.mini.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/insightech/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.125.75 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 75.125.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1acba9947e628f030d543e0041d670b5880a36bcc88f0ca9884f27115995705b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 09:17:23 GMT
content-encoding: br
age: 3583
x-guploader-uploadid: ADPycdvWsICQuUH-xqUmQuGgWLKBD-7dChZBQYC30ygbMDMW0p88wLW02I80lP-Yv1urhWuf5NPG-cUD8BlvF8dPALWN
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8230
last-modified: Thu, 12 Oct 2023 23:47:18 GMT
server: UploadServer
etag: W/"d6b5b24ce927381822a23a5a4414c714"
vary: Accept-Encoding
x-goog-generation: 1697154437864317
x-goog-hash: crc32c=Izk6UQ==, md5=1rWyTOknOBgiojpaRBTHFA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 27251
accept-ranges: none
expires: Sat, 14 Oct 2023 10:17:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 332 KB
97 KB 271ms
160ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

740ac264fd6cbd635ace430eb40b6310d9e1683f304674f708b1c1d7bc0f93e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98898
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Oct 2023 10:17:06 GMT

GET
H/1.1 200
OK greenid.css
simpleui-au.vixverify.com/df/assets/stylesheets/ 189 KB
22 KB 1020ms
900ms Stylesheet
text/css 45.60.33.224
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleui-au.vixverify.com/df/assets/stylesheets/greenid.css

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/css/app.e5b3744.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.224 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 10:17:07 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,OPTIONS,POST
Content-Type: text/css
Access-Control-Allow-Origin: *
X-Iinfo: 15-46479267-46479094 2NNN RT(1697278626438 41) q(0 0 0 0) r(9 9)
Cache-Control: max-age=3600
x-incap-sess-cookie-hdr: CiRzTmeGFyWnIJcJmWAaCqNqKmUAAAAA2hbZVs9Ht4EJ+P/QRLb+aA==
Connection: keep-alive
Access-Control-Allow-Headers: x-requested-with,content-type,Cache-Control,Pragma,Date

POST
H2 200 0 Show response
us-1-api.insightech.com/pageview/9a8c75816/18b2db08c17.41f58/18b2db08c17.a44ef/ 61 B
331 B 283ms
163ms XHR
application/json 2a00:1450:4001:82a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-1-api.insightech.com/pageview/9a8c75816/18b2db08c17.41f58/18b2db08c17.a44ef/0
Requested by: Host: cdn.insightech.com
URL: https://cdn.insightech.com/insightech.mini.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 902a264cfa07d9fb4bfe3e9b4e3992af8029b0dffdb70217eb1a1a443fa5a5c3

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
x-cloud-trace-context: 4e78b4156ccf2bbcd585fd8ed495b2db
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Alt-Referer
content-length: 82

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 129ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53498
x-xss-protection: 0
pragma: public
x-fb-debug: XsRaKIf/13hkhOqCyFAY5O52C8WhxKPVhjLkmT9rMmMSNB12Km7b358T8BstexytPIdeYBWRhnyc8lTFbhJFbw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
89 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4PGVH7BC9T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW5Q9CN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a144c91c74315a09d47467f3bbaaa452f9e803ef331a6b77881ea7c9d5d16e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90944
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 10:17:06 GMT

GET
H2

200

activityi;dc_pre=CPz_os2n9YEDFTkGogMd-W0LsQ;src=11450497;type=vantag00;cat=vanta0;ord=191629382475;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds;gtm=45He3ab0...
11450497.fls.doubleclick.net/ Frame 3C35
Redirect Chain

https://11450497.fls.doubleclick.net/activityi;src=11450497;type=vantag00;cat=vanta0;ord=191629382475;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds;gtm=45He3...
https://11450497.fls.doubleclick.net/activityi;dc_pre=CPz_os2n9YEDFTkGogMd-W0LsQ;src=11450497;type=vantag00;cat=vanta0;ord=191629382475;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagema...

529 B
617 B

89ms
86ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11450497.fls.doubleclick.net/activityi;dc_pre=CPz_os2n9YEDFTkGogMd-W0LsQ;src=11450497;type=vantag00;cat=vanta0;ord=191629382475;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.vantagemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 279
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 10:17:07 GMT
expires: Sat, 14 Oct 2023 10:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 10:17:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11450497.fls.doubleclick.net/activityi;dc_pre=CPz_os2n9YEDFTkGogMd-W0LsQ;src=11450497;type=vantag00;cat=vanta0;ord=191629382475;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 129ms
39ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=81271
accept-ranges: bytes
content-length: 3822

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 164ms
65ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 14 Oct 2023 10:17:06 GMT
last-modified: Thu, 12 Oct 2023 17:36:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0EE4A8F81DAD428DB2C24D58EB220842 Ref B: FRA31EDGE0815 Ref C: 2023-10-14T10:17:07Z
etag: "808ec9ad32fdd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12978

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 132ms
42ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

602a019472a69b4fde0a1f6ab3e6e3ca0a52075e0dca120b4c9952754e983ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 34 KB
10 KB 160ms
51ms Script
application/javascript 2a02:26f0:3500:11::215:14d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=pba&
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ccf80229bbe586853232059978b67c1dbe6ccd7f6b4b8585b34bbcf2d9f195f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 10:17:07 GMT
Content-Encoding: gzip
x-amz-request-id: TNFWN7JAHP2EBEJM
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 9575
x-amz-id-2: rNwspp0GeeuGCVY8uOjVgWk/J3XTDq5+TTLu3jZaoCKMw4CAD3WOCSz6cVuBQQ9yvpK6HO0IqDY=
Last-Modified: Wed, 14 Jun 2023 06:58:46 GMT
Server: AmazonS3
ETag: "d4e7f1ffd74e53e33a46a668c2e9d67c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2256
Accept-Ranges: bytes
X-DataStream-Cache-Status: 1
Expires: Sat, 14 Oct 2023 10:54:43 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/ 102 KB
30 KB 149ms
47ms Script
text/javascript 2600:9000:225e:6600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/roundtrip.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f09b0048da84d573059b81b30509e8720b13a2eac382156ead0fc1665b486e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

X-Amz-Version-Id: HYY0B4PYmaNYH.fAuJzdl0WIbzW_RoCt
Content-Encoding: gzip
Via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
Date: Sat, 14 Oct 2023 09:46:45 GMT
Age: 1903
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 13 Oct 2023 05:37:37 GMT
Server: AmazonS3
Etag: W/"6dd36632b7cb0f940547a80fdcac9e7a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Fp3Am9sWJQJ8YkJ5Cff2CYkhbP8BoRYVlJKJLt10dIjWwDm5ZndZdA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
73 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11232953403

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1cae3169b8c7546a8558cc2c258c7ce50305c87f03c238b21985e6f00713e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75049
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Oct 2023 10:17:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
90 KB 64ms
64ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H4QYCECT8W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31849ded39e457ee99900edc506aa2e6544f6389187d6fa709f898fad810ba7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92531
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 10:17:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N5DW4FZP31&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c40ea1dda09b7bac96e4230248986c77fc4c4a56899c7acea48ca785582110e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 10:17:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RYEFEW2YRY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7025167701a2fa055cbb95188bc0fcf6b5f730d0362b6a01cc27eedea6fc6ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 10:17:07 GMT

POST
H2 200 0 Show response
us-1-api.insightech.com/pageview/089a28b851/18b2db08c17.41f58/18b2db08ce9.18f83/ 1 KB
679 B 194ms
193ms XHR
application/json 2a00:1450:4001:82a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-1-api.insightech.com/pageview/089a28b851/18b2db08c17.41f58/18b2db08ce9.18f83/0
Requested by: Host: cdn.insightech.com
URL: https://cdn.insightech.com/insightech.mini.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 448394f02e1d311bf63793f98f52973fb948195c90522c965e4341b68923f4a5

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
x-cloud-trace-context: 3ab41dd0c74db9bf6d029904014ecc0c
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Alt-Referer
content-length: 485
expires: Sat, 14 Oct 2023 10:17:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Oct 2023 09:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1534
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 14 Oct 2023 11:51:33 GMT

GET
H2 200 gJKbT9N3FwF2LliEdMKV.js Show response
tags.creativecdn.com/ 4 KB
2 KB 137ms
40ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/gJKbT9N3FwF2LliEdMKV.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtNvEaXUBbvT7SXO1IoALfJwfHRTqzC68LE03BdNFVonqH3liwaxQUQANhlSRXK2VOOfhbkvuGR9T4KCPWTsjE8LNzm60r_
x-cache: HIT
x-77-cache: HIT
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
x-age: 2989
x-accel-date: 1697275638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-77-nzt: AZySIYg3Nzf/rQsAAA
x-accel-expires: @1697279238
x-77-age: 2989
last-modified: Tue, 20 Sep 2022 08:37:31 GMT
server: CDN77-Turbo
etag: W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray: f6587a1df915bed7a36a2a65ceafb10a
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1663663050931942
content-type: application/javascript
x-goog-hash: crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control: public, max-age=3600
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 1741
expires: Sat, 14 Oct 2023 09:26:05 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/842673740/ 3 KB
1 KB 145ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842673740/?random=1697278627077&cv=11&fst=1697278627077&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&hn=www.googleadservices.com&frm=0&tiba=Secure%20Client%20Portal&auid=149757589.1697278627&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4241f472f9060a596ce0f22986c6fb3c4e88d96bed6572d539401df391413707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 147ms
42ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11008820483/ 3 KB
2 KB 66ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11008820483/?random=1697278627084&cv=11&fst=1697278627084&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&hn=www.googleadservices.com&frm=0&tiba=Secure%20Client%20Portal&auid=149757589.1697278627&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

886f458757650626baff56529f49c574e41e4fcf180759395165290a590040d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10991455755/ 3 KB
1 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10991455755/?random=1697278627088&cv=11&fst=1697278627088&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&hn=www.googleadservices.com&frm=0&tiba=Secure%20Client%20Portal&auid=149757589.1697278627&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91cc953ddd3fc87949c5f8815956c809ca2171b84ff088d05fb98c14a5d22d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js
js.adsrvr.org/ 5 KB
3 KB 184ms
44ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:51:17 GMT
Content-Encoding: gzip
Via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 23151
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: _rQnk3rMnr4dYah-Qg3Ucf43LlOqLs32Q_lGLfgyOEWsvjFrHFqw-A==

GET
H2 200 631865b36c616ff5444608da
go.affec.tv/j/ 1 KB
1 KB 201ms
60ms Script
application/javascript 52.208.246.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/j/631865b36c616ff5444608da?ver=Retail&pnm=[product_name]&pid=[product_id]&pscat=[product_sub_cat_name]&pscid=[product_sub_cat_id]&pct=[product_category]&cid=[product_category_id]&rev=[revenue]&cur=[currency]&cpn=[voucher_code]&url=[url]&mem=[membership]&oid=[order_id]&qty=[quantity]&custom1=[custom1]&custom2=[custom2]&custom3=[custom3]&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.246.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-246-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
content-type: application/javascript
cache-control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
content-length: 839
expires: Wed, 04 Apr 1990 00:00:00 GMT

GET
H2 200 events.js
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 266ms
140ms Script
application/javascript 104.126.37.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFTVE0RC77UEE0VEQL1G&lib=ttq
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 791bb57.36b391f1
date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 93,104.126.37.39
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=6, inner; dur=3
content-length: 1507
pragma: no-cache
server: nginx
x-tt-logid: 20231014101707DB507E52522571CE252D
x-cache-remote: TCP_MISS from a23-220-105-199.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.105.199
x-tt-trace-host: 013027eeccbe383c4e7f64c70ff7fb673b9ad1e17430c728fe853c7575df2cb3f3c740bdd2c5dd038d168328b6610afc5d588a6ed281395835004494f0a284c1a4bf3dfbf3db8625e80a6c2b2d8ac4de7cad4d757ae9306f4df4096232faf2d512f9136dd8391ac7c23820898e050f4239
expires: Sat, 14 Oct 2023 10:17:07 GMT

GET
H2 200 events.js
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 264ms
143ms Script
application/javascript 104.126.37.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFTVPCRC77U30697BAK0&lib=ttq
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: ca52d3b.36b391f2
date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 95,104.126.37.39
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=8, inner; dur=3
content-length: 1509
pragma: no-cache
server: nginx
x-tt-logid: 20231014101707C8E9E09930FA3F8A04AF
x-cache-remote: TCP_MISS from a23-220-105-202.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.105.202
x-tt-trace-host: 013027eeccbe383c4e7f64c70ff7fb673b9ad1e17430c728fe853c7575df2cb3f37a168f2f3241293c1c0e0186d6b4908676bb30e4e43baa816138296ed9251ec429efa1dcb28edc9d4b3d8a490daba5a96ba5e013de725f5b561d8c0cc2b2b4dd99b99f7ff3fd95cfc611d40dca249d8b
expires: Sat, 14 Oct 2023 10:17:07 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
92 KB 66ms
66ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TRQKDTYSC9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9112b8deabe2f8b66c82d539579da86049f4702cefb8761cbb1ed406f248f0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94438
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 10:17:07 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 138ms
49ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4PGVH7BC9T&gtm=45je3ab0&_p=1819566435&_gaz=1&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PGVH7BC9T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 159ms
51ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4PGVH7BC9T&cid=1748756277.1697278627&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PGVH7BC9T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 155ms
65ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4PGVH7BC9T&cid=1748756277.1697278627&gtm=45je3ab0&aip=1&z=1392013741

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 120ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4PGVH7BC9T&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1697278627&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=page_view&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PGVH7BC9T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 143ms
49ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RYEFEW2YRY&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYEFEW2YRY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 51ms
49ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RYEFEW2YRY&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=tmbt_visit_deposit&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYEFEW2YRY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 52ms
50ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H4QYCECT8W&gtm=45je3ab0&_p=1819566435&_gaz=1&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H4QYCECT8W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 52ms
51ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H4QYCECT8W&cid=1748756277.1697278627&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H4QYCECT8W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 134ms
65ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H4QYCECT8W&cid=1748756277.1697278627&gtm=45je3ab0&aip=1&z=845929675

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 50ms
49ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N5DW4FZP31&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N5DW4FZP31&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1233809420752100
connect.facebook.net/signals/config/ 142 KB
37 KB 44ms
43ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1233809420752100?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37240
x-xss-protection: 0
pragma: public
x-fb-debug: Y/+ldpcAmJHph8JGRcBB3TLl8HK0jscIof6jAkknyWruEQWPn7NQO7GNtdPW/eBH58ce1+Gl3XzyasHY1kd12g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 52ms
50ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H4QYCECT8W&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=tmbt_visit_deposit&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H4QYCECT8W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 51ms
49ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N5DW4FZP31&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=tmbt_visit_deposit&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N5DW4FZP31&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 41ms
41ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=27704
accept-ranges: bytes
content-length: 4862

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/11232953403/ 3 KB
2 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11232953403/?random=1697278627323&cv=11&fst=1697278627323&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&hn=www.googleadservices.com&frm=0&tiba=Secure%20Client%20Portal&auid=149757589.1697278627&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11232953403

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 destination
www.googletagmanager.com/gtag/ 271 KB
90 KB 66ms
66ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-SQEL52NP0G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRQKDTYSC9&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91832
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 10:17:07 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 55ms
54ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TRQKDTYSC9&gtm=45je3ab0&_p=1819566435&_gaz=1&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRQKDTYSC9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 57ms
57ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TRQKDTYSC9&cid=1748756277.1697278627&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRQKDTYSC9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 71ms
70ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TRQKDTYSC9&cid=1748756277.1697278627&gtm=45je3ab0&aip=1&z=1145626572

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.js
s.adroll.com/j/exp/D4PKUQWCWNCJPDENWUB3VX/ 22 B
779 B 49ms
49ms Script
application/javascript 2600:9000:225e:6600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/D4PKUQWCWNCJPDENWUB3VX/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

X-Amz-Version-Id: 9jAQQl6wN1O57duEdtzcJiDbx_._gtR5
Date: Sat, 14 Oct 2023 07:22:19 GMT
Via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
Age: 10600
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 22
Last-Modified: Mon, 09 Oct 2023 22:29:54 GMT
Server: AmazonS3
Etag: "9604b270546c4ec528373b6c8c757a74"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Iu2N88UuI_prWuhdWi0t3d6m41Y5a7SajZmAZkVL4jPrewEqrB18TA==

OPTIONS
H2 200 v2
asia.creativecdn.com/tags/ Frame 0
0 1233ms
817ms Preflight 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.vantagemarkets.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-max-age: 3600
content-length: 0
date: Sat, 14 Oct 2023 10:17:07 GMT
vary: Origin

POST v2
asia.creativecdn.com/tags/ 0
0

POST
H2 200 collect
www.google-analytics.com/j/ 4 B
215 B 53ms
52ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1819566435&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&ul=en-us&de=UTF-8&dt=Secure%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1715712442&gjid=447150121&cid=1748756277.1697278627&tid=UA-28849650-1&_gid=1785704136.1697278627&_r=1&_slc=1&gtm=45He3ab0n81T38KSHM&z=627356592

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11008820483/ 42 B
108 B 157ms
55ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11008820483/?random=1697278627084&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&random=2532430102&rmt_tld=0&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11008820483/ 42 B
154 B 56ms
55ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11008820483/?random=1697278627084&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&random=2532430102&rmt_tld=1&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/842673740/ 42 B
455 B 156ms
55ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/842673740/?random=1697278627077&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&random=116415567&rmt_tld=0&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/842673740/ 42 B
108 B 63ms
62ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/842673740/?random=1697278627077&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&random=116415567&rmt_tld=1&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10991455755/ 42 B
108 B 157ms
56ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10991455755/?random=1697278627088&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&random=4081183074&rmt_tld=0&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10991455755/ 42 B
108 B 61ms
60ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10991455755/?random=1697278627088&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&random=4081183074&rmt_tld=1&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 152ms
44ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1697278627422&id=t2_nukdygmp&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=0d349ae3-212a-4c00-bf8c-ec0badc117be&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 dc_pre=CPz_os2n9YEDFTkGogMd-W0LsQ;src=11450497;type=vantag00;cat=vanta0;ord=191629382475;auiddc=*;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=...
adservice.google.com/ddm/fls/z/ Frame 3C35 42 B
401 B 182ms
82ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPz_os2n9YEDFTkGogMd-W0LsQ;src=11450497;type=vantag00;cat=vanta0;ord=191629382475;auiddc=*;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds

Requested by

Host: 11450497.fls.doubleclick.net
URL: https://11450497.fls.doubleclick.net/activityi;dc_pre=CPz_os2n9YEDFTkGogMd-W0LsQ;src=11450497;type=vantag00;cat=vanta0;ord=191629382475;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11450497.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 148026267.js
bat.bing.com/p/action/ 4 KB
2 KB 70ms
68ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/148026267.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sat, 14 Oct 2023 10:17:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7C990389CB5B4460B2C5635FBD641B69 Ref B: FRA31EDGE0815 Ref C: 2023-10-14T10:17:07Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 D4PKUQWCWNCJPDENWUB3VX
d.adroll.com/consent/check/ 507 B
600 B 191ms
56ms Script
application/javascript 2a05:d018:cc3:fe04:4b7a:87c2:3628:5d9f
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/D4PKUQWCWNCJPDENWUB3VX?pv=71479053397.28784&arrfrr=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&_s=31a43ee413259eca2a33d75d128505f2&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:4b7a:87c2:3628:5d9f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
server: nginx/1.22.1
content-length: 507
content-type: application/javascript

GET
H3 200 177639405278338
connect.facebook.net/signals/config/ 114 KB
30 KB 44ms
44ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/177639405278338?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31033
x-xss-protection: 0
pragma: public
x-fb-debug: EvS6xVTSW+zIS/REMbLjFvl57hGgj7px8aTPBFqeHUg42De9X+9TBuE4Wm+xzXRnb0lEVTYe061NVX2vd49vvw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 129ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1233809420752100&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278627563&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278627273&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 token
cdn.linkedin.oribi.io/partner/4935180/domain/secure.vantagemarkets.com/ 36 B
364 B 133ms
43ms XHR
application/json 2600:9000:20eb:e800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4935180/domain/secure.vantagemarkets.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: *
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 05:46:23 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA2-C1
age: 534643
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
content-length: 36
x-amz-cf-id: t3dEeoIh3jll484TQbGmNkBr9it46XiyhJz0bxmJZCFdmJc1dsrGQA==

GET
H2 200 token
cdn.linkedin.oribi.io/partner/4935180/domain/secure.vantagemarkets.com/ 36 B
364 B 133ms
44ms XHR
application/json 2600:9000:20eb:e800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4935180/domain/secure.vantagemarkets.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: *
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 05:46:23 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA2-C1
age: 534643
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
content-length: 36
x-amz-cf-id: IWVcsVpSGoc6uy4R-qZWKu62hzrEIo55BUEwiPetyNMmFXvNeuvdig==

GET
H2 200 token
cdn.linkedin.oribi.io/partner/4935180/domain/secure.vantagemarkets.com/ 36 B
364 B 133ms
44ms XHR
application/json 2600:9000:20eb:e800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4935180/domain/secure.vantagemarkets.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: *
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 05:46:23 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA2-C1
age: 534643
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
content-length: 36
x-amz-cf-id: 7rd853dOldwHibLIYCMev94W_VaU-ZB-qRkvgkkQ3QwAlI18d-5EbQ==

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&id=1622764&order_id=[order_id]&seg=31340040&t=1&value=
https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_TCF_CONSENT_STRING%5D%26id%3D1622764%26order_id%3D%5Border_id%5D%26seg%3D31340040%26t%3D1%26value%3D

0
803 B

49ms
49ms

Script
application/javascript

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_TCF_CONSENT_STRING%5D%26id%3D1622764%26order_id%3D%5Border_id%5D%26seg%3D31340040%26t%3D1%26value%3D

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
an-x-request-uuid: 23cdcca8-1718-4147-bbdf-ace1810d1c11
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.106; 80.255.7.106; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
an-x-request-uuid: 4743243a-5c6e-4d20-87ec-adf7b1a1e23e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fgdpr%3D%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_TCF_CONSENT_STRING%5D%26id%3D1622764%26order_id%3D%5Border_id%5D%26seg%3D31340040%26t%3D1%26value%3D
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.106; 80.255.7.106; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
go.affec.tv/per/ 846 B
915 B 61ms
61ms Script
application/javascript 52.208.246.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/per/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&k=56f9565d-0f2f-47a3-83f7-67113ce28926&p=ecb70aab-c31d-4b23-8884-19234515ebbe
Requested by: Host: go.affec.tv
URL: https://go.affec.tv/j/631865b36c616ff5444608da?ver=Retail&pnm=[product_name]&pid=[product_id]&pscat=[product_sub_cat_name]&pscid=[product_sub_cat_id]&pct=[product_category]&cid=[product_category_id]&rev=[revenue]&cur=[currency]&cpn=[voucher_code]&url=[url]&mem=[membership]&oid=[order_id]&qty=[quantity]&custom1=[custom1]&custom2=[custom2]&custom3=[custom3]&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.246.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-246-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
content-type: application/javascript
cache-control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
content-length: 548
expires: Wed, 04 Apr 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://map.go.affec.tv/map/af/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D652a6aa3eb00800001fa534e%26chc%3Daf%26redirect_url%3D%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255B...
https://map.go.affec.tv/map/an/5953564206032569238?ch=652a6aa3eb00800001fa534e&chc=af&redirect_url=&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&gdpr=[GDPR_APPLIES]&gdpr_conse...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D

70 B
149 B

305ms
79ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D
date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: gzip
content-length: 174
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 token
cdn.linkedin.oribi.io/partner/4935180/domain/secure.vantagemarkets.com/ 36 B
365 B 131ms
45ms XHR
application/json 2600:9000:20eb:e800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4935180/domain/secure.vantagemarkets.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: *
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 05:46:23 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA2-C1
age: 534643
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
content-length: 36
x-amz-cf-id: CDHccLnP_a3BPKtBk-XaSYuNdYqJiyyvcFZfyBzQixmxlxAh0GTKUQ==

GET

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278627572&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278627572&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&tm=gtmv2&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4935180%26time%3D1697278627572%26url%3Dhttps%253A%252F%252Fsecure.vantagemarkets....
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278627572&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&tm=gtmv2&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278627572&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLCYjEV4xngOw...

0
0

POST
H3 200 collect
stats.g.doubleclick.net/j/ 4 B
25 B 53ms
52ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28849650-1&cid=1748756277.1697278627&jid=1715712442&gjid=447150121&_gid=1785704136.1697278627&_u=YADAAEAAAAAAACAAI~&z=1564886083

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 14 Oct 2023 10:17:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWQ0NWRkZTlhMA.js
analytics.tiktok.com/i18n/pixel/static/ 370 KB
99 KB 59ms
59ms Script
application/javascript 104.126.37.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFTVE0RC77UEE0VEQL1G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 36b39353
date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023092112382042B7385D20B99D41419B
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0106d00fbca3edb302cba5da886c99eead2e34f80356c3676f6f4fb4434be70d5ce5388a92a61da561c38203ae115feea416fa39020c08589985637135e24540ed4b7c0be6bc32d2897fc0a13d484583b7f8e36ed140e925c0edef962a3ae11835
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=17
content-length: 100951

GET
H2 200 token
cdn.linkedin.oribi.io/partner/4935180/domain/secure.vantagemarkets.com/ 36 B
365 B 126ms
45ms XHR
application/json 2600:9000:20eb:e800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4935180/domain/secure.vantagemarkets.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: *
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 05:46:23 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA2-C1
age: 534643
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
content-length: 36
x-amz-cf-id: A2IgT3CN-Jq6XaZxIObbaL8LZ1xI5SR-TQXQfohjbjlQx8RbJEPsMg==

GET
H2 200 /
www.google.com/pagead/1p-user-list/11232953403/ 42 B
108 B 57ms
56ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11232953403/?random=1697278627323&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Secure%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2273112266&rmt_tld=0&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/11232953403/ 42 B
64 B 61ms
60ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11232953403/?random=1697278627323&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Secure%20Client%20Portal&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2273112266&rmt_tld=1&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 50ms
50ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SQEL52NP0G&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=tmbt_visit_deposit&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-SQEL52NP0G&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 67ms
66ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-28849650-1&cid=1748756277.1697278627&jid=1715712442&_u=YADAAEAAAAAAACAAI~&z=1529180473

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 65ms
65ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-28849650-1&cid=1748756277.1697278627&jid=1715712442&_u=YADAAEAAAAAAACAAI~&z=1529180473

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 148026267
www.clarity.ms/tag/uet/ 829 B
1 KB 247ms
130ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/148026267
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/148026267.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires: -1
date: Sat, 14 Oct 2023 10:17:07 GMT
x-azure-ref: 20231014T101707Z-p5yuzyxmr55fmcrhcuentu9z5g00000003e0000000007ush
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
cdn.permutive.com/ 250 KB
70 KB 159ms
68ms Script
application/javascript 2606:4700::6811:7611
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Requested by: Host: go.affec.tv
URL: https://go.affec.tv/per/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&k=56f9565d-0f2f-47a3-83f7-67113ce28926&p=ecb70aab-c31d-4b23-8884-19234515ebbe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: ecb70aab-c31d-4b23-8884-19234515ebbe
age: 0
x-guploader-uploadid: ADPycdseM7uCZd7iWcoiMzte5NzYMmgM0bJMm0St0VLk_gPgsBruK5Tc_3Etm8OlcZz1esMa9YqpTo67mw7LavZBerUtMIF_XVXZ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Mon, 13 Mar 2023 10:17:52 GMT
server: cloudflare
etag: W/"2531ddd69278d89386833e5f0c1e0294"
vary: Accept-Encoding
x-goog-generation: 1678702672966055
content-type: application/javascript
x-goog-hash: crc32c=sP0XyQ==, md5=JTHd1pJ42JOGgz5fDB4ClA==
cache-control: public, max-age=900
x-goog-stored-content-length: 71868
timing-allow-origin: *
cf-ray: 815f121f5aff5d60-FRA
expires: Sat, 14 Oct 2023 10:32:07 GMT

GET
H3 200 694340261818851
connect.facebook.net/signals/config/ 139 KB
36 KB 48ms
47ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/694340261818851?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36796
x-xss-protection: 0
pragma: public
x-fb-debug: dwTSYA6htSjcCsz/CTNypAjQt0HYyIEljeH24HwDyvnkBa2Ehb1P8+ip4xdk6hdRHYkfdv26M4ofw1ZX4WT1Zg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 41ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177639405278338&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278627657&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=a95583&it=1697278627273&coo=false&tm=1&cs_cc=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 267850502500264
connect.facebook.net/signals/config/ 132 KB
35 KB 43ms
42ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/267850502500264?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35249
x-xss-protection: 0
pragma: public
x-fb-debug: jQkZEfg6BQvhJF5h5+zaDGWBO5o2eL/36oyu9Cwa6sY3YQXt3jvsj0emLfTsn1LrVIRGxuAvSNc53vAbK5ESag==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 43ms
43ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=694340261818851&ev=InitiateCheckout&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278627724&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&est_source=3463793363838915&ler=empty&it=1697278627273&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 44ms
43ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=694340261818851&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278627725&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278627273&coo=false&tm=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_7dd78.js
analytics.tiktok.com/i18n/pixel/static/ 134 KB
36 KB 46ms
46ms Script
application/javascript 104.126.37.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 36b39413
date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230907110712340B804CE01C18830DC8
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01fafd87cb650a5d0e78cdf7dcb703255b8edebfd0e99bcf109b6c1178ae97d084b7d40a28b3e20c93692f8499d2333ea775ba74b71828437998dabdbe72c2ad562757b09c4df093beec0837070efd897717da92a12095109c84839146263eed57
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=9
content-length: 35960

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
793 B 301ms
300ms Ping
text/plain 104.126.37.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7fb218ea.36b39467
date: Sat, 14 Oct 2023 10:17:07 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 139,104.126.37.39
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=51, inner; dur=36
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231014101707CEEF4370E7638C1DFDFB
x-cache-remote: TCP_MISS from a23-220-105-219.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 51,23.220.105.219
x-tt-trace-host: 013027eeccbe383c4e7f64c70ff7fb673b9ad1e17430c728fe853c7575df2cb3f3c5683c73e10d708c38254bba15f12b04d9c432d2ffedcee3443e22b2c27f39560b4e9abbf0f21b9816a0e9833fa1ff71c1d73bd546ca6a5d8ffd3d1f590a68243092020d7c13aec95dad3150931fd944
access-control-allow-headers: Authorization,*
expires: Sat, 14 Oct 2023 10:17:07 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
793 B 179ms
178ms Ping
text/plain 104.126.37.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 681bcf20.36b39468
date: Sat, 14 Oct 2023 10:17:07 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 123,104.126.37.39
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=35, inner; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310141017078780F5F83E1B76885C15
x-cache-remote: TCP_MISS from a23-220-105-198.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 35,23.220.105.198
x-tt-trace-host: 013027eeccbe383c4e7f64c70ff7fb673b9ad1e17430c728fe853c7575df2cb3f3d36159fec3bfec25b948a74cb07255dd7625cd029980e30ca9a0ea4b6efad76ecee8810ef392e58356e22e2d331a7844db821b56584dec45253db2e47aded3a8ee6f5d90b04062696255ea0c0f78dd0b
access-control-allow-headers: Authorization,*
expires: Sat, 14 Oct 2023 10:17:07 GMT

GET
H/1.1 200
OK consent_tcfv2.js
s.adroll.com/j/ 418 KB
56 KB 45ms
44ms Script
text/javascript 2600:9000:225e:6600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

X-Amz-Version-Id: wD7IUQmRA9PUuld8lU58FBeuMlOqC6p6
Content-Encoding: gzip
Via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
Date: Sat, 14 Oct 2023 10:14:30 GMT
Age: 174
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 05 Jul 2023 21:39:27 GMT
Server: AmazonS3
Etag: W/"3306a47faf7223d93fb356e8a73d1942"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: nJWlK074HBuvuc4CPrUp3Cxj0OPwxE2yEByJvKC-7y4wjTbKIa-scQ==

GET
H3 200 238429805778126
connect.facebook.net/signals/config/ 115 KB
31 KB 43ms
43ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/238429805778126?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31367
x-xss-protection: 0
pragma: public
x-fb-debug: AkT/4T7Z93d95v/GQxy0DcMLhbRY2z9V77LyqMmcjBpC8u3vXlx92bRKbguZAMqrSzZoFs5HO8ZZqP73kDJEyg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 42ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=267850502500264&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278627820&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&tm=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 getuidj
ib.adnxs.com/ 29 B
710 B 59ms
57ms XHR
application/json 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:07 GMT
an-x-request-uuid: 1ebb1cd8-1096-4394-a9f3-96f142bd2649
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.106; 80.255.7.106; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 29
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip
api.permutive.com/v2.0/ 250 B
358 B 249ms
138ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166

GET
BLOB 200
OK be97a087-9e49-4c93-9c15-28a13378805a
https://secure.vantagemarkets.com/ 47 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.vantagemarkets.com/be97a087-9e49-4c93-9c15-28a13378805a
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 47721
Content-Type

GET
BLOB 200
OK bd0f2782-ce0f-44cd-a70d-8edd3f587063
https://secure.vantagemarkets.com/ 47 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.vantagemarkets.com/bd0f2782-ce0f-44cd-a70d-8edd3f587063
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 47721
Content-Type

GET
H2 200 clarity.js
www.clarity.ms/s/0.7.12/ 58 KB
25 KB 208ms
208ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.12/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/148026267
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:07 GMT
content-encoding: br
last-modified: Thu, 12 Oct 2023 01:51:26 GMT
etag: W/"0x8DBCAC5BF4C06D9"
vary: Accept-Encoding
x-azure-ref: 20231014T101707Z-p5yuzyxmr55fmcrhcuentu9z5g00000003e0000000007utf
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 012b24a2-801e-0005-2ae6-fcfc00000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H2 200 identify
api.permutive.com/v2.0/ 50 B
270 B 434ms
66ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 52ms
51ms Image
image/png 2600:9000:225e:6600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Sat, 14 Oct 2023 03:52:30 GMT
Via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
Age: 23214
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: px-T3Rg0Dtbe8OTwECLRZ8_xOtSrITlv6zOA6AoP4HOKpVZPQ0uJ2Q==

GET
H3 200 4347693485455104
connect.facebook.net/signals/config/ 115 KB
31 KB 151ms
150ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/4347693485455104?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31190
x-xss-protection: 0
pragma: public
x-fb-debug: cL9dtlz/H4aSMJ3yYMpVeS++968mkf3XL9QHx9FUJFXlvWu2IWPOSCeSBVPKdveK8C1W3LyqSPK/H1zETZTYDg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 148ms
148ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238429805778126&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278627965&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=1df443&it=1697278627273&coo=false&tm=1&cs_cc=1&cas=6176537735805755%2C6416258555156633&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
790 B 312ms
312ms Ping
text/plain 104.126.37.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 59dd32fc.36b395ae
date: Sat, 14 Oct 2023 10:17:08 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 169,104.126.37.39
server-timing: cdn-cache; desc=MISS, edge; dur=106, origin; dur=70, inner; dur=43
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231014101708DE33F313396240D11AA2
x-cache-remote: TCP_MISS from a23-32-17-138.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 70,23.32.17.138
x-tt-trace-host: 013027eeccbe383c4e7f64c70ff7fb673b9ad1e17430c728fe853c7575df2cb3f3f7c0a8f4b39fe75383a877b73493a58a5339865be073b1f28b10fe28ecdda99387a5044f2fdf2b363d750d3044ba11d38043bb186feada4215d1caa3ed186ef250c54ee9baa4deec88aab50524b9c523
access-control-allow-headers: Authorization,*
expires: Sat, 14 Oct 2023 10:17:08 GMT

GET
H3 200 588528293409588
connect.facebook.net/signals/config/ 132 KB
35 KB 50ms
50ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/588528293409588?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35231
x-xss-protection: 0
pragma: public
x-fb-debug: VwHVOWnmY4cn+rLpCY1FB6yX8HwQCMvwWguK0brBSncIvNascNOQQqgjPRMj+oFQRnr2Y1vzzt7biQ+T1naqxw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 51ms
51ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4347693485455104&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278628165&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=a5fdcc&it=1697278627273&coo=false&tm=1&cs_cc=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 Primary Request login Show response
secure.vantagemarkets.com/ 6 KB
2 KB 140ms
139ms Document
text/html 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/login
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/49.9c4210cc9bc5b04f0dc7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed7d26623e9807a7180e18e13e1771d57fa8dceb349e76ab2f905b99e2a38b6f

Request headers

Referer: https://secure.vantagemarkets.com/depositFunds
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 815f12248d00bb74-FRA
content-encoding: br
content-type: text/html
date: Sat, 14 Oct 2023 10:17:08 GMT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 200 events
api.permutive.com/v2.0/batch/ 101 B
176 B 53ms
52ms Ping
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=false&k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111

POST 1
us-1-api.insightech.com/pageview/089a28b851/18b2db08c17.41f58/18b2db08ce9.18f83/ 0
0

POST
H2 201 events
api.permutive.com/v2.0/ 0
0 50ms
49ms Ping
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/events?enrich=false&sdkp=false&k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 204 0
bat.bing.com/action/ 0
286 B 64ms
64ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148026267&tm=gtm002&Ver=2&mid=1b0d12ed-f17d-4195-99d6-da3dc06ef9cd&sid=d4e29f706a7a11ee9f944987b925b373&vid=d4e2ce106a7a11eeb921333e01092687&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Secure%20Client%20Portal&p=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&r=&evt=pageLoad&sv=1&rn=28838

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 14 Oct 2023 10:17:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE4DD02C160D4C45A1CA8300D1793DFE Ref B: FRA31EDGE0815 Ref C: 2023-10-14T10:17:08Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 audiences
api.permutive.com/audience-matching/v1/id/968a3e0d-ceef-454e-9afa-38154a23d2bf/ 12 B
66 B 107ms
107ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/audience-matching/v1/id/968a3e0d-ceef-454e-9afa-38154a23d2bf/audiences?k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 14 Oct 2023 10:17:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12
content-type: application/json

POST collect
o.clarity.ms/ 0
0

GET
H2 200 syncframe
gum.criteo.com/ Frame C685 0
0 155ms
54ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=secure.vantagemarkets.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D%2C%5Bobject%20Object%5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://secure.vantagemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 10:17:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 388506
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1819566435&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&ul=en-us&de=UTF-8&dt=Secure%20Client%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=percent&el=Scroll%20Depth&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1748756277.1697278627&tid=UA-28849650-1&_gid=1785704136.1697278627&gtm=45He3ab0n81T38KSHM&z=128171525

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 07:53:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8643
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
230 B 80ms
79ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148026267&tm=gtm002&Ver=2&mid=1b0d12ed-f17d-4195-99d6-da3dc06ef9cd&sid=d4e29f706a7a11ee9f944987b925b373&vid=d4e2ce106a7a11eeb921333e01092687&vids=0&msclkid=N&gtm_tag_source=ua&ec=Scroll%20Depth&el=Scroll%20Depth&gc=USD&tpp=1&en=Y&p=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&sw=1600&sh=1200&sc=24&evt=custom&rn=590721

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 14 Oct 2023 10:17:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4B77476C800A4116A5BD995C2170FE6F Ref B: FRA31EDGE0815 Ref C: 2023-10-14T10:17:08Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1302581984012138
connect.facebook.net/signals/config/ 132 KB
35 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1302581984012138?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35209
x-xss-protection: 0
pragma: public
x-fb-debug: 5U1QAPioSZxT52bIaOb3MaeCiuG2Z6GqRfz0ndFs8l+GkFfZHULYxZ2UdhkEdKJidNtbWdYaWBd3+36XF6ObEQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 45ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177639405278338&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278628552&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=a95583&it=1697278627273&coo=false&cs_cc=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 45ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=694340261818851&ev=InitiateCheckout&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628554&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=3&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&est_source=3463793363838915&ler=empty&it=1697278627273&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 47ms
42ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=694340261818851&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628554&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 50ms
46ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=267850502500264&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628555&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 53ms
49ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238429805778126&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278628557&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=1df443&it=1697278627273&coo=false&cs_cc=1&cas=6176537735805755%2C6416258555156633&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 53ms
49ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4347693485455104&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278628558&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=a5fdcc&it=1697278627273&coo=false&cs_cc=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 54ms
49ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=588528293409588&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628558&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 54ms
50ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1233809420752100&ev=Lead&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628559&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 55ms
50ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177639405278338&ev=Lead&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278628560&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=d53a39&it=1697278627273&coo=false&cs_cc=1&cas=6559841384075475&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 58ms
53ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=694340261818851&ev=Lead&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628561&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=4&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 58ms
54ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=267850502500264&ev=Lead&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628562&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 59ms
55ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238429805778126&ev=Lead&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278628564&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=d9edca&it=1697278627273&coo=false&cs_cc=1&cas=7412040312146573%2C6416258555156633%2C5981455201956524&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 59ms
55ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4347693485455104&ev=Lead&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278628565&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=2fc15a&it=1697278627273&coo=false&cs_cc=1&cas=6940527756009376&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 59ms
55ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=588528293409588&ev=Lead&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628566&sw=1600&sh=1200&v=2.9.134&r=stable&ec=1&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 59ms
55ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1233809420752100&ev=ViewContent&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628567&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 60ms
56ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177639405278338&ev=ViewContent&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278628567&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=3&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=69a921&it=1697278627273&coo=false&cs_cc=1&cas=5902703129840041%2C6920577351302890&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 60ms
56ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=694340261818851&ev=ViewContent&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628568&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=5&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 60ms
56ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=267850502500264&ev=ViewContent&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628568&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=3&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 60ms
57ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238429805778126&ev=ViewContent&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278628569&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=3&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=69ab5d&it=1697278627273&coo=false&cs_cc=1&cas=6416258555156633%2C9751607618244938%2C6127801113995621&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 61ms
57ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4347693485455104&ev=ViewContent&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278628570&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=3&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=ce854c&it=1697278627273&coo=false&cs_cc=1&cas=6302405346552491&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 61ms
57ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=588528293409588&ev=ViewContent&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628571&sw=1600&sh=1200&v=2.9.134&r=stable&ec=2&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 61ms
57ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1233809420752100&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628572&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmgoogletagmanager&ec=3&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 62ms
58ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177639405278338&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278628573&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=4&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=9412f2&it=1697278627273&coo=false&cs_cc=1&cas=6175811209161205&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 62ms
58ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=694340261818851&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628573&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=6&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 62ms
58ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=267850502500264&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628574&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=4&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 62ms
58ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238429805778126&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278628575&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=4&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=92d0cf&it=1697278627273&coo=false&cs_cc=1&cas=7128924523788786%2C6416258555156633%2C9982742225099927&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 62ms
59ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4347693485455104&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=&if=false&ts=1697278628576&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=4&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=bed77c&it=1697278627273&coo=false&cs_cc=1&cas=6983849321653751&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=588528293409588&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628577&sw=1600&sh=1200&v=2.9.134&r=stable&ec...
https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&ec=3&ev=CompleteRegistration&fbp=fb.1.1697278627560.1191031376&id=588528293409588&if=false&it=169727...

0
15 B

40ms
39ms

Image
text/plain

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?coo=false&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&ec=3&ev=CompleteRegistration&fbp=fb.1.1697278627560.1191031376&id=588528293409588&if=false&it=1697278627273&ler=empty&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1697278628577&v=2.9.134

Protocol

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
content-type: text/plain
location: /tr/?coo=false&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&ec=3&ev=CompleteRegistration&fbp=fb.1.1697278627560.1191031376&id=588528293409588&if=false&it=1697278627273&ler=empty&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1697278628577&v=2.9.134
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i
expires: 0

GET
H3 200 274899861789369
connect.facebook.net/signals/config/ 63 KB
0 49ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/274899861789369?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35203
x-xss-protection: 0
pragma: public
x-fb-debug: YpqOl/S/CdXP07qLtd+UwGBy1TveTy5RV2Lr//4+CduSogIJgdZgl3UXZJSgueU7TPdqSNk/GXW1KMFcFq+K6g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 48ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1302581984012138&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&rl=&if=false&ts=1697278628633&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278627273&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST events
api.permutive.com/v2.0/batch/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

POST collect
region1.google-analytics.com/g/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

POST collect
region1.google-analytics.com/g/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

POST collect
region1.google-analytics.com/g/ 0
0

POST collect
o.clarity.ms/ 0
0

POST 0
bat.bing.com/actionp/ 0
0

POST 3
us-1-api.insightech.com/pageview/089a28b851/18b2db08c17.41f58/18b2db08ce9.18f83/ 0
0

GET
H2 200 index.js Show response
secure.vantagemarkets.com/static/gtm/ 1 KB
420 B 67ms
64ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/gtm/index.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d020a39323529eb0ac441a1f8840eccaa198955277d4f556a9657fe3e8d7406f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3827
etag: W/"65290e59-5da"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f1225ae9bbb74-FRA
expires: Sat, 14 Oct 2023 14:17:08 GMT

GET
H2 200 index.js Show response
secure.vantagemarkets.com/static/insightech/ 398 B
289 B 66ms
62ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/insightech/index.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017dc97e6482b9894606807bf612f6423bfb074e8f21a361662cb12596a2d704

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3827
etag: W/"65290e59-18e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f1225aea2bb74-FRA
expires: Sat, 14 Oct 2023 14:17:08 GMT

GET
H2 200 widget-core.js Show response
prodstorage.azureedge.net/Widgets/lib/@1.0.0/ 736 KB
224 KB 44ms
41ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://prodstorage.azureedge.net/Widgets/lib/@1.0.0/widget-core.js

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CDF) / ASP.NET

Resource Hash

fc7d65e6c64d46771031947fb12ec0071649088d4cb0dd721b28716bb2e163fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
last-modified: Mon, 09 Oct 2023 12:13:28 GMT
server: ECAcc (frc/4CDF)
age: 424327
etag: "1d9faaa02addb15"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
accept-ranges: bytes
content-length: 228884
request-context: appId=cid-v1:c0a124e5-71c0-4ced-b978-78e4ff157a5c

GET
H2 200 styles.9f556ab.css
secure.vantagemarkets.com/static/css/ 364 KB
53 KB 72ms
69ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/styles.9f556ab.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f305fa6622115ed84944335086f2f8245a18a99e65d078587e3525f9a06c2a74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3827
etag: W/"65290e59-5ae16"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 815f1225ae9ebb74-FRA
expires: Sat, 14 Oct 2023 14:17:08 GMT

GET
H2 200 app.e5b3744.css
secure.vantagemarkets.com/static/css/ 213 KB
15 KB 66ms
63ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/app.e5b3744.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82ffa597b3afcccae12313ca1fbcc613edb3528a3ca485e90c3a842b2d66d0af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3827
etag: W/"65290e59-352b2"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 815f1225aea0bb74-FRA
expires: Sat, 14 Oct 2023 14:17:08 GMT

GET
H2 200 manifest.30ec9e9f4165ee1ce012.js Show response
secure.vantagemarkets.com/static/js/ 9 KB
5 KB 60ms
58ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/manifest.30ec9e9f4165ee1ce012.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91f6701807bf3018cc99bc0220b82d91900e5dfecd54566c8b6ef578178bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3827
etag: W/"65290e59-241a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f1225aea3bb74-FRA
expires: Sat, 14 Oct 2023 14:17:08 GMT

GET
H2 200 13.822489dd8f87c98a407e.js Show response
secure.vantagemarkets.com/static/js/ 232 B
200 B 113ms
111ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/13.822489dd8f87c98a407e.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebd61d4d1bf027e84ffaa85b248be66eafd6fe2b9a8200f45852dda78946c8d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3827
etag: W/"65290e59-e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f1225aea4bb74-FRA
expires: Sat, 14 Oct 2023 14:17:08 GMT

GET
H2 200 51.305dcba21b7cfcfc64a1.js Show response
secure.vantagemarkets.com/static/js/ 2 MB
478 KB 81ms
79ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/51.305dcba21b7cfcfc64a1.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb5275f58aba99f83f7d2679c19083d1f266cb27336a6401e6005c5bf58fff03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3827
etag: W/"65290e59-1b51e1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f1225aea5bb74-FRA
expires: Sat, 14 Oct 2023 14:17:08 GMT

GET
H2 200 49.9c4210cc9bc5b04f0dc7.js Show response
secure.vantagemarkets.com/static/js/ 4 MB
1 MB 72ms
70ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/49.9c4210cc9bc5b04f0dc7.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a5576a7427067abc24851d5f871912662116688f21abc79113c83a4046484b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3827
etag: W/"65290e59-41ed01"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f1225aea6bb74-FRA
expires: Sat, 14 Oct 2023 14:17:08 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 407 KB
113 KB 131ms
129ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/gtm/index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

380984fd898e483988149c94cce219c8ea6aa00b64ea024700a35ff5b675178f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115251
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Oct 2023 10:17:08 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 164 KB
59 KB 60ms
58ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PZ99S37

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/gtm/index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c86a796a5d49988094699ef38ed9c3f9a4a59bb5ea3a4fb234c60ed5f3e091e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60669
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Oct 2023 10:17:08 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 190 KB
67 KB 66ms
64ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MW5Q9CN

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/gtm/index.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0220ff91793a69f38e021841d332560e81affb8bd0ea4aa9c7caad1b8ac33789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68914
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Oct 2023 10:17:08 GMT

GET
H2 200 insightech.mini.js Show response
cdn.insightech.com/ 27 KB
8 KB 43ms
41ms Script
text/javascript 35.201.125.75
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insightech.com/insightech.mini.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/insightech/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.125.75 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 75.125.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1acba9947e628f030d543e0041d670b5880a36bcc88f0ca9884f27115995705b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 09:17:23 GMT
content-encoding: br
age: 3585
x-guploader-uploadid: ADPycdvWsICQuUH-xqUmQuGgWLKBD-7dChZBQYC30ygbMDMW0p88wLW02I80lP-Yv1urhWuf5NPG-cUD8BlvF8dPALWN
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8230
last-modified: Thu, 12 Oct 2023 23:47:18 GMT
server: UploadServer
etag: W/"d6b5b24ce927381822a23a5a4414c714"
vary: Accept-Encoding
x-goog-generation: 1697154437864317
x-goog-hash: crc32c=Izk6UQ==, md5=1rWyTOknOBgiojpaRBTHFA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 27251
accept-ranges: none
expires: Sat, 14 Oct 2023 10:17:23 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 332 KB
97 KB 78ms
77ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b831a7530bfc0d2de77889fe5d1c53a113e10488f84adeb7662adf2fc49edb87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98908
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Oct 2023 10:17:08 GMT

GET
H/1.1 200
OK greenid.css
simpleui-au.vixverify.com/df/assets/stylesheets/ 189 KB
21 KB 335ms
335ms Stylesheet
text/css 45.60.33.224
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://simpleui-au.vixverify.com/df/assets/stylesheets/greenid.css

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/css/app.e5b3744.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.224 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2530526878c08a1bc1d828cd06acdf3de779b1b87519e84c6c602bb62448d92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 10:17:08 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,OPTIONS,POST
Content-Type: text/css
Access-Control-Allow-Origin: *
X-Iinfo: 15-46479267-46479094 2NNN RT(1697278626438 2071) q(0 0 0 -1) r(3 3)
Cache-Control: max-age=3600
x-incap-sess-cookie-hdr: SQvES44wNyqnIJcJmWAaCqRqKmUAAAAAPpJKtR9vL/n7E8Hdkp3a+Q==
Connection: keep-alive
Access-Control-Allow-Headers: x-requested-with,content-type,Cache-Control,Pragma,Date

POST
H2 200 0 Show response
us-1-api.insightech.com/pageview/9a8c75816/18b2db08c17.41f58/18b2db0940e.84e4c/ 61 B
170 B 221ms
219ms XHR
application/json 2a00:1450:4001:82a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-1-api.insightech.com/pageview/9a8c75816/18b2db08c17.41f58/18b2db0940e.84e4c/0
Requested by: Host: cdn.insightech.com
URL: https://cdn.insightech.com/insightech.mini.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 902a264cfa07d9fb4bfe3e9b4e3992af8029b0dffdb70217eb1a1a443fa5a5c3

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
x-cloud-trace-context: d4b629fee6cfe697716765d7d20ba777
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Alt-Referer
content-length: 82

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
52 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53498
x-xss-protection: 0
pragma: public
x-fb-debug: tabiwv8ZG5MzBI6xJ7FvuDy0PrM8AeASSPS8kbJqJCiSMs/ajAQ4cIB6qGwDUy36zezlQyn6Z3efGD6Tmj/Mug==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
89 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4PGVH7BC9T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MW5Q9CN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dcdb6f9d03bb72ec3868c78fd4fdf786e406fda1a1841deb305272c0e19f389f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91047
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 10:17:09 GMT

GET
H3

200

activityi;dc_pre=CJymnM6n9YEDFUMKogMd31EG0A;src=11450497;type=vantag00;cat=vanta0;ord=1454910930039;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3ab0;uaa=;... Show response
11450497.fls.doubleclick.net/ Frame 921F
Redirect Chain

https://11450497.fls.doubleclick.net/activityi;src=11450497;type=vantag00;cat=vanta0;ord=1454910930039;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3ab0;ua...
https://11450497.fls.doubleclick.net/activityi;dc_pre=CJymnM6n9YEDFUMKogMd31EG0A;src=11450497;type=vantag00;cat=vanta0;ord=1454910930039;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagem...

516 B
295 B

86ms
86ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11450497.fls.doubleclick.net/activityi;dc_pre=CJymnM6n9YEDFUMKogMd31EG0A;src=11450497;type=vantag00;cat=vanta0;ord=1454910930039;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

c8bea8ef1bdcb995ac26d0128bbe2e2b40b31d5775860462b3ae7983e71b3b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.vantagemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 272
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 10:17:09 GMT
expires: Sat, 14 Oct 2023 10:17:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 10:17:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11450497.fls.doubleclick.net/activityi;dc_pre=CJymnM6n9YEDFUMKogMd31EG0A;src=11450497;type=vantag00;cat=vanta0;ord=1454910930039;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 43ms
42ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=81269
accept-ranges: bytes
content-length: 3822

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 63ms
62ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 14 Oct 2023 10:17:08 GMT
last-modified: Thu, 12 Oct 2023 17:36:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4545FF968A6743068B8952A31DEEC93F Ref B: FRA31EDGE0815 Ref C: 2023-10-14T10:17:09Z
etag: "808ec9ad32fdd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12978

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 45ms
42ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

602a019472a69b4fde0a1f6ab3e6e3ca0a52075e0dca120b4c9952754e983ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 34 KB
10 KB 44ms
43ms Script
application/javascript 2a02:26f0:3500:11::215:14d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=pba&
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ccf80229bbe586853232059978b67c1dbe6ccd7f6b4b8585b34bbcf2d9f195f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 10:17:09 GMT
Content-Encoding: gzip
x-amz-request-id: TNFWN7JAHP2EBEJM
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 9575
x-amz-id-2: rNwspp0GeeuGCVY8uOjVgWk/J3XTDq5+TTLu3jZaoCKMw4CAD3WOCSz6cVuBQQ9yvpK6HO0IqDY=
Last-Modified: Wed, 14 Jun 2023 06:58:46 GMT
Server: AmazonS3
ETag: "d4e7f1ffd74e53e33a46a668c2e9d67c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2254
Accept-Ranges: bytes
X-DataStream-Cache-Status: 1
Expires: Sat, 14 Oct 2023 10:54:43 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/ 102 KB
30 KB 48ms
47ms Script
text/javascript 2600:9000:225e:6600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/roundtrip.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f09b0048da84d573059b81b30509e8720b13a2eac382156ead0fc1665b486e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

X-Amz-Version-Id: HYY0B4PYmaNYH.fAuJzdl0WIbzW_RoCt
Content-Encoding: gzip
Via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
Date: Sat, 14 Oct 2023 09:46:45 GMT
Age: 1905
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 13 Oct 2023 05:37:37 GMT
Server: AmazonS3
Etag: W/"6dd36632b7cb0f940547a80fdcac9e7a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ZN5Fxj4AJo5azLP69kVFw2IjOkys1uCxrU31Cbkjc-0Z2HM7RNmwhg==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
73 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11232953403

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bec8d46b4aefdfaa5d276b559022de9d4396a53c05b454d87b4fb01ac337693f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75122
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Oct 2023 10:17:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
90 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H4QYCECT8W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

063f2358d946bfd7cacc050168a41abeae0d8f70551ed32a808d05599db72597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92449
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 10:17:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 74ms
73ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N5DW4FZP31&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e074bcab88740ffe3d7484c4825d778569cccea43910136ef7bf14c70285d5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 10:17:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 63ms
63ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RYEFEW2YRY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82c57eef6f10cc57f87f02126759ccb24b0c818711f29297c809a8ef43ae72db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91933
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 10:17:09 GMT

POST
H2 200 0 Show response
us-1-api.insightech.com/pageview/089a28b851/18b2db08c17.41f58/18b2db094ee.2fc48/ 1 KB
674 B 183ms
182ms XHR
application/json 2a00:1450:4001:82a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-1-api.insightech.com/pageview/089a28b851/18b2db08c17.41f58/18b2db094ee.2fc48/0
Requested by: Host: cdn.insightech.com
URL: https://cdn.insightech.com/insightech.mini.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 448394f02e1d311bf63793f98f52973fb948195c90522c965e4341b68923f4a5

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
x-cloud-trace-context: 6a670cb20254cfac27b84526f41692f9
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Alt-Referer
content-length: 485
expires: Sat, 14 Oct 2023 10:17:09 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 14 Oct 2023 09:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1536
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 14 Oct 2023 11:51:33 GMT

GET
H2 200 gJKbT9N3FwF2LliEdMKV.js Show response
tags.creativecdn.com/ 4 KB
2 KB 40ms
39ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/gJKbT9N3FwF2LliEdMKV.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtNvEaXUBbvT7SXO1IoALfJwfHRTqzC68LE03BdNFVonqH3liwaxQUQANhlSRXK2VOOfhbkvuGR9T4KCPWTsjE8LNzm60r_
x-cache: HIT
x-77-cache: HIT
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
x-age: 2991
x-accel-date: 1697275638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-77-nzt: AZySIYg3Nzf/rwsAAA
x-accel-expires: @1697279238
x-77-age: 2991
last-modified: Tue, 20 Sep 2022 08:37:31 GMT
server: CDN77-Turbo
etag: W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray: f6587a1df915bed7a56a2a650d2a0f08
vary: Accept-Encoding, Accept-Encoding
x-goog-generation: 1663663050931942
content-type: application/javascript
x-goog-hash: crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control: public, max-age=3600
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 1741
expires: Sat, 14 Oct 2023 09:26:05 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/842673740/ 3 KB
1 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842673740/?random=1697278629130&cv=11&fst=1697278629130&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&hn=www.googleadservices.com&frm=0&tiba=Secure%20Client%20Portal&auid=149757589.1697278627&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9794cc104bfb6b477b5d36ec8c9daebb3d0ade7d4b6d84f17052491d2cc73a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1319
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
7 KB 42ms
41ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11008820483/ 3 KB
1 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11008820483/?random=1697278629138&cv=11&fst=1697278629138&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&hn=www.googleadservices.com&frm=0&tiba=Secure%20Client%20Portal&auid=149757589.1697278627&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6598b627323995a4930f368fe885b8ac199a01871fcd628a8324115f7a1b0051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1319
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10991455755/ 3 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10991455755/?random=1697278629145&cv=11&fst=1697278629145&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&hn=www.googleadservices.com&frm=0&tiba=Secure%20Client%20Portal&auid=149757589.1697278627&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3283a4ecd3b20bcea9356984de000efc6d0e1c727458c9fe397d64f466619eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 40ms
40ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 03:51:17 GMT
Content-Encoding: gzip
Via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 23153
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: BJUYtwoUyhR2iky-xOaBqFlCb1y4ckpq4g8L9Ik7yVOPU6iPzva6Hw==

GET
H2 200 631865b36c616ff5444608da Show response
go.affec.tv/j/ 1 KB
1 KB 61ms
59ms Script
application/javascript 52.208.246.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/j/631865b36c616ff5444608da?ver=Retail&pnm=[product_name]&pid=[product_id]&pscat=[product_sub_cat_name]&pscid=[product_sub_cat_id]&pct=[product_category]&cid=[product_category_id]&rev=[revenue]&cur=[currency]&cpn=[voucher_code]&url=[url]&mem=[membership]&oid=[order_id]&qty=[quantity]&custom1=[custom1]&custom2=[custom2]&custom3=[custom3]&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.246.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-246-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 872fafec77477312467cd0335b9e5a1c62b212d8eb07626e60f6579ee40978b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
content-type: application/javascript
cache-control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
content-length: 839
expires: Wed, 04 Apr 1990 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 153ms
152ms Script
application/javascript 104.126.37.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFTVE0RC77UEE0VEQL1G&lib=ttq
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 037c6afcd308c0c505709f926681a5733e98c4a3dea50819f3a3a98ee4abc5ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: ca53cb1.36b39bb8
date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 104,104.126.37.39
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=6, inner; dur=3
content-length: 1507
pragma: no-cache
server: nginx
x-tt-logid: 202310141017098999EE118A4CF5C921DB
x-cache-remote: TCP_MISS from a23-220-105-202.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.105.202
x-tt-trace-host: 013027eeccbe383c4e7f64c70ff7fb673b9ad1e17430c728fe853c7575df2cb3f37a168f2f3241293c1c0e0186d6b490868216fe781f3ece4ed73598e9700fde2a719892972391d041a089c65903712ce3f35d2a820fbcd443c2421ebb26e5d07a62ee82e69cc5c7778ba3f89798a6a45e
expires: Sat, 14 Oct 2023 10:17:09 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 142ms
142ms Script
application/javascript 104.126.37.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFTVPCRC77U30697BAK0&lib=ttq
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/depositFunds
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a05d1a69eca247bbc1936d53d692892bbda0588c9d67135bf6d3715e0b15d353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 59dd45be.36b39bb9
date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 98,104.126.37.39
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=10, inner; dur=3
content-length: 1510
pragma: no-cache
server: nginx
x-tt-logid: 20231014101709A7C864F8DB4BBBD9B995
x-cache-remote: TCP_MISS from a23-32-17-138.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.32.17.138
x-tt-trace-host: 013027eeccbe383c4e7f64c70ff7fb673b9ad1e17430c728fe853c7575df2cb3f3f7c0a8f4b39fe75383a877b73493a58a27f63fb587602029245c06932464250150b44f59bcf5036a759a588939e0b2d3d8be78fbcab5c3a9b0868b60f7e9b637acbe6b74962623688870f2b404769987
expires: Sat, 14 Oct 2023 10:17:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
92 KB 69ms
69ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TRQKDTYSC9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T38KSHM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a02e31a6fd1df51b483a1b9037f9b9588ac0339d1cd9ef343b61121f6002889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 10:17:09 GMT

GET
H2 200 133.4431d34.css
secure.vantagemarkets.com/static/css/ 2 KB
842 B 67ms
66ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/133.4431d34.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.30ec9e9f4165ee1ce012.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2abd20be90358eb969ae6bda24c0aff413bfb205d2be132fcdd650dc864d26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3825
etag: W/"65290e59-8e8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 815f122a1c74bb74-FRA
expires: Sat, 14 Oct 2023 14:17:09 GMT

GET
H2 200 133.8cedf35fc82fb5f76165.js Show response
secure.vantagemarkets.com/static/js/ 2 KB
924 B 82ms
81ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/133.8cedf35fc82fb5f76165.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.30ec9e9f4165ee1ce012.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b62216cd62836c798e46304d75e2787c5fab8736e66947087cfe4ff4837cb58d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3825
etag: W/"65290e59-6af"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f122a1c78bb74-FRA
expires: Sat, 14 Oct 2023 14:17:09 GMT

GET
H2 200 3.c8c8e09f9502336ca448.js Show response
secure.vantagemarkets.com/static/js/ 854 KB
188 KB 72ms
70ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/3.c8c8e09f9502336ca448.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.30ec9e9f4165ee1ce012.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8458b220da98c7d5c532dbe6b704acb40219c23fde715f9cfe5d4260dbdbfc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3825
etag: W/"65290e59-d5722"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f122a1c79bb74-FRA
expires: Sat, 14 Oct 2023 14:17:09 GMT

GET
H2 200 11.ba29db8.css
secure.vantagemarkets.com/static/css/ 5 KB
2 KB 67ms
66ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/11.ba29db8.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.30ec9e9f4165ee1ce012.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12b5e0ab5a357e7b683e3930f8dda76f017dba96377591682dcb4b1d39753445

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3825
etag: W/"65290e59-134c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 815f122a1c7cbb74-FRA
expires: Sat, 14 Oct 2023 14:17:09 GMT

GET
H2 200 11.473f73126e928e76643f.js Show response
secure.vantagemarkets.com/static/js/ 31 KB
8 KB 76ms
75ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/11.473f73126e928e76643f.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.30ec9e9f4165ee1ce012.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45bb446e05917603d3215b446f4bc78b23502c88aa15bbaa608349d3842c1f4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3825
etag: W/"65290e59-7a94"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f122a1c7ebb74-FRA
expires: Sat, 14 Oct 2023 14:17:09 GMT

GET
H2 200 25.2d35a11.css
secure.vantagemarkets.com/static/css/ 6 KB
2 KB 65ms
64ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/25.2d35a11.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.30ec9e9f4165ee1ce012.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5cb5a6a74d0644db17a6dd74786e488f7b67f21ce80c3865194668ee500d0a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3825
etag: W/"65290e59-1697"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 815f122a1c7dbb74-FRA
expires: Sat, 14 Oct 2023 14:17:09 GMT

GET
H2 200 25.251af7e21267ab2d253b.js Show response
secure.vantagemarkets.com/static/js/ 29 KB
16 KB 70ms
69ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/25.251af7e21267ab2d253b.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.30ec9e9f4165ee1ce012.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a2bf6ea31bc403d78891fe4dec3bd315d39f1b5aedd4caa0ef26c0b171c7790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3824
etag: W/"65290e59-731f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f122a1c7fbb74-FRA
expires: Sat, 14 Oct 2023 14:17:09 GMT

GET
H2 200 dc_pre=CJymnM6n9YEDFUMKogMd31EG0A;src=11450497;type=vantag00;cat=vanta0;ord=1454910930039;auiddc=*;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
adservice.google.com/ddm/fls/z/ Frame 921F 42 B
107 B 90ms
90ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJymnM6n9YEDFUMKogMd31EG0A;src=11450497;type=vantag00;cat=vanta0;ord=1454910930039;auiddc=*;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin

Requested by

Host: 11450497.fls.doubleclick.net
URL: https://11450497.fls.doubleclick.net/activityi;dc_pre=CJymnM6n9YEDFUMKogMd31EG0A;src=11450497;type=vantag00;cat=vanta0;ord=1454910930039;auiddc=149757589.1697278627;u1=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin;gtm=45He3ab0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11450497.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWQ0NWRkZTlhMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 370 KB
99 KB 53ms
53ms Script
application/javascript 104.126.37.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFTVPCRC77U30697BAK0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 36b39db4
date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023092112382042B7385D20B99D41419B
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0106d00fbca3edb302cba5da886c99eead2e34f80356c3676f6f4fb4434be70d5ce5388a92a61da561c38203ae115feea416fa39020c08589985637135e24540ed4b7c0be6bc32d2897fc0a13d484583b7f8e36ed140e925c0edef962a3ae11835
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=17
content-length: 100951

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 46ms
45ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=27702
accept-ranges: bytes
content-length: 4862

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/D4PKUQWCWNCJPDENWUB3VX/ 22 B
779 B 44ms
44ms Script
application/javascript 2600:9000:225e:6600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/D4PKUQWCWNCJPDENWUB3VX/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7451ffc082c8d0351e78b7acd72c4a8186151f648e70d5d92cfe691210d47971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

X-Amz-Version-Id: 9jAQQl6wN1O57duEdtzcJiDbx_._gtR5
Date: Sat, 14 Oct 2023 07:22:19 GMT
Via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
Age: 10602
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 22
Last-Modified: Mon, 09 Oct 2023 22:29:54 GMT
Server: AmazonS3
Etag: "9604b270546c4ec528373b6c8c757a74"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: -Eo8MDgsDLknLuKaZ6IuWQCUHADhc94QI1nZyGGRFvurg2TTrURDUg==

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 53ms
53ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4PGVH7BC9T&gtm=45je3ab0&_p=16200886&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697278627&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=page_view
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PGVH7BC9T&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1233809420752100 Show response
connect.facebook.net/signals/config/ 142 KB
36 KB 48ms
48ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1233809420752100?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c9dcfa1e53af950445da204fd099866c50495fc4d96a0c49c7891ef592b1eae

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37240
x-xss-protection: 0
pragma: public
x-fb-debug: Y/+ldpcAmJHph8JGRcBB3TLl8HK0jscIof6jAkknyWruEQWPn7NQO7GNtdPW/eBH58ce1+Gl3XzyasHY1kd12g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11232953403/ 3 KB
1 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11232953403/?random=1697278629510&cv=11&fst=1697278629510&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&hn=www.googleadservices.com&frm=0&tiba=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&auid=149757589.1697278627&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11232953403

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c65c40468a67092c57d2b8ad63276d3216304598cfd85cbd3a1051266fe41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1353
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 51ms
51ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=16200886&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ul=en-us&de=UTF-8&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEABAAAAACAAI~&jid=&gjid=&cid=1748756277.1697278627&tid=UA-28849650-1&_gid=1785704136.1697278627&_slc=1&gtm=45He3ab0n81T38KSHM&z=1455909297

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2

200

v2 Show response
asia.creativecdn.com/tags/
Redirect Chain

https://asia.creativecdn.com/tags/v2?type=json
https://asia.creativecdn.com/tags/v2?type=json&tc=1

419 B
820 B

199ms
199ms

Fetch
application/json

103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json&tc=1
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: ff6ea1a20bb7b7e1970c982bd5d08b4e949c4a33251c44ad2ca8021fa7840f5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:10 GMT, Sat, 14 Oct 2023 10:17:10 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
access-control-max-age: 3600
access-control-allow-methods: GET, POST
access-control-allow-origin: https://secure.vantagemarkets.com
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 312
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 14 Oct 2023 10:17:09 GMT
vary: Origin
access-control-max-age: 3600
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-allow-methods: GET, POST
location: https://asia.creativecdn.com/tags/v2?type=json&tc=1
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 v2
asia.creativecdn.com/tags/ Frame 0
0 197ms
197ms Preflight 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.vantagemarkets.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-max-age: 3600
content-length: 0
date: Sat, 14 Oct 2023 10:17:09 GMT
vary: Origin

GET
H3 200 /
www.google.com/pagead/1p-user-list/842673740/ 42 B
64 B 53ms
53ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/842673740/?random=1697278629130&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&random=4271291459&rmt_tld=0&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/842673740/ 42 B
64 B 55ms
55ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/842673740/?random=1697278629130&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&random=4271291459&rmt_tld=1&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11008820483/ 42 B
64 B 54ms
54ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11008820483/?random=1697278629138&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&random=3178095365&rmt_tld=0&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/11008820483/ 42 B
64 B 53ms
53ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11008820483/?random=1697278629138&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&random=3178095365&rmt_tld=1&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
98 B 42ms
41ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1697278629616&id=t2_nukdygmp&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=0d349ae3-212a-4c00-bf8c-ec0badc117be&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/10991455755/ 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10991455755/?random=1697278629145&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&random=3007520827&rmt_tld=0&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10991455755/ 42 B
64 B 57ms
57ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10991455755/?random=1697278629145&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Secure%20Client%20Portal&fmt=3&is_vtc=1&random=3007520827&rmt_tld=1&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px Show response
secure.adnxs.com/ 0
754 B 76ms
75ms Script
application/javascript 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/px?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&id=1622764&order_id=[order_id]&seg=31340040&t=1&value=

Requested by

Host: go.affec.tv
URL: https://go.affec.tv/j/631865b36c616ff5444608da?ver=Retail&pnm=[product_name]&pid=[product_id]&pscat=[product_sub_cat_name]&pscid=[product_sub_cat_id]&pct=[product_category]&cid=[product_category_id]&rev=[revenue]&cur=[currency]&cpn=[voucher_code]&url=[url]&mem=[membership]&oid=[order_id]&qty=[quantity]&custom1=[custom1]&custom2=[custom2]&custom3=[custom3]&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
an-x-request-uuid: 3ddd7b30-5777-4c4b-bb65-7afe557b6a3e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.106; 80.255.7.106; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
go.affec.tv/per/ 846 B
915 B 59ms
59ms Script
application/javascript 52.208.246.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/per/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&k=56f9565d-0f2f-47a3-83f7-67113ce28926&p=ecb70aab-c31d-4b23-8884-19234515ebbe
Requested by: Host: go.affec.tv
URL: https://go.affec.tv/j/631865b36c616ff5444608da?ver=Retail&pnm=[product_name]&pid=[product_id]&pscat=[product_sub_cat_name]&pscid=[product_sub_cat_id]&pct=[product_category]&cid=[product_category_id]&rev=[revenue]&cur=[currency]&cpn=[voucher_code]&url=[url]&mem=[membership]&oid=[order_id]&qty=[quantity]&custom1=[custom1]&custom2=[custom2]&custom3=[custom3]&gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.246.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-246-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 26cf6c841718583dc3a8b45f65cad15a5432b572d78f3b73f1547f888ebb8186

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"
content-type: application/javascript
cache-control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
content-length: 548
expires: Wed, 04 Apr 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://map.go.affec.tv/map/af/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D652a6aa5ccb52c000178bd7d%26chc%3Daf%26redirect_url%3D%26gdpr%3D%255BGDPR_APPLIES%255D%26gdpr_consent%3D%255B...
https://map.go.affec.tv/map/an/5953564206032569238?ch=652a6aa5ccb52c000178bd7d&chc=af&redirect_url=&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D&gdpr=[GDPR_APPLIES]&gdpr_conse...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D

70 B
148 B

58ms
58ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=%5BGDPR_APPLIES%5D&gdpr_consent=%5BGDPR_TCF_CONSENT_STRING%5D
date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: gzip
content-length: 174
vary: Accept-Encoding
content-type: text/html; charset=utf-8

POST
H2 200 1 Show response
us-1-api.insightech.com/pageview/089a28b851/18b2db08c17.41f58/18b2db094ee.2fc48/ 17 B
105 B 286ms
285ms XHR
application/json 2a00:1450:4001:82a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-1-api.insightech.com/pageview/089a28b851/18b2db08c17.41f58/18b2db094ee.2fc48/1
Requested by: Host: cdn.insightech.com
URL: https://cdn.insightech.com/insightech.mini.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 35c68ae34e6a648ce704a3619332aa10bee088b307d07d9d82b16942ffe8f906

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
server: Google Frontend
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
x-cloud-trace-context: 10977a9cbae608c603e0282134861484
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Alt-Referer
content-length: 17

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/ Frame 1CBF
Redirect Chain

https://assets.zendesk.com/embeddable_framework/main.js
https://static.zdassets.com/ekr/asset_composer.js

10 KB
5 KB

147ms
55ms

Script
application/javascript

104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:10 GMT
x-amz-version-id: UVyRrNCT14O0dfFWDj2LMoXLPgAxLFso
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGC5RW00WE7JX2Q
age: 39
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: oQVeOIIA4EMJme5QZr8bRwWXDKWL+9Ull0eW5CSsOVuN03CIYkwzARR2dVw50b1MUR2up+N92Xk=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sW%2B3bdd6udGlx%2FXRC%2BAVC4svFfKpFOCMJrh5FNnlQmtkF8lHW9y3CYpFKszpP6DCI70MQ4KbTBnzvC1RGiwIZu72j6qlAUjXZ4FxOs1smp%2Fybmp9JLBAG5AxtaZlSMJBJmz9EA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 815f122d891135e5-FRA

Redirect headers

date: Sat, 14 Oct 2023 10:17:09 GMT
strict-transport-security: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xf86E4lpfasyHQpvqXyMnKZrlEQfp30C%2Bnr9I8Y%2BvAlNg8HhqPYZJde1m4qh2XjRt%2BTKoPrMenPCYEs7DEoR5T%2BRuI4cBX6MFYwIlkmwpIGAEIOYl8ImI9qELdkY7YrWLrywug%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.zdassets.com/ekr/asset_composer.js
cache-control: max-age=3600
cf-ray: 815f122c2fb969a3-FRA
expires: Sat, 14 Oct 2023 11:17:09 GMT

GET
H2

200

main.js Show response
secure.vantagemarkets.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 9F05
Redirect Chain

https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
3 KB

50ms
49ms

Script
application/javascript

2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Server

2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92dc71b2b301fe61125b25c9adfd1fe6ad97c2322b0225114d47d8c781287f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 815f122c1f79bb74-FRA

Redirect headers

access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
date: Sat, 14 Oct 2023 10:17:09 GMT
cache-control: max-age=300, public
server: cloudflare
cf-ray: 815f122b9ee4bb74-FRA
vary: accept-encoding

GET
H2 200 148026267.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 65ms
65ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/148026267.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

649ec59a0fd2f2355ffc28126849a36008157b9ca91ea8cf012961fdf36a07f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sat, 14 Oct 2023 10:17:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 874B6C22A91240F3A6DC9E5E35D6EB56 Ref B: FRA31EDGE0815 Ref C: 2023-10-14T10:17:09Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
122 B 103ms
102ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148026267&tm=gtm002&Ver=2&mid=ad3baac0-9246-4285-bede-8d33f560c6af&sid=d4e29f706a7a11ee9f944987b925b373&vid=d4e2ce106a7a11eeb921333e01092687&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&kw=Vantage%20login,%20client%20portal&p=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&r=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&lt=1162&evt=pageLoad&sv=1&rn=444675

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 14 Oct 2023 10:17:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0CEFC5A4FBB94F2690F1A2419EE6D93B Ref B: FRA31EDGE0815 Ref C: 2023-10-14T10:17:09Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 47ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4PGVH7BC9T&gtm=45je3ab0&_p=16200886&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1697278627&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=page_view&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PGVH7BC9T&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 48ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N5DW4FZP31&gtm=45je3ab0&_p=16200886&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697278627&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=page_view
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N5DW4FZP31&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RYEFEW2YRY&gtm=45je3ab0&_p=16200886&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697278627&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=page_view
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYEFEW2YRY&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 48ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H4QYCECT8W&gtm=45je3ab0&_p=16200886&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697278627&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=page_view
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H4QYCECT8W&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TRQKDTYSC9&gtm=45je3ab0&_p=16200886&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697278627&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=page_view
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRQKDTYSC9&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 D4PKUQWCWNCJPDENWUB3VX Show response
d.adroll.com/consent/check/ 507 B
599 B 56ms
56ms Script
application/javascript 2a05:d018:cc3:fe04:4b7a:87c2:3628:5d9f
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/D4PKUQWCWNCJPDENWUB3VX?pv=69773236315.8712&arrfrr=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&_s=2a0beaaae83fc91212d0c52715455c4f&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:4b7a:87c2:3628:5d9f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: b7eef143a5a949447736315c2c8cb55320308459b36bb59de05a5b2c13dbdd1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
server: nginx/1.22.1
content-length: 507
content-type: application/javascript

GET
H/1.1 200
OK onelink Show response
wa.onelink.me/v1/ 13 B
327 B 240ms
57ms XHR
application/json 52.208.185.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.185.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-185-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.vantagemarkets.com
Date: Sat, 14 Oct 2023 10:17:09 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 13
Content-Type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=16200886&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ul=en-us&de=UTF-8&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=percent&el=Scroll%20Depth&_u=SACAAEABAAAAACAAI~&jid=&gjid=&cid=1748756277.1697278627&tid=UA-28849650-1&_gid=1785704136.1697278627&gtm=45He3ab0n81T38KSHM&z=1190853623

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 07:53:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8644
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
122 B 108ms
108ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148026267&tm=gtm002&Ver=2&mid=ad3baac0-9246-4285-bede-8d33f560c6af&sid=d4e29f706a7a11ee9f944987b925b373&vid=d4e2ce106a7a11eeb921333e01092687&vids=0&msclkid=N&gtm_tag_source=ua&ec=Scroll%20Depth&el=Scroll%20Depth&gc=USD&tpp=1&en=Y&p=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&sw=1600&sh=1200&sc=24&evt=custom&rn=905361

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 14 Oct 2023 10:17:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9EBF5C15A66E438892DBDD366AC3B2F9 Ref B: FRA31EDGE0815 Ref C: 2023-10-14T10:17:09Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ecb70aab-c31d-4b23-8884-19234515ebbe-async.js Show response
cdn.permutive.com/ 250 KB
70 KB 63ms
62ms Script
application/javascript 2606:4700::6811:7611
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Requested by: Host: go.affec.tv
URL: https://go.affec.tv/per/?gdpr=[GDPR_APPLIES]&gdpr_consent=[GDPR_TCF_CONSENT_STRING]&k=56f9565d-0f2f-47a3-83f7-67113ce28926&p=ecb70aab-c31d-4b23-8884-19234515ebbe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3daed38dbc41f5bd7030caa2fbfb7a9308a7878f2e73f3e1fd5b2835abf06f99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: ecb70aab-c31d-4b23-8884-19234515ebbe
age: 0
x-guploader-uploadid: ADPycdseM7uCZd7iWcoiMzte5NzYMmgM0bJMm0St0VLk_gPgsBruK5Tc_3Etm8OlcZz1esMa9YqpTo67mw7LavZBerUtMIF_XVXZ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Mon, 13 Mar 2023 10:17:52 GMT
server: cloudflare
etag: W/"2531ddd69278d89386833e5f0c1e0294"
vary: Accept-Encoding
x-goog-generation: 1678702672966055
content-type: application/javascript
x-goog-hash: crc32c=sP0XyQ==, md5=JTHd1pJ42JOGgz5fDB4ClA==
cache-control: public, max-age=900
x-goog-stored-content-length: 71868
timing-allow-origin: *
cf-ray: 815f122c6c195d60-FRA
expires: Sat, 14 Oct 2023 10:32:09 GMT

GET
H2 200 / Show response
ipapi.co/json/ 754 B
897 B 327ms
224ms XHR
application/json 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json/

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/51.305dcba21b7cfcfc64a1.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

103f2366ce3e0af25421cadbb0a33031639ac03a69c4820dd6a8c77b3947a256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:10 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Host, origin
allow: OPTIONS, OPTIONS, HEAD, POST, GET
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4cgegGjNe3%2BsI7oYO5GRvtMzrp97VAze9hLr2rhFrQMj7zmi9V527yHXtAlEHPd6ggduJbtNqBHRAcMhfPltmv8f99nDZ6JrMbFwfyMPkxmz5unvw7VYbzCHZvjLn6iyl%2BJMhJa"}],"group":"cf-nel","max_age":604800}
x-frame-options: DENY
cf-ray: 815f122d1b475d50-FRA

GET
H2 200 8.bec962e.css
secure.vantagemarkets.com/static/css/ 2 KB
632 B 62ms
61ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/8.bec962e.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.30ec9e9f4165ee1ce012.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d1ec8a732829feab41dfc5364e33e9c05ee489d76b77ea45b14cfb069574a53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3824
etag: W/"65290e59-648"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 815f122c9842bb74-FRA
expires: Sat, 14 Oct 2023 14:17:09 GMT

GET
H2 200 8.87899700eb4ab8775ce4.js Show response
secure.vantagemarkets.com/static/js/ 61 KB
32 KB 76ms
75ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/8.87899700eb4ab8775ce4.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.30ec9e9f4165ee1ce012.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4dd2655fd8ba7ee4607a5bf7864102435131556485a12bb9005543d42968683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3824
etag: W/"65290e59-f4f4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f122c9844bb74-FRA
expires: Sat, 14 Oct 2023 14:17:09 GMT

GET
H2 200 29.ed1f0ca.css
secure.vantagemarkets.com/static/css/ 10 KB
3 KB 53ms
52ms Stylesheet
text/css 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/css/29.ed1f0ca.css
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.30ec9e9f4165ee1ce012.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27ac4b2216358ab3848230d2a3c7aa4baec449c00e5d053d30e688080ed4d13b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3824
etag: W/"65290e59-2848"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 815f122c9843bb74-FRA
expires: Sat, 14 Oct 2023 14:17:09 GMT

GET
H2 200 29.8b4c711f686a5dcf7727.js Show response
secure.vantagemarkets.com/static/js/ 8 KB
3 KB 56ms
55ms Script
application/javascript 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/static/js/29.8b4c711f686a5dcf7727.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/manifest.30ec9e9f4165ee1ce012.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a12edab3bc7b15a4e02f1af60dbc33353fcdd35bea0b30313051c7b9d29e4c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 09:31:05 GMT
server: cloudflare
age: 3824
etag: W/"65290e59-1fec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 815f122c9845bb74-FRA
expires: Sat, 14 Oct 2023 14:17:09 GMT

GET
H2 200 geoip2.js Show response
js.maxmind.com/js/apis/geoip2/v2.1/ 3 KB
1 KB 153ms
52ms Script
application/javascript 2606:4700:7::a29f:8716
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/static/js/133.8cedf35fc82fb5f76165.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 14 Oct 2023 10:10:55 GMT
server: cloudflare
age: 375
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 815f122d68b618bd-FRA
expires: Sat, 14 Oct 2023 14:17:10 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c307ed8224582fee39c02b8402149f5450f6b57dc77dcee718df5903ba6989b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 772 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a865fd1ba2df994f7e390eaf20e4ebcd124412da91c8031f69688ba4061f522d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 472 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ed81fdc8f79e97a06bde70eb5a893a2b020a1aa638bcb0457a659a6df69ad7c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 /
www.google.com/pagead/1p-user-list/11232953403/ 42 B
64 B 52ms
51ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11232953403/?random=1697278629510&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3806107145&rmt_tld=0&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/11232953403/ 42 B
64 B 53ms
53ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11232953403/?random=1697278629510&cv=11&fst=1697277600000&bg=ffffff&guid=ON&async=1&gtm=45be3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&frm=0&tiba=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3806107145&rmt_tld=1&ipr=y

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 177639405278338 Show response
connect.facebook.net/signals/config/ 114 KB
30 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/177639405278338?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c44ab79fec374d3cb513d53f41cf105d23edbbac25cf0379e76276af9da87c8f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31033
x-xss-protection: 0
pragma: public
x-fb-debug: EvS6xVTSW+zIS/REMbLjFvl57hGgj7px8aTPBFqeHUg42De9X+9TBuE4Wm+xzXRnb0lEVTYe061NVX2vd49vvw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1233809420752100&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278629889&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 148026267 Show response
www.clarity.ms/tag/uet/ 829 B
1 KB 139ms
139ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/148026267
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/148026267.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 30e8bab000c64537aa4d19b4524e907e3f611212d968999a031173ce9e2b46fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires: -1
date: Sat, 14 Oct 2023 10:17:10 GMT
x-azure-ref: 20231014T101709Z-p5yuzyxmr55fmcrhcuentu9z5g00000003e0000000007v4x
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278629910&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&tm=gtmv2
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278629910&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&tm=gtmv2&e_ipv6=AQKPcvVMWiE0jgAAAYstsJhi1Qz3ZQIeRQYqn57QClZ-tsX6It...

0
264 B

160ms
160ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278629910&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&tm=gtmv2&e_ipv6=AQKPcvVMWiE0jgAAAYstsJhi1Qz3ZQIeRQYqn57QClZ-tsX6ItmTi8Eo4_SbXE2NdQTqN10
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:09 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: F81A0B0266834CA28B870C2D982D40F1 Ref B: VIEEDGE1612 Ref C: 2023-10-14T10:17:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHqnnVgE8oJfhmN/EjFg==

Redirect headers

date: Sat, 14 Oct 2023 10:17:09 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 85ACE84738E247238000CC02AC8E7868 Ref B: FRAEDGE1311 Ref C: 2023-10-14T10:17:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278629910&url=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&tm=gtmv2&e_ipv6=AQKPcvVMWiE0jgAAAYstsJhi1Qz3ZQIeRQYqn57QClZ-tsX6ItmTi8Eo4_SbXE2NdQTqN10
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHqnnTAKlB0oQAwxgehw==

GET
H2 200 identify_7dd78.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
36 KB 68ms
67ms Script
application/javascript 104.126.37.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id: 36b3a05e
date: Sat, 14 Oct 2023 10:17:09 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230907110712340B804CE01C18830DC8
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01fafd87cb650a5d0e78cdf7dcb703255b8edebfd0e99bcf109b6c1178ae97d084b7d40a28b3e20c93692f8499d2333ea775ba74b71828437998dabdbe72c2ad562757b09c4df093beec0837070efd897717da92a12095109c84839146263eed57
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=9
content-length: 35960

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
793 B 790ms
788ms Ping
text/plain 104.126.37.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: ca53eae.36b3a05f
date: Sat, 14 Oct 2023 10:17:10 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 734,104.126.37.39
server-timing: cdn-cache; desc=MISS, edge; dur=602, origin; dur=138, inner; dur=30
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023101410171017DA2DE7A4554AD48B11
x-cache-remote: TCP_MISS from a23-220-105-202.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 138,23.220.105.202
x-tt-trace-host: 013027eeccbe383c4e7f64c70ff7fb673b9ad1e17430c728fe853c7575df2cb3f37a168f2f3241293c1c0e0186d6b490868a65a38b2be9fa59d994a9d486661e75c73db32d23cfbb7cfa93ef4ddcee4029803a5ee94ea156737da9597937ca062425a6c70f7e054f9e9340da94eac38fe4
access-control-allow-headers: Authorization,*
expires: Sat, 14 Oct 2023 10:17:10 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
789 B 190ms
188ms Ping
text/plain 104.126.37.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 791d3ad.36b3a060
date: Sat, 14 Oct 2023 10:17:10 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 129,104.126.37.39
server-timing: cdn-cache; desc=MISS, edge; dur=106, origin; dur=28, inner; dur=25
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231014101710C24D330A1DB82B220AE7
x-cache-remote: TCP_MISS from a23-220-105-199.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 28,23.220.105.199
x-tt-trace-host: 013027eeccbe383c4e7f64c70ff7fb673b9ad1e17430c728fe853c7575df2cb3f3c740bdd2c5dd038d168328b6610afc5de9e57a28b4842f31577b6edbaea15b79a02982f30615000dd04b0ad1ae5b167ccdfd3a9ce631c915910c3bd9ae9be61c970018f0486f7313188d82a7290d3751
access-control-allow-headers: Authorization,*
expires: Sat, 14 Oct 2023 10:17:10 GMT

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 418 KB
56 KB 41ms
41ms Script
text/javascript 2600:9000:225e:6600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/D4PKUQWCWNCJPDENWUB3VX/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

X-Amz-Version-Id: wD7IUQmRA9PUuld8lU58FBeuMlOqC6p6
Content-Encoding: gzip
Via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
Date: Sat, 14 Oct 2023 10:14:30 GMT
Age: 176
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 05 Jul 2023 21:39:27 GMT
Server: AmazonS3
Etag: W/"3306a47faf7223d93fb356e8a73d1942"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 3Rc29xgjJDcjvp-N973Wg7cwQHyIBB4JFJgRWejDA5qSEugi4QFooA==

POST
H2 200 815f12248d00bb74 Show response
secure.vantagemarkets.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 9F05 0
260 B 61ms
60ms XHR
text/plain 2606:4700:4400::ac40:946c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/h/g/jsd/r/815f12248d00bb74
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:946c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Oct 2023 10:17:10 GMT
content-encoding: br
server: cloudflare
cf-ray: 815f122de9cfbb74-FRA
content-type: text/plain; charset=UTF-8

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 54ms
53ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 0531150d4d5d771799a53b6641a4d22bdb5ddb23699386d8da49177b11d08157

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 14 Oct 2023 10:17:10 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

OPTIONS
H2 200 v2
asia.creativecdn.com/tags/ Frame 0
0 196ms
196ms Preflight 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.vantagemarkets.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-max-age: 3600
content-length: 0
date: Sat, 14 Oct 2023 10:17:10 GMT
vary: Origin

GET
BLOB 200
OK 83e5e3e4-42d6-4cea-9c04-cfc1f2a711c8
https://secure.vantagemarkets.com/ 47 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.vantagemarkets.com/83e5e3e4-42d6-4cea-9c04-cfc1f2a711c8
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 168409daa5c5a8dcca6ebcb730c6d7c7e1df6475c0727eedade75eafb8c40116

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 47721
Content-Type

GET
BLOB 200
OK a69b8022-45e5-41a6-9876-3c4955b3b045
https://secure.vantagemarkets.com/ 47 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.vantagemarkets.com/a69b8022-45e5-41a6-9876-3c4955b3b045
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 168409daa5c5a8dcca6ebcb730c6d7c7e1df6475c0727eedade75eafb8c40116

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 47721
Content-Type

GET
H3 200 694340261818851 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/694340261818851?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86b721dd502671228f748f3132bee4c6841164ac381887515e28ad92bf68e2ea

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36796
x-xss-protection: 0
pragma: public
x-fb-debug: dwTSYA6htSjcCsz/CTNypAjQt0HYyIEljeH24HwDyvnkBa2Ehb1P8+ip4xdk6hdRHYkfdv26M4ofw1ZX4WT1Zg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177639405278338&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630065&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=bb5010&it=1697278629493&coo=false&tm=1&cs_cc=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H/1.1 200
OK events Show response
wa.appsflyer.com/ 82 B
538 B 233ms
55ms XHR
application/json 18.203.58.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.appsflyer.com/events?site-id=3763a30e-77f1-4099-9f29-c434b5efec6e
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.58.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-58-141.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 922d29ddc0a0bc11caa1f2c8fc979747b16fb57262566c18898c612eaaddd7fd

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://secure.vantagemarkets.com
Date: Sat, 14 Oct 2023 10:17:10 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 82
Content-Type: application/json

GET
DATA 200
OK truncated
/ 431 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a000d4644c8f98685a42f53e9c6f3c1ea798bb7b486da7cf7c72c514c4bfbb2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 259 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb576c766f1957fba73ed67740253ec15eace416fba3e725648c2415bf320c0f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 300 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f6178cb3326d3476de9450c6fea7ee42d60e6765531304760247594ec91a499

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f950a7a8cd762d684310349cdf41a5749ee0dc95029c22376a3f5641b206430

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 967 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96691e4d06ce49c930c1e5a33913592e32c7ceabe570d15d1ee07d2513845bea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 469 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfe1ae95d2aef4e194d7990a2ce506a14c25271fd4143c02bb89e69bbd56b7cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d318a28309c072884a96448cf8bbe5763d8f3741a5cabb16509878bddd75baf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed4e4e6ebf32aaa5825c56b6070a827a89bf2a5ab2ff17f91d9937c41d1e84ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31ece7a49c044833a427ad40fc3cc5e97946a9b48068a6d6a9ce2f432fac662

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18703907f189e33dfb9bf8e609b8a3dfb6092d5c560774de65b1e1581c29de6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 525 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92a6add9568f8d6673caff797b680d8a90d4f1fd96bf38885441cd99b1e9ec79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 768eddfaebfe75bd6d5cb351c2bba69e18c717f5dc3069d04471cd37c89fafa9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36a986af8b92f6aaadd797c03f670041bb8f20977ed5a43fcbb7fd9e23c24ab9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba1c1ec61ae761c4580943f202fefc7f92cf1cff1629b6f06d98c177cc0f9fcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd363956160c2aedc31143d7b47d2be107e64fd52a48cbd130398044058fc144

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 92 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5b6925fadacd9eca2f346d1e53f78c6f4dfb1998a345a6f0032c285c60eed09

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 287 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 181e216ed335fe97694bb848ca496e420b4d3a7c332a74678886e1fbec324723

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07bc2314b8e1bd080eecbfd7e5839c307c2dfcda24e1b0a45912b65dfce91100

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 188 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4a32bd92ea12e54de7588307693e04d113f3e9a7481fd9185efc9347f3652a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 292 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3949af92fafbd6afb165339ea3b32043c25b9390061df9a7fc1c6d1f9f080520

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f36a87c7d4d81bfacb940e20afd7896f2ce2845c9f92a38ee28001ea945e504d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 802649b1875ec5227a5eb90222e7dfe7e38e1b37814ff169f137f46308fa0ba9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a959f30a41da2e22c60176c9f6f7529bae80847e0afde7fc3c62a2ac11789d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 656 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d3f506dc174f148787b21f5ff26b3452a9a5d2598dea553a79b27bf9b6d1e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9a77c4e7b4afa3ef34658e66b6d16642b03241e35d0127d3f8fe6de33303e0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 me Show response
geoip-js.com/geoip/v2.1/country/ 746 B
946 B 172ms
73ms XHR
application/vnd.maxmind.com-country+json 2606:4700:4400::6812:216e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip-js.com/geoip/v2.1/country/me?referrer=https%3A%2F%2Fsecure.vantagemarkets.com

Requested by

Host: js.maxmind.com
URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:216e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9203c915320b6f49926acaad955b06dbc907d51c27afb3ca59d05731ea2b9d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/vnd.maxmind.com-country+json; charset=UTF-8; version=2.1
access-control-allow-origin: *
cf-ray: 815f122ecb76bbd4-FRA
content-length: 746

GET
H2 200 vantagefx8311.zendesk.com Show response
ekr.zdassets.com/compose/web_widget/ Frame 1CBF 1 KB
2 KB 315ms
226ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/web_widget/vantagefx8311.zendesk.com

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af792710c77a114566cbcec5e9d973235db78867d5fbcae29b1b7cb6129af457

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:10 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 80c8f8e0e8065429-SEA, 80c8f8e0e8065429-SEA
x-runtime: 0.005533
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"af792710c77a114566cbcec5e9d97323"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBj%2BbIrtb8J%2B9jX5ATO3t9tIHabSFcSjwcVY3sQZDKtdfH2%2BBKl2TWJBANPt3aaxILEeENo%2BKhvM4JeyQAdu4Gm0hruVqLoGKEnEXAL3MehHl4XeDcaTEtT7iGngI%2BnzHtE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 815f122ebeeb994b-FRA

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.12/ 58 KB
25 KB 84ms
83ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.12/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/148026267
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:10 GMT
content-encoding: br
last-modified: Thu, 12 Oct 2023 01:51:26 GMT
etag: W/"0x8DBCAC5BF4C06D9"
vary: Accept-Encoding
x-azure-ref: 20231014T101710Z-p5yuzyxmr55fmcrhcuentu9z5g00000003e0000000007v5p
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 012b24a2-801e-0005-2ae6-fcfc00000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 41ms
41ms Image
image/png 2600:9000:225e:6600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Sat, 14 Oct 2023 03:52:30 GMT
Via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
Age: 23217
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 48JkNmwnVEgUua8W4f-vo3s3RVhRM8SQOk3iNZz4DEFHjgUhGEP1VA==

GET
H3 200 267850502500264 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/267850502500264?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a5a6637b9e432c2ad9a656aba677a76e15a46c139dcf920975df6d978c6c7168

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35249
x-xss-protection: 0
pragma: public
x-fb-debug: jQkZEfg6BQvhJF5h5+zaDGWBO5o2eL/36oyu9Cwa6sY3YQXt3jvsj0emLfTsn1LrVIRGxuAvSNc53vAbK5ESag==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=694340261818851&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630127&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&tm=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
792 B 232ms
232ms Ping
text/plain 104.126.37.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-43.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 791d537.36b3a156
date: Sat, 14 Oct 2023 10:17:10 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time: 185,104.126.37.39
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=96, inner; dur=80
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231014101710E7A932051BEB8DCAC66D
x-cache-remote: TCP_MISS from a23-220-105-199.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 96,23.220.105.199
x-tt-trace-host: 013027eeccbe383c4e7f64c70ff7fb673b9ad1e17430c728fe853c7575df2cb3f3c740bdd2c5dd038d168328b6610afc5d1bba2d2c94e60d934ae05f50fa82c1dcc5b1049f055f219831c7f946e694a0435a88b613d1737fc32f4264d69e643db24762973edf387125a4f07c28a9806d3e
access-control-allow-headers: Authorization,*
expires: Sat, 14 Oct 2023 10:17:10 GMT

GET
H3 200 238429805778126 Show response
connect.facebook.net/signals/config/ 115 KB
31 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/238429805778126?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66bf63619f853a8d2f7fa59954f6908c1f18ccee30a831008ea0048792bb9c96

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31367
x-xss-protection: 0
pragma: public
x-fb-debug: AkT/4T7Z93d95v/GQxy0DcMLhbRY2z9V77LyqMmcjBpC8u3vXlx92bRKbguZAMqrSzZoFs5HO8ZZqP73kDJEyg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=267850502500264&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630178&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&tm=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 4347693485455104 Show response
connect.facebook.net/signals/config/ 115 KB
31 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/4347693485455104?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b71065fc8b013e51d770dfbf3462195653636480ddd4429851db8e937037365

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31190
x-xss-protection: 0
pragma: public
x-fb-debug: cL9dtlz/H4aSMJ3yYMpVeS++968mkf3XL9QHx9FUJFXlvWu2IWPOSCeSBVPKdveK8C1W3LyqSPK/H1zETZTYDg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 41ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238429805778126&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630229&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=276b76&it=1697278629493&coo=false&tm=1&cs_cc=1&cas=6176537735805755%2C6416258555156633&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 588528293409588 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/588528293409588?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2f8e8e47efbe6632af47c617df43eca10a373112830f2c982ade65191fd083b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35231
x-xss-protection: 0
pragma: public
x-fb-debug: VwHVOWnmY4cn+rLpCY1FB6yX8HwQCMvwWguK0brBSncIvNascNOQQqgjPRMj+oFQRnr2Y1vzzt7biQ+T1naqxw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4347693485455104&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630280&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=31ff74&it=1697278629493&coo=false&tm=1&cs_cc=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
305 B 364ms
364ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.vantagemarkets.com
Date: Sat, 14 Oct 2023 10:17:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H/1.1 200
OK onelink Show response
wa.onelink.me/v1/ 51 B
512 B 54ms
54ms XHR
application/json 52.208.185.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink?af_id=e75deb91-268e-496c-aaf8-6f78fed1ffbd-p
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.185.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-185-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1a41d2a9d4febf4ab4efa620bd301d8bd06f22534c785ef4a09d61d7a582b932

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.vantagemarkets.com
Date: Sat, 14 Oct 2023 10:17:10 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 51
Content-Type: application/json

GET
H3 200 1302581984012138 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1302581984012138?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c98a0de5408c840cfbf29d4fe066fae881e2ad5b76d8c80c3804f55653c15e2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35209
x-xss-protection: 0
pragma: public
x-fb-debug: 5U1QAPioSZxT52bIaOb3MaeCiuG2Z6GqRfz0ndFs8l+GkFfZHULYxZ2UdhkEdKJidNtbWdYaWBd3+36XF6ObEQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 44ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177639405278338&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630337&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=bb5010&it=1697278629493&coo=false&cs_cc=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 44ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=694340261818851&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630338&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 45ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=267850502500264&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630339&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 45ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238429805778126&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630340&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=276b76&it=1697278629493&coo=false&cs_cc=1&cas=6176537735805755%2C6416258555156633&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 45ms
42ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4347693485455104&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630340&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=31ff74&it=1697278629493&coo=false&cs_cc=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 46ms
42ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=588528293409588&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630341&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 46ms
42ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1233809420752100&ev=Lead&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630342&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 47ms
43ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177639405278338&ev=Lead&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630342&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=a31e1e&it=1697278629493&coo=false&cs_cc=1&cas=6559841384075475&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 47ms
43ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=694340261818851&ev=Lead&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630343&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 47ms
44ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=267850502500264&ev=Lead&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630343&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 48ms
44ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238429805778126&ev=Lead&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630346&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=76e813&it=1697278629493&coo=false&cs_cc=1&cas=7412040312146573%2C6416258555156633%2C5981455201956524&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 48ms
45ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4347693485455104&ev=Lead&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630347&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=3f827e&it=1697278629493&coo=false&cs_cc=1&cas=6940527756009376&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 48ms
45ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=588528293409588&ev=Lead&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630347&sw=1600&sh=1200&v=2.9.134&r=stable&ec=1&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 49ms
45ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1233809420752100&ev=ViewContent&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630348&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 49ms
46ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177639405278338&ev=ViewContent&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630348&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=3&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=d6723b&it=1697278629493&coo=false&cs_cc=1&cas=5902703129840041%2C6920577351302890&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 50ms
46ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=694340261818851&ev=ViewContent&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630349&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=3&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 50ms
47ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=267850502500264&ev=ViewContent&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630349&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=3&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 50ms
47ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238429805778126&ev=ViewContent&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630350&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=3&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=694ff5&it=1697278629493&coo=false&cs_cc=1&cas=6416258555156633%2C9751607618244938%2C6127801113995621&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 51ms
47ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4347693485455104&ev=ViewContent&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630351&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=3&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=823dbe&it=1697278629493&coo=false&cs_cc=1&cas=6302405346552491&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 51ms
48ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=588528293409588&ev=ViewContent&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630351&sw=1600&sh=1200&v=2.9.134&r=stable&ec=2&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 52ms
48ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1233809420752100&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630352&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmgoogletagmanager&ec=3&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 52ms
49ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=177639405278338&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630352&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=4&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=f846ec&it=1697278629493&coo=false&cs_cc=1&cas=6175811209161205&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 53ms
49ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=694340261818851&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630353&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=4&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 53ms
50ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=267850502500264&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630353&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=4&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 53ms
50ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238429805778126&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630354&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=4&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=f9a4a1&it=1697278629493&coo=false&cs_cc=1&cas=7128924523788786%2C6416258555156633%2C9982742225099927&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 53ms
50ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4347693485455104&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630355&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=4&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=2fc6fb&it=1697278629493&coo=false&cs_cc=1&cas=6983849321653751&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 54ms
51ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=588528293409588&ev=CompleteRegistration&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630355&sw=1600&sh=1200&v=2.9.134&r=stable&ec=3&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 274899861789369 Show response
connect.facebook.net/signals/config/ 132 KB
34 KB 42ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/274899861789369?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

819c9553d935f02072955cae3a2a365d1316aa1a80d6541643d567ac6a267b51

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35203
x-xss-protection: 0
pragma: public
x-fb-debug: YpqOl/S/CdXP07qLtd+UwGBy1TveTy5RV2Lr//4+CduSogIJgdZgl3UXZJSgueU7TPdqSNk/GXW1KMFcFq+K6g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 42ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1302581984012138&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630406&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 web-widget-main-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame E037 921 KB
265 KB 65ms
65ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19f9bd2c56e13a1adc382fb52bb03abe6ea7284415855adeb244cfce20cca048

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:10 GMT
x-amz-version-id: Tqd.BCD9w1gdIuCOkjN7K7S20lVumIKB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGCDT70WXW0XTBG
age: 2089672
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: w4TxXbuKfsJtUaNYI21UQF3WwdyKVc0OvhjojDbcRlmcVg4D+m0Q+pJzOrBKqCsq6jwYIyHXPHU=
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"a3155ef9816fdf792d367e746086c583"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SoG4gX2hHJoNb70%2FDGKsc%2B6Mst80lY6MwQYMA6meX%2B%2BOyLqSewiXdNsrhqilSARy0Bs8yR9N4ainCkabFli38B9qho0uCGxfwC6GRgEORTxaLJTyyaDGlnLo6XJfoZxMGK38UZw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 815f12303d6735e5-FRA
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H2 200 fledge-igmembership Show response
asia.creativecdn.com/ Frame 2109 1 KB
648 B 199ms
197ms Document
text/html 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/fledge-igmembership?ntk=p-fPr3PMgGXChe64ltlBGannqlFLobmEz-Rzs7eRaax5Fvec6XIFeBG7kM1MVDdqDLPJ4IWcG-E5ZtExmJ4DCA
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/gJKbT9N3FwF2LliEdMKV.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: 5ccec28cfd201bb2a45941f8d048c465af132821b3530de2638b09cfc885e223

Request headers

Referer: https://secure.vantagemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 460
content-type: text/html;charset=utf-8
date: Sat, 14 Oct 2023 10:17:10 GMT Sat, 14 Oct 2023 10:17:10 GMT
expires: Sun, 15 Oct 2023 10:17:10 GMT
vary: Accept-Encoding

GET
H2 200 topics-membership Show response
asia.creativecdn.com/ Frame D2DF 945 B
658 B 198ms
198ms Document
text/html 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/topics-membership?ntk=fmHvYKB67E14YtAQ8hAJ7Rgw4TjbHWMVD1YxlNlWbRLmWvfyrqYS0KNdos4GzcoFG3-DY3xEAaUc0KVkxW8K7w
Requested by: Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/gJKbT9N3FwF2LliEdMKV.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: f21c9b43acd18b81217051e43a9dde4b2e3ad3f0c5414bec23c6a8f986572748

Request headers

Referer: https://secure.vantagemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 470
content-type: text/html;charset=utf-8
date: Sat, 14 Oct 2023 10:17:10 GMT Sat, 14 Oct 2023 10:17:10 GMT
expires: Sun, 15 Oct 2023 10:17:10 GMT
vary: Accept-Encoding

GET
H2 200 setuid
ib.adnxs.com/ 43 B
836 B 164ms
163ms Image
image/gif 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=315&code=MCmsQ1f0d738zMRKolR2

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:10 GMT
an-x-request-uuid: 8728f430-f5f0-4d14-9cad-cf5631987322
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.106; 80.255.7.106; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 1499465694193523 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1499465694193523?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c79e791b3abfb5b39531dad71f7d6355cdaceceb9d9b7779e0ea06f271046965

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35313
x-xss-protection: 0
pragma: public
x-fb-debug: Z2rs/TMTNnKMZ+J7bibc1cfZt8yCyt1Fk9QraFchc9xgn2GlIcL8uMrz16sSX/vbNrrXR2bXsGEH4azPXoaqQQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=274899861789369&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630472&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 665053555484802 Show response
connect.facebook.net/signals/config/ 132 KB
34 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/665053555484802?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b87ff0cfd8a6f63b847549fbee8916105af0e6c33d1af0734cef7ddde286bd09

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35203
x-xss-protection: 0
pragma: public
x-fb-debug: iT48KjO8wJrf8adAjushPGjFm2y774PKe6qgZ+QHW26uoEsysN+FldT/RlRMI5wzlohJ/FJJ8uP2oazSTt4GXQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 41ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1499465694193523&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630524&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 970611677582746 Show response
connect.facebook.net/signals/config/ 132 KB
34 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/970611677582746?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb0addc7b7fceec6bba8e793e3f6bd4d1c2e22750f90e52e3a77ba746076e8a4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35198
x-xss-protection: 0
pragma: public
x-fb-debug: Nw2//tLSvFCz488TNP1gV10S+GERVw/Rsd81HnNMX7h0fBplPmxnGc0ddUxlvyaGgkAMhfNT+sVX/azM4XkB7A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 41ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=665053555484802&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630577&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 en-us-json-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame E037 25 KB
6 KB 57ms
56ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:10 GMT
x-amz-version-id: hsI8uO5qXqigkFCAVGwBeynKIJCd66Hs
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG634E6JEX0QWAZ
age: 2089672
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: xPN4p0SCUPGXKregEUQnpKEDpsTJuP5jc1Fzfm7M0eI6Ek6sEigILcZVdbgX8yXKqKG690OWL10=
last-modified: Thu, 24 Aug 2023 03:39:38 GMT
server: cloudflare
etag: W/"fd692493810d22ae0ff5aca283a7a202"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXFbYGJAForCCzXAjm8sLH3FkIbFNXUuYanxVsqmXUfOn0zt1Zkjxd5kfDVvCjPUdn5mAVfckWawiYcvoV8CWBCC5DQ5FuThs1VrmTtVnjTWP2eediR1TxzxAEAokAt%2Fy4Sl9Ns%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 815f1231dfcd35e5-FRA
expires: Fri, 23 Aug 2024 03:39:37 GMT

GET
H2 200 config Show response
vantagefx8311.zendesk.com/embeddable/ Frame E037 1020 B
1 KB 438ms
337ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vantagefx8311.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6833b5471625b94d70c503abeca7bae57d37e89a78a98c6c31c5f92faed8f4d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-c584bc4db-dhrbb
x-cached: MISS
x-request-id: 815f12327dde366b-FRA
x-runtime: 0.002139
last-modified: Sat, 14 Oct 2023 10:11:34 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWpZ8oBwE1hartWMe%2FnqHvsbYgZiZe12P%2FXjREQSvuegemjeNYi0OLQUSOQmBg%2BBTrfihQT%2FSIIfCV37WPZnDjlb1gnkKQ%2Bc0IllhxLAIXmLXsJOgxXXuHE4n%2BQAxz3iWzGV6SNUgPhY%2FQQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 815f12327dde366b-FRA

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
128 B 50ms
49ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 12ba27da092f5fa89526a71de0b7946ee85024775eb360f40ef66a1ebeea9758

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 14 Oct 2023 10:17:10 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://secure.vantagemarkets.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8DE3 15 KB
6 KB 55ms
54ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=secure.vantagemarkets.com&origin=onetag

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://secure.vantagemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 10:17:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 1332378
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 747949010384139 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/747949010384139?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9c0fc9916dfffc05769809e8c4edd41f77d774acb2ed9aef5e35916054ec22c4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35208
x-xss-protection: 0
pragma: public
x-fb-debug: MfJ1Szsr8C2NuOd051dZSQKSU3wqEQzaqFB8cPk95LNzTe5qscWyrp9C7m+5j5qAGimDfOjUl79Pe6IevhEZsw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=970611677582746&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630706&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 web-widget-chat-sdk-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame E037 202 KB
51 KB 56ms
55ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a0379eaeac3d8de8f2b77a318fef99bae4ef5ca07d2eca39b8a0f3c21911b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:10 GMT
x-amz-version-id: Gf4KFmmSRtALGQTFrJvpXz0Cxt2OhtK2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG7669N46G2MQWR
age: 2089671
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: GiEEBCkOW1lsCk006xWhEFtaoVl0WRgcmAzyoJDlz7q9+s45PSblaHm1WWwQNBbF90Z9qXzPwXA=
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"a3208a9957c2dcf9612763d1d3138069"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=in0OcCxzhbJMlJCFdt19wYVPY98d%2BzcPdEoo%2BFkXj%2F2seeCre8k77D%2F0QV860XWsFY66yCRwL6Ypan1ySf3XsV9aqwhWWvSbXvZxyNMJTDaFC4PHu%2FTLb0m9RFYAjzznboqzlI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 815f1232384a35e5-FRA
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8DE3
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=vantagemarkets.com&sn=ChromeSyncframe&so=0&topUrl=secure.vantagemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=FqgW-XxwelN5bFQ2NW9YZG1JN2k2RDc3ZWJGaTAyQVZERzFRL2NBSGRjZlUydWZlSzBuR2JUbE83YTh4SGRCZmNDYWtzamF1TFY5T01TWWkwQU8ySTBVSVNLREZwdFFwT3VYYWQ2d1lvQXJUbjZjOWFTeEdaQzdkcm41WE...

439 B
659 B

172ms
49ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=FqgW-XxwelN5bFQ2NW9YZG1JN2k2RDc3ZWJGaTAyQVZERzFRL2NBSGRjZlUydWZlSzBuR2JUbE83YTh4SGRCZmNDYWtzamF1TFY5T01TWWkwQU8ySTBVSVNLREZwdFFwT3VYYWQ2d1lvQXJUbjZjOWFTeEdaQzdkcm41WERReW1wYXZjNld0N2JrVFdueGRZd3c0anhDYjVYZVlUOU9Td0NVRnNjVGpPYTdxMXc3dDZMOXZNbTFseGhvWVZZR1F2Y1oybDZsOCtYRmlQYk5aLzhqTHlYeGZLZ3owZWMvME9rWTFaZWZlemd0V0hMTGUzZVNTaWVwZXphRjNNQmczY0dVTWo5VW5yOXdMMDQ3SVpuUThDRnBpbnZYRExEY0tobFFkN1Vlamo1MFh2ZGtGWT18&cppv=2

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

844beb98920f29f323e4c2c4a1396a99fdb5013084cec3da45cc5563d1315dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 843769
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=FqgW-XxwelN5bFQ2NW9YZG1JN2k2RDc3ZWJGaTAyQVZERzFRL2NBSGRjZlUydWZlSzBuR2JUbE83YTh4SGRCZmNDYWtzamF1TFY5T01TWWkwQU8ySTBVSVNLREZwdFFwT3VYYWQ2d1lvQXJUbjZjOWFTeEdaQzdkcm41WERReW1wYXZjNld0N2JrVFdueGRZd3c0anhDYjVYZVlUOU9Td0NVRnNjVGpPYTdxMXc3dDZMOXZNbTFseGhvWVZZR1F2Y1oybDZsOCtYRmlQYk5aLzhqTHlYeGZLZ3owZWMvME9rWTFaZWZlemd0V0hMTGUzZVNTaWVwZXphRjNNQmczY0dVTWo5VW5yOXdMMDQ3SVpuUThDRnBpbnZYRExEY0tobFFkN1Vlamo1MFh2ZGtGWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 257890
content-length: 0
expires: 0

GET
H3 200 491312892505238 Show response
connect.facebook.net/signals/config/ 142 KB
36 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/491312892505238?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3946119025988e271eb91d740c15521312cae46c4b918882f3d10fce26ddd457

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37185
x-xss-protection: 0
pragma: public
x-fb-debug: n7ueK5+pF7bPQ2Co5qsmKw7OJENCilg0JX6svTO/d/Op9qrT2avQbfFopc1SaaYdWm2chogzOoFNSQyU59BJUQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=747949010384139&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630819&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 41ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1233809420752100&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630820&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=4&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&tm=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 547618257370966 Show response
connect.facebook.net/signals/config/ 114 KB
30 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/547618257370966?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ad343fd8a8d314ec5ba841ba84425b377fcf4261a31d4d1fd42db9a9db1eef3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31038
x-xss-protection: 0
pragma: public
x-fb-debug: sRuLiyoVZ5sFo5vxzXPcmoV60tNqASaNTUzbJySx8xKEXIhnAZNgYI5sSPfRN7SU+udp++lGe2sqk416wGNuVg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=491312892505238&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630872&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&tm=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 845724959898036 Show response
connect.facebook.net/signals/config/ 145 KB
37 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/845724959898036?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9012a88d0c763f3de060581c611107decadb4bbfb990c8dd876ea402492dac50

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37531
x-xss-protection: 0
pragma: public
x-fb-debug: OVnvDnoM6M7FheB5HqZu7716nQvDMtJ3Lkf8LZikIE5peeD2eK4K993o7p7n6wNpyjbZtwLYMLcTdgRqMDlYcA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=547618257370966&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278630924&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=8bd119&it=1697278629493&coo=false&tm=1&cs_cc=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 650525333529265 Show response
connect.facebook.net/signals/config/ 138 KB
36 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/650525333529265?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c735f21066e8ccfdd2b7b21ddadfba3c66158e58e1f3385d2a5d6a714e8d1c52

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36696
x-xss-protection: 0
pragma: public
x-fb-debug: Rt+QmWh1L9lAH26Ce3NXPw9Ly44PmD+IjUXlZwxsHcFcKrFkLmeQAs44h2wj/DcVBZ/oVGZA3A8zuhVlKLprPQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=845724959898036&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278630976&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&tm=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 416512605686316 Show response
connect.facebook.net/signals/config/ 129 KB
34 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/416512605686316?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

47cd090c2fb3a3901db143a82fc04d4b31be73e312c78eb1e7b273fe6187c95e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 34272
x-xss-protection: 0
pragma: public
x-fb-debug: 0e89xu9PNJsVCZyHJnMw2soKcrHdjjtTnLyNPl7QSK00q/DtGvmFf9DopYg0nAS1xb9++KJjKqy4yTpCmiX6NA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=650525333529265&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631029&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&tm=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 event Show response
sslwidget.criteo.com/ 116 KB
10 KB 184ms
99ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=%5Ban%253Dweb-vantagemarkets.com%2526cn%253DSG%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DIN%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DVN%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DHK%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DNL%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DIT%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DCH%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DSE%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DCO%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DAE%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DJP%2526ln%253Dja%2Can%253Dweb-vantagemarkets.com%2526cn%253DAR%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DMX%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DID%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DSA%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DPH%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DTH%2526ln%253Den%2Can%253Dweb-vantagemarkets.com%2526cn%253DMY%2526ln%253Den%5D&v=5.20.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-custom&p3=e%3Ddis&adce=1&bundle=ytxErV9zTWRKZHdyN1hhT1NsNUl0ZnpmT1FvbVRPTHV4b3pDSVZjb0xvOWRaTTdBUGQxeWFGWmUwVThoRndNVmNSTnZ1UlVDZ2J3QkFRcDhoSlFFQWZoNXZnJTJCOWZQYTFrZ3lhYVU2OUFCZVQ5dFF0c1JMNEtrY1VnM25ma0gxRDZIUG1jVllmWm51aUY5eXBQRFlHb3Q3eVU1cmZ0QjdnZ200VldVWThITzN3WGUzYyUzRA&tld=vantagemarkets.com&dy=1&fu=https%253A%252F%252Fsecure.vantagemarkets.com%252Flogin&pu=https%253A%252F%252Fsecure.vantagemarkets.com%252FdepositFunds&ceid=74ca292a-fa44-4608-9bc0-925b436b4980&dtycbr=77663

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0d6d467f766b49ff32ebd1f7243bf58c61affe03cd3d6a9c8d62ec8448f5f35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 58229212
timing-allow-origin: *
expires: 0

GET
H3 200 922999411565807 Show response
connect.facebook.net/signals/config/ 141 KB
36 KB 43ms
43ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/922999411565807?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24992d24cdedb8e43adbc8b27c7ca67dedfb103549ecf876cec648da06cbe577

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36916
x-xss-protection: 0
pragma: public
x-fb-debug: +QVBLsYjVJQt1D6I0rd9CmirBBrw/oLjlEJBDpWwjIeLKg2Kpueibp/AoF/EZ7goVzIgH0iCKqz4j2rNtrsmpA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 41ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=491312892505238&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631081&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 42ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=547618257370966&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278631081&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=8bd119&it=1697278629493&coo=false&cs_cc=1&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 42ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=845724959898036&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631083&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 42ms
41ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=650525333529265&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631084&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 42ms
42ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=416512605686316&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278631085&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmgoogletagmanager&ec=0&o=28&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&pm=1&hrl=d5b426&it=1697278629493&coo=false&cs_cc=1&cas=5550332855050470%2C5889831547707403%2C5921652137911453%2C6292956224109675%2C4163103330475840%2C7760893210650690%2C4070756356295866%2C3699283363473917%2C2941255865897329&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 145ms
145ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=false&k=56f9565d-0f2f-47a3-83f7-67113ce28926
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/ecb70aab-c31d-4b23-8884-19234515ebbe-async.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 14 Oct 2023 10:17:11 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H3 200 297039155598937 Show response
connect.facebook.net/signals/config/ 142 KB
36 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/297039155598937?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0cf9802d73ce2b3d4528989db78998ecca784810e85a5feded2ae666812da3b4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37248
x-xss-protection: 0
pragma: public
x-fb-debug: kSBDdktmgO+iNiLufgeTARGHfHAnsujGZkAorU5FC1m1zHy8jWL3UMhaOJukhsGT/xSfYZo38B0rdqFKzLFe/w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=922999411565807&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631138&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 web-widget-chat-incoming-message-notification-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame E037 236 B
605 B 51ms
51ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:11 GMT
x-amz-version-id: 46qKELeTBWCwzvVGXozLgYao3Jv6zCoR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGARP9PBMSE4NG6
age: 2089672
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: UDhS2BcRiqT0U63pgrz0KkSzQoi5AOKDKaBK1YgYU7zSoe5Xd0tZBNtehACxrA6AXPHOrXt9lg8=
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dpuAOE4ikoUyTcbC%2FTDDQI7zmnNQcUuPFO1yBFNNCJK5wiS0kGt2a6G8%2BKzSPA3N5fT8juFP0AmJfXs%2BvnO5bLXDE4umTyNaycvwWCLPBBHhnLhI2Mgjkk%2FzJ4CPs5Snlj6Qu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 815f12354c8435e5-FRA
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H3 200 451077746932067 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/451077746932067?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3fa21baa0c6e990213b97f9f29fec80ac8124745aac40cbf7dab2f1ce4885ef

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35287
x-xss-protection: 0
pragma: public
x-fb-debug: 7pmg/1F3oV+XoA208I+qi+HprRK3A7qu+xXWBLORopJa6kUpwyPxJpB0m0S2vzkbshX+Kh+vrA/JC3Sw64kyfQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 41ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=297039155598937&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631250&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame E037 19 KB
20 KB 63ms
63ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 14 Oct 2023 10:17:11 GMT
x-amz-version-id: 4ia8pwpPCBX0KpnOJLW8_qBKPEYvRo1z
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG8PXYYRESB9E4G
age: 2089672
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: eQzEOFZMe/r9C0+OY6QUg3m41bK18eFYsBI7gacBvNYCmnNft6FcwhPvDybIFmPGRqFdE6rnABg=
last-modified: Wed, 20 Sep 2023 03:20:38 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RP0gId%2FdCkmaUJmciCmY88n6rEeGC1udIqZJyTareB7nMxxCr7Jg4kDjat3JqmaW5bdxPy8Zswh1kCiA6dBi%2Bh2NhZaR7y2U0kdDFclw2nA0Bmv%2Fn%2BpjuStx370%2B%2FCsdI1IKr6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 815f12364ddf35e5-FRA
expires: Thu, 19 Sep 2024 03:20:37 GMT

GET
H3 200 420402296948579 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 43ms
42ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/420402296948579?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

537a92d22616e2bed897f9e2e2cd27cf9d5d82191b8539e353d2aba5cbe3a3e1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35366
x-xss-protection: 0
pragma: public
x-fb-debug: 36K1vz5hOzsEtbBALRhbSZQcIyEVhnb9KeXoROeNnp49h7DrvmsatwgyUbGk7eIR5/xXUf2HXgRrx3XcoGb0kw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=451077746932067&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631401&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
305 B 122ms
122ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.vantagemarkets.com
Date: Sat, 14 Oct 2023 10:17:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 733238528502563 Show response
connect.facebook.net/signals/config/ 138 KB
36 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/733238528502563?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b75c9b8a0c6a514c71eb12095634035f998d22e2b03e4eb8873f084fe94db74

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36673
x-xss-protection: 0
pragma: public
x-fb-debug: JlM8PDbqcVmLWOPD+0ifp4r2vKyHxl/s5j+xUZ9qhOBW2C4K7Hwi9+lhlxCsHhCbyLIMXM8lvAhd2GMWOD8Xeg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=420402296948579&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631453&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 3468211486789123 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3468211486789123?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f776490d25b92b79011500270f16f0d660204727d1fa50e44d7eb255aaf0290d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35273
x-xss-protection: 0
pragma: public
x-fb-debug: 98dQWg2L6kk/Taynhja3+IwySXWaYZd4hmvv/0L/6/hU56BT0AnDeTJwsCrbHTiHUQpjFd/l4aEIi2E8d266EA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 41ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=733238528502563&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631575&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 1379642252799044 Show response
connect.facebook.net/signals/config/ 114 KB
30 KB 42ms
42ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1379642252799044?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3228fd70928e6d8d6bbc95f8f9e0568d7c51a97053e9db44c4ce02b93eb426f0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31099
x-xss-protection: 0
pragma: public
x-fb-debug: K5FvS08bITYcBPe1xAfMlHSp/0yvW6sNf5RDiTz/tbHBeUlTOAAmbdY7uyAq0l7ubLXJqAizPSR81+VFpkr/Tg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 41ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3468211486789123&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631629&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 1680294419040081 Show response
connect.facebook.net/signals/config/ 138 KB
36 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1680294419040081?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e33d5c759344bb50080a0b45d712cd6d61439ed8590614a107a9137883156bb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36640
x-xss-protection: 0
pragma: public
x-fb-debug: efrWi653kJKt6t4sXSmEZcxia0CB6uQSUhdisLvTzVLvAqBk2rB0qmV1D6/HIsspmXRBH9KplRejUzbovrNKbA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1379642252799044&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com&rl=https%3A%2F%2Fsecure.vantagemarkets.com&if=false&ts=1697278631681&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=28&fbp=fb.1.1697278627560.1191031376&ler=empty&pm=1&hrl=721b88&it=1697278629493&coo=false&cs_cc=1&cas=6138481589573090&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 942301047150897 Show response
connect.facebook.net/signals/config/ 132 KB
34 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/942301047150897?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c126dda4c9c293639132b1da4d06402dc019a2f213e0f08f5f5b8e87060d531e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35193
x-xss-protection: 0
pragma: public
x-fb-debug: 0fbV85C6j8UYfmPUbN4V3Dne9U/EjF2eebpwwXbeviK48d2CCzcho5v4SU5HYuuLmFy6aa/NPYGcNmGpUpc83Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1680294419040081&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631733&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 576460017767580 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/576460017767580?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5752a07d914ab783bb53d006eebc2ab153ee946b040e0a8a5cd85ac4ca7060d8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35275
x-xss-protection: 0
pragma: public
x-fb-debug: QnEzz/ZleJmFzKhe9JT286B6QgTdjz5qFOsRWjFmDMyUugaCcYa0xDcAsyKkS55NS0dZ1pXbkmD9GR17cDLM6A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=942301047150897&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631785&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 603228905046021 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 41ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/603228905046021?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c99239e491d2b45d7f9b958230bc162aa6bd2b8bc7fd5b6a0184ed36ddccbfda

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35272
x-xss-protection: 0
pragma: public
x-fb-debug: lEbc5Cnzboy9OMff2fzRfVJaEi+Cd0ZPdRmp9+KXNN7g6DJDohgPlLu2Qm3W5j2tmKp7Wmv5YlbJn5DwnWAXgA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 39ms
39ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=576460017767580&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631837&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 1583796055479838 Show response
connect.facebook.net/signals/config/ 138 KB
36 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1583796055479838?v=2.9.134&r=stable&domain=secure.vantagemarkets.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e51fe59a20f9fb215356433055391f68ccc19279c40303b5b1ed05d776ef49f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36545
x-xss-protection: 0
pragma: public
x-fb-debug: 2pWbSTlBawoIv6VzPMdmUDHnNkMnY0ztYZ6foDsZY6PpLkOf7OYOZfX5JIaZvAUtAe9QfTNHV6ITUVI6Ame9Fg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 187ms
187ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=603228905046021&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631888&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 111ms
111ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1583796055479838&ev=PageView&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278631982&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1697278627560.1191031376&cs_est=true&ler=empty&it=1697278629493&coo=false&rqm=GET

Requested by

Host: secure.vantagemarkets.com
URL: https://secure.vantagemarkets.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=52B90B9C530543AEB331FE70CC632E29&RedC=c.clarity.ms&MXFR=3E4FE3E38CD56DA422FEF04988D563C5
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=52B90B9C530543AEB331FE70CC632E29&MUID=0885377FBE36660D10AC24D5BF9A675B

42 B
442 B

59ms
59ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=52B90B9C530543AEB331FE70CC632E29&MUID=0885377FBE36660D10AC24D5BF9A675B
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:11 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 09D32CA7C78E46A7A298375D8183F729 Ref B: FRA31EDGE0815 Ref C: 2023-10-14T10:17:12Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=52B90B9C530543AEB331FE70CC632E29&MUID=0885377FBE36660D10AC24D5BF9A675B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 0D02
Redirect Chain

https://insight.adsrvr.org/track/up?adv=l31qp9g&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=moppfxx&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=l31qp9g&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=moppfxx&upv=1.1.0

0
59 B

56ms
56ms

Document
text/html

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=l31qp9g&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=moppfxx&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Sat, 14 Oct 2023 10:17:12 GMT
server: Kestrel

Redirect headers

content-length: 295
date: Sat, 14 Oct 2023 10:17:12 GMT
location: https://match.adsrvr.org/track/upb/?adv=l31qp9g&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=moppfxx&upv=1.1.0
server: Kestrel

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame E860
Redirect Chain

https://insight.adsrvr.org/track/up?adv=4fcy4l6&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=whcxxe2&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=4fcy4l6&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=whcxxe2&upv=1.1.0

0
59 B

57ms
56ms

Document
text/html

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=4fcy4l6&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=whcxxe2&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Sat, 14 Oct 2023 10:17:12 GMT
server: Kestrel

Redirect headers

content-length: 295
date: Sat, 14 Oct 2023 10:17:12 GMT
location: https://match.adsrvr.org/track/upb/?adv=4fcy4l6&ref=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&upid=whcxxe2&upv=1.1.0
server: Kestrel

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame F3A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-1o_MgpfL3vn07aaYMhBB9SFCF-QvKg-D1tKUEw&google_cm&google_hm=ay0xb19NZ3BmTDN2bjA3YWFZTWhCQjlTRkNGLVF2S2ctR...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-1o_MgpfL3vn07aaYMhBB9SFCF-QvKg-D1tKUEw&google_gid=CAESEJED4glZKYNkqBg3gTCi13g&google_cver=1&google_ula=913071,0

43 B
369 B

51ms
50ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-1o_MgpfL3vn07aaYMhBB9SFCF-QvKg-D1tKUEw&google_gid=CAESEJED4glZKYNkqBg3gTCi13g&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 641961
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-1o_MgpfL3vn07aaYMhBB9SFCF-QvKg-D1tKUEw&google_gid=CAESEJED4glZKYNkqBg3gTCi13g&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame F3A2 43 B
146 B 129ms
40ms Image
image/gif 18.157.146.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-jU1Gx5fL3vn07aaYMhBB9SFCF-QidKsrNHN23g&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.146.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-146-236.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame F3A2
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5953564206032569238

43 B
370 B

158ms
50ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5953564206032569238

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 911046
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:12 GMT
an-x-request-uuid: 1122ca6c-bea4-43ea-b1ec-44ec357c5a61
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5953564206032569238
x-proxy-origin: 80.255.7.106; 80.255.7.106; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame F3A2 53 B
785 B 183ms
78ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-h31msZfL3vn07aaYMhBB9SFCF-QeCRjb9yXCvw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 14 Oct 2023 10:17:12 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Sat, 14 Oct 2023 10:17:12 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame F3A2 0
239 B 182ms
48ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-hUD0NJfL3vn07aaYMhBB9SFCF-QZGBoVWw2RaA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame F3A2 0
35 B 141ms
40ms Image
text/plain 52.29.178.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-gQwQDZfL3vn07aaYMhBB9SFCF-QUTlXMqdWBqw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.178.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-178-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:12 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame F3A2 43 B
163 B 155ms
50ms Image
image/gif 185.86.138.153
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-NFqmLpfL3vn07aaYMhBB9SFCF-SwbZKOM9YrAw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:12 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame F3A2 0
99 B 156ms
44ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-3LP8EpfL3vn07aaYMhBB9SFCF-QGIKAKBYqXAA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42913

GET
H2 200 um
criteo-sync.teads.tv/ Frame F3A2 23 B
163 B 199ms
66ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-yd-H2ZfL3vn07aaYMhBB9SFCF-SCGU9_CmMtGA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires: Sat, 14 Oct 2023 10:17:12 GMT
pragma: no-cache
date: Sat, 14 Oct 2023 10:17:12 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame F3A2 37 B
140 B 128ms
40ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-NCso8ZfL3vn07aaYMhBB9SFCF-TAoBsgkaFueQ&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame F3A2 0
125 B 184ms
43ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k--VJ_gpfL3vn07aaYMhBB9SFCF-QHErgMjnSbTw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame F3A2 43 B
163 B 128ms
39ms Image
image/gif 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-6kBqWZfL3vn07aaYMhBB9SFCF-TOVBvfJzUCWA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:12 GMT
last-modified: Fri, 18 Nov 2022 16:49:04 GMT
server: nginx
accept-ranges: bytes
etag: "6377b780-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame F3A2 49 B
385 B 215ms
61ms Image
image/gif 54.216.219.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Unfu9ZfL3vn07aaYMhBB9SFCF-QKfiUBM5eLhw

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.219.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-219-8.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:12 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 6
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame F3A2
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-E41AppfL3vn07aaYMhBB9SFCF-RuqraqlyHAcQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-E41AppfL3vn07aaYMhBB9SFCF-RuqraqlyHAcQ&C=1

43 B
324 B

56ms
54ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-E41AppfL3vn07aaYMhBB9SFCF-RuqraqlyHAcQ&C=1
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMooSBRiZKd9wuY4LRitplsOR%2BiFvELWZRtLGCgZrxr7DLt0WP3hKxV2PmMpWuKJ3B5PpUrGaDWkSzTWwLa9jjQ%2BHWRNn992gpOqwoFesgt%2F9i7lLIm%2Fg2Xm5eC7iqZRfRPo"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 815f123d09021c11-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8coZdZyGSREROlTQnGUNQg%2By31InSJLMx5CuQ80YQC9bK4iApyOxqxWvKGDAUcMkG2SUBadWjYYcRYudkTPWEgHRH6NEa1wdIiJiMZNwZD%2BpIsWc9TEtMMzw7ZNh0tF2wlvn"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-E41AppfL3vn07aaYMhBB9SFCF-RuqraqlyHAcQ&C=1
cache-control: no-cache
cf-ray: 815f123ca88c1c11-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame F3A2
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=yVCEO74KoYF9Vy6b02T7vPwBupWDIdnK
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yVCEO74KoYF9Vy6b02T7vPwBupWDIdnK

42 B
942 B

56ms
56ms

Image
image/gif

54.229.208.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yVCEO74KoYF9Vy6b02T7vPwBupWDIdnK

Protocol

HTTP/1.1

Server

54.229.208.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-208-26.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v052-07f475049.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 24P5NJxkR7w=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v052-0fadccbfb.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: mEAmotwYRDM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yVCEO74KoYF9Vy6b02T7vPwBupWDIdnK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame F3A2 43 B
921 B 134ms
44ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-dUS0fpfL3vn07aaYMhBB9SFCF-SkI8hKYJzl4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 14 Oct 2023 10:17:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame F3A2 43 B
199 B 191ms
54ms Image
image/gif 52.212.215.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-blc2jZfL3vn07aaYMhBB9SFCF-StMHpK27yEXA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.212.215.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-215-149.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 14 Oct 2023 10:17:12 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame F3A2 42 B
274 B 140ms
52ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-nXzNnJfL3vn07aaYMhBB9SFCF-QqwMxHpNqaGg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:11 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame F3A2 0
877 B 139ms
42ms Image
text/html 18.159.114.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-7m5J4ZfL3vn07aaYMhBB9SFCF-S7o8f023ssaw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.114.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-114-228.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:12 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame F3A2 43 B
422 B 385ms
117ms Image
image/gif 107.20.144.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-1pjLIpfL3vn07aaYMhBB9SFCF-RasQuRxuewhA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.144.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-144-7.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:12 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame F3A2 0
145 B 586ms
144ms Image
text/plain 64.74.236.63
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-zXxb55fL3vn07aaYMhBB9SFCF-RBIE2VM07V_g&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.63 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 10:17:12 GMT
Cache-Control: no-cache
X-TraceId: fcd0ae35dcbc3134440f1abc8c3743e9
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame F3A2 42 B
578 B 158ms
47ms Image
image/gif 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-anAqbpfL3vn07aaYMhBB9SFCF-SuvtEbyCehgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 14 Oct 2023 10:17:11 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame F3A2 43 B
399 B 369ms
117ms Image
image/gif 2600:1f18:612b:4264:9ca0:e35:54d2:840d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-Hzxb1JfL3vn07aaYMhBB9SFCF-S2rP_MsnmIyQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:9ca0:e35:54d2:840d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 14 Oct 2023 10:17:12 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame F3A2 43 B
153 B 103ms
36ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-vu0EJJfL3vn07aaYMhBB9SFCF-S9_2jmRX3G3A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 14 Oct 2023 10:17:12 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame F3A2 0
400 B 156ms
55ms Image
text/plain 184.30.17.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-DXCsiZfL3vn07aaYMhBB9SFCF-SbUEOyFo0J2Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Oct 2023 10:17:12 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 13 Oct 2023 10:17:12 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame F3A2 0
38 B 206ms
57ms Image
text/plain 34.246.73.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-EoTEgpfL3vn07aaYMhBB9SFCF-SC2eCv-3wh4A&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.73.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-73-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:12 GMT
content-length: 0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-5QX5T4NLR6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a273a114d7466411d33f99e6d4ed1b27960c2d9312247e39bcd74f53cdb94386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80329
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 10:17:12 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-SQEL52NP0G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFCHH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d6e597a2316e55f70d2f555756b918b956b7490bdfa947ed0994ec93f899883

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91833
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 10:17:12 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 46ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N5DW4FZP31&gtm=45je3ab0&_p=16200886&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1697278627&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=scroll&epn.percent_scrolled=90&_et=148
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N5DW4FZP31&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 47ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RYEFEW2YRY&gtm=45je3ab0&_p=16200886&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1697278627&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=scroll&epn.percent_scrolled=90&_et=118
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYEFEW2YRY&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 48ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H4QYCECT8W&gtm=45je3ab0&_p=16200886&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1697278627&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=scroll&epn.percent_scrolled=90&_et=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H4QYCECT8W&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=420402296948579&ev=engaged_scrolled_users&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&rl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&if=false&ts=1697278632156&sw=1600&sh=1200&v=2.9.134&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1697278627560.1191031376&ler=empty&it=1697278629493&coo=false&tm=2&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 14 Oct 2023 10:17:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 47ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5QX5T4NLR6&gtm=45je3ab0&_p=16200886&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1697278632&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=tmbt_scroll_50&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-5QX5T4NLR6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SQEL52NP0G&gtm=45je3ab0&_p=16200886&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&_s=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-SQEL52NP0G&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/ Frame F3A2 43 B
896 B 47ms
47ms Image
image/gif 185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-NoYDN5fL3vn07aaYMhBB9SFCF-RcXbZXvQrY0w

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:12 GMT
an-x-request-uuid: ecbb5d99-56c2-4c90-b4bd-e6706f8b4275
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.106; 80.255.7.106; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame F3A2 0
15 B 43ms
43ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k--VJ_gpfL3vn07aaYMhBB9SFCF-QHErgMjnSbTw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:17:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame F3A2
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=6XQVJAnDI2D-fAziBcayyLNJbYpWTPKi

0
338 B

188ms
56ms

Image
text/plain

52.215.100.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=6XQVJAnDI2D-fAziBcayyLNJbYpWTPKi
Protocol: H2
Server: 52.215.100.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-100-89.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by: beacon-n007-dub-prod.krxd.net
date: Sat, 14 Oct 2023 10:17:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=125 t=1697278632
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=6XQVJAnDI2D-fAziBcayyLNJbYpWTPKi
date: Sat, 14 Oct 2023 10:17:11 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 728237
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame F3A2
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=9zaxCDqK_QfF9qoXrIkQVKjAcKPov4Ju

35 B
268 B

398ms
128ms

Image
image/gif

3.13.229.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=9zaxCDqK_QfF9qoXrIkQVKjAcKPov4Ju
Protocol: H2
Server: 3.13.229.41 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-229-41.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:13 GMT
x-bt-requestid: d79f74d0-6a7a-11ee-afd1-0000ac170070
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=9zaxCDqK_QfF9qoXrIkQVKjAcKPov4Ju
date: Sat, 14 Oct 2023 10:17:12 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1869744
content-length: 0

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
305 B 121ms
121ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://secure.vantagemarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://secure.vantagemarkets.com
Date: Sat, 14 Oct 2023 10:17:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4PGVH7BC9T&gtm=45je3ab0&_p=16200886&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1697278627&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=scroll&epn.percent_scrolled=90&_et=196
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PGVH7BC9T&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 50ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TRQKDTYSC9&gtm=45je3ab0&_p=16200886&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1697278627&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2Flogin&dr=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Vantage%20Login%20Client%20Portal%20%7C%20Vantage&en=scroll&epn.percent_scrolled=90&_et=51
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TRQKDTYSC9&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.vantagemarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 10:17:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.vantagemarkets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: asia.creativecdn.com
URL: https://asia.creativecdn.com/tags/v2?type=json

Domain: px4.ads.linkedin.com
URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4935180&time=1697278627572&url=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLCYjEV4xngOwAAAYstsJFybclSUXa5d_SXl1-rs-S_atjs-WpSIN4wgoyj6_X5d7oxX40

Domain: us-1-api.insightech.com
URL: https://us-1-api.insightech.com/pageview/089a28b851/18b2db08c17.41f58/18b2db08ce9.18f83/1

Domain: o.clarity.ms
URL: https://o.clarity.ms/collect

Domain: api.permutive.com
URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=56f9565d-0f2f-47a3-83f7-67113ce28926

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4PGVH7BC9T&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1697278627&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=7

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4PGVH7BC9T&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1697278627&sct=1&seg=1&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=user_engagement&_et=1548

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RYEFEW2YRY&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=4

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RYEFEW2YRY&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=user_engagement&_et=1507

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H4QYCECT8W&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=62

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H4QYCECT8W&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=user_engagement&_et=1413

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N5DW4FZP31&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=31

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N5DW4FZP31&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=user_engagement&_et=1415

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TRQKDTYSC9&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=32

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TRQKDTYSC9&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=user_engagement&_et=1276

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SQEL52NP0G&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&_s=2&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=scroll&epn.percent_scrolled=90&_et=10

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SQEL52NP0G&gtm=45je3ab0&_p=1819566435&cid=1748756277.1697278627&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1697278627&sct=1&seg=0&dl=https%3A%2F%2Fsecure.vantagemarkets.com%2FdepositFunds&dt=Secure%20Client%20Portal&en=user_engagement&_et=1099

Domain: o.clarity.ms
URL: https://o.clarity.ms/collect

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=148026267&tm=gtm002&Ver=2&mid=1b0d12ed-f17d-4195-99d6-da3dc06ef9cd&sid=d4e29f706a7a11ee9f944987b925b373&vid=d4e2ce106a7a11eeb921333e01092687&vids=0&msclkid=N&evt=pageHide

Domain: us-1-api.insightech.com
URL: https://us-1-api.insightech.com/pageview/089a28b851/18b2db08c17.41f58/18b2db08ce9.18f83/3

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

85 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/af	1969-12-31 23:59:59	Name: oo Value: 1
.vantagemarkets.com/	1970-01-20 15:28:00	Name: __cf_bm Value: WruwPvPR4zHLq4DiKHVbm038auln.sy2MeaSsp33FUc-1697278626-0-AbHaSGDzel4E2VNI98UoktWFu1GCm6EMAhQhmC8qwYG6Yy3J8KSiIb+0Q8tT2PKAg+9zCCDnNjlb88kci1cX9Qk=
.secure.vantagemarkets.com/	1970-01-21 01:03:58	Name: insightech_vid Value: 18b2db08c17.41f58
.vantagemarkets.com/	1970-01-20 17:37:34	Name: _gcl_au Value: 1.1.149757589.1697278627
us-1-api.insightech.com/	1970-01-21 01:03:58	Name: 089a28b851_vid Value: 18b2db08c17.41f58
.go.affec.tv/	1970-01-21 00:13:34	Name: ck Value: 652a6aa34998b200017b1e6d
.doubleclick.net/	1970-01-21 00:49:34	Name: IDE Value: AHWqTUnNomxdhdB_tc8SRJ80AmHeJdrTGbg3nLI1vAHFMiL9lcWUQbCxA07GWU5W
secure.vantagemarkets.com/	1970-01-21 00:13:41	Name: __rtbh.lid Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%220a5iuumhJW7JLgSvPdIo%22%7D
.vantagemarkets.com/	1970-01-20 15:29:25	Name: _gid Value: GA1.2.1785704136.1697278627
.vantagemarkets.com/	1970-01-20 15:27:58	Name: _gat_UA-28849650-1 Value: 1
.vantagemarkets.com/	1970-01-20 17:37:34	Name: _rdt_uuid Value: 1697278627421.0d349ae3-212a-4c00-bf8c-ec0badc117be
.tiktok.com/	1970-01-21 00:49:34	Name: _ttp Value: 2WkZdoTzDm1i0xrFN9iI0cikB9m
.vantagemarkets.com/	1970-01-20 17:37:34	Name: _fbp Value: fb.1.1697278627560.1191031376
.vixverify.com/	1969-12-31 23:59:59	Name: nlbi_2338766 Value: bqJjFcrySEQocWwOa0UWxQAAAAD5dnoDM0c5Gvvq5Yc798GR
.vixverify.com/	1970-01-21 00:12:55	Name: visid_incap_2338766 Value: coFVP7WGQ/mpo9UAMw1vR6JqKmUAAAAAQUIPAAAAAACWxYiyCATwo2T/puItnfz0
.vixverify.com/	1969-12-31 23:59:59	Name: incap_ses_728_2338766 Value: KcycVaDMOR2nIJcJmWAaCqNqKmUAAAAANRGw+muSUjfz3uJx8xjbMQ==
secure.vantagemarkets.com/	1970-01-20 15:29:25	Name: ln_or Value: eyI0OTM1MTgwIjoiZCJ9
.adnxs.com/	1970-01-20 17:37:34	Name: uuid2 Value: 5953564206032569238
.go.affec.tv/	1970-01-21 00:13:34	Name: oo Value: 1
.vantagemarkets.com/	1970-01-21 00:49:34	Name: _tt_enable_cookie Value: 1
.vantagemarkets.com/	1970-01-21 00:49:34	Name: _ttp Value: qHJbjWL0izo43BfGZRN7qQZLm_h
.linkedin.com/	1970-01-20 17:37:34	Name: li_sugr Value: 0854972f-0915-4476-9818-f9fbe83b1dc8
.linkedin.com/	1970-01-21 00:13:34	Name: bcookie Value: "v=2&ee5673e8-634d-4fd0-8184-289294df3023"
.linkedin.com/	1970-01-20 15:29:25	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2675:u=1:x=1:i=1697278627:t=1697365027:v=2:sig=AQGCpSSxdsSkbSmVud2H9rpFJfqFsoH5"
.vantagemarkets.com/	1970-01-20 19:51:29	Name: permutive-id Value: 968a3e0d-ceef-454e-9afa-38154a23d2bf
www.clarity.ms/	1970-01-21 00:13:34	Name: CLID Value: 178a70dc54064ccfa5a8f9c14c60a16d.20231014.20241013
.linkedin.com/	1970-01-20 16:11:10	Name: UserMatchHistory Value: AQKEIhxAkQ3tNQAAAYstsJAimCPExU5KPziH_ZpPiPdAkBvOKNauUqw7d9AP3H4nDSistX_AGEzP6g
.linkedin.com/	1970-01-20 16:11:10	Name: AnalyticsSyncHistory Value: AQLgHuW8i_tYcAAAAYstsJAi8DggiEoKXYEXynS1_PawwwMzP8YYJs9x7n_kU8ctXXg-Ae6Sk0DjE3RjHmcvVw
.vantagemarkets.com/	1970-01-21 00:13:34	Name: _clck Value: 3d2gnl\|2\|ffu\|0\|1382
.www.linkedin.com/	1970-01-21 00:13:34	Name: bscookie Value: "v=1&202310141017083a3e3a8f-856e-4c28-8250-32677479cafbAQEeshKrlpJR_3YYqCK5_uIFQPNYyBbW"
.linkedin.com/	1970-01-20 19:47:10	Name: li_gc Value: MTswOzE2OTcyNzg2Mjg7MjswMjG1ky1vp8LOXNGopbkDbFzFJFHLMFAhs8KZ8a2XuNMrNg==
.bing.com/	1970-01-21 00:49:34	Name: MUID Value: 0885377FBE36660D10AC24D5BF9A675B
.criteo.com/	1970-01-21 00:49:34	Name: uid Value: 352ba35d-2c6c-4722-98f7-0a0c5c9e603a
.vantagemarkets.com/	1970-01-21 01:03:58	Name: _ga_4PGVH7BC9T Value: GS1.1.1697278627.1.1.1697278629.58.0.0
.vantagemarkets.com/	1970-01-21 01:03:58	Name: _ga_TRQKDTYSC9 Value: GS1.1.1697278627.1.1.1697278629.58.0.0
.vantagemarkets.com/	1970-01-20 15:29:25	Name: _uetsid Value: d4e29f706a7a11ee9f944987b925b373
.vantagemarkets.com/	1970-01-21 00:49:34	Name: _uetvid Value: d4e2ce106a7a11eeb921333e01092687
.go.affec.tv/	1970-01-21 00:13:34	Name: pt Value: eyJhbiI6eyJkdCI6MTY5NzI3ODYyNywiaWQiOiI1OTUzNTY0MjA2MDMyNTY5MjM4IiwibHMiOjE2OTcyNzg2Mjl9LCJ2IjowfQ==\|1697278629\|8b653b6eedd1e77c8e89657e15754ccc449fd3ca
.creativecdn.com/	1970-01-21 00:13:34	Name: u Value: MCmsQ1f0d738zMRKolR2
.creativecdn.com/	1970-01-21 00:13:34	Name: ts Value: 1697278629
.vantagemarkets.com/	1970-01-21 00:13:34	Name: cf_clearance Value: T3YSrVIRECFdQ5HgDGtUcsUt6D3Cml2xbHiBwGvupKw-1697278630-0-1-fbf29f81.f01c9564.acf3c061-0.2.1697278630
.appsflyer.com/	1970-01-21 00:56:46	Name: af_id Value: e75deb91-268e-496c-aaf8-6f78fed1ffbd-p
.vantagemarkets.com/	1970-01-21 01:03:58	Name: afUserId Value: e75deb91-268e-496c-aaf8-6f78fed1ffbd-p
.onelink.me/	1970-01-21 01:03:58	Name: af_id Value: e75deb91-268e-496c-aaf8-6f78fed1ffbd-p
.vantagemarkets.com/	1970-01-20 15:38:03	Name: AF_SYNC Value: 1697278630381
.creativecdn.com/	1970-01-21 00:13:34	Name: ar_debug Value: 1
.vantagemarkets.com/	1970-01-20 15:29:25	Name: _clsk Value: wqbdxf\|1697278630680\|1\|1\|o.clarity.ms/collect
widget-mediator.zopim.com/	1970-01-20 15:38:03	Name: AWSALBCORS Value: niEsAxgAJabhDvB5LA8wh5oJpT0nQniYVVR+n+R+YYYL9kVoUzA05ZNnizzXiXfsybapVCuIzgzij8NqGZtef9EvCJqSR+R/bPd/pS2coqBpkRrORAQZl1RLFUob
.vantagemarkets.com/	1970-01-21 00:57:22	Name: cto_bundle Value: ytxErV9zTWRKZHdyN1hhT1NsNUl0ZnpmT1FvbVRPTHV4b3pDSVZjb0xvOWRaTTdBUGQxeWFGWmUwVThoRndNVmNSTnZ1UlVDZ2J3QkFRcDhoSlFFQWZoNXZnJTJCOWZQYTFrZ3lhYVU2OUFCZVQ5dFF0c1JMNEtrY1VnM25ma0gxRDZIUG1jVllmWm51aUY5eXBQRFlHb3Q3eVU1cmZ0QjdnZ200VldVWThITzN3WGUzYyUzRA
.vantagemarkets.com/	1970-01-21 00:13:34	Name: __zlcmid Value: 1IKmC9Ymca89XaX
.adsrvr.org/	1970-01-21 00:15:01	Name: TDID Value: 660c3c9e-5a3b-40e9-b5e9-95d779b3f6d2
.vantagemarkets.com/	1970-01-21 01:03:58	Name: _ga_N5DW4FZP31 Value: GS1.1.1697278627.1.1.1697278632.0.0.0
.vantagemarkets.com/	1970-01-21 01:03:58	Name: _ga_RYEFEW2YRY Value: GS1.1.1697278627.1.1.1697278632.0.0.0
.vantagemarkets.com/	1970-01-21 01:03:58	Name: _ga_H4QYCECT8W Value: GS1.1.1697278627.1.1.1697278632.55.0.0
.vantagemarkets.com/	1970-01-21 01:03:58	Name: _ga Value: GA1.1.1748756277.1697278627
.vantagemarkets.com/	1970-01-21 01:03:58	Name: _ga_5QX5T4NLR6 Value: GS1.1.1697278632.1.0.1697278632.0.0.0
.media.net/	1970-01-21 00:13:34	Name: visitor-id Value: 3402802329085824000V10
.media.net/	1970-01-20 16:11:10	Name: data-c-ts Value: 1697278632
.media.net/	1970-01-20 16:11:10	Name: data-c Value: k-h31msZfL3vn07aaYMhBB9SFCF-QeCRjb9yXCvw~~3
.vantagemarkets.com/	1970-01-21 01:03:58	Name: _ga_SQEL52NP0G Value: GS1.1.1697278627.1.0.1697278632.0.0.0
.c.bing.com/	1970-01-20 15:38:03	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:49:34	Name: SRM_B Value: 0885377FBE36660D10AC24D5BF9A675B
.demdex.net/	1970-01-20 19:47:10	Name: demdex Value: 30487297431816285561417789981512966235
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:49:34	Name: MUID Value: 0885377FBE36660D10AC24D5BF9A675B
.c.clarity.ms/	1970-01-20 15:38:03	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:27:59	Name: ANONCHK Value: 0
.casalemedia.com/	1970-01-21 00:13:34	Name: CMID Value: ZSpqqIjFfAs.jFOfr2snmgAA
.casalemedia.com/	1970-01-20 17:37:34	Name: CMPS Value: 3242
.casalemedia.com/	1970-01-20 17:37:34	Name: CMPRO Value: 3242
.dpm.demdex.net/	1970-01-20 19:47:10	Name: dpm Value: 30487297431816285561417789981512966235
.omnitagjs.com/	1970-01-20 16:11:10	Name: ayl_visitor Value: 5dc6cd852d9a40fa5fad889baba033f9
exchange.mediavine.com/	1970-01-20 15:48:08	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22d74016c0-6a7a-11ee-a5d1-d356d0753c73%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:48:08	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22d74016c0-6a7a-11ee-a5d1-d356d0753c73%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:48:08	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22d74016c0-6a7a-11ee-a5d1-d356d0753c73%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:48:08	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22d74016c0-6a7a-11ee-a5d1-d356d0753c73%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 15:48:08	Name: criteo Value: %7B%22id%22%3A%22k-7m5J4ZfL3vn07aaYMhBB9SFCF-S7o8f023ssaw%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/	1970-01-20 17:37:34	Name: anj Value: dTM7k!M4/QE:2jUF']wIg2E>=jeFJi!fsuh!k76bp7qvC00'ApqcZ3!FYIGsD[%!_o[!=SX.gea^oG^yU$')E@g@@m?J]s3ky+^1S^5-`Fl3SNKr@HkQ68Pn>2:.pHY-15903c4?'`Eo:CMk=!a8Hn!_6-zQEVk`!4YaR`2c4/
.pubmatic.com/	1970-01-20 16:11:10	Name: KRTBCOOKIE_97 Value: 3385-uid:k-anAqbpfL3vn07aaYMhBB9SFCF-SuvtEbyCehgg&KRTB&23144-uid:k-anAqbpfL3vn07aaYMhBB9SFCF-SuvtEbyCehgg&KRTB&23286-uid:k-anAqbpfL3vn07aaYMhBB9SFCF-SuvtEbyCehgg&KRTB&23287-uid:k-anAqbpfL3vn07aaYMhBB9SFCF-SuvtEbyCehgg
.pubmatic.com/	1970-01-20 16:11:10	Name: PugT Value: 1697278631
.krxd.net/	1970-01-20 19:47:10	Name: _kuid_ Value: P2rIhWpK
.postrelease.com/	1970-01-21 00:13:34	Name: opt_out Value: 1
.tremorhub.com/	1970-01-21 00:13:55	Name: tvid Value: 2c7f37c492774f6ab3448150b94fa1d3
.tremorhub.com/	1970-01-20 16:11:10	Name: tv_UICR Value: k-Hzxb1JfL3vn07aaYMhBB9SFCF-S2rP_MsnmIyQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11450497.fls.doubleclick.net
a.twiago.com
ad.360yield.com
ad.yieldlab.net
adservice.google.com
alb.reddit.com
analytics.tiktok.com
api.permutive.com
asia.creativecdn.com
assets.zendesk.com
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn.insightech.com
cdn.linkedin.oribi.io
cdn.permutive.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d.adroll.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
ekr.zdassets.com
exchange.mediavine.com
geoip-js.com
go.affec.tv
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
insight.adsrvr.org
ipapi.co
jadserve.postrelease.com
js.adsrvr.org
js.maxmind.com
map.go.affec.tv
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
o.clarity.ms
pixel.rubiconproject.com
prodstorage.azureedge.net
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.adroll.com
s.thebrighttag.com
secure.adnxs.com
secure.vantagemarkets.com
simage2.pubmatic.com
simpleui-au.vixverify.com
snap.licdn.com
sslwidget.criteo.com
static.zdassets.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tags.creativecdn.com
ups.analytics.yahoo.com
us-1-api.insightech.com
vantagefx8311.zendesk.com
visitor.omnitagjs.com
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
x.bidswitch.net
api.permutive.com
asia.creativecdn.com
bat.bing.com
o.clarity.ms
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
us-1-api.insightech.com
103.132.192.30
104.126.37.43
104.16.51.111
104.18.27.193
104.18.70.113
104.18.72.113
107.20.144.7
108.138.15.119
13.107.43.14
141.226.228.48
141.95.98.64
142.250.185.162
142.250.74.198
151.101.65.140
178.250.1.9
178.250.7.11
178.250.7.13
18.157.146.236
18.159.114.228
18.203.58.141
184.30.17.243
184.30.20.22
185.64.191.210
185.86.138.153
185.89.210.101
2.16.97.41
2001:4860:4802:34::36
2600:1f18:612b:4264:9ca0:e35:54d2:840d
2600:9000:20eb:e800:2:53b2:240:93a1
2600:9000:225e:6600:6:9280:1080:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:20::ac43:45e2
2606:4700:4400::6812:216e
2606:4700:4400::ac40:946c
2606:4700:7::a29f:8716
2606:4700::6811:7611
2620:1ec:21::14
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2004
2a00:1450:4001:811::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2013
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9b
2a02:2638:3::e
2a02:2638:d::d
2a02:26f0:3500:11::215:14d5
2a02:26f0:3500:16::215:149b
2a02:6ea0:c700::17
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::396
2a05:d018:cc3:fe04:4b7a:87c2:3628:5d9f
3.13.229.41
3.75.62.37
34.107.254.252
34.117.157.22
34.246.73.161
35.201.125.75
37.157.5.133
45.60.33.224
52.152.143.207
52.208.185.27
52.208.246.207
52.212.215.149
52.215.100.89
52.223.40.198
52.29.178.177
54.216.219.8
54.229.208.26
54.72.210.155
64.74.236.63
68.219.88.97
69.173.144.139
76.223.111.18
85.215.5.31
017dc97e6482b9894606807bf612f6423bfb074e8f21a361662cb12596a2d704
0220ff91793a69f38e021841d332560e81affb8bd0ea4aa9c7caad1b8ac33789
037c6afcd308c0c505709f926681a5733e98c4a3dea50819f3a3a98ee4abc5ee
0531150d4d5d771799a53b6641a4d22bdb5ddb23699386d8da49177b11d08157
063f2358d946bfd7cacc050168a41abeae0d8f70551ed32a808d05599db72597
07bc2314b8e1bd080eecbfd7e5839c307c2dfcda24e1b0a45912b65dfce91100
0cf9802d73ce2b3d4528989db78998ecca784810e85a5feded2ae666812da3b4
0d6e597a2316e55f70d2f555756b918b956b7490bdfa947ed0994ec93f899883
103f2366ce3e0af25421cadbb0a33031639ac03a69c4820dd6a8c77b3947a256
12b5e0ab5a357e7b683e3930f8dda76f017dba96377591682dcb4b1d39753445
12ba27da092f5fa89526a71de0b7946ee85024775eb360f40ef66a1ebeea9758
168409daa5c5a8dcca6ebcb730c6d7c7e1df6475c0727eedade75eafb8c40116
181e216ed335fe97694bb848ca496e420b4d3a7c332a74678886e1fbec324723
18703907f189e33dfb9bf8e609b8a3dfb6092d5c560774de65b1e1581c29de6a
19f9bd2c56e13a1adc382fb52bb03abe6ea7284415855adeb244cfce20cca048
1a12edab3bc7b15a4e02f1af60dbc33353fcdd35bea0b30313051c7b9d29e4c0
1a41d2a9d4febf4ab4efa620bd301d8bd06f22534c785ef4a09d61d7a582b932
1acba9947e628f030d543e0041d670b5880a36bcc88f0ca9884f27115995705b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d1ec8a732829feab41dfc5364e33e9c05ee489d76b77ea45b14cfb069574a53
1ed81fdc8f79e97a06bde70eb5a893a2b020a1aa638bcb0457a659a6df69ad7c
20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321
24992d24cdedb8e43adbc8b27c7ca67dedfb103549ecf876cec648da06cbe577
24a0379eaeac3d8de8f2b77a318fef99bae4ef5ca07d2eca39b8a0f3c21911b6
2530526878c08a1bc1d828cd06acdf3de779b1b87519e84c6c602bb62448d92f
26cf6c841718583dc3a8b45f65cad15a5432b572d78f3b73f1547f888ebb8186
27ac4b2216358ab3848230d2a3c7aa4baec449c00e5d053d30e688080ed4d13b
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2a959f30a41da2e22c60176c9f6f7529bae80847e0afde7fc3c62a2ac11789d4
2b3b815739f4ebe87acf9c29fec8a4e7b927487635844f5d393a1abae3ea1e02
2c86a796a5d49988094699ef38ed9c3f9a4a59bb5ea3a4fb234c60ed5f3e091e
30a5576a7427067abc24851d5f871912662116688f21abc79113c83a4046484b
30e8bab000c64537aa4d19b4524e907e3f611212d968999a031173ce9e2b46fb
31849ded39e457ee99900edc506aa2e6544f6389187d6fa709f898fad810ba7f
3228fd70928e6d8d6bbc95f8f9e0568d7c51a97053e9db44c4ce02b93eb426f0
3283a4ecd3b20bcea9356984de000efc6d0e1c727458c9fe397d64f466619eb3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35c68ae34e6a648ce704a3619332aa10bee088b307d07d9d82b16942ffe8f906
36a986af8b92f6aaadd797c03f670041bb8f20977ed5a43fcbb7fd9e23c24ab9
380984fd898e483988149c94cce219c8ea6aa00b64ea024700a35ff5b675178f
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
3946119025988e271eb91d740c15521312cae46c4b918882f3d10fce26ddd457
3949af92fafbd6afb165339ea3b32043c25b9390061df9a7fc1c6d1f9f080520
3a02e31a6fd1df51b483a1b9037f9b9588ac0339d1cd9ef343b61121f6002889
3b8a7110eb2fe3c263d9dc452ac2fae29e9db98fb5f9222bd3749a38996e72ae
3daed38dbc41f5bd7030caa2fbfb7a9308a7878f2e73f3e1fd5b2835abf06f99
3f09b0048da84d573059b81b30509e8720b13a2eac382156ead0fc1665b486e1
4241f472f9060a596ce0f22986c6fb3c4e88d96bed6572d539401df391413707
448394f02e1d311bf63793f98f52973fb948195c90522c965e4341b68923f4a5
45bb446e05917603d3215b446f4bc78b23502c88aa15bbaa608349d3842c1f4c
47cd090c2fb3a3901db143a82fc04d4b31be73e312c78eb1e7b273fe6187c95e
47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f
4a144c91c74315a09d47467f3bbaaa452f9e803ef331a6b77881ea7c9d5d16e5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c98a0de5408c840cfbf29d4fe066fae881e2ad5b76d8c80c3804f55653c15e2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6178cb3326d3476de9450c6fea7ee42d60e6765531304760247594ec91a499
537a92d22616e2bed897f9e2e2cd27cf9d5d82191b8539e353d2aba5cbe3a3e1
53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5752a07d914ab783bb53d006eebc2ab153ee946b040e0a8a5cd85ac4ca7060d8
5ad343fd8a8d314ec5ba841ba84425b377fcf4261a31d4d1fd42db9a9db1eef3
5ccec28cfd201bb2a45941f8d048c465af132821b3530de2638b09cfc885e223
602a019472a69b4fde0a1f6ab3e6e3ca0a52075e0dca120b4c9952754e983ca9
649ec59a0fd2f2355ffc28126849a36008157b9ca91ea8cf012961fdf36a07f3
6598b627323995a4930f368fe885b8ac199a01871fcd628a8324115f7a1b0051
66bf63619f853a8d2f7fa59954f6908c1f18ccee30a831008ea0048792bb9c96
6833b5471625b94d70c503abeca7bae57d37e89a78a98c6c31c5f92faed8f4d3
6b71065fc8b013e51d770dfbf3462195653636480ddd4429851db8e937037365
6b75c9b8a0c6a514c71eb12095634035f998d22e2b03e4eb8873f084fe94db74
716cf2b8a33d546df9080182719b6e7b09eae2effb7bc4f51a55268106353fce
740ac264fd6cbd635ace430eb40b6310d9e1683f304674f708b1c1d7bc0f93e4
7451ffc082c8d0351e78b7acd72c4a8186151f648e70d5d92cfe691210d47971
768eddfaebfe75bd6d5cb351c2bba69e18c717f5dc3069d04471cd37c89fafa9
7a2bf6ea31bc403d78891fe4dec3bd315d39f1b5aedd4caa0ef26c0b171c7790
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7c9dcfa1e53af950445da204fd099866c50495fc4d96a0c49c7891ef592b1eae
7ccf80229bbe586853232059978b67c1dbe6ccd7f6b4b8585b34bbcf2d9f195f
802649b1875ec5227a5eb90222e7dfe7e38e1b37814ff169f137f46308fa0ba9
819c9553d935f02072955cae3a2a365d1316aa1a80d6541643d567ac6a267b51
82c57eef6f10cc57f87f02126759ccb24b0c818711f29297c809a8ef43ae72db
82ffa597b3afcccae12313ca1fbcc613edb3528a3ca485e90c3a842b2d66d0af
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844beb98920f29f323e4c2c4a1396a99fdb5013084cec3da45cc5563d1315dfd
86b721dd502671228f748f3132bee4c6841164ac381887515e28ad92bf68e2ea
872fafec77477312467cd0335b9e5a1c62b212d8eb07626e60f6579ee40978b5
886f458757650626baff56529f49c574e41e4fcf180759395165290a590040d6
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d318a28309c072884a96448cf8bbe5763d8f3741a5cabb16509878bddd75baf
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e33d5c759344bb50080a0b45d712cd6d61439ed8590614a107a9137883156bb
9012a88d0c763f3de060581c611107decadb4bbfb990c8dd876ea402492dac50
902a264cfa07d9fb4bfe3e9b4e3992af8029b0dffdb70217eb1a1a443fa5a5c3
9112b8deabe2f8b66c82d539579da86049f4702cefb8761cbb1ed406f248f0a8
91cc953ddd3fc87949c5f8815956c809ca2171b84ff088d05fb98c14a5d22d9c
922d29ddc0a0bc11caa1f2c8fc979747b16fb57262566c18898c612eaaddd7fd
92a6add9568f8d6673caff797b680d8a90d4f1fd96bf38885441cd99b1e9ec79
92dc71b2b301fe61125b25c9adfd1fe6ad97c2322b0225114d47d8c781287f43
94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae
96691e4d06ce49c930c1e5a33913592e32c7ceabe570d15d1ee07d2513845bea
977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21
9794cc104bfb6b477b5d36ec8c9daebb3d0ade7d4b6d84f17052491d2cc73a65
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c0fc9916dfffc05769809e8c4edd41f77d774acb2ed9aef5e35916054ec22c4
9d3f506dc174f148787b21f5ff26b3452a9a5d2598dea553a79b27bf9b6d1e3d
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e51fe59a20f9fb215356433055391f68ccc19279c40303b5b1ed05d776ef49f
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
9f950a7a8cd762d684310349cdf41a5749ee0dc95029c22376a3f5641b206430
a000d4644c8f98685a42f53e9c6f3c1ea798bb7b486da7cf7c72c514c4bfbb2e
a05d1a69eca247bbc1936d53d692892bbda0588c9d67135bf6d3715e0b15d353
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d
a273a114d7466411d33f99e6d4ed1b27960c2d9312247e39bcd74f53cdb94386
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a2f8e8e47efbe6632af47c617df43eca10a373112830f2c982ade65191fd083b
a5a6637b9e432c2ad9a656aba677a76e15a46c139dcf920975df6d978c6c7168
a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574
a8458b220da98c7d5c532dbe6b704acb40219c23fde715f9cfe5d4260dbdbfc4
a865fd1ba2df994f7e390eaf20e4ebcd124412da91c8031f69688ba4061f522d
af792710c77a114566cbcec5e9d973235db78867d5fbcae29b1b7cb6129af457
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b62216cd62836c798e46304d75e2787c5fab8736e66947087cfe4ff4837cb58d
b7eef143a5a949447736315c2c8cb55320308459b36bb59de05a5b2c13dbdd1f
b831a7530bfc0d2de77889fe5d1c53a113e10488f84adeb7662adf2fc49edb87
b87ff0cfd8a6f63b847549fbee8916105af0e6c33d1af0734cef7ddde286bd09
b91f6701807bf3018cc99bc0220b82d91900e5dfecd54566c8b6ef578178bfcd
ba1c1ec61ae761c4580943f202fefc7f92cf1cff1629b6f06d98c177cc0f9fcc
bb0addc7b7fceec6bba8e793e3f6bd4d1c2e22750f90e52e3a77ba746076e8a4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5275f58aba99f83f7d2679c19083d1f266cb27336a6401e6005c5bf58fff03
bb576c766f1957fba73ed67740253ec15eace416fba3e725648c2415bf320c0f
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bec8d46b4aefdfaa5d276b559022de9d4396a53c05b454d87b4fb01ac337693f
bfe1ae95d2aef4e194d7990a2ce506a14c25271fd4143c02bb89e69bbd56b7cc
c126dda4c9c293639132b1da4d06402dc019a2f213e0f08f5f5b8e87060d531e
c307ed8224582fee39c02b8402149f5450f6b57dc77dcee718df5903ba6989b9
c40ea1dda09b7bac96e4230248986c77fc4c4a56899c7acea48ca785582110e1
c44ab79fec374d3cb513d53f41cf105d23edbbac25cf0379e76276af9da87c8f
c735f21066e8ccfdd2b7b21ddadfba3c66158e58e1f3385d2a5d6a714e8d1c52
c79e791b3abfb5b39531dad71f7d6355cdaceceb9d9b7779e0ea06f271046965
c8bea8ef1bdcb995ac26d0128bbe2e2b40b31d5775860462b3ae7983e71b3b76
c9203c915320b6f49926acaad955b06dbc907d51c27afb3ca59d05731ea2b9d9
c99239e491d2b45d7f9b958230bc162aa6bd2b8bc7fd5b6a0184ed36ddccbfda
d020a39323529eb0ac441a1f8840eccaa198955277d4f556a9657fe3e8d7406f
d0d6d467f766b49ff32ebd1f7243bf58c61affe03cd3d6a9c8d62ec8448f5f35
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1c65c40468a67092c57d2b8ad63276d3216304598cfd85cbd3a1051266fe41b
d7025167701a2fa055cbb95188bc0fcf6b5f730d0362b6a01cc27eedea6fc6ec
d9a77c4e7b4afa3ef34658e66b6d16642b03241e35d0127d3f8fe6de33303e0c
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dcdb6f9d03bb72ec3868c78fd4fdf786e406fda1a1841deb305272c0e19f389f
dd363956160c2aedc31143d7b47d2be107e64fd52a48cbd130398044058fc144
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e074bcab88740ffe3d7484c4825d778569cccea43910136ef7bf14c70285d5c2
e1cae3169b8c7546a8558cc2c258c7ce50305c87f03c238b21985e6f00713e11
e31ece7a49c044833a427ad40fc3cc5e97946a9b48068a6d6a9ce2f432fac662
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fa21baa0c6e990213b97f9f29fec80ac8124745aac40cbf7dab2f1ce4885ef
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ebd61d4d1bf027e84ffaa85b248be66eafd6fe2b9a8200f45852dda78946c8d6
ed4e4e6ebf32aaa5825c56b6070a827a89bf2a5ab2ff17f91d9937c41d1e84ed
ed7d26623e9807a7180e18e13e1771d57fa8dceb349e76ab2f905b99e2a38b6f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f21c9b43acd18b81217051e43a9dde4b2e3ad3f0c5414bec23c6a8f986572748
f305fa6622115ed84944335086f2f8245a18a99e65d078587e3525f9a06c2a74
f310cc68312f8740142cec9700170bf9e00da937dd7cb806fd86e65d8e99f518
f36a87c7d4d81bfacb940e20afd7896f2ce2845c9f92a38ee28001ea945e504d
f4a32bd92ea12e54de7588307693e04d113f3e9a7481fd9185efc9347f3652a4
f4dd2655fd8ba7ee4607a5bf7864102435131556485a12bb9005543d42968683
f5b6925fadacd9eca2f346d1e53f78c6f4dfb1998a345a6f0032c285c60eed09
f5cb5a6a74d0644db17a6dd74786e488f7b67f21ce80c3865194668ee500d0a2
f776490d25b92b79011500270f16f0d660204727d1fa50e44d7eb255aaf0290d
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fc7d65e6c64d46771031947fb12ec0071649088d4cb0dd721b28716bb2e163fc
fe2abd20be90358eb969ae6bda24c0aff413bfb205d2be132fcdd650dc864d26
ff6ea1a20bb7b7e1970c982bd5d08b4e949c4a33251c44ad2ca8021fa7840f5c

secure.vantagemarkets.com Open in urlscan Pro 2606:4700:4400::ac40:946c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

432 Requests

91 %HTTPS

37 %IPv6

59 Domains

84 Subdomains

76 IPs

10 Countries

8846 kBTransfer

32326 kBSize

85 Cookies

2 Outgoing links

Page URL History

Redirected requests

432 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 28 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.vantagemarkets.com Open in urlscan Pro
2606:4700:4400::ac40:946c Public Scan

Screenshot
Live screenshot

Full Image

432
Requests

91 %
HTTPS

37 %
IPv6

59
Domains

84
Subdomains

76
IPs

10
Countries

8846 kB
Transfer

32326 kB
Size

85
Cookies

432 HTTP transactions
28 data transactions