augustforexgolem.com Open in urlscan Pro
45.40.165.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/2XUhQJS
Effective URL:
http://augustforexgolem.com/
Submission Tags: falconsandbox
Submission: On February 26 via api (February 26th 2021, 6:56:29 am UTC) from US

Summary HTTP 140 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 140 HTTP transactions. The main IP is 45.40.165.34, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is augustforexgolem.com.

This is the only time augustforexgolem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
13	45.40.165.34 45.40.165.34	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
3 42	52.210.45.137 52.210.45.137	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
18	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
140	16

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 45.40.165.34 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: p3nw8shg530.shr.prod.phx3.secureserver.net

augustforexgolem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.augustforexgolem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 52.210.45.137 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com

www.fxblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.228.123 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8004:face:b00c:0:8c (United States)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	fxblue.com 3 redirects www.fxblue.com	423 KB
36	googlesyndication.com 410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com tpc.googlesyndication.com c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com pagead2.googlesyndication.com	177 KB
16	gstatic.com www.gstatic.com	590 KB
14	doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	242 KB
13	augustforexgolem.com augustforexgolem.com www.augustforexgolem.com	436 KB
12	googletagservices.com www.googletagservices.com	260 KB
4	google.com 2 redirects www.google.com adservice.google.com	1 KB
2	atdmt.com ad.atdmt.com	750 B
2	2mdn.net s0.2mdn.net	75 KB
2	google.de adservice.google.de	964 B
1	google-analytics.com ssl.google-analytics.com	17 KB
1	paypalobjects.com www.paypalobjects.com	2 KB
1	paypal.com 1 redirects www.paypal.com	684 B
1	bit.ly 1 redirects bit.ly	251 B
140	14

	Domain	Requested by
42	www.fxblue.com	3 redirects augustforexgolem.com www.fxblue.com
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net pagead2.googlesyndication.com
16	www.gstatic.com	www.fxblue.com www.google.com www.gstatic.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net 410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com tpc.googlesyndication.com ad.doubleclick.net pagead2.googlesyndication.com
12	www.googletagservices.com	www.fxblue.com securepubads.g.doubleclick.net 410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com www.googletagservices.com ad.doubleclick.net
12	augustforexgolem.com	augustforexgolem.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com
4	googleads4.g.doubleclick.net	ad.doubleclick.net
2	ad.atdmt.com	ad.doubleclick.net
2	s0.2mdn.net	ad.doubleclick.net
2	ad.doubleclick.net	www.googletagservices.com
2	c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google.com	2 redirects
1	ssl.google-analytics.com	www.fxblue.com
1	www.augustforexgolem.com	augustforexgolem.com
1	www.paypalobjects.com	augustforexgolem.com
1	www.paypal.com	1 redirects
1	bit.ly	1 redirects
140	21

This site contains links to these domains. Also see Links.

Domain
www.fxblue.com
www.click2sell.eu
www.augustforexgolem.com

Subject Issuer	Validity	Valid
*.fxblue.com Go Daddy Secure Certificate Authority - G2	`2020-03-09` - `2022-05-08`	2 years	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-01-13` - `2022-01-11`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-01-29` - `2021-04-28`	3 months	crt.sh

This page contains 16 frames:

Primary Page: http://augustforexgolem.com/
Frame ID: 0DD667D9B0FA63DF8239A060AB6F99AD
Requests: 16 HTTP requests in this frame

Frame: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Frame ID: 1ABBD2B7A269ED72279BAA1DB979438F
Requests: 28 HTTP requests in this frame

Frame: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
Frame ID: 624B4868A1CF50519BF962B569D5689E
Requests: 12 HTTP requests in this frame

Frame: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
Frame ID: E5C44503AA5D4D43D603D834F6D38DBA
Requests: 12 HTTP requests in this frame

Frame: https://www.fxblue.com/adverts/Advert.aspx
Frame ID: 4B0E3A7E349227DECD1641D3930EFBD1
Requests: 12 HTTP requests in this frame

Frame: https://www.fxblue.com/adverts/TopAdvert.aspx
Frame ID: 195400F2FE03570E16C80F8F22DD5730
Requests: 12 HTTP requests in this frame

Frame: https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Frame ID: 453D9D3FBA160FF9038932B407587EE0
Requests: 7 HTTP requests in this frame

Frame: https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Frame ID: 6256A39747CC42EA6694FA48F336B33C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 6C6AC0307812BE8B65D95B54D9027ECD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: B952B9F0D54B1F893D08BE2053944AD6
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s
Frame ID: 78F94ADC79CF3A40DC205953D6C49010
Requests: 11 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s
Frame ID: 7DC1E64957A4C8A2F3F7871D3A689726
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 680162DF64BE6A418AD560CF1C6699E1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AB8FE13B459DEE062E06B9AF85D9A69B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js
Frame ID: DA3CE968D6307D14D5F84698270D6988
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js
Frame ID: D4EF2EA78EDA945C903BD29099FD3EBB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/2XUhQJS HTTP 301
http://augustforexgolem.com/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
html /<input[^>]+name="__VIEWSTATE/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
html /<input[^>]+name="__VIEWSTATE/i

Page Statistics

140
Requests

91 %
HTTPS

61 %
IPv6

14
Domains

21
Subdomains

16
IPs

3
Countries

2223 kB
Transfer

5478 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fxblue.com/users/afg-live2/printable

Search URL Search Domain Scan URL

URL: http://www.click2sell.eu/BUY?FXAUG

Search URL Search Domain Scan URL

URL: http://www.augustforexgolem.com/
Title: www.AugustForexGolem.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/2XUhQJS HTTP 301
http://augustforexgolem.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://www.fxblue.com/charts/ResultChart.aspx?id=afg-live2&type=monthcumulativeprofit&w=400&h=200 HTTP 301
https://www.fxblue.com/charts/ResultChart.aspx?id=afg-live2&type=monthcumulativeprofit&w=400&h=200

Request Chain 12

http://www.fxblue.com/banner.aspx?id=afg-live2&t=300 HTTP 301
https://www.fxblue.com/banner.aspx?id=afg-live2&t=300

Request Chain 13

https://www.paypal.com/en_US/i/btn/x-click-but5.gif HTTP 301
https://www.paypalobjects.com/en_US/i/btn/x-click-but5.gif

Request Chain 15

http://www.fxblue.com/fxblueview.aspx?id=afg-live2 HTTP 301
https://www.fxblue.com/fxblueview.aspx?id=afg-live2

Request Chain 50

https://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

Request Chain 55

https://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

140 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
augustforexgolem.com/
Redirect Chain

https://bit.ly/2XUhQJS
http://augustforexgolem.com/

41 KB
9 KB

423ms
396ms

Document
text/html

45.40.165.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://augustforexgolem.com/
Protocol: HTTP/1.1
Server: 45.40.165.34 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: p3nw8shg530.shr.prod.phx3.secureserver.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: ee4f295e14861fc30ed3be25273f1b27e5689349ed03c17e4d4261f1e9ea4f20

Request headers

Host: augustforexgolem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 26 Feb 2021 06:56:05 GMT
Content-Length: 9330

Redirect headers

server: nginx
date: Fri, 26 Feb 2021 06:56:05 GMT
content-type: text/html; charset=utf-8
content-length: 115
cache-control: private, max-age=90
content-security-policy: referrer always;
location: http://augustforexgolem.com/
referrer-policy: unsafe-url
set-cookie: _bit=l1q6U5-c33cdf02656dd9a4ac-00M; Domain=bit.ly; Expires=Wed, 25 Aug 2021 06:56:05 GMT
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK WebResource.axd Show response
augustforexgolem.com/ 20 KB
5 KB 308ms
294ms Script
application/x-javascript 45.40.165.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://augustforexgolem.com/WebResource.axd?d=Nihh7gJcCGCImByRgQlKtwSsdL7dFzM6YUEcz7C4wbuElCX1sPi85iej6UZ55I7W4H74wb1xnotcowTTSSBIA24Cxy81&t=637304309688839171
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: HTTP/1.1
Server: 45.40.165.34 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: p3nw8shg530.shr.prod.phx3.secureserver.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 0ba2f6756001669bdf934f9d79e8fd1ccf2028130c33a0510279581ec9dfd73a

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 06:56:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Jul 2020 00:29:28 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 5224
Expires: Fri, 25 Feb 2022 18:18:57 GMT

GET
H/1.1 200
OK WebResource.axd Show response
augustforexgolem.com/ 32 KB
8 KB 307ms
293ms Script
application/x-javascript 45.40.165.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://augustforexgolem.com/WebResource.axd?d=jBJBoRoRoQ0YXeRnuG5qdfWDLZcIDyILgYmAYfFp9pdf_Xo23-H2BYoShxce7cUjYP8tk4lAppjFY-F7TaYtRaK5vuI1&t=637304309688839171
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: HTTP/1.1
Server: 45.40.165.34 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: p3nw8shg530.shr.prod.phx3.secureserver.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 691f800e3a2c40d8adc89c93739b0fb4a23c849254ce516dd89e286c8a5e6c22

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 06:56:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Jul 2020 00:29:28 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 8138
Expires: Fri, 25 Feb 2022 18:18:59 GMT

GET
H/1.1 200
OK WebResource.axd
augustforexgolem.com/ 43 B
332 B 307ms
294ms Image
image/gif 45.40.165.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://augustforexgolem.com/WebResource.axd?d=SEuxBT8dGOgrLKQirV3NPHXgCzSsr7wzR5k1LAiJKZqab7I8O7ISNVD-Mj-pLeaUA0g3F3mHuV_OPgXXDazuQEX_XrM1&t=637304309688839171
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: HTTP/1.1
Server: 45.40.165.34 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: p3nw8shg530.shr.prod.phx3.secureserver.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 06:56:05 GMT
Last-Modified: Thu, 16 Jul 2020 00:29:28 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: public
Content-Length: 43
Expires: Fri, 25 Feb 2022 18:19:00 GMT

GET
H/1.1 200
OK WebResource.axd
augustforexgolem.com/ 61 B
350 B 313ms
298ms Image
image/gif 45.40.165.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://augustforexgolem.com/WebResource.axd?d=aDSp6GhXOtGDLE6QeUTVSeRxrIROdhR4DmzhMR0hrmpk3KBEC2mDW9HwFOoYX4NpOS6G87abQpvQAhwRkx3FJalnffo1&t=637304309688839171
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: HTTP/1.1
Server: 45.40.165.34 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: p3nw8shg530.shr.prod.phx3.secureserver.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 68862b3246c6bf0e002b1d412b319ddb6500c007e9d5bd77f1a0e94911d4e9f1

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 06:56:05 GMT
Last-Modified: Thu, 16 Jul 2020 00:29:28 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: public
Content-Length: 61
Expires: Fri, 25 Feb 2022 18:19:00 GMT

GET
H/1.1 200
OK WebResource.axd
augustforexgolem.com/ 60 B
349 B 313ms
298ms Image
image/gif 45.40.165.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://augustforexgolem.com/WebResource.axd?d=DMgq-5ZEtvb8yuzfIIVhQlipJ4kbsUJDjLQha7iQLTuDdTPP5C9w4vED2z1WQQk47_90VoaNuh-nitu_WGj9JTGJWZw1&t=637304309688839171
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: HTTP/1.1
Server: 45.40.165.34 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: p3nw8shg530.shr.prod.phx3.secureserver.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 65b821d2661de64da02b2e3298ae35128eee9ebf646c3f681845291a22acdb6c

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 06:56:05 GMT
Last-Modified: Thu, 16 Jul 2020 00:29:28 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: public
Content-Length: 60
Expires: Fri, 25 Feb 2022 18:19:00 GMT

GET
H/1.1 200
OK h-title.png
augustforexgolem.com/images/ 14 KB
14 KB 312ms
171ms Image
image/png 45.40.165.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://augustforexgolem.com/images/h-title.png
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: HTTP/1.1
Server: 45.40.165.34 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: p3nw8shg530.shr.prod.phx3.secureserver.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 2636f059f6db525c32f3c85fe4a437c65ffbe6fed3409bc481b0528c452537fb

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 06:56:05 GMT
Last-Modified: Sat, 02 Feb 2019 07:29:34 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "0338bc9bad41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 14304

GET
H/1.1 200
OK h-girl.png
augustforexgolem.com/images/ 258 KB
258 KB 164ms
164ms Image
image/png 45.40.165.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://augustforexgolem.com/images/h-girl.png
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: HTTP/1.1
Server: 45.40.165.34 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: p3nw8shg530.shr.prod.phx3.secureserver.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 4922394164e84757d02aa4eac07ee7af85379d233cda7f9ead9f96a5a2beb3b2

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 06:56:05 GMT
Last-Modified: Sat, 02 Feb 2019 07:36:49 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "80be7fecabad41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 264428

GET
H/1.1 200
OK h-nav1.png
augustforexgolem.com/images/ 28 KB
28 KB 153ms
153ms Image
image/png 45.40.165.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://augustforexgolem.com/images/h-nav1.png
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: HTTP/1.1
Server: 45.40.165.34 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: p3nw8shg530.shr.prod.phx3.secureserver.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 77f3fc471a6509b234ec5a0a843e96a0567f5de7f48b0387a6e6961a7a1489ee

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 06:56:05 GMT
Last-Modified: Sat, 02 Feb 2019 06:48:54 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "08fdd5cc3bad41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 28418

GET
H/1.1 200
OK h-nav2.png
augustforexgolem.com/images/ 37 KB
37 KB 163ms
162ms Image
image/png 45.40.165.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://augustforexgolem.com/images/h-nav2.png
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: HTTP/1.1
Server: 45.40.165.34 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: p3nw8shg530.shr.prod.phx3.secureserver.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 2c99ebf3b86e943d75eeef17e784fc02007d6f954b82ed3c6b8325048162e2c8

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 06:56:05 GMT
Last-Modified: Sat, 02 Feb 2019 06:49:37 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "80d67e76c3bad41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 37708

GET
H/1.1 200
OK h-nav3.png
augustforexgolem.com/images/ 30 KB
30 KB 163ms
162ms Image
image/png 45.40.165.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://augustforexgolem.com/images/h-nav3.png
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: HTTP/1.1
Server: 45.40.165.34 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: p3nw8shg530.shr.prod.phx3.secureserver.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 48dc36d0fb6e08b6c05f058d8abff6b7ddfe0849be3bd1f90b1e89db2b005eb0

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 06:56:05 GMT
Last-Modified: Sat, 02 Feb 2019 06:50:51 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "80579aa2c3bad41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 30647

GET
H/1.1 200
OK h-nav4.png
augustforexgolem.com/images/ 27 KB
27 KB 154ms
153ms Image
image/png 45.40.165.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://augustforexgolem.com/images/h-nav4.png
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: HTTP/1.1
Server: 45.40.165.34 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: p3nw8shg530.shr.prod.phx3.secureserver.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: b488c65fb23969b1f2fafc88bb1ed0b425f8227500928f6dcb38859c29e45e29

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 06:56:05 GMT
Last-Modified: Sat, 02 Feb 2019 06:51:22 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "09114b5c3bad41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 27907

GET
H2

200

ResultChart.aspx
www.fxblue.com/charts/
Redirect Chain

http://www.fxblue.com/charts/ResultChart.aspx?id=afg-live2&type=monthcumulativeprofit&w=400&h=200
https://www.fxblue.com/charts/ResultChart.aspx?id=afg-live2&type=monthcumulativeprofit&w=400&h=200

8 KB
8 KB

210ms
147ms

Image
image/png

52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/charts/ResultChart.aspx?id=afg-live2&type=monthcumulativeprofit&w=400&h=200
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 50619bb05adb3070b5434c61dda210f8f95832d5795f4f84d6a199a51a923d29

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:06 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 7726
content-type: image/png; charset=utf-8

Redirect headers

Location: https://www.fxblue.com/charts/ResultChart.aspx?id=afg-live2&type=monthcumulativeprofit&w=400&h=200
Date: Fri, 26 Feb 2021 06:56:06 GMT
Server: Microsoft-IIS/10.0
Connection: keep-alive
X-Powered-By: ASP.NET
Content-Length: 233
Content-Type: text/html; charset=UTF-8

GET
H2

200

banner.aspx
www.fxblue.com/
Redirect Chain

http://www.fxblue.com/banner.aspx?id=afg-live2&t=300
https://www.fxblue.com/banner.aspx?id=afg-live2&t=300

16 KB
16 KB

227ms
165ms

Image
image/jpeg

52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/banner.aspx?id=afg-live2&t=300
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2bacd20755851cd8773d8f227872e52fad9e627752c7d5e5027347420502d24

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:06 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/jpeg
cache-control: private
content-length: 16682
expires: Fri, 26 Feb 2021 06:55:06 GMT

Redirect headers

Location: https://www.fxblue.com/banner.aspx?id=afg-live2&t=300
Date: Fri, 26 Feb 2021 06:56:06 GMT
Server: Microsoft-IIS/10.0
Connection: keep-alive
X-Powered-By: ASP.NET
Content-Length: 180
Content-Type: text/html; charset=UTF-8

GET
H2

200

x-click-but5.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain

https://www.paypal.com/en_US/i/btn/x-click-but5.gif
https://www.paypalobjects.com/en_US/i/btn/x-click-but5.gif

2 KB
2 KB

41ms
34ms

Image
image/webp

104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/x-click-but5.gif

Requested by

Host: augustforexgolem.com
URL: http://augustforexgolem.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

4943426e48e534b4c4ab01d7229902e0877fd0d3fb7126b5956361a6b8f0a785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 04 Jan 2021 02:35:02 GMT
server: Akamai Image Manager
etag: "gEXZGP1m51cKxitB56ce73A+7TMa6WOcQmYxxBNShaM"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 1908
expires: Fri, 26 Feb 2021 18:56:06 GMT

Redirect headers

x-edgeconnect-origin-mex-latency: 24
date: Fri, 26 Feb 2021 06:56:06 GMT
x-edgeconnect-midmile-rtt: 149
strict-transport-security: max-age=63072000
location: https://www.paypalobjects.com/en_US/i/btn/x-click-but5.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 53b3c573faed5
dc: ccg11-origin-www-1.paypal.com
content-length: 0

GET
H/1.1 200
OK box11.jpg
www.augustforexgolem.com/images/ 16 KB
16 KB 308ms
287ms Image
image/jpeg 45.40.165.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.augustforexgolem.com/images/box11.jpg
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: HTTP/1.1
Server: 45.40.165.34 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: p3nw8shg530.shr.prod.phx3.secureserver.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 2ec031faa635f322ba83e07656ac9345a0fbb4f54a9b6911555e9da3e93d59fd

Request headers

Referer: http://augustforexgolem.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 06:56:05 GMT
Last-Modified: Fri, 01 Feb 2019 16:36:06 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "05f5c3a4cbad41:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 16610

GET
H2

200

fxblueview.aspx Show response
www.fxblue.com/ Frame 1ABB
Redirect Chain

http://www.fxblue.com/fxblueview.aspx?id=afg-live2
https://www.fxblue.com/fxblueview.aspx?id=afg-live2

36 KB
9 KB

1308ms
1308ms

Document
text/html

52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Requested by: Host: augustforexgolem.com
URL: http://augustforexgolem.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 10ad90fd14651670cc539f1c884bedc7cb2872b002fa5d119b4ec30b6a918595

Request headers

:method: GET
:authority: www.fxblue.com
:scheme: https
:path: /fxblueview.aspx?id=afg-live2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://augustforexgolem.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://augustforexgolem.com/

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-type: text/html; charset=utf-8
content-length: 9476
cache-control: private
content-encoding: gzip
expires: Fri, 26 Feb 2021 06:55:07 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

Date: Fri, 26 Feb 2021 06:56:06 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 174
Connection: keep-alive
Location: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 ext-all-340.css
www.fxblue.com/css/ Frame 1ABB 136 KB
22 KB 44ms
43ms Stylesheet
text/css 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/css/ext-all-340.css
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2ceabf012c48dba7c3865ebd47af9b28e17bc94defc4960105eb47a871a1bf29

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "03a67886c36d21:0"
last-modified: Fri, 04 Nov 2016 07:24:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 22216

GET
H2 200 styles.css
www.fxblue.com/wl/css/ Frame 1ABB 2 KB
1 KB 33ms
31ms Stylesheet
text/css 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/wl/css/styles.css?20201219
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3da9d2a47305d8315f6e194d72050fd99d6a92255dc7890afbb9bba9fb0138cd

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "8034fe5f25a7d31:0"
last-modified: Fri, 16 Feb 2018 12:55:09 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 981

GET
H2 200 mt4i.css
www.fxblue.com/wl/mt4i/css/ Frame 1ABB 430 B
567 B 49ms
47ms Stylesheet
text/css 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/wl/mt4i/css/mt4i.css?20180216v
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 97733b8051a5b0ff24ac2018084eeccb4b4ff346a5bc22c519ceb78d9c84e7d1

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "0da8cae6c36d21:0"
last-modified: Fri, 04 Nov 2016 07:25:56 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 358

GET
H2 200 spinner.css
www.fxblue.com/css/ Frame 1ABB 1 KB
801 B 32ms
30ms Stylesheet
text/css 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/css/spinner.css
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7de4c183e410a79cad32ffd3d563ef6fa047ae4f719456391362fb0c0fadfe85

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "03a67886c36d21:0"
last-modified: Fri, 04 Nov 2016 07:24:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 592

GET
H2 200 _SharedJavascript.js Show response
www.fxblue.com/ Frame 1ABB 15 KB
6 KB 50ms
48ms Script
application/javascript 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/_SharedJavascript.js
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 528ea37022c3b9a010e08f03edd6ae15586962956cb4258461d2613dcd505724

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "80c28872f517d61:0"
last-modified: Tue, 21 Apr 2020 15:56:41 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5696

GET
H2 200 WLShared.js Show response
www.fxblue.com/wl/scripts/ Frame 1ABB 1 KB
884 B 34ms
32ms Script
application/javascript 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/wl/scripts/WLShared.js?130612
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9901b0c130b11d6f9ae7e94e53fc7113332f48cbe05b17aa66441840155b47cc

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "80432731c564d61:0"
last-modified: Tue, 28 Jul 2020 09:55:15 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 664

GET
H2 200 ext-base-340.js Show response
www.fxblue.com/scripts/ext340/ Frame 1ABB 27 KB
13 KB 55ms
53ms Script
application/javascript 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/scripts/ext340/ext-base-340.js?20150508
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 85e48a0e9ecb02392104c01d800e5e7e6d016c7b203c95106b112d248e13a94e

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "02984956c36d21:0"
last-modified: Fri, 04 Nov 2016 07:25:14 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 12792

GET
H2 200 ext-all-340.js Show response
www.fxblue.com/scripts/ext340/ Frame 1ABB 803 KB
282 KB 66ms
64ms Script
application/javascript 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/scripts/ext340/ext-all-340.js?20150508
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7990e6f3134a91e5008535f2f2fed91b70f6cddbf1c74d672dbb741abd9fddb2

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "02984956c36d21:0"
last-modified: Fri, 04 Nov 2016 07:25:14 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 GridSummary.js Show response
www.fxblue.com/scripts/ Frame 1ABB 23 KB
8 KB 51ms
50ms Script
application/javascript 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/scripts/GridSummary.js?250511
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4d27769b3b3537a4d79330bb4baf05ad186f3417d02319da6ff459c0a5f44092

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "02984956c36d21:0"
last-modified: Fri, 04 Nov 2016 07:25:14 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 8205

GET
H2 200 universe.js Show response
www.fxblue.com/wl/scripts/ Frame 1ABB 226 B
512 B 32ms
31ms Script
application/javascript 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/wl/scripts/universe.js
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0a033384acb518c1c9c375044ef9f442ed469905ab3607dfb2c6d2f2d50bc72c

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "0da8cae6c36d21:0"
last-modified: Fri, 04 Nov 2016 07:25:56 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 293

GET
H2 200 spinner.js Show response
www.fxblue.com/scripts/ Frame 1ABB 14 KB
4 KB 54ms
53ms Script
application/javascript 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/scripts/spinner.js
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3278b8052fcdcecd0fab9f1df4aa0377a00ec0d3daaed425f82613ae63d77fac

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "02984956c36d21:0"
last-modified: Fri, 04 Nov 2016 07:25:14 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4136

GET
H2 200 mt4i_account.js Show response
www.fxblue.com/wl/mt4i/ Frame 1ABB 54 KB
16 KB 61ms
61ms Script
application/javascript 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/wl/mt4i/mt4i_account.js?20170530b
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5bc9413f9784c045c4d4fda0f38c3a740ef8818d8e824e58b5af3714bca943df

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "093dd748d9d21:0"
last-modified: Tue, 30 May 2017 13:24:14 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 16267

GET
H2 200 fxblue_retail_logo_transparent_66.png
www.fxblue.com/images/ Frame 1ABB 2 KB
2 KB 84ms
84ms Image
image/png 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/images/fxblue_retail_logo_transparent_66.png
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0a5f34f51d23ff07327a46523d4a0daf6ac288069f5243f4f8cb576b411c4031

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
last-modified: Fri, 04 Nov 2016 07:25:09 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "803889926c36d21:0"
content-type: image/png
accept-ranges: bytes
content-length: 1785

GET
H2 200 siGraph2.gif
www.fxblue.com/images/ Frame 1ABB 922 B
1 KB 35ms
35ms Image
image/gif 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/images/siGraph2.gif
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 68eb209cd02fb651a450f3dd81b35b50eab552091a4e79cada70eb0b83de5d19

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
last-modified: Fri, 04 Nov 2016 07:25:09 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "803889926c36d21:0"
content-type: image/gif
accept-ranges: bytes
content-length: 922

GET
H2 200 x.gif
www.fxblue.com/images/ Frame 1ABB 807 B
982 B 36ms
35ms Image
image/gif 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/images/x.gif
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 917f717b70af1534c983eedf70aec9691485ef211b3e573e88c1b7a7f0f6812a

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
last-modified: Fri, 04 Nov 2016 07:25:10 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0cf21936c36d21:0"
content-type: image/gif
accept-ranges: bytes
content-length: 807

GET
H2 200 wait.gif
www.fxblue.com/wl/images/ Frame 1ABB 1 KB
1 KB 34ms
34ms Image
image/gif 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/wl/images/wait.gif
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 97889e1972deb03c24d3f4f84a6719233efa97730b6fd7ddc718bd6e58e6c700

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
last-modified: Fri, 04 Nov 2016 07:25:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8043f4ad6c36d21:0"
content-type: image/gif
accept-ranges: bytes
content-length: 1100

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ Frame 1ABB 45 KB
17 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6448
date: Fri, 26 Feb 2021 05:08:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 26 Feb 2021 07:08:40 GMT

GET
H2 200 tip-sprite.gif
www.fxblue.com/images/default/qtip/ Frame 1ABB 4 KB
4 KB 32ms
32ms Image
image/gif 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/images/default/qtip/tip-sprite.gif
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/css/ext-all-340.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e71e9341d7f8dca98f9ea9ad7038f590606b4ee0b89f6bf0d1b9ff0167dc826e

Request headers

Referer: https://www.fxblue.com/css/ext-all-340.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
last-modified: Fri, 04 Nov 2016 07:25:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "80b1f58e6c36d21:0"
content-type: image/gif
accept-ranges: bytes
content-length: 4271

GET
H2 200 tip-anchor-sprite.gif
www.fxblue.com/images/default/qtip/ Frame 1ABB 951 B
1 KB 32ms
31ms Image
image/gif 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/images/default/qtip/tip-anchor-sprite.gif
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/css/ext-all-340.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b29295f9452f38d2df87b9592e41fda14e0ae5a5bb318f7893dd199504e39151

Request headers

Referer: https://www.fxblue.com/css/ext-all-340.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
last-modified: Fri, 04 Nov 2016 07:25:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "80b1f58e6c36d21:0"
content-type: image/gif
accept-ranges: bytes
content-length: 951

GET
H2 200 tabs-sprite.gif
www.fxblue.com/images/default/tabs/ Frame 1ABB 2 KB
2 KB 31ms
31ms Image
image/gif 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/images/default/tabs/tabs-sprite.gif
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/css/ext-all-340.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1d85f1099a14eb12b48ea5304bce4582b9627867a4901d07dbdc7c3dd9fa84ec

Request headers

Referer: https://www.fxblue.com/css/ext-all-340.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
last-modified: Fri, 04 Nov 2016 07:25:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "80b1f58e6c36d21:0"
content-type: image/gif
accept-ranges: bytes
content-length: 2120

GET
H2 200 bg.gif
www.fxblue.com/images/default/toolbar/ Frame 1ABB 904 B
1 KB 32ms
31ms Image
image/gif 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/images/default/toolbar/bg.gif
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/css/ext-all-340.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 36780f98ed7f7e302c2f31fd7efeb7cc75212ac281935245950e125545350e6a

Request headers

Referer: https://www.fxblue.com/css/ext-all-340.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
last-modified: Fri, 04 Nov 2016 07:25:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "80b1f58e6c36d21:0"
content-type: image/gif
accept-ranges: bytes
content-length: 904

GET
H2 200 btn.gif
www.fxblue.com/images/default/button/ Frame 1ABB 4 KB
4 KB 33ms
32ms Image
image/gif 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/images/default/button/btn.gif
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/css/ext-all-340.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3a2227a57f22656e9dd5f8ac95538d1c18a4dbc01838540ea2e9ec9ea776f97b

Request headers

Referer: https://www.fxblue.com/css/ext-all-340.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
last-modified: Fri, 04 Nov 2016 07:25:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "01b5d8e6c36d21:0"
content-type: image/gif
accept-ranges: bytes
content-length: 4268

GET
H2 200 siFilter.gif
www.fxblue.com/images/ Frame 1ABB 965 B
1 KB 35ms
35ms Image
image/gif 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/images/siFilter.gif
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 454c4bda5784e3bd1429db89ee67385cd171e411c1dc7ea5dcde9e823bfee6c4

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
last-modified: Fri, 04 Nov 2016 07:25:09 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "803889926c36d21:0"
content-type: image/gif
accept-ranges: bytes
content-length: 965

GET
H2 200 arrow.gif
www.fxblue.com/images/default/button/ Frame 1ABB 828 B
1003 B 32ms
31ms Image
image/gif 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/images/default/button/arrow.gif
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/css/ext-all-340.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d1b2bb69f3e1378e87d9b4b60554595c853b8f732850aa6b708f66f9d80f4152

Request headers

Referer: https://www.fxblue.com/css/ext-all-340.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
last-modified: Fri, 04 Nov 2016 07:25:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "01b5d8e6c36d21:0"
content-type: image/gif
accept-ranges: bytes
content-length: 828

GET
H2 200 siOutline.gif
www.fxblue.com/images/ Frame 1ABB 956 B
1 KB 35ms
34ms Image
image/gif 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/images/siOutline.gif
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e45d4cf4a28aba431c222b0fe894f8d33afacc2fd6e386299e60654d563b25ec

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
last-modified: Fri, 04 Nov 2016 07:25:10 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0cf21936c36d21:0"
content-type: image/gif
accept-ranges: bytes
content-length: 956

GET
H2 200 siRefresh.gif
www.fxblue.com/images/ Frame 1ABB 977 B
1 KB 31ms
31ms Image
image/gif 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/images/siRefresh.gif
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8d4e2e638b397f363be1fdc16f6d59aa90e2b70cbc5ce4369e56a20c4c8a1d9e

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
last-modified: Fri, 04 Nov 2016 07:25:10 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0cf21936c36d21:0"
content-type: image/gif
accept-ranges: bytes
content-length: 977

GET
H2 200 siMT4i.gif
www.fxblue.com/images/ Frame 1ABB 1020 B
1 KB 35ms
34ms Image
image/gif 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fxblue.com/images/siMT4i.gif
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d8b61c643fc1be5a9f2bc56280ed3e7449f8a567d13f8a84438aa2f9733b3353

Request headers

Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
last-modified: Fri, 04 Nov 2016 07:25:09 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "803889926c36d21:0"
content-type: image/gif
accept-ranges: bytes
content-length: 1020

GET
H2 200 ch_cumulativeprofit.aspx Show response
www.fxblue.com/wl/charts/ Frame 624B 13 KB
4 KB 146ms
146ms Document
text/html 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/wl/mt4i/mt4i_account.js?20170530b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d6ad0cd85dcfffeb04c2fa8cb4537247f38226a9ef2d5278bf554066cb586007

Request headers

:method: GET
:authority: www.fxblue.com
:scheme: https
:path: /wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-type: text/html; charset=utf-8
content-length: 3529
cache-control: private
content-encoding: gzip
expires: Fri, 26 Feb 2021 06:55:08 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 ch_symboltrades.aspx Show response
www.fxblue.com/wl/charts/ Frame E5C4 2 KB
1 KB 122ms
122ms Document
text/html 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/wl/mt4i/mt4i_account.js?20170530b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e059881e677f0b14e2ee0701ad96f7d9273663b676a677e31324a7c20e9934fa

Request headers

:method: GET
:authority: www.fxblue.com
:scheme: https
:path: /wl/charts/ch_symboltrades.aspx?id=afg-live2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-type: text/html; charset=utf-8
content-length: 1173
cache-control: private
content-encoding: gzip
expires: Fri, 26 Feb 2021 06:55:08 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 Advert.aspx Show response
www.fxblue.com/adverts/ Frame 4B0E 1 KB
899 B 77ms
77ms Document
text/html 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/adverts/Advert.aspx
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/wl/mt4i/mt4i_account.js?20170530b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 012d1d05b0ad776a59451ffd514c4fbef7a52b92f5a0570fedd6eaa534db32e9

Request headers

:method: GET
:authority: www.fxblue.com
:scheme: https
:path: /adverts/Advert.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-type: text/html; charset=utf-8
content-length: 709
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 TopAdvert.aspx Show response
www.fxblue.com/adverts/ Frame 1954 1 KB
971 B 96ms
96ms Document
text/html 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/adverts/TopAdvert.aspx
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/wl/mt4i/mt4i_account.js?20170530b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fefe9b3e8092e64911c1e3c00c3d8b77376e7a8599d8a99a3ec4783d6505135b

Request headers

:method: GET
:authority: www.fxblue.com
:scheme: https
:path: /adverts/TopAdvert.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.fxblue.com/fxblueview.aspx?id=afg-live2

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-type: text/html; charset=utf-8
content-length: 781
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 _ChartShared.css
www.fxblue.com/wl/charts/ Frame E5C4 230 B
443 B 32ms
30ms Stylesheet
text/css 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/wl/charts/_ChartShared.css?20200728b
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9126284c021f1c3cb87c2415e6bbef2563805adc8cc05e11d8833d020c6c3324

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "0ad5bad6c36d21:0"
last-modified: Fri, 04 Nov 2016 07:25:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 234

GET
H2 200 _ChartShared.js Show response
www.fxblue.com/wl/mt4i/charts/ Frame E5C4 1 B
339 B 33ms
31ms Script
application/javascript 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/wl/mt4i/charts/_ChartShared.js?20200728b
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "0da8cae6c36d21:0"
last-modified: Fri, 04 Nov 2016 07:25:56 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 120

GET
H2 200 _WlChartShared.js Show response
www.fxblue.com/wl/charts/ Frame E5C4 2 KB
1 KB 33ms
31ms Script
application/javascript 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/wl/charts/_WlChartShared.js?20200728b
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8af4585c41ea881f894fa6f3f482f6f8d394b5528052b4a33f07533dd90b19a0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "80f7eb35c564d61:0"
last-modified: Tue, 28 Jul 2020 09:55:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 867

GET
H2

200

loader.js Show response
www.gstatic.com/charts/ Frame E5C4
Redirect Chain

https://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

64 KB
20 KB

33ms
13ms

Script
text/javascript

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: www.fxblue.com
URL: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48c95e39e7dcd31ebeee1191f77770fa1cb0a4213bb84ac925406066218c841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19830
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 23 Jul 2020 17:43:26 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 26 Feb 2021 06:44:33 GMT
x-content-type-options: nosniff
server: sffe
age: 695
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js
cache-control: public, max-age=1800
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 26 Feb 2021 07:14:33 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4B0E 56 KB
19 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.fxblue.com
URL: https://www.fxblue.com/adverts/Advert.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cfd35f9f43e681fabb2ea335359c3eba05fbdb6d86480aea95a637b30cb6284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/Advert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "795 / 779 of 1000 / last-modified: 1614294757"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19418
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:08 GMT

GET
H2 200 _ChartShared.css
www.fxblue.com/wl/charts/ Frame 624B 230 B
443 B 32ms
31ms Stylesheet
text/css 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/wl/charts/_ChartShared.css?20200728b
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9126284c021f1c3cb87c2415e6bbef2563805adc8cc05e11d8833d020c6c3324

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "0ad5bad6c36d21:0"
last-modified: Fri, 04 Nov 2016 07:25:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 234

GET
H2 200 _ChartShared.js Show response
www.fxblue.com/wl/mt4i/charts/ Frame 624B 1 B
339 B 32ms
30ms Script
application/javascript 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/wl/mt4i/charts/_ChartShared.js?20200728b
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "0da8cae6c36d21:0"
last-modified: Fri, 04 Nov 2016 07:25:56 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 120

GET
H2 200 _WlChartShared.js Show response
www.fxblue.com/wl/charts/ Frame 624B 2 KB
1 KB 32ms
31ms Script
application/javascript 52.210.45.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fxblue.com/wl/charts/_WlChartShared.js?20200728b
Requested by: Host: www.fxblue.com
URL: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.45.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-45-137.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8af4585c41ea881f894fa6f3f482f6f8d394b5528052b4a33f07533dd90b19a0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
etag: "80432731c564d61:0"
last-modified: Tue, 28 Jul 2020 09:55:15 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 867

GET
H2

200

loader.js Show response
www.gstatic.com/charts/ Frame 624B
Redirect Chain

https://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

64 KB
19 KB

33ms
18ms

Script
text/javascript

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: www.fxblue.com
URL: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48c95e39e7dcd31ebeee1191f77770fa1cb0a4213bb84ac925406066218c841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19830
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 23 Jul 2020 17:43:26 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 26 Feb 2021 06:44:33 GMT
x-content-type-options: nosniff
server: sffe
age: 695
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js
cache-control: public, max-age=1800
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 26 Feb 2021 07:14:33 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1954 56 KB
19 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.fxblue.com
URL: https://www.fxblue.com/adverts/TopAdvert.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cfd35f9f43e681fabb2ea335359c3eba05fbdb6d86480aea95a637b30cb6284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/TopAdvert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "795 / 966 of 1000 / last-modified: 1614294757"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19418
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:08 GMT

GET
H2 200 pubads_impl_2021022301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4B0E 290 KB
102 KB 87ms
32ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/Advert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 09:41:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104129
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:08 GMT

GET
H2 200 pubads_impl_2021022301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1954 290 KB
102 KB 95ms
45ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/TopAdvert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 09:41:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104129
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:08 GMT

GET
H3-Q050 200 loader.js Show response
www.gstatic.com/charts/49/ Frame E5C4 27 KB
10 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/49/loader.js

Requested by

Host: www.google.com
URL: https://www.google.com/jsapi

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e72a5ee0982cf53fc8cee83f837f897bc9e82a057453c647d5706b6ba4ff757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 08 Jul 2020 22:21:37 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 loader.js Show response
www.gstatic.com/charts/49/ Frame 624B 27 KB
10 KB 38ms
28ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/49/loader.js

Requested by

Host: www.google.com
URL: https://www.google.com/jsapi

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e72a5ee0982cf53fc8cee83f837f897bc9e82a057453c647d5706b6ba4ff757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 08 Jul 2020 22:21:37 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 tooltip.css
www.gstatic.com/charts/49/css/core/ Frame 624B 1 KB
593 B 13ms
13ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/49/css/core/tooltip.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/49/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cb6d99c8ba2262a4d0c6d0333a35b67be6d4db6c5a7d2c4a9cff74e5970e4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 533
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 08 Jul 2020 22:32:32 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 util.css
www.gstatic.com/charts/49/css/util/ Frame 624B 12 KB
3 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/49/css/util/util.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/49/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3203
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 08 Jul 2020 22:32:32 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 jsapi_compiled_default_module.js Show response
www.gstatic.com/charts/49/js/ Frame 624B 258 KB
82 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/49/js/jsapi_compiled_default_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/49/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4fdb87c57bc847088dce0b9e304ad29f484d9aad79d886cbbdcfe1479c7d79c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83560
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 08 Jul 2020 22:27:07 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 jsapi_compiled_graphics_module.js Show response
www.gstatic.com/charts/49/js/ Frame 624B 38 KB
12 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/49/js/jsapi_compiled_graphics_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/49/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf10d79572b622cc42a98ec271cd8e311464939eb91c7af1bf14d2594e76fee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12304
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 08 Jul 2020 22:27:07 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 jsapi_compiled_ui_module.js Show response
www.gstatic.com/charts/49/js/ Frame 624B 492 KB
162 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/49/js/jsapi_compiled_ui_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/49/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f90ebd02e91d7c660b7f8f299d6fefd4c4f46d706d467c01857d19807b5d949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166264
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 08 Jul 2020 22:27:07 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 jsapi_compiled_corechart_module.js Show response
www.gstatic.com/charts/49/js/ Frame 624B 20 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/49/js/jsapi_compiled_corechart_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/49/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0b04d65d7e52487553553e18ae7e775bbb3ac2b8b0161ceec5c4d164ad93c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_cumulativeprofit.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5649
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 08 Jul 2020 22:27:07 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 tooltip.css
www.gstatic.com/charts/49/css/core/ Frame E5C4 1 KB
559 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/49/css/core/tooltip.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/49/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cb6d99c8ba2262a4d0c6d0333a35b67be6d4db6c5a7d2c4a9cff74e5970e4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 533
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 08 Jul 2020 22:32:32 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 util.css
www.gstatic.com/charts/49/css/util/ Frame E5C4 12 KB
3 KB 14ms
14ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/49/css/util/util.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/49/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3203
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 08 Jul 2020 22:32:32 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 jsapi_compiled_default_module.js Show response
www.gstatic.com/charts/49/js/ Frame E5C4 258 KB
82 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/49/js/jsapi_compiled_default_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/49/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4fdb87c57bc847088dce0b9e304ad29f484d9aad79d886cbbdcfe1479c7d79c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83560
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 08 Jul 2020 22:27:07 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 jsapi_compiled_graphics_module.js Show response
www.gstatic.com/charts/49/js/ Frame E5C4 38 KB
12 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/49/js/jsapi_compiled_graphics_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/49/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf10d79572b622cc42a98ec271cd8e311464939eb91c7af1bf14d2594e76fee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12304
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 08 Jul 2020 22:27:07 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 jsapi_compiled_ui_module.js Show response
www.gstatic.com/charts/49/js/ Frame E5C4 492 KB
162 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/49/js/jsapi_compiled_ui_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/49/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f90ebd02e91d7c660b7f8f299d6fefd4c4f46d706d467c01857d19807b5d949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166264
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 08 Jul 2020 22:27:07 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 jsapi_compiled_corechart_module.js Show response
www.gstatic.com/charts/49/js/ Frame E5C4 20 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/49/js/jsapi_compiled_corechart_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/49/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0b04d65d7e52487553553e18ae7e775bbb3ac2b8b0161ceec5c4d164ad93c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/wl/charts/ch_symboltrades.aspx?id=afg-live2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5649
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 08 Jul 2020 22:27:07 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4B0E 107 B
799 B 35ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.fxblue.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/Advert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4B0E 107 B
553 B 38ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.fxblue.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/Advert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4B0E 5 KB
3 KB 97ms
65ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1724043632357612&correlator=2277929887698312&output=ldjh&impl=fifs&eid=21068602%2C31060169%2C31060237%2C31060270&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210226&iu_parts=47187775%2Csky_120x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600&cust_params=lc%3Dnone&cdm=www.fxblue.com&bc=23&abxe=1&lmt=1614322568&dt=1614322568737&dlt=1614322568394&idt=328&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=1089960123&ucis=np5e6p9oedu3&ifi=1&ifk=4169874341&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx&ref=https%3A%2F%2Fwww.fxblue.com%2Ffxblueview.aspx%3Fid%3Dafg-live2&top=http%3A%2F%2Faugustforexgolem.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=1203421077.1614322569&ga_sid=1614322569&ga_hid=832715766&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f23cf16bfa37a63b33a0fe446d90e415701d844c8f10e0354a96a687ec45f352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/Advert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
google-lineitem-id: 5341529244
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308449714
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fxblue.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4B0E 0
0 46ms
14ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fxblue.com/adverts/Advert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4B0E 0
0 26ms
7ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fxblue.com/adverts/Advert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1954 107 B
165 B 23ms
18ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.fxblue.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/TopAdvert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1954 107 B
165 B 24ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.fxblue.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/TopAdvert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1954 5 KB
3 KB 96ms
72ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=760368476018614&correlator=4424006567580552&output=ldjh&impl=fifs&eid=31060270&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210226&iu_parts=47187775%2Cbanner_468x60&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&cust_params=lc%3Dnone&cdm=www.fxblue.com&bc=23&abxe=1&lmt=1614322568&dt=1614322568747&dlt=1614322568413&idt=330&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=4120543466&ucis=5ddv8u7fiudf&ifi=1&ifk=1120639861&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx&ref=https%3A%2F%2Fwww.fxblue.com%2Ffxblueview.aspx%3Fid%3Dafg-live2&top=http%3A%2F%2Faugustforexgolem.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=1775367477.1614322569&ga_sid=1614322569&ga_hid=664290293&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f8fd20d7e46ad5e629f7011eb80e5e1214a176e3a3d1b39d248b9bfb098e7917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/TopAdvert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2686
x-xss-protection: 0
google-lineitem-id: 5341553241
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308447806
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fxblue.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1954 0
0 46ms
13ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fxblue.com/adverts/TopAdvert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 1954 0
0 18ms
8ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fxblue.com/adverts/TopAdvert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html Show response
410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 453D 6 KB
3 KB 34ms
21ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fxblue.com/adverts/Advert.aspx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.fxblue.com/adverts/Advert.aspx

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Fri, 26 Feb 2021 06:56:08 GMT
expires: Sat, 26 Feb 2022 06:56:08 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B0E 74 KB
28 KB 31ms
31ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

9ba484681d0972c8f5fdd10ab0986c9fa68a6511ef29684db473cc2fab186e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/Advert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614169937710944"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28419
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:08 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4B0E 8 KB
6 KB 42ms
22ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4915ef5bc8ff23461a47e16c232043ea10f2e040200d50bf5e26d0a16c9194f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/Advert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6521
x-xss-protection: 0

GET
H3-Q050 200 container.html Show response
c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 6256 6 KB
3 KB 27ms
14ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fxblue.com/adverts/TopAdvert.aspx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.fxblue.com/adverts/TopAdvert.aspx

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Fri, 26 Feb 2021 06:56:08 GMT
expires: Sat, 26 Feb 2022 06:56:08 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1954 74 KB
28 KB 32ms
32ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

9ba484681d0972c8f5fdd10ab0986c9fa68a6511ef29684db473cc2fab186e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/TopAdvert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614169937710944"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28419
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:08 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1954 8 KB
7 KB 32ms
19ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0824011893a09210b79c666172c10cfd78208e24a2bd9b6f3c3d7f9f1bb908b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/TopAdvert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6466
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1954 17 KB
6 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/TopAdvert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:08 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4B0E 17 KB
6 KB 37ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/Advert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:08 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 453D 24 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: 410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com
URL: https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 17:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135000
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Feb 2022 17:26:08 GMT

GET
H3-Q050 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 453D 5 KB
3 KB 24ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com
URL: https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

46692916c4ed38bcfb441a383fb3e958e5a88be22b82e505a6db06e9d5be6117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 05:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 17:29:32 GMT
server: sffe
age: 3381
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2587
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:59:47 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 453D 107 KB
33 KB 32ms
31ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com
URL: https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614169956137819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:08 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 6256 24 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com
URL: https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 17:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135000
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Feb 2022 17:26:08 GMT

GET
H3-Q050 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 6256 5 KB
3 KB 25ms
24ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com
URL: https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

46692916c4ed38bcfb441a383fb3e958e5a88be22b82e505a6db06e9d5be6117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 05:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 17:29:32 GMT
server: sffe
age: 3381
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2587
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:59:47 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6256 107 KB
33 KB 34ms
33ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com
URL: https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614169956137819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:08 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 453D 0
0 60ms
59ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPcUobqLSVcVyl5x9C35KKFQzEOmMd5WkCIEQlyjn3ShMlu5miJc4AOs07kAjrrxxejGeqXJvXvr1tqItsXl8EBQaWbKRGN1B9nI4Fs85zTWeqdIkMOFHhabMkji79y6f9_QDosyIsbtaoYTNbpm77Lthuys-Arv5kAno5muNzTqGeLozqNVWEiCy0zAiWbUNANnZpUop-Oznws2e0GKaggiCTP69_3hu8T0z2LLopH3DQnXwg7PuPfJDToRVbCSJB2lct_diEatqorw5Y6iF9qSiMhY2auUpRnCj_Yhc&sig=Cg0ArKJSzGzKTT_UxA5yEAE&urlfix=1&adurl=

Requested by

Host: 410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com
URL: https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:08 GMT

GET
H3-Q050 200 impl_v68.js Show response
www.googletagservices.com/dcm/ Frame 453D 36 KB
15 KB 24ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v68.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

d009b17e40dccf63690c8420591b50a2d8b4cdc2dcb8721b5ed1e00eccacb103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 07:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Feb 2021 15:22:11 GMT
server: sffe
age: 83105
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15248
x-xss-protection: 0
expires: Fri, 25 Feb 2022 07:51:03 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6256 0
0 58ms
58ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspgnG2F_BpsjsFtLw357pho64gaXHb-Ka3y0uQ4w1JvopOCW3-Bif3GlBPoPM9QjQucVAUHU6JvHTo80HliA9mGNQEF060W_E_G1fpqL4-ld_Nd4Ct4A_SZ8NTcbCF1uRSAxL4ECyPCcvhCO-FOpvZULOLqXDmhcvDJhZHThq5j1J07IZfp6bLK_Z8-CHiBdDYq7N3ynsVdGN4X1B_l-LZSj6hIxcR1No88CkCQGQUDrLVjVHS3AXbMTjvxR5q5FmngM06Se5vEAjOoHxPwoJcKxY7pxn_nhuyjbRQ6vHjzvTL-Alh&sig=Cg0ArKJSzK6heitoJ64LEAE&urlfix=1&adurl=

Requested by

Host: c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com
URL: https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:08 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 6C6A 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fxblue.com/adverts/TopAdvert.aspx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.fxblue.com/adverts/TopAdvert.aspx

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 26 Feb 2021 03:54:04 GMT
expires: Sat, 26 Feb 2022 03:54:04 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10924
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame B952 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fxblue.com/adverts/Advert.aspx
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.fxblue.com/adverts/Advert.aspx

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 26 Feb 2021 03:54:04 GMT
expires: Sat, 26 Feb 2022 03:54:04 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10924
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 impl_v68.js Show response
www.googletagservices.com/dcm/ Frame 6256 36 KB
15 KB 23ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v68.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

d009b17e40dccf63690c8420591b50a2d8b4cdc2dcb8721b5ed1e00eccacb103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 07:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Feb 2021 15:22:11 GMT
server: sffe
age: 83105
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15248
x-xss-protection: 0
expires: Fri, 25 Feb 2022 07:51:03 GMT

GET
H3-Q050 200 9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C6A 14 KB
6 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 20:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 37740
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6189
x-xss-protection: 0
expires: Fri, 25 Feb 2022 20:27:09 GMT

GET
H3-Q050 200 9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js Show response
pagead2.googlesyndication.com/bg/ Frame B952 14 KB
6 KB 34ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 20:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 37740
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6189
x-xss-protection: 0
expires: Fri, 25 Feb 2022 20:27:09 GMT

GET
H2 200 B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzM... Show response
ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/ Frame 78F9 30 KB
16 KB 115ms
60ms Document
text/html 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

493bc5ae889a0ba3f98793a3ba0da780eca7f14f56d5cd0a44d4b3f9706c4d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Feb 2021 06:56:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 15755
x-xss-protection: 0
set-cookie: IDE=AHWqTUkYoVM9H516x7QZH8di4laHu8E1xx2IrUsKKe9F36SyY4mzdtq7IIAqy7H3uU4; expires=Wed, 23-Mar-2022 06:56:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 453D 0
0 103ms
72ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0VVzPWzu5L94B3ZjgfbasYOsHxIKeX5Uzu9PmQB4hLkpeaPcy2fgGmbzxntpWZGEvKOFdJVJK8fNyrLN-f0FezP-1U7I_QXwCj5GAWJzpHRTV5kx4XCYXyG8StyllBsJYV8xxi-aCpIfTXl3YlQfAoWSS2DGHzrQqwbpSaHQ68kA2OUUqzWaEKMZKpMn32Qj8VJPJPOD8K27oAWAXBRNA3Qy04r9_8IGtM7t6p5Fg2hkDH04T0z8oaP5qapV9rJSBR-Uebf-6-PgFcYi5pd4_4CWzxzlGmAKZz240szJSXQ&sig=Cg0ArKJSzLV3IrStVLZkEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:09 GMT

GET
H2 200 B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsA... Show response
ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/ Frame 7DC1 30 KB
16 KB 75ms
55ms Document
text/html 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

d6e7739b949915d49b6bf8726a6c06cb663b832d9bac375f48463a2111104a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm-xfW87l6QVYbngQ3Ypy09LKWHBotGJkxzEpWZEpt9iz9_NTUu17STx8jvhlY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Feb 2021 06:56:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 15599
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6256 0
0 59ms
59ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEXVAPlrSFM5Kc2t8hjcZffjRGmImyTiaUUs9Kd7PNB18lAczrzeElFXQ5LT4cCiJakAt51gDIGrsqAPDcIqiV1CH3a5f8y3rli9iw5s8_ngzvLE0ojaDQQ67eg75klZjbx2PuDCgSZ2c-MQueSp5ZHetFu6yncM5DXP9Oye_C5DVlmaDC02fu3bIDwFggOARKUD6sy3XDmty9XpFuE8zVTE8pTeg2Ex7yNvnFfPp9QWoIFSPE85mPt4KJF_KvPZD93XiiN781iQwUiNrGJL5cz2ig2TcpAWwCE4cIvQUiTeWbKPC2-e4&sig=Cg0ArKJSzMNenX54n9k1EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:09 GMT

GET
H2 200 6-en_brand_new_468x60.gif
s0.2mdn.net/8029426/ Frame 7DC1 12 KB
12 KB 27ms
6ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8029426/6-en_brand_new_468x60.gif

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c261f79455e7156a23ec46b5dba2f1f741b77059820b547f0ce835dcfe4b6b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 19:46:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Jan 2019 16:35:27 GMT
server: sffe
age: 40192
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12011
x-xss-protection: 0
expires: Fri, 26 Feb 2021 19:46:17 GMT

GET
H3-Q050 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/xfa/ Frame 7DC1 10 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/xfa/sodar_loader.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

517afa5e28d53c9af2c3b7b146d6686dfff1ae522863b235052b63d77c543b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 23:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4175
x-xss-protection: 0
server: cafe
etag: 8211279898812206307
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 23:46:44 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/ Frame 7DC1 9 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4b3a2a3d13b57f07aa855cf974c90cad593a53ac0f53cdc58d5f49c91eb2092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3412
x-xss-protection: 0
server: cafe
etag: 11901405240610023202
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Mar 2021 06:53:29 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DC1 107 KB
33 KB 32ms
31ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614169956137819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:09 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7DC1 0
683 B 115ms
60ms Other
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstqHMjR_OpMXHjJnBhp5fVM9jaTIKLI9YcOHbrdKfDjZIrbnzeHHcl5k_MLtJ7265VkwZANVXcJXVsGHU2FF9N5XCdkA2ci6B_6hZoMlWTJCe3B2FsoQrASVdDDUVb8MpqY092BZJP2Kv16jifNbgM8ul9qSLyqNbfzTTVeu4-8W7Pg&sig=Cg0ArKJSzCYvdgnJ1utyEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210224.62793&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 img;adv=11147208041415;ec=11147225831950;adv.a=8029426;c.a=23910008;s.a=5983337;p.a=269390891;a.a=464299015;cache=943047801;
ad.atdmt.com/i/ Frame 7DC1 42 B
481 B 51ms
37ms Image
image/gif 2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/img;adv=11147208041415;ec=11147225831950;adv.a=8029426;c.a=23910008;s.a=5983337;p.a=269390891;a.a=464299015;cache=943047801;
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8004:face:b00c:0:8c , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 06:56:09 GMT
x-atlas-debug: AYKC-AuW57KubWGVRQpZr8e6vary5Zfjbkg9WD-dH3Z4oRtwD8nXbwdS1EvxkF_12jTrLM70DakXflZzchrI_gt4
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
cache-control: private, no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 42
expires: 0

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7DC1 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 09:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163011
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Feb 2022 09:39:18 GMT

GET
H2 200 03092020-004721093-en_brand_solutions_new_120x600.jpg
s0.2mdn.net/8029426/ Frame 78F9 62 KB
62 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8029426/03092020-004721093-en_brand_solutions_new_120x600.jpg

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8d1fd4ac1cb14d78f8c066c0e032270d034d7e77a6fdfbb7325e17e5fc0ff2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 09:32:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Mar 2020 07:47:21 GMT
server: sffe
age: 76996
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63799
x-xss-protection: 0
expires: Fri, 26 Feb 2021 09:32:53 GMT

GET
H3-Q050 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/xfa/ Frame 78F9 10 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/xfa/sodar_loader.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

517afa5e28d53c9af2c3b7b146d6686dfff1ae522863b235052b63d77c543b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 23:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4175
x-xss-protection: 0
server: cafe
etag: 8211279898812206307
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 23:46:44 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/ Frame 78F9 9 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4b3a2a3d13b57f07aa855cf974c90cad593a53ac0f53cdc58d5f49c91eb2092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3412
x-xss-protection: 0
server: cafe
etag: 11901405240610023202
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Mar 2021 06:53:29 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78F9 107 KB
33 KB 31ms
31ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614169956137819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:09 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 78F9 0
55 B 96ms
60ms Other
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYP7CSyh6wo0cQA_cgkEgQEAEMVaCJOvxv4IWNFQnAIvNGugvag9bQ8JSOB3YnrT-ezeaIVN0KQXvnQroZJ4BPxtVhIZ7wYZH0ucMcTcFtbMuZvtjjmFnZtAR8cMPBhjSQqXWRVISSNx5HUQgOJZCpiENZdDFiaFItc0senAl4dC4ut25zbBI&sig=Cg0ArKJSzH5c00ic9obmEAE&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210224.43114&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 img;adv=11147208041415;ec=11147225831950;adv.a=8029426;c.a=23910008;s.a=5983337;p.a=269392019;a.a=464262263;cache=3525902492;
ad.atdmt.com/i/ Frame 78F9 42 B
269 B 37ms
36ms Image
image/gif 2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/img;adv=11147208041415;ec=11147225831950;adv.a=8029426;c.a=23910008;s.a=5983337;p.a=269392019;a.a=464262263;cache=3525902492;
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8004:face:b00c:0:8c , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 06:56:09 GMT
x-atlas-debug: AYLu_s5q7FPdsUvbwBrpEQYxoWkBBTyN57AGmwNHRH7_epKMO83ku8q3rvpx3UKHg_JUd8XTXyqWSobSuMdb3pYK
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
cache-control: private, no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 42
expires: 0

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 78F9 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 09:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163011
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Feb 2022 09:39:18 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7DC1 5 KB
4 KB 43ms
30ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/xfa/sodar_loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee226efb39d384b48c2123dec2c196d010e3bb2f7fb3d14f5318767911da4532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4103
x-xss-protection: 0

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6801 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 25 Feb 2021 09:52:13 GMT
expires: Fri, 25 Feb 2022 09:52:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 75836
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 78F9 5 KB
4 KB 36ms
31ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/xfa/sodar_loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a33c4c2c9f332137599414c2761b1139f9528e34b82e4bc2213df96ae7b9b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4028
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7DC1 0
55 B 80ms
61ms Other
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AB8F 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 25 Feb 2021 09:52:13 GMT
expires: Fri, 25 Feb 2022 09:52:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 75836
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 78F9 0
55 B 65ms
60ms Other
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 06:56:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B0E 0
111 B 41ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=1724043632357612&bg=!oKOlo-DNAAXB_3NtwTsAKQB2-Dxaxmc39bRGnkn3YmzBUKq5hpmkGhQi1RRAEjmAbR01kGa79ASJAgAAAGlSAAAAIGgBBwoAnmE-_ixG3xxbddnU_SI9-_eiouQotkmfUdr6FfqrjoFrBe_hV4iutWlWT2_8zyvZfYEHDJnQ-_mWFbtJqDWpZ8oAi4bIMLRTJe7RoJmA7lzTb7y3Ue1nRK9_0ovBRPovoAdaHfsfRrqcQr6nq6sLe6FiJH27bXtkDnWqC6ctCyllZRVF210Cm4QWmTgW6gLrZtWENte4kXJJz1Wgi7VWmQIDsYlcZghlZOI1YVVmGeOz-aubNVKbvLK_3lkzFE8XYHzEI_0mqWpUZDkzUvvq-nRcrVGGjbXq7RZ4qGCvKeIpEMAqNfn0VFqQU4WgkrTK84oLgi0cu3PYtxQ75ab2K9HmzqTyQi_PFAqSBIHaKCpTw_hkzOf8INqxf8pGL2SkbArddhXQMj-eBcHCFB7pKNdUsZET2Vgv_jvN3JiQbfUz61kSbaqY3wHG_VPy_4j84LpLAkrjjsaHJwrxWU7qwsVLAA37dA2JYvnEBvpMuBqm3LpMynJIUc4-DugkDJXVXJ7-kT2dpXRAcO8n1mrhVHaPZYGyMJiAPzhH9NxEpUqMkOfM8WQ5M03P7neq6Y13lKZVzBvUkbiypvhCVhNFC0unCb5q536c_9y48G62UAlIGdvDWK9WNA6sP--GLkXBPpNwo-dW6g52Qo_rTJOCeAVRosIC6FsOVbxYtZHd4M_5VaiO55bpDqrDMGungPkGiDNOvMP-tAkbRu4U_dvcxQFsneroghFrMLJVHwthGb1hVVlIc1x4kszo0e_z39bMpP9XiaxfD_-uHuYq3wVV_ZUVQfj8D7oBNfmXjs0RN4xUEHonq7XOo38aYuAN7OKsCuyhlBS2k2yubdXw39128aGxKogzRILUyjeNzTedJhyeBm2jLcOKvbUWQ47C4RfcTBXV2tc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/Advert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 06:56:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1954 0
23 B 43ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=760368476018614&bg=!LC-lL2zNAAXB_3NtwTsAKQB2-Dxae_IeVeouQcUhWE5Sa3wV0InJHJOtMfpct1_vbAURbhDqZIcjAgAAAGVSAAAAHGgBBwoA6tGCKo6XznjZ_QQOJY1OFBrbBgWVubxKSQ2M-lpGEsq5988D7oDGoIXiXQxikvRuLzTFvJr-yelP6EUQz2iooUZBcR-0BEGQauyQFWXwQ2rAhjNfr1LaAAdaGvX2ikhWP44sDyEj0-_M7TGJJj-iOpPAOWo_VaSg9hZY6g5Fm9plvRwDGXmUvLAUl4ogRJYK5T1ALRhMgE-1bWln2OfTraXw5vg80lIgk2ia0G0Hf0N7HnMFE_uyXnUL4iIWj5kefCRvSfMO3VbG7KxkrIRCuKHp6MQsGrUuDe6szzRnEIMhnjJ7Vr4nhgbIHpkCChC9ShukEMY2sHuV2q4_3nR5wESYDcoMj24YeSxvwuc2fFO5Pcm2x4QzhYkmFW39r4ISx2OBA65Ag6cogvIvQzFavsGp3Pa558e-nxpnsSMFS65T-e_xw-Y9kgp_NykWytvVhLitQi3_ejDhTPm9tb2tNagGnejmIZUYbbcMHCRjOQ83A62yq04cuR8Nb8279joBzhki_SaDwVppsgCUCX8s7aMc-Xb68aK22FQyAEgj2d2yWOrWfgkyiMQCDckYe2GX87Xp1Y61-rlkUXrdJggH0itCnejzo4ChtYCe1uIkg69LGveOe5jnK7pRAruPqIRqYDqoABywFSEiOtM2LUTy3Pbi2p8T_4TMintUzQz5Hv9niHz3H8s-Bif654A1666wVQbkygbjNa0OnsDwTkSzJ0NRCnfyCRFRRQfFGlNszRIXjXrsqZL-r9YGQGzreUAjyqiEeMk43GNeQTH3HRw-p2Bs5t2KT6E_20qMk7UCQUjEKofM_MtMKVm6k_jMh-Gu72CU57rkTKqA0wcX1MfWRKMiv7nKr2PcV7DgyJsp4UFVhhp6XzoOCGR-LZbzjl09VAw5VzaulOqd75iPBfoGP7iOTjvSj3l-r4rAnbcH_h3NSGdVZwQcXlXV1GYqRgp5yqbiRbST_BEAq6RKsIMZ9e0-iZizOxWBGO8W73ezmDlxgdN2nPQjRQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fxblue.com/adverts/TopAdvert.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 06:56:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7DC1 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/xfa/sodar_loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269390891;dc_ver=68.195;dc_eid=40004001;sz=468x60;u_sd=1;dc_adk=139305671;ord=662ja7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb-kdb9vj4NB1dHVnRqaM2pdRzsAEzmVhRwV5fIh-BkAitil0PrYRvDsZhXqpdjdgxnHcdOc5i5dRepCY78vPEH7--cwJkK6CVjOJMKjGMXutCCPU2vgUbTxtB6kI-UDDBfj1FkntzX1LQeru6gh1Tfrj3mx7tLvDsMTZEUoKBNpf_I8BphJMztryzn4AlFeSY-4TvStQ1LZ4pJwtU_GarSpOOZZYoJ1avTM5FHvgpgUpV8wczWKwjUQV0xGjQE1g0wYHOsDZFvXYNXggOVBeKphbCbxe5-BTeseVxmeO_w_lz%26sig%3DCg0ArKJSzNH9z6Npn17CEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FTopAdvert.aspx$0;xdt=1;crlt=jsRfek)gvg;osda=1;sttr=61;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:09 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 78F9 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20110914/xfa/sodar_loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/ddm/adi/N518603.2626702FXBLUE.COM/B23910008.269392019;dc_ver=68.195;dc_eid=40004001;sz=120x600;u_sd=1;dc_adk=1069910018;ord=jn2i4b;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssxWnTJHuqgvSIv76Wm-jLMTIzMJF05UMNJyDqTTzTfwKA39QHtl_6tST5ZRCtGMsNBkeIy0EprDSHNKdP-HxrMovSlxE0RhXQC9Jni0_-A_luD4WY2V68eHccEAHVxt3R2Bp7eVrZqj8Pv-gffGs_cdi9T3ICmJ-znD4MuoBrq9x2XDJlE0iH02bz7SMjmnezSFsaAEDaL6NLKpWlPoRdS-AErcGpKJq0u8vV6sHhYVjgLOIgUzaVWEUmxAYbKrrRDcZcB_H8pI535ktS6Ye3c3ejifvxJicrj51U%26sig%3DCg0ArKJSzCZlHwA2QS5KEAE%26urlfix%3D1%26adurl%3D;dc_rfl=3,http%3A%2F%2Faugustforexgolem.com$2,,https%3A%2F%2Fwww.fxblue.com%2Fadverts%2FAdvert.aspx$0;xdt=1;crlt=CitiM8(9*G;osda=1;sttr=31;prcl=s
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:56:09 GMT

GET
H3-Q050 200 gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6801 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 57354
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0
expires: Fri, 25 Feb 2022 15:00:15 GMT

GET
H3-Q050 200 gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js Show response
pagead2.googlesyndication.com/bg/ Frame AB8F 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 57354
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0
expires: Fri, 25 Feb 2022 15:00:15 GMT

GET
H3-Q050 200 9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js Show response
pagead2.googlesyndication.com/bg/ Frame DA3C 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 20:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 37740
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6189
x-xss-protection: 0
expires: Fri, 25 Feb 2022 20:27:09 GMT

GET
H3-Q050 200 9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js Show response
pagead2.googlesyndication.com/bg/ Frame D4EF 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9RdNy2KfqE70k7Ep5pIJEFWQRxy4C7JCE7EP5OBJOVg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 20:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 37740
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6189
x-xss-protection: 0
expires: Fri, 25 Feb 2022 20:27:09 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6801 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqURHiZs4YKfQA9bk7_UPjeaNCAAAAAA4AeAEAg&bg=!NTalNnXNAAXB_3NtwTsAKQB2-DxaOj0j_vFwq1aPdwPfRN81IM3ZBjlmJj0kDQEPpO3Hpy04nH77AgAAAJZSAAAADWgBBwoATABP6eWEr9nX5V66PfAI3JbvIqNJ-rJYnL3Q-nZBoUnSqxUCFWeLew_HgCCL21RvgRhs50SYnTySTxV-irapgVc7Tgi-3qMPke0sGY2ZAr9SW0ZzEESGieVFYVXSZkBqdhw41fO2F19WhDjDhJCSoMhFh1T5Ew6gWRuKDwEHD_T8z9eqE0VmM0aCs3umtGpVgxMW25je-5FdNQ8y76nhhFP8r_hWt0M5rvrTY41P870O596T3DlawnSD9xD-uFCxp1teaiSOE02N5Cp6al16rKtxH5BOA03mJQ0wM107IkrRkx-iwi0W-XKqBOGVDd7OPcO_UrLq_r1xJ8LIrrbDJPOXcLYSlioP0sYctlX-LLCUyu1Qu0A7C-3kcK-Ahelc6XpCk1GpchErBihgvzrKV46vPmwv1ktW-qrnqwOuzk93aASBFOJU2Ywm_pEa-IHt_sItI9naTdCn70AbJkssnMU9Ls2ugCOpKabq_cMCWUMfHBZNHGLyhX7rUr45vztqd4iBXvtIT4KuvmSEpGcRXxpHZBMFRTA-DLhcl2Xx8478xThGSVSYnE_2e0x0kP0UNqEnniPCq0tLrvQ2s8TpRVTr0xyG8NxqNRF5NmnRb8iu_yT9XBPnRJC1Q2ACPAo249fefshmevsmU5aV5r1Y6d4lcs3W3plAN9-W3myNxw6oILMxqrS-iArJMh3zdfHBlvM7TSXZzH5_tTUeQs0tE4JdBZ7jHmuOPwo809k_-EIt1xCuxOyvL-bM049TatFOmta_vT9XtP20fYZ5jkNSrFWQVDqSRKe9ZDFMGJWypABczM7hmHZGPb-4lvc9t29o-co6oscAEq79YZ2jJhJxfKyrYOlDylTwgcuwCD2vxD113DBVah9MciDcWu7oJROOeNfb3Pn_ATVXgxRDxRLu9mE2Avcl7ICbYZBsgugYju4mSLPWsuRcCbB4seL4q7-vv07licwcOvbbQuj1JXjNx1AKEp4W8HUNoE2-RsXZatd1AvM52JoVWzfhG6IhwTVl0EMnYtKBjyC17lxUVgA-

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 06:56:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB8F 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtvtqiZs4YPXAA_2GjuwPrciLsAgAAAAAOAHgBAI&bg=!mJulm9jNAAXB_3NtwTsAKQB2-Dxag4MmVNv24i-gwnDJQ7yZk2z8r7aJJeyhjJ1csKxtmIWtNCP_AgAAAIpSAAAAD2gBB5kCwnQxGKGilgBvUyMfuEb8IjVgzEY2gvHAL_WyCD3b9e2cfGUPuGc9rXF1N4-t7OeBiGfmF_AeYr-m_MXWDUtFojZrjKoFNug2hVz5rM3A34x-kfnQzaFlHh7ctg6h8oD4HZZCosz8tpsqZpXOllwdUpYWwrYJSzClKcCATVEHpl_1NWahmn63iey6UTXPeL2zAZU2I_PfDFebsXeAiDt5zd9ibH91LhhZIzR-Ba_paNquF7Wea9a1l3RNJD82P2kVm8HQEauSganbWdwgBQ47mliN7GRHY-Ojys82Ddcpl7zN-gdt4tWwNcTFstFqVGxdZL__ckPRgEKIZA3a9SfViEM5kzmujJxp0DPX9xzBM_CehQa-GzGTbP0Z3PUQVfoSkmb4WRESXr2fOWSCTGTXatM7rRIdhSDUztc3z7eGo1oWShZUp4fT9iDU3016ZjtBLovqIyp4nfLMGDcZH2Q6V1eDNYfMQ2hG5HTg0u_WQXmc9WHy3CVoZh4WDvn3o3WFGG7pumnoxw_dxw7dqby8OTjH4StJRFFboIi4BCwINNAuTE6co-SuVNjr0sVm96s-o4a-pnYKaMrkr6vvaEXftmcdsSjFgrpkdH9XjyArZGEZi6nwpdW3bo9tb3muGZkQxbR4YtdlI_hEaZyKsebZDFBmYXMISsH9mqwVvb9iwOEP-o3KG3gN_bZqpieEgyk-qFxJiwMeiC69nnP616CUnEWASTBfO3tGbRpOGC1CxMoOEmh9YO4PmgnHjv0T2FxekK5enBgDWfVlSWS9XmtEYbWGXxdV9j8XtJkeQoOrZZ1gxoZaTPOZW7lNZzy4rxCJ54hMP2ajryF84TZ4eLkcRxLj1gkX6Blt3-RbMEXLF6xqe0LEVaqPhh5yPPnxaArnWvDiRvOOcBv7XLlYv6-Gia-w4fCT_3YPb_kt83m7MOxZbl0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 06:56:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

410a3872138098380bc5e8e98f4604f6.safeframe.googlesyndication.com
ad.atdmt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
augustforexgolem.com
bit.ly
c36d734357134ab23b9fd4178b22ba1f.safeframe.googlesyndication.com
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
tpc.googlesyndication.com
www.augustforexgolem.com
www.fxblue.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
104.111.228.123
142.250.185.194
142.250.185.198
142.250.186.162
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a03:2880:f01c:8004:face:b00c:0:8c
45.40.165.34
52.210.45.137
67.199.248.11
012d1d05b0ad776a59451ffd514c4fbef7a52b92f5a0570fedd6eaa534db32e9
0a033384acb518c1c9c375044ef9f442ed469905ab3607dfb2c6d2f2d50bc72c
0a5f34f51d23ff07327a46523d4a0daf6ac288069f5243f4f8cb576b411c4031
0ba2f6756001669bdf934f9d79e8fd1ccf2028130c33a0510279581ec9dfd73a
10ad90fd14651670cc539f1c884bedc7cb2872b002fa5d119b4ec30b6a918595
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1a33c4c2c9f332137599414c2761b1139f9528e34b82e4bc2213df96ae7b9b8c
1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d
1d85f1099a14eb12b48ea5304bce4582b9627867a4901d07dbdc7c3dd9fa84ec
2636f059f6db525c32f3c85fe4a437c65ffbe6fed3409bc481b0528c452537fb
2c99ebf3b86e943d75eeef17e784fc02007d6f954b82ed3c6b8325048162e2c8
2cb6d99c8ba2262a4d0c6d0333a35b67be6d4db6c5a7d2c4a9cff74e5970e4f6
2ceabf012c48dba7c3865ebd47af9b28e17bc94defc4960105eb47a871a1bf29
2e72a5ee0982cf53fc8cee83f837f897bc9e82a057453c647d5706b6ba4ff757
2ec031faa635f322ba83e07656ac9345a0fbb4f54a9b6911555e9da3e93d59fd
3278b8052fcdcecd0fab9f1df4aa0377a00ec0d3daaed425f82613ae63d77fac
36780f98ed7f7e302c2f31fd7efeb7cc75212ac281935245950e125545350e6a
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3a2227a57f22656e9dd5f8ac95538d1c18a4dbc01838540ea2e9ec9ea776f97b
3da9d2a47305d8315f6e194d72050fd99d6a92255dc7890afbb9bba9fb0138cd
454c4bda5784e3bd1429db89ee67385cd171e411c1dc7ea5dcde9e823bfee6c4
46692916c4ed38bcfb441a383fb3e958e5a88be22b82e505a6db06e9d5be6117
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
48dc36d0fb6e08b6c05f058d8abff6b7ddfe0849be3bd1f90b1e89db2b005eb0
4915ef5bc8ff23461a47e16c232043ea10f2e040200d50bf5e26d0a16c9194f1
4922394164e84757d02aa4eac07ee7af85379d233cda7f9ead9f96a5a2beb3b2
493bc5ae889a0ba3f98793a3ba0da780eca7f14f56d5cd0a44d4b3f9706c4d30
4943426e48e534b4c4ab01d7229902e0877fd0d3fb7126b5956361a6b8f0a785
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4d27769b3b3537a4d79330bb4baf05ad186f3417d02319da6ff459c0a5f44092
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50619bb05adb3070b5434c61dda210f8f95832d5795f4f84d6a199a51a923d29
517afa5e28d53c9af2c3b7b146d6686dfff1ae522863b235052b63d77c543b94
528ea37022c3b9a010e08f03edd6ae15586962956cb4258461d2613dcd505724
5bc9413f9784c045c4d4fda0f38c3a740ef8818d8e824e58b5af3714bca943df
5cfd35f9f43e681fabb2ea335359c3eba05fbdb6d86480aea95a637b30cb6284
5f90ebd02e91d7c660b7f8f299d6fefd4c4f46d706d467c01857d19807b5d949
65b821d2661de64da02b2e3298ae35128eee9ebf646c3f681845291a22acdb6c
68862b3246c6bf0e002b1d412b319ddb6500c007e9d5bd77f1a0e94911d4e9f1
68eb209cd02fb651a450f3dd81b35b50eab552091a4e79cada70eb0b83de5d19
691f800e3a2c40d8adc89c93739b0fb4a23c849254ce516dd89e286c8a5e6c22
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
77f3fc471a6509b234ec5a0a843e96a0567f5de7f48b0387a6e6961a7a1489ee
7990e6f3134a91e5008535f2f2fed91b70f6cddbf1c74d672dbb741abd9fddb2
7de4c183e410a79cad32ffd3d563ef6fa047ae4f719456391362fb0c0fadfe85
8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7
85e48a0e9ecb02392104c01d800e5e7e6d016c7b203c95106b112d248e13a94e
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
8af4585c41ea881f894fa6f3f482f6f8d394b5528052b4a33f07533dd90b19a0
8d4e2e638b397f363be1fdc16f6d59aa90e2b70cbc5ce4369e56a20c4c8a1d9e
9126284c021f1c3cb87c2415e6bbef2563805adc8cc05e11d8833d020c6c3324
917f717b70af1534c983eedf70aec9691485ef211b3e573e88c1b7a7f0f6812a
97733b8051a5b0ff24ac2018084eeccb4b4ff346a5bc22c519ceb78d9c84e7d1
97889e1972deb03c24d3f4f84a6719233efa97730b6fd7ddc718bd6e58e6c700
9901b0c130b11d6f9ae7e94e53fc7113332f48cbe05b17aa66441840155b47cc
9ba484681d0972c8f5fdd10ab0986c9fa68a6511ef29684db473cc2fab186e38
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b3a2a3d13b57f07aa855cf974c90cad593a53ac0f53cdc58d5f49c91eb2092
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29295f9452f38d2df87b9592e41fda14e0ae5a5bb318f7893dd199504e39151
b2bacd20755851cd8773d8f227872e52fad9e627752c7d5e5027347420502d24
b488c65fb23969b1f2fafc88bb1ed0b425f8227500928f6dcb38859c29e45e29
c261f79455e7156a23ec46b5dba2f1f741b77059820b547f0ce835dcfe4b6b19
c8d1fd4ac1cb14d78f8c066c0e032270d034d7e77a6fdfbb7325e17e5fc0ff2a
cf10d79572b622cc42a98ec271cd8e311464939eb91c7af1bf14d2594e76fee5
d009b17e40dccf63690c8420591b50a2d8b4cdc2dcb8721b5ed1e00eccacb103
d0824011893a09210b79c666172c10cfd78208e24a2bd9b6f3c3d7f9f1bb908b
d1b2bb69f3e1378e87d9b4b60554595c853b8f732850aa6b708f66f9d80f4152
d48c95e39e7dcd31ebeee1191f77770fa1cb0a4213bb84ac925406066218c841
d6ad0cd85dcfffeb04c2fa8cb4537247f38226a9ef2d5278bf554066cb586007
d6e7739b949915d49b6bf8726a6c06cb663b832d9bac375f48463a2111104a53
d8b61c643fc1be5a9f2bc56280ed3e7449f8a567d13f8a84438aa2f9733b3353
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e059881e677f0b14e2ee0701ad96f7d9273663b676a677e31324a7c20e9934fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45d4cf4a28aba431c222b0fe894f8d33afacc2fd6e386299e60654d563b25ec
e71e9341d7f8dca98f9ea9ad7038f590606b4ee0b89f6bf0d1b9ff0167dc826e
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280
ee226efb39d384b48c2123dec2c196d010e3bb2f7fb3d14f5318767911da4532
ee4f295e14861fc30ed3be25273f1b27e5689349ed03c17e4d4261f1e9ea4f20
f0b04d65d7e52487553553e18ae7e775bbb3ac2b8b0161ceec5c4d164ad93c95
f23cf16bfa37a63b33a0fe446d90e415701d844c8f10e0354a96a687ec45f352
f4fdb87c57bc847088dce0b9e304ad29f484d9aad79d886cbbdcfe1479c7d79c
f5174dcb629fa84ef493b129e69209105590471cb80bb24213b10fe4e0493958
f8fd20d7e46ad5e629f7011eb80e5e1214a176e3a3d1b39d248b9bfb098e7917
fefe9b3e8092e64911c1e3c00c3d8b77376e7a8599d8a99a3ec4783d6505135b

augustforexgolem.com Open in urlscan Pro 45.40.165.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

91 %HTTPS

61 %IPv6

14 Domains

21 Subdomains

16 IPs

3 Countries

2223 kBTransfer

5478 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

augustforexgolem.com Open in urlscan Pro
45.40.165.34 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

91 %
HTTPS

61 %
IPv6

14
Domains

21
Subdomains

16
IPs

3
Countries

2223 kB
Transfer

5478 kB
Size

0
Cookies

140 HTTP transactions
0 data transactions