URL: https://nexo.io/ref/ragdrlweop?src=web-link
Submission: On December 14 via manual from IN — Scanned from DE

Summary

This website contacted 38 IPs in 6 countries across 30 domains to perform 118 HTTP transactions. The main IP is 2606:4700::6812:1c15, located in United States and belongs to CLOUDFLARENET, US. The main domain is nexo.io. The Cisco Umbrella rank of the primary domain is 332347.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 29th 2022. Valid for: a year.
This is the only time nexo.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
36 2606:4700::68... 13335 (CLOUDFLAR...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
12 161.71.2.166 14340 (SALESFORCE)
3 2a00:1450:400... 15169 (GOOGLE)
4 99.86.90.76 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.225.78.14 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 23.54.61.117 16625 (AKAMAI-AS)
2 2600:9000:213... 16509 (AMAZON-02)
1 146.75.116.157 54113 (FASTLY)
1 2a04:4e42:600... 54113 (FASTLY)
2 2a03:2880:f02... 32934 (FACEBOOK)
4 95.101.111.42 20940 (AKAMAI-ASN1)
1 35.83.209.52 16509 (AMAZON-02)
1 44.194.108.63 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.1.140 54113 (FASTLY)
1 13.224.189.97 16509 (AMAZON-02)
2 70.42.32.63 22075 (AS-OUTBRAIN)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:225... 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 13.224.189.122 16509 (AMAZON-02)
1 54.72.152.190 16509 (AMAZON-02)
2 104.244.42.69 13414 (TWITTER)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 52.31.187.71 16509 (AMAZON-02)
2 52.37.218.4 16509 (AMAZON-02)
2 85.222.154.122 14340 (SALESFORCE)
1 35.81.162.201 16509 (AMAZON-02)
118 38
Apex Domain
Subdomains
Transfer
36 nexo.io
nexo.io — Cisco Umbrella Rank: 332347
2 MB
12 force.com
service.force.com — Cisco Umbrella Rank: 3340
42 KB
9 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 412
149 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
region1.google-analytics.com — Cisco Umbrella Rank: 3983
21 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 372
www.linkedin.com — Cisco Umbrella Rank: 643
px4.ads.linkedin.com — Cisco Umbrella Rank: 6944
3 KB
4 mountain.com
dx.mountain.com — Cisco Umbrella Rank: 6324
px.mountain.com — Cisco Umbrella Rank: 6372
gs.mountain.com — Cisco Umbrella Rank: 10887
7 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 789
99 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 652
script.hotjar.com — Cisco Umbrella Rank: 797
vars.hotjar.com — Cisco Umbrella Rank: 929
in.hotjar.com — Cisco Umbrella Rank: 1744
73 KB
4 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1396
33 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 7952
718 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 6986
www.google.com — Cisco Umbrella Rank: 2
996 B
3 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2503
d.adroll.com — Cisco Umbrella Rank: 1464
20 KB
3 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2649
tr.outbrain.com — Cisco Umbrella Rank: 2587
6 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
240 KB
2 salesforceliveagent.com
d.la2-c1-fra.salesforceliveagent.com — Cisco Umbrella Rank: 176066
4 KB
2 t.co
t.co — Cisco Umbrella Rank: 511
579 B
2 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 887
376 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
35 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
185 B
1 segmentapis.com
events.eu1.segmentapis.com — Cisco Umbrella Rank: 91102
168 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1548
157 B
1 quora.com
q.quora.com — Cisco Umbrella Rank: 3309
422 B
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1416
8 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 627
15 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 903
45 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 678
295 B
0 Failed
function sub() { [native code] }. Failed
0 twitter.com Failed
analytics.twitter.com Failed
118 30
Domain Requested by
36 nexo.io nexo.io
12 service.force.com nexo.io
service.force.com
9 cdn.cookielaw.org nexo.io
cdn.cookielaw.org
4 analytics.tiktok.com nexo.io
analytics.tiktok.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
nexo.io
4 cdn.segment.com nexo.io
cdn.segment.com
3 www.google.de nexo.io
3 www.googletagmanager.com nexo.io
www.googletagmanager.com
2 d.la2-c1-fra.salesforceliveagent.com service.force.com
2 px.mountain.com dx.mountain.com
nexo.io
2 t.co nexo.io
2 px.ads.linkedin.com 2 redirects
2 cdn.linkedin.oribi.io snap.licdn.com
2 www.google.com nexo.io
2 tr.outbrain.com amplify.outbrain.com
nexo.io
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net nexo.io
connect.facebook.net
2 s.adroll.com nexo.io
s.adroll.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
1 gs.mountain.com nexo.io
1 in.hotjar.com script.hotjar.com
1 www.facebook.com nexo.io
1 d.adroll.com s.adroll.com
1 events.eu1.segmentapis.com cdn.segment.com
1 vars.hotjar.com static.hotjar.com
1 px4.ads.linkedin.com nexo.io
1 www.linkedin.com 1 redirects
1 script.hotjar.com static.hotjar.com
1 alb.reddit.com nexo.io
1 region1.google-analytics.com www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 q.quora.com nexo.io
1 dx.mountain.com nexo.io
1 www.redditstatic.com nexo.io
1 static.ads-twitter.com nexo.io
1 amplify.outbrain.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 geolocation.onetrust.com cdn.cookielaw.org
0 100.20.58.101 Failed dx.mountain.com
0 analytics.twitter.com Failed nexo.io
118 42
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-29 -
2023-05-29
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
*.um4.force.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-14 -
2023-02-13
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.segment.com
Amazon
2022-12-13 -
2024-01-12
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-12-13 -
2023-12-13
a year crt.sh
*.hotjar.com
Amazon
2022-10-25 -
2023-11-23
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-03 -
2023-04-04
a year crt.sh
s.adroll.com
Amazon
2022-07-03 -
2023-08-01
a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-22 -
2023-08-22
a year crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-05-15
6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-09-22 -
2022-12-21
3 months crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-13 -
2023-01-13
a year crt.sh
*.mountain.com
Go Daddy Secure Certificate Authority - G2
2022-05-21 -
2023-06-22
a year crt.sh
*.quora.com
R3
2022-12-04 -
2023-03-04
3 months crt.sh
www.google.de
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-05-14
6 months crt.sh
www.google.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
linkedin.oribi.io
Amazon
2022-07-07 -
2023-08-06
a year crt.sh
*.google.de
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
events.eu1.segmentapis.com
Amazon
2022-07-12 -
2023-08-10
a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
d.adroll.com
Amazon RSA 2048 M01
2022-11-08 -
2023-12-07
a year crt.sh
la2-c1-fra.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-02 -
2023-02-01
a year crt.sh

This page contains 4 frames:

Primary Page: https://nexo.io/ref/ragdrlweop?src=web-link
Frame ID: 18F13F019AEA8776603B519D7EDACD61
Requests: 108 HTTP requests in this frame

Frame: https://nexo.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1671019200
Frame ID: 70853E8B7C58B918E61891D8806490A3
Requests: 3 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: B0AE7C53DF3C6A602E9D885F33E07655
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://nexo.io/ref/ragdrlweop?src=web-link
Frame ID: 7DF761DF81EB8B9F96FD8DFB8F4B7D8E
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

Referral Program – Sign up & Earn $25 in BTC • NexoCookies ButtonBack ButtonFilter Button

Detected technologies

Overall confidence: 100%
Detected patterns
  • service\.force\.com

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

118
Requests

97 %
HTTPS

50 %
IPv6

30
Domains

42
Subdomains

38
IPs

6
Countries

2690 kB
Transfer

5152 kB
Size

36
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1084961&time=1671020349651&url=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1084961%26time%3D1671020349651%26url%3Dhttps%253A%252F%252Fnexo.io%252Fref%252Fragdrlweop%253Fsrc%253Dweb-link%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1084961&time=1671020349651&url=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1084961&time=1671020349651&url=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&liSync=true&e_ipv6=AQILJ4MS7B0WXwAAAYUQkwwcs4-Tb9an4RF5yMuddYCyWTGb4uaTEGK0Il8UYLqKPOZhdL0xKa9d

118 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ragdrlweop
nexo.io/ref/
219 KB
51 KB
Document
General
Full URL
https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f4c60011590f30394b37320c277fd7d85360e1cced209f167700efe16f7a26a
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://platform.nexo.io/
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=3600
cf-cache-status
MISS
cf-ray
7796e2d81ce59a3f-FRA
content-encoding
gzip
content-security-policy
frame-ancestors https://platform.nexo.io/
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 12:19:08 GMT
expires
Wed, 14 Dec 2022 13:19:08 GMT
last-modified
Wed, 14 Dec 2022 12:19:08 GMT
referrer-policy
strict-origin
server
cloudflare
strict-transport-security
max-age=31536000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
OtAutoBlock.js
cdn.cookielaw.org/consent/cf7dbee7-ca71-457f-a90e-53575bbc09e6/
21 KB
5 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/cf7dbee7-ca71-457f-a90e-53575bbc09e6/OtAutoBlock.js
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db6866f2c8068fb346729eaf83b9af903a99ddea3748b259328501b326c57e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
PwUn3fLFJjVySPhyJD2wbw==
age
15115
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
5090
x-ms-lease-status
unlocked
last-modified
Wed, 12 Oct 2022 11:08:35 GMT
server
cloudflare
etag
0x8DAAC421B99B762
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
030adf98-e01e-00fd-662a-dee784000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7796e2deabadbba1-FRA
expires
Thu, 15 Dec 2022 12:19:09 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
bKkFjZE43AfZo3jm8gqLew==
age
44840
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7151
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:39 GMT
server
cloudflare
etag
0x8DADC66BA2EA614
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5539583c-a01e-001f-5d87-0e03f6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7796e2deabb2bba1-FRA
blacker-display-bold.woff
nexo.io/assets/build/fonts/
108 KB
108 KB
Font
General
Full URL
https://nexo.io/assets/build/fonts/blacker-display-bold.woff
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b40bb5876de4ac6004e27e444a491da61411611e9a481dba3b2ca88e487f5147

Request headers

Referer
https://nexo.io/
Origin
https://nexo.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
last-modified
Tue, 14 Sep 2021 09:14:35 GMT
server
cloudflare
age
592641
etag
"614067fb-1ae24"
vary
Accept-Encoding
content-type
font/woff
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2dd682f9a3f-FRA
content-length
110116
expires
Thu, 14 Dec 2023 12:19:09 GMT
tt-norms-bold.ttf
nexo.io/assets/build/fonts/
234 KB
234 KB
Font
General
Full URL
https://nexo.io/assets/build/fonts/tt-norms-bold.ttf
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0063cb5798dee733f2033f349ff88a2ab10f0cfd303c7780a196cd84cc46c84f

Request headers

Referer
https://nexo.io/
Origin
https://nexo.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 10:46:10 GMT
server
cloudflare
age
592641
etag
"618cf472-3a76c"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2dd68329a3f-FRA
content-length
239468
expires
Thu, 14 Dec 2023 12:19:09 GMT
tt-norms-demibold.ttf
nexo.io/assets/build/fonts/
235 KB
235 KB
Font
General
Full URL
https://nexo.io/assets/build/fonts/tt-norms-demibold.ttf
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
699d7fc443dd3dd626280d50ec357a6670f977180a68afc29a97da60449640a6

Request headers

Referer
https://nexo.io/
Origin
https://nexo.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 09:32:18 GMT
server
cloudflare
age
592641
etag
"62c2b3a2-3ac24"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2dd68359a3f-FRA
content-length
240676
expires
Thu, 14 Dec 2023 12:19:09 GMT
tt-norms-medium.ttf
nexo.io/assets/build/fonts/
235 KB
236 KB
Font
General
Full URL
https://nexo.io/assets/build/fonts/tt-norms-medium.ttf
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dea4db29da216f38839f5b87723ed2b7fd9e6e4cdb0d961ec95c2801c855de8b

Request headers

Referer
https://nexo.io/
Origin
https://nexo.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 10:46:10 GMT
server
cloudflare
age
592641
etag
"618cf472-3ada8"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2dd68399a3f-FRA
content-length
241064
expires
Thu, 14 Dec 2023 12:19:09 GMT
tt-norms-regular.ttf
nexo.io/assets/build/fonts/
236 KB
237 KB
Font
General
Full URL
https://nexo.io/assets/build/fonts/tt-norms-regular.ttf
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65de48e1ac82d50b1f5011809116ef7f67653eb6a57dbe2f5badb7d4ee1d506e

Request headers

Referer
https://nexo.io/
Origin
https://nexo.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 10:46:10 GMT
server
cloudflare
age
592641
etag
"618cf472-3b1f4"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2dd683c9a3f-FRA
content-length
242164
expires
Thu, 14 Dec 2023 12:19:09 GMT
main.58562b8916d45ae6.css
nexo.io/assets/build/
195 KB
31 KB
Stylesheet
General
Full URL
https://nexo.io/assets/build/main.58562b8916d45ae6.css
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f154ff8e09cf1791dea1d4fec7252688e904a8d0750ef35bbcee24e9fef647f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 14 Dec 2022 10:37:36 GMT
server
cloudflare
age
5812
etag
W/"6399a770-30a7a"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
7796e2dd68379a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
header-visual-invitee.png
nexo.io/media/pages/ref/a58c0150b3-1658919160/
169 KB
170 KB
Image
General
Full URL
https://nexo.io/media/pages/ref/a58c0150b3-1658919160/header-visual-invitee.png
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1259e9177207d0ee55cc1daa042b1fa96e974dabd1e39ca6dd29984b7d38d1d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
age
581630
cf-polished
origFmt=png, origSize=192183
content-disposition
inline; filename="header-visual-invitee.webp"
content-length
173236
cf-bgj
imgq:100,h2pri
last-modified
Wed, 27 Jul 2022 10:52:44 GMT
server
cloudflare
etag
"62e118fc-2eeb7"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2df2be39a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
nexo-how-to-reward-step-1.png
nexo.io/media/pages/ref/502aeb9f66-1658931858/
23 KB
23 KB
Image
General
Full URL
https://nexo.io/media/pages/ref/502aeb9f66-1658931858/nexo-how-to-reward-step-1.png
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36bb568f7ea587228bac2fe3109988061dfb3608fa52bb874f96c4ae1f3f8ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
age
138694
cf-polished
origFmt=png, origSize=25939
content-disposition
inline; filename="nexo-how-to-reward-step-1.webp"
content-length
23504
cf-bgj
imgq:100,h2pri
last-modified
Wed, 27 Jul 2022 14:29:26 GMT
server
cloudflare
etag
"62e14bc6-6553"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2df2be69a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
nexo-how-to-reward-step-2.png
nexo.io/media/pages/ref/6e536ea744-1658931338/
38 KB
38 KB
Image
General
Full URL
https://nexo.io/media/pages/ref/6e536ea744-1658931338/nexo-how-to-reward-step-2.png
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843a712f28b39b5c7534e883d9d4d0226dcc518f24bc5f54c1545af40722ee71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
age
581630
cf-polished
origFmt=png, origSize=39358
content-disposition
inline; filename="nexo-how-to-reward-step-2.webp"
content-length
38930
cf-bgj
imgq:100,h2pri
last-modified
Wed, 27 Jul 2022 14:15:58 GMT
server
cloudflare
etag
"62e1489e-99be"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2df2bea9a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
nexo-how-to-reward-step-3.png
nexo.io/media/pages/ref/4f727e9dec-1658931434/
45 KB
45 KB
Image
General
Full URL
https://nexo.io/media/pages/ref/4f727e9dec-1658931434/nexo-how-to-reward-step-3.png
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2405ef0444f83d8db330313da92739cda43444839120fcbeedadf8baa9eaad25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Wed, 27 Jul 2022 14:17:27 GMT
server
cloudflare
age
581630
cf-polished
status=not_needed
etag
"62e148f7-b50e"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2df2beb9a3f-FRA
content-length
46350
expires
Thu, 14 Dec 2023 12:19:09 GMT
nexo-how-to-reward-step-4.png
nexo.io/media/pages/ref/effbb7a626-1658931441/
41 KB
41 KB
Image
General
Full URL
https://nexo.io/media/pages/ref/effbb7a626-1658931441/nexo-how-to-reward-step-4.png
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78248d5bc4df0d1bfa0513be07054e09be971046a307982926142c69ce3e35ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
age
581631
cf-polished
origFmt=png, origSize=42445
content-disposition
inline; filename="nexo-how-to-reward-step-4.webp"
content-length
42090
cf-bgj
imgq:100,h2pri
last-modified
Wed, 27 Jul 2022 14:17:27 GMT
server
cloudflare
etag
"62e148f7-a5cd"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2df2bec9a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
logo-trustpilot-one-line.svg
nexo.io/media/pages/ref/910b0743b3-1667826889/
8 KB
4 KB
Image
General
Full URL
https://nexo.io/media/pages/ref/910b0743b3-1667826889/logo-trustpilot-one-line.svg
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b913284cc97fcdfe4c8fc0ab3dc70993cb903b5040e8053bde81fc25350b9874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 13:15:37 GMT
server
cloudflare
age
581630
etag
W/"636904f9-212f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7796e2df2bed9a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
icon-twitter.svg
nexo.io/media/pages/storage/images/f9f2992b5d-1631610940/
1 KB
628 B
Image
General
Full URL
https://nexo.io/media/pages/storage/images/f9f2992b5d-1631610940/icon-twitter.svg
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f32e7b9ca8cd76dcbd204adfe62bdad13cdd6ff6db014f330caa40a0d90caad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 09:51:06 GMT
server
cloudflare
age
592678
etag
W/"6141c20a-424"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7796e2df2bee9a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
main.bfacfa7969a35179.js
nexo.io/assets/build/
218 KB
64 KB
Script
General
Full URL
https://nexo.io/assets/build/main.bfacfa7969a35179.js
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dadd40b75eba37528bf2cbd229cb1d79a40f4e3405ee497ab26fd9e6dd10f7cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 14 Dec 2022 10:37:36 GMT
server
cloudflare
age
5811
etag
W/"6399a770-36637"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7796e2df2bde9a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
browser-notice.js
nexo.io/assets/
2 KB
940 B
Script
General
Full URL
https://nexo.io/assets/browser-notice.js
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab0f469772ea7978d8a7131916233a86eff96a6107407967247ddef606341ed
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://platform.nexo.io/
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
strict-transport-security
max-age=31536000; preload
referrer-policy
strict-origin
x-content-type-options
nosniff
last-modified
Wed, 07 Dec 2022 15:38:38 GMT
server
cloudflare
content-security-policy
frame-ancestors https://platform.nexo.io/
age
592471
cf-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
content-encoding
gzip
cache-control
public, max-age=31536000
cf-ray
7796e2df2bf09a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
esw.min.js
service.force.com/embeddedservice/5.0/
30 KB
9 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.js
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.2.166 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
598684d34af3e0b2f2be1338d0bd066877b6df4e4588c3daae0813f59bd1f419
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 10:50:47 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 06 Oct 2022 23:36:44 GMT
Content-Encoding
gzip
Age
5302
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
8312
X-XSS-Protection
1; mode=block
Expires
Thu, 15 Dec 2022 10:50:47 GMT
cf7dbee7-ca71-457f-a90e-53575bbc09e6.json
cdn.cookielaw.org/consent/cf7dbee7-ca71-457f-a90e-53575bbc09e6/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/cf7dbee7-ca71-457f-a90e-53575bbc09e6/cf7dbee7-ca71-457f-a90e-53575bbc09e6.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ba57c9340ba6d208ec06cbbee776ff4445c28da00f34159fb598425f7b0ef1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YRTdYII35WhFjQSEqhpzdg==
age
28392
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1704
x-ms-lease-status
unlocked
last-modified
Wed, 12 Oct 2022 11:08:34 GMT
server
cloudflare
etag
0x8DAAC421A9BA4FD
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
54afe660-101e-0164-112a-de2e13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7796e2df68ea9a3b-FRA
expires
Thu, 15 Dec 2022 12:19:09 GMT
gtm.js
www.googletagmanager.com/
254 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NWGJNHR
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13df6e830b438d6f38d12ca4475423b7177bfc6434676e862221994c1ceca62a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89899
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Dec 2022 12:19:09 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/2tJDk4jy8UFKAKapDttA2SldVvoPKvn2/
100 KB
27 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/2tJDk4jy8UFKAKapDttA2SldVvoPKvn2/analytics.min.js
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-90-76.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adbeb79adfc3f39729eb6573b8b933723e9730839df8df19ddbede8f0defbf18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
rLOhE84T_IryzsBqEPjeTLxdGon1IWF3
content-encoding
br
via
1.1 f746a613a6247a8dda339ff5d3973662.cloudfront.net (CloudFront)
date
Wed, 14 Dec 2022 12:19:09 GMT
x-amz-cf-pop
CDG50-C1
age
104
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 17:16:29 GMT
server
AmazonS3
etag
W/"73d8c134e76e79b0d99d32b83c11fba2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
Ktpv3xBdOD7Iq6dNTKMV1yok7HSJVsIwydxEnMBdpfwPuNhWCFxG7Q==
navbar-qr-code-220x.png
nexo.io/media/site/09e2b4f0fc-1655204492/
2 KB
2 KB
Image
General
Full URL
https://nexo.io/media/site/09e2b4f0fc-1655204492/navbar-qr-code-220x.png
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c59e9d8c45ca3b2ac497b0251592467e65832d5cd575ea32877c8e97b5c64eb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
age
587183
cf-polished
origFmt=png, origSize=6113
content-disposition
inline; filename="navbar-qr-code-220x.webp"
content-length
1998
cf-bgj
imgq:100,h2pri
last-modified
Tue, 14 Jun 2022 11:01:32 GMT
server
cloudflare
etag
"62a86a8c-17e1"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2df4c369a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
bgr-glow-two-spots-blue.png
nexo.io/media/pages/storage/images/5fae885735-1631610938/
32 KB
33 KB
Image
General
Full URL
https://nexo.io/media/pages/storage/images/5fae885735-1631610938/bgr-glow-two-spots-blue.png
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db86cab48a4c54d98025978c81d83818ee64c8767891e703a0ed550b0323b5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/ref/ragdrlweop?src=web-link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
age
581630
cf-polished
origFmt=png, origSize=41555
content-disposition
inline; filename="bgr-glow-two-spots-blue.webp"
content-length
33152
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Sep 2021 11:17:31 GMT
server
cloudflare
etag
"6141d64b-a253"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2df7ca69a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
ragdrlweop
nexo.io/ref/
115 KB
115 KB
Image
General
Full URL
https://nexo.io/ref/ragdrlweop?src=web-link
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://platform.nexo.io/
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/ref/ragdrlweop?src=web-link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
strict-transport-security
max-age=31536000; preload
referrer-policy
strict-origin
x-content-type-options
nosniff
last-modified
Wed, 14 Dec 2022 12:19:08 GMT
server
cloudflare
content-security-policy
frame-ancestors https://platform.nexo.io/
age
1
cf-cache-status
HIT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
content-encoding
gzip
cache-control
public, max-age=3600
cf-ray
7796e2df7ca79a3f-FRA
expires
Wed, 14 Dec 2022 13:19:09 GMT
footer-cta-buy-visual.jpg
nexo.io/media/pages/storage/images/babcef19fd-1631610939/
91 KB
91 KB
Image
General
Full URL
https://nexo.io/media/pages/storage/images/babcef19fd-1631610939/footer-cta-buy-visual.jpg
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8030cbc787a4222e4ee0df94451e40a734337045371ec211f2ff5646113702ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/ref/ragdrlweop?src=web-link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Sep 2021 09:51:07 GMT
server
cloudflare
age
581630
cf-polished
origSize=92685, status=webp_bigger
etag
"6141c20b-16a0d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2df7cb79a3f-FRA
content-length
92677
expires
Thu, 14 Dec 2023 12:19:09 GMT
logo-ft.svg
nexo.io/media/pages/storage/images/01444f7be7-1631610940/
7 KB
3 KB
Image
General
Full URL
https://nexo.io/media/pages/storage/images/01444f7be7-1631610940/logo-ft.svg
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6efdc0e5ca2160df3238c77b693626b94119fbf8057f32d1377e1e9135ee3e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 08:29:15 GMT
server
cloudflare
age
581630
etag
W/"6141aedb-1b28"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7796e2df9cf39a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
logo-independent.svg
nexo.io/media/pages/storage/images/5d66eb0aa6-1631610940/
30 KB
11 KB
Image
General
Full URL
https://nexo.io/media/pages/storage/images/5d66eb0aa6-1631610940/logo-independent.svg
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba53725be8a16b0680e5d5a798c88c5a3413104e785cb73b683e3d7ab6d57fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 08:29:15 GMT
server
cloudflare
age
75911
etag
W/"6141aedb-79eb"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7796e2df9cf99a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
bloomberg.svg
nexo.io/media/pages/storage/images/a9d150e7b9-1631610938/
4 KB
2 KB
Image
General
Full URL
https://nexo.io/media/pages/storage/images/a9d150e7b9-1631610938/bloomberg.svg
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4248a2b9d69f379c5fa4490bececd8f164e51b94a773519eee2475a3641813ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 08:29:15 GMT
server
cloudflare
age
581630
etag
W/"6141aedb-fbf"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7796e2df9cfe9a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
forbes.svg
nexo.io/media/pages/storage/images/1d4a9647c3-1631610939/
7 KB
3 KB
Image
General
Full URL
https://nexo.io/media/pages/storage/images/1d4a9647c3-1631610939/forbes.svg
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7108f6fae7f607ce481a04968f681e82ab8da4c594485526822f0cf9b5fbcda1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 08:29:15 GMT
server
cloudflare
age
581630
etag
W/"6141aedb-1df4"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7796e2df9d009a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
yahoo.png
nexo.io/media/pages/storage/images/5c4b8497b1-1631610943/
4 KB
4 KB
Image
General
Full URL
https://nexo.io/media/pages/storage/images/5c4b8497b1-1631610943/yahoo.png
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd332999082308d8b3af0b317b1f0bde96f85fe159e6759fc7261d148175b77c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
age
581630
cf-polished
origFmt=png, origSize=5566
content-disposition
inline; filename="yahoo.webp"
content-length
4386
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Sep 2021 08:29:15 GMT
server
cloudflare
etag
"6141aedb-15be"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2df9d019a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
fox-business.svg
nexo.io/media/pages/storage/images/1f1bff4b04-1631610939/
8 KB
3 KB
Image
General
Full URL
https://nexo.io/media/pages/storage/images/1f1bff4b04-1631610939/fox-business.svg
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dcc1102a960f58e62284b54ab4ee57e92a7462795e7164f5b0d9126462a0e47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 08:29:15 GMT
server
cloudflare
age
138693
etag
W/"6141aedb-2065"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7796e2df9d129a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
coindesk.svg
nexo.io/media/pages/storage/images/d9be8af2c0-1631610938/
7 KB
3 KB
Image
General
Full URL
https://nexo.io/media/pages/storage/images/d9be8af2c0-1631610938/coindesk.svg
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e6e86d14d59d51dbca715f07aebdae0cb67013cc823de988f5824a1ce8398d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 08:29:15 GMT
server
cloudflare
age
581630
etag
W/"6141aedb-1d23"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7796e2df9d159a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
logo-cointelegraph.svg
nexo.io/media/pages/storage/images/7de30584fb-1631610940/
18 KB
7 KB
Image
General
Full URL
https://nexo.io/media/pages/storage/images/7de30584fb-1631610940/logo-cointelegraph.svg
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fbed454e234c46ceb2d7287a1d4a401c4302c56d1fc30b976a461e4d0b211b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 08:29:15 GMT
server
cloudflare
age
138693
etag
W/"6141aedb-487f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7796e2df9d179a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
usp-exchange.png
nexo.io/media/pages/storage/images/8269beee69-1631610942/
14 KB
15 KB
Image
General
Full URL
https://nexo.io/media/pages/storage/images/8269beee69-1631610942/usp-exchange.png
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dc63e5408de810bbef2e435e2ec5438c0a3c398f702b8e9bf09aeb79816974d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
age
581630
cf-polished
origFmt=png, origSize=17195
content-disposition
inline; filename="usp-exchange.webp"
content-length
14736
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Sep 2021 09:51:24 GMT
server
cloudflare
etag
"6141c21c-432b"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2df9d199a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
usp-earn.png
nexo.io/media/pages/storage/images/101cb3291f-1631610942/
12 KB
12 KB
Image
General
Full URL
https://nexo.io/media/pages/storage/images/101cb3291f-1631610942/usp-earn.png
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f60a071ab1ac0253190075b86085c6b5efa15e521ec7e6aa2517a270e6a2ff68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
age
185869
cf-polished
origFmt=png, origSize=13784
content-disposition
inline; filename="usp-earn.webp"
content-length
12286
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Sep 2021 09:51:24 GMT
server
cloudflare
etag
"6141c21c-35d8"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2df9d1a9a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
usp-borrow.png
nexo.io/media/pages/storage/images/7f7f34e7a5-1631610942/
13 KB
13 KB
Image
General
Full URL
https://nexo.io/media/pages/storage/images/7f7f34e7a5-1631610942/usp-borrow.png
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87b17f00e90160683856ab41e85365971aa258d53ac36de77aec5fae28e131ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
age
578960
cf-polished
origFmt=png, origSize=14704
content-disposition
inline; filename="usp-borrow.webp"
content-length
13008
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Sep 2021 09:51:24 GMT
server
cloudflare
etag
"6141c21c-3970"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2dfad1b9a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
usp-stay-safe.png
nexo.io/media/pages/storage/images/45e7e6f716-1631610942/
13 KB
13 KB
Image
General
Full URL
https://nexo.io/media/pages/storage/images/45e7e6f716-1631610942/usp-stay-safe.png
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d4aebf436750e394d9f1fd9c4ce92d12fe04012bfe4c9440f92a95ec69d6e92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
cf-cache-status
HIT
age
138691
cf-polished
origFmt=png, origSize=14548
content-disposition
inline; filename="usp-stay-safe.webp"
content-length
12926
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Sep 2021 09:51:25 GMT
server
cloudflare
etag
"6141c21d-38d4"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7796e2dfad1c9a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
nexo-hearth-3d.svg
nexo.io/media/pages/storage/images/cabf7086e9-1631610941/
1020 B
593 B
Image
General
Full URL
https://nexo.io/media/pages/storage/images/cabf7086e9-1631610941/nexo-hearth-3d.svg
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
666e3742d75ea3563abe5c55d47b058f229562a855bacdb2658c65ecc9b01d1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 09:51:04 GMT
server
cloudflare
age
592578
etag
W/"6141c208-3fc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7796e2dfad1e9a3f-FRA
expires
Thu, 14 Dec 2023 12:19:09 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
59 B
295 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://nexo.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7796e2dffbf49b83-FRA
access-control-allow-headers
Content-Type
settings
cdn.segment.com/v1/projects/2tJDk4jy8UFKAKapDttA2SldVvoPKvn2/
748 B
1 KB
XHR
General
Full URL
https://cdn.segment.com/v1/projects/2tJDk4jy8UFKAKapDttA2SldVvoPKvn2/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/2tJDk4jy8UFKAKapDttA2SldVvoPKvn2/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-90-76.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0e5e7fa34238de7c181acc3ea13bc0b0e25686ba2fafb00eef0f65e0665986a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
TQydEORgybuJNQkfdVqNjGyzkUU7Ff8q
date
Wed, 14 Dec 2022 12:19:09 GMT
via
1.1 c7ffc8c2f7641416c27e36a054b5f74a.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C1
age
103
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
748
last-modified
Thu, 08 Dec 2022 15:42:22 GMT
server
AmazonS3
etag
"25666f17cce88313cbcb46a801ae3647"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
00Px2_3ccDtR3M9kuX0Dw1P8KwwQp9DnMvjeLY5VDvEmkIhI7nZxLA==
optimize.js
www.googleoptimize.com/
118 KB
45 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-T9C8HZ7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWGJNHR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af2a12055662ea4b2423379031b2e10b0b38cb7002a893f7d33b5662ada50040
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45969
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 12:19:09 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWGJNHR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 11:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3803
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 14 Dec 2022 13:15:46 GMT
hotjar-939942.js
static.hotjar.com/c/
8 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-939942.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWGJNHR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-14.fra2.r.cloudfront.net
Software
/
Resource Hash
859f7ebe1da569f7f954700254e235ea016997d7894b9a8eef6d1dabe8e4b9f7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 12:18:36 GMT
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
33
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/95a47cef42e0316f0693c72a04f664fd
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
W5OvSa76Ouon7hTQYS0zeywVyIm00Nv3BTbQhV8gt4BDxlu_Edij4w==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/713709014/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/713709014/?random=1671020349465&cv=11&fst=1671020349465&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&tiba=Referral%20Program%20%E2%80%93%20Sign%20up%20%26%20Earn%20%2425%20in%20BTC%20%E2%80%A2%20Nexo&auid=1333720453.1671020349&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWGJNHR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31ca3697192a1ede5cd4328f960e10ec699668cf8b3a150fdc9145ecbd70a4c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
921
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
1017 B
658 B
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWGJNHR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
891c693ce3d3cf4785ef8ce23e9acad133d41dd2b4586d0a5f8d8b0571f913b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 10:30:30 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=79905
accept-ranges
bytes
content-length
490
obtp.js
amplify.outbrain.com/cp/
16 KB
6 KB
Script
General
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWGJNHR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.61.117 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-61-117.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1ccdc085b5be138822c5352d11f93edad63feaf4a7cbcac15314705a863492e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:19:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Nov 2022 14:22:05 GMT
Server
AkamaiNetStorage
ETag
"fe80c55f1e1387116ff9765261ed192c:1669645506.686439"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5269
Expires
Wed, 14 Dec 2022 12:39:09 GMT
roundtrip.js
s.adroll.com/j/AX2ICKJHJVENZKINIAVMPB/
62 KB
19 KB
Script
General
Full URL
https://s.adroll.com/j/AX2ICKJHJVENZKINIAVMPB/roundtrip.js
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:7000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7607086138634ad8c01872e8955563222d8d26423f9e2a4a2d9684f4543833bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

X-Amz-Version-Id
kITYqsFb2LysC.PLtO_V1YVu5HqQQb70
Content-Encoding
gzip
Via
1.1 82ded7662ff2806d716068ef52891c6a.cloudfront.net (CloudFront)
Date
Wed, 14 Dec 2022 11:48:15 GMT
Age
1869
X-Amz-Cf-Pop
MXP64-C2
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Sun, 11 Dec 2022 09:55:06 GMT
Server
AmazonS3
Etag
W/"3e5fd19305424536aea8e41a5b8b5663"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
IddAf-cfCK6U7WLMq1UTBKtc2lCQdEJxMt-kHv-R3ZktniN6IFLD9g==
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230039-FRA
pixel.js
www.redditstatic.com/ads/
25 KB
8 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Mon, 07 Nov 2022 16:45:46 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"3528fd00b652f61a266eb584d96f4fcc"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7722
fbevents.js
connect.facebook.net/en_US/
106 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df592448faeab448960b413837530e7d7846dcc9c24a74b1c213df2253f92654
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Dec 2022 12:19:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27794
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
cQMhaDB0UPBQhurDXo0aigV3pylu6pOLCa+VhsNAILYbdKicH8Mou58P2ky7N0CdqrqjtacnX66Qmt3DRHZivQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/
3 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C51FB6JMLFUNS6NQ60N0&lib=ttq
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4835df3816812fe7f7fb79d9c40a23f77478680d9bef731cd737a4a3eaa0f958

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id
271aa72b
date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a92-123-70-42.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=97
content-length
1339
pragma
no-cache
server
nginx
x-tt-logid
20221214121909F174340E235EAF5BC7E1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
97,92.123.70.42
x-tt-trace-host
010df6296fdbb6dbd3dbc52f3fcb2de0d72c237aad7e3f7ff04093cf6eab6772d05fb91b7b90650c7767533dfde534b8862c321134bf7c83261c44487906ac727c8ca0238e3f92f7a8f66d55f12ef430b4
expires
Wed, 14 Dec 2022 12:19:09 GMT
spx
dx.mountain.com/
15 KB
4 KB
Script
General
Full URL
https://dx.mountain.com/spx?dxver=4.0.0&shaid=33615&tdr=&plh=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&cb=70430728839577730term=value
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.83.209.52 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-83-209-52.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
ae4ffe331f45342ad545b81a7dddf1d0651afd2ee44751cccf972d48de6a16e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
server
istio-envoy
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
application/javascript;charset=utf-8
x-envoy-upstream-service-time
1
connection
close
expires
Thu, 01 Jan 1970 00:00:00 GMT
js
www.googletagmanager.com/gtag/
215 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9PLS786W8X&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWGJNHR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
42209bbbdca8c2accb4fa9d64076fc20c575a8afb74b8d4cc6db0456179e60a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76248
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 12:19:09 GMT
js
www.googletagmanager.com/gtag/
224 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WCQVMDL2Y6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWGJNHR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ff3bbb79364884f4e405fe61619d6939492e7894be5188976f24d7edb1213fd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78694
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 12:19:09 GMT
pixel
q.quora.com/_/ad/74e0540d3a934ad68f90cbb577f4d045/
43 B
422 B
Image
General
Full URL
https://q.quora.com/_/ad/74e0540d3a934ad68f90cbb577f4d045/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.108.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-108-63.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:19:09 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Server
nginx
Connection
keep-alive
Content-Length
43
X-Q-Stat
,d839dd0a23190e7eabacbf83247f57a0,10.0.0.28,48862,217.114.218.20,,86276851969,1,1671020349.970,0.002,,.,0,0,0.000,0.000,-,0,0,197,220,110,10,34729,,,,,,-,
Content-Type
image/gif
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.37.0/
367 KB
87 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c09d17405fc079c641533fb989b284d6b25fe4a402017701cfbf0d22b31611
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
84QDGKEUCS7BR7wlSH5now==
age
36364
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
89029
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:58 GMT
server
cloudflare
etag
0x8DA6BAB51B19C0E
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
55dbfc92-801e-00ed-7f9a-9dd162000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7796e2e0683bbba1-FRA
common.min.js
service.force.com/embeddedservice/5.0/utils/
5 KB
2 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/utils/common.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.2.166 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:13:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 17 Feb 2022 23:57:30 GMT
Content-Encoding
gzip
Age
321
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
1918
X-XSS-Protection
1; mode=block
Expires
Thu, 15 Dec 2022 12:13:48 GMT
invisible.js
nexo.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 7085
36 KB
17 KB
Script
General
Full URL
https://nexo.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1671019200
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
253b79f91f39edade4630d26a6770076d7016624fe41fe834986232c1404962a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7796e2e09ecd9a3f-FRA
collect
region1.analytics.google.com/g/
0
341 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9PLS786W8X&gtm=2oebu0&_p=148316849&_gaz=1&cid=553640448.1671020350&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1671020349&sct=1&seg=0&dl=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&dt=Referral%20Program%20%E2%80%93%20Sign%20up%20%26%20Earn%20%2425%20in%20BTC%20%E2%80%A2%20Nexo&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9PLS786W8X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:19:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nexo.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
341 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9PLS786W8X&cid=553640448.1671020350&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9PLS786W8X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:19:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nexo.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9PLS786W8X&cid=553640448.1671020350&gtm=2oebu0&aip=1&z=2133370542
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:19:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
341 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WCQVMDL2Y6&gtm=2oebu0&_p=148316849&cid=553640448.1671020350&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671020349&sct=1&seg=0&dl=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&dt=Referral%20Program%20%E2%80%93%20Sign%20up%20%26%20Earn%20%2425%20in%20BTC%20%E2%80%A2%20Nexo&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WCQVMDL2Y6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:19:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nexo.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ajs-destination.bundle.f10d3096539d72f6123e.js
cdn.segment.com/analytics-next/bundles/
8 KB
3 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.f10d3096539d72f6123e.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/2tJDk4jy8UFKAKapDttA2SldVvoPKvn2/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-90-76.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d69f268036b3545e930a8b74711a739e7e973debc9bd006841cbd2a558b44432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 20:03:42 GMT
x-amz-version-id
GapeAhBzKQbN7SroNzUOQhE.t.cdXItE
content-encoding
gzip
via
1.1 f746a613a6247a8dda339ff5d3973662.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C1
age
317728
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 01 Dec 2022 00:37:04 GMT
server
AmazonS3
etag
W/"3fe4d92339c7d21c57f0044fcdcf5274"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
BhlZZznVPN1r71y-A-3ir4wz1MGQKpkAyt7-lAB9ALHiTTFNpeh26w==
insight.old.min.js
snap.licdn.com/li.lms-analytics/
13 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 16:10:50 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=14153
accept-ranges
bytes
content-length
4581
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
884 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:12:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 14 Dec 2022 13:12:10 GMT
1747782152184319
connect.facebook.net/signals/config/
25 KB
7 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1747782152184319?v=2.9.89&r=canary
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5c12916f87e5480d9afd5ca2a44cea7f1ccd62896cba9a68f57c748db787bad7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Dec 2022 12:19:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Lqg9LDwcZor2NC5/b3xZSb+zOSrki4NpHuFxr7G/ARXA1cZwzCK3RP6NEfTLoR5HbMJuGsa694JQFKxzoDAsHw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rp.gif
alb.reddit.com/
42 B
157 B
Image
General
Full URL
https://alb.reddit.com/rp.gif?ts=1671020349608&id=t2_w0fxzww&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=02b3263b-f013-4c8c-b445-dde340e954ac&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_1967aea8
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
en.json
cdn.cookielaw.org/consent/cf7dbee7-ca71-457f-a90e-53575bbc09e6/84d5f9c9-b86f-4ff5-84a6-92643873a2cb/
126 KB
23 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/cf7dbee7-ca71-457f-a90e-53575bbc09e6/84d5f9c9-b86f-4ff5-84a6-92643873a2cb/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b330c71595a8f7ac054424440a0461508455b3b001703cae3e74392c351563b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dfatw8GTlBqST4iTRyz2Dg==
age
17427
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
23391
x-ms-lease-status
unlocked
last-modified
Wed, 12 Oct 2022 11:08:40 GMT
server
cloudflare
etag
0x8DAAC421EAA59AB
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1abe6e91-601e-00ec-072b-ded09f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7796e2e12cc09a3b-FRA
expires
Thu, 15 Dec 2022 12:19:09 GMT
modules.e446dd48ad4c173d0779.js
script.hotjar.com/
263 KB
68 KB
Script
General
Full URL
https://script.hotjar.com/modules.e446dd48ad4c173d0779.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-939942.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-97.fra2.r.cloudfront.net
Software
/
Resource Hash
28e7e652bdb6c55c2347e51f218cacfca5645711fa919dc879b25a5c88991aed
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 14:30:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
78543
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68690
last-modified
Tue, 13 Dec 2022 14:30:02 GMT
etag
"e594ec8e48bfdcd811b3aa8ce1ff2044"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
wthr_koBBARoBpHr8MgF9u0YSFkqq8hgaF6LF2C_BKuSD2r7YD0LqA==
cachedClickId
tr.outbrain.com/
35 B
239 B
Script
General
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=0057a0b756270af9bab5e30379e50f3bc0
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:19:10 GMT
content-encoding
gzip
X-TraceId
0fc5e925342ef6bb9515e69fd9109d5c
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/
43 B
256 B
Image
General
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=0057a0b756270af9bab5e30379e50f3bc0&apiObjVersion=2.0-gtm&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&optOut=false&bust=09769968468951002&referrer=
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:19:10 GMT
Cache-Control
no-cache
content-encoding
gzip
X-TraceId
6f629ebc2934490a6e3e4f65ddef95a8
Content-Length
60
Content-Type
image/gif;
/
www.google.com/pagead/1p-user-list/713709014/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/713709014/?random=1671020349465&cv=11&fst=1671019200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&tiba=Referral%20Program%20%E2%80%93%20Sign%20up%20%26%20Earn%20%2425%20in%20BTC%20%E2%80%A2%20Nexo&fmt=3&is_vtc=1&random=165163010&rmt_tld=0&ipr=y
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:19:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/713709014/
42 B
154 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/713709014/?random=1671020349465&cv=11&fst=1671019200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&tiba=Referral%20Program%20%E2%80%93%20Sign%20up%20%26%20Earn%20%2425%20in%20BTC%20%E2%80%A2%20Nexo&fmt=3&is_vtc=1&random=165163010&rmt_tld=1&ipr=y
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:19:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esw.min.css
service.force.com/embeddedservice/5.0/
9 KB
4 KB
Stylesheet
General
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.css
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.2.166 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:13:43 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 27 Aug 2021 14:11:56 GMT
Content-Encoding
gzip
Age
326
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
4027
X-XSS-Protection
1; mode=block
Expires
Thu, 15 Dec 2022 12:13:43 GMT
liveagent.esw.min.js
service.force.com/embeddedservice/5.0/client/
20 KB
6 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.2.166 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
065cc2a79ed5890cf8ac453fa6c5649226a0b7c920427f3bf7be8eed9c88cdd2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:10:34 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 18 Feb 2022 00:21:14 GMT
Content-Encoding
gzip
Age
515
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
5803
X-XSS-Protection
1; mode=block
Expires
Thu, 15 Dec 2022 12:10:34 GMT
token
cdn.linkedin.oribi.io/partner/1084961/domain/nexo.io/ Frame
0
0
Preflight
General
Full URL
https://cdn.linkedin.oribi.io/partner/1084961/domain/nexo.io/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:6000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nexo.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
35916
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 14 Dec 2022 02:20:33 GMT
via
1.1 086613b3103277577d231678b44747c2.cloudfront.net (CloudFront)
x-amz-cf-id
4A6I8atrpnW5nMQlhWaIyTRjN1X_WPH9XZHQxW0RIM3NTHp1AjJcdg==
x-amz-cf-pop
TXL50-P2
x-cache
Hit from cloudfront
token
cdn.linkedin.oribi.io/partner/1084961/domain/nexo.io/
36 B
376 B
XHR
General
Full URL
https://cdn.linkedin.oribi.io/partner/1084961/domain/nexo.io/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:6000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://nexo.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 12:15:16 GMT
content-encoding
gzip
via
1.1 086613b3103277577d231678b44747c2.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P2
age
233
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
plPEu3BXhf_Gcef5TmJYG9bStYGsjWwPXWjgCmr72EPa3KDHU-vLpw==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1084961&time=1671020349651&url=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1084961%26time%3D1671020349651%26url%3Dhttps%253A%252F%252Fnexo.io%252Fref%252Fra...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1084961&time=1671020349651&url=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1084961&time=1671020349651&url=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&liSync=true&e_ipv6=AQILJ4MS7B0WXwAAAYUQkwwcs4-Tb9an4RF5y...
0
265 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1084961&time=1671020349651&url=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&liSync=true&e_ipv6=AQILJ4MS7B0WXwAAAYUQkwwcs4-Tb9an4RF5yMuddYCyWTGb4uaTEGK0Il8UYLqKPOZhdL0xKa9d
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:10 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: CF394DAFDF484BF6A2A4BD50F2C95809 Ref B: FRAEDGE1113 Ref C: 2022-12-14T12:19:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvyL5rdn90F5sEC+j7/g==

Redirect headers

date
Wed, 14 Dec 2022 12:19:09 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 141AFE8C51BA4C7B9203BD80845467BB Ref B: FRAEDGE1207 Ref C: 2022-12-14T12:19:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1084961&time=1671020349651&url=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&liSync=true&e_ipv6=AQILJ4MS7B0WXwAAAYUQkwwcs4-Tb9an4RF5yMuddYCyWTGb4uaTEGK0Il8UYLqKPOZhdL0xKa9d
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvyL5nJdgaqaaR45x27w==
schemaFilter.bundle.debb169c1abb431faaa6.js
cdn.segment.com/analytics-next/bundles/
2 KB
1 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/2tJDk4jy8UFKAKapDttA2SldVvoPKvn2/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.90.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-90-76.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 20:50:32 GMT
x-amz-version-id
U1.b7jA7DA5XfOYKki_5XMbemj_8ZWzM
content-encoding
gzip
via
1.1 f746a613a6247a8dda339ff5d3973662.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C1
age
142118
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 22:35:44 GMT
server
AmazonS3
etag
W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
4vIsYXn1i3W_k1LS3_FHTFNnqc_iFRsfnzUFCLYHh2USZ2Q1oglo6Q==
index.js
s.adroll.com/j/exp/AX2ICKJHJVENZKINIAVMPB/
38 B
795 B
Script
General
Full URL
https://s.adroll.com/j/exp/AX2ICKJHJVENZKINIAVMPB/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/AX2ICKJHJVENZKINIAVMPB/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:7000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6c19d4ee9832249a4a542057fe1cda984efb525973cb294831ec5ecc42367f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

X-Amz-Version-Id
ctON75U9KLWtC46FWu.LUjlzugBnERwT
Date
Tue, 13 Dec 2022 20:43:13 GMT
Via
1.1 82ded7662ff2806d716068ef52891c6a.cloudfront.net (CloudFront)
Age
56156
X-Amz-Cf-Pop
MXP64-C2
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
38
Last-Modified
Thu, 01 Dec 2022 00:26:36 GMT
Server
AmazonS3
Etag
"f5a64db38c4218cefe3f9d7531faf9a1"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
zXJPxu5Aq76KvgUTjkX7CWx4940SmurRbUMmAOkBizedsmJRqrAHrA==
pica.js
nexo.io/cdn-cgi/challenge-platform/h/b/scripts/ Frame 7085
22 KB
10 KB
Other
General
Full URL
https://nexo.io/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee25d51f2e8b9e40d19f41c3a8df78079a44c494e4ce0cb0c307ec003273ccde

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7796e2e1687b9a3f-FRA
collect
stats.g.doubleclick.net/j/
4 B
151 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-107280697-8&cid=553640448.1671020350&jid=841142450&gjid=986375774&_gid=1808827196.1671020350&_u=aCDAgEAjQAAAAEAAI~&z=1946449145
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nexo.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 14 Dec 2022 12:19:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nexo.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=148316849&t=pageview&_s=1&dl=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&ul=en-us&de=UTF-8&dt=Referral%20Program%20%E2%80%93%20Sign%20up%20%26%20Earn%20%2425%20in%20BTC%20%E2%80%A2%20Nexo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEAjQAAAAAAAI~&jid=841142450&gjid=986375774&cid=553640448.1671020350&tid=UA-107280697-8&_gid=1808827196.1671020350&gtm=2wgbu0NWGJNHR&z=1408233590
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 23:01:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47840
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=148316849&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&ul=en-us&de=UTF-8&dt=Referral%20Program%20%E2%80%93%20Sign%20up%20%26%20Earn%20%2425%20in%20BTC%20%E2%80%A2%20Nexo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Debug&ea=bot&el=no&_u=aCDAgEAjQAAAAEAAI~&jid=&gjid=&cid=553640448.1671020350&tid=UA-107280697-8&_gid=1808827196.1671020350&gtm=2wgbu0NWGJNHR&z=1626040916
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 23:01:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47840
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
otFloatingRoundedIcon.json
cdn.cookielaw.org/scripttemplates/6.37.0/assets/
16 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/otFloatingRoundedIcon.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
3zZxdmMMHi/sK1vxAPoYhg==
age
26512
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3803
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:49 GMT
server
cloudflare
etag
0x8DA6BAB4CDDBD4A
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
dd3281d4-e01e-00d4-329f-9d91c6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7796e2e18d9c9a3b-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.37.0/assets/v2/
63 KB
14 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ea7d0808ff8988ec025b9675e9db94b104f5dbd2b6401b69a8d722b9c74022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
j4ieckDZMpt9B7yyzJLyBQ==
age
18191
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13981
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:51 GMT
server
cloudflare
etag
0x8DA6BAB4DD936C7
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
511c7810-301e-0151-4fa6-9d8046000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7796e2e18d9e9a3b-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.37.0/assets/
22 KB
5 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Dec 2022 12:19:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
TLLtdkuMahUQRVIfmZNHNw==
age
18191
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:28:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
648be83b-701e-0174-619f-9d18f5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7796e2e18da09a3b-FRA
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame B0AE
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-939942.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-122.fra2.r.cloudfront.net
Software
/
Resource Hash
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://nexo.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1811343
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 13:10:06 GMT
etag
"e0652b84b7b3b650769c759fc520c3f8"
last-modified
Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-amz-cf-id
WKhUhRY54sBBDcqvDJog4kRMS_JhM5Uhe0u2Or769ANyx6HSqhskHg==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-robots-tag
none
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-107280697-8&cid=553640448.1671020350&jid=841142450&_u=aCDAgEAjQAAAAEAAI~&z=41447065
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:19:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-107280697-8&cid=553640448.1671020350&jid=841142450&_u=aCDAgEAjQAAAAEAAI~&z=41447065
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:19:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
events.eu1.segmentapis.com/v1/
21 B
168 B
Fetch
General
Full URL
https://events.eu1.segmentapis.com/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/2tJDk4jy8UFKAKapDttA2SldVvoPKvn2/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.152.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-152-190.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://nexo.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nexo.io
date
Wed, 14 Dec 2022 12:19:09 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
adsct
t.co/i/
43 B
377 B
Image
General
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=8d904094-873d-4b6f-9146-77864f79bb6e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=48577cbf-296a-48c1-a034-604ac33195bb&tw_document_href=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyv4q&type=javascript&version=2.3.29
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time
103
date
Wed, 14 Dec 2022 12:19:09 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
47ab644cc93f58ba
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ed67cf37d01f628afea368ef8654c149d119532fa515e1b3cac2a5cb94b5a5e2
content-length
43
adsct
analytics.twitter.com/i/
0
0

adsct
t.co/i/
43 B
202 B
Image
General
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=18cccda3-8841-49b5-8bd4-0506153acc12&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=48577cbf-296a-48c1-a034-604ac33195bb&tw_document_href=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o51kx&type=javascript&version=2.3.29
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time
109
date
Wed, 14 Dec 2022 12:19:09 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
8c7aaa60115cea59
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ed67cf37d01f628afea368ef8654c149d119532fa515e1b3cac2a5cb94b5a5e2
content-length
43
adsct
analytics.twitter.com/i/
0
0

poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/
3 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Dec 2022 12:19:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
LpuayL42jB78xRllx0vkOw==
age
36564
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 20:24:11 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
bada3786-c01e-0087-7a59-0f8dc9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7796e2e28e5fbba1-FRA
AX2ICKJHJVENZKINIAVMPB
d.adroll.com/consent/check/
466 B
559 B
Script
General
Full URL
https://d.adroll.com/consent/check/AX2ICKJHJVENZKINIAVMPB?pv=96078738553.80385&arrfrr=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&_s=1168769cad1d5e18defe816a73928232&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/AX2ICKJHJVENZKINIAVMPB/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:993f:ea25:2984:885d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
cc040cc51297a8346df93add1b4a856a26b51c59c7254366289770df35e72f2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:10 GMT
server
nginx/1.22.0
content-length
466
content-type
application/javascript
main.MWI5ZjkwYWMwMA.js
analytics.tiktok.com/i18n/pixel/static/
234 KB
65 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C51FB6JMLFUNS6NQ60N0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ee3a94394da6a061c63b8c4333b600ce2720480a2ab8a80b3df720b2294deaf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id
271aa80f
date
Wed, 14 Dec 2022 12:19:09 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20221213140526DB49AEC5711B342C1D09
vary
Accept-Encoding
x-cache
TCP_HIT from a92-123-70-42.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018a6472036dfc57485384f8792aa6da623d594f80e4bb061ba1a5bbaeab7ef97e68ba49a9afdd02337f769ec864db01fa2a901d83b39be9a9754d1a05a06cd3d1249d18dcc925960319a41f9af0e338c2
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
66245
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1747782152184319&ev=PageView&dl=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&rl=&if=false&ts=1671020349919&sw=1600&sh=1200&v=2.9.89&r=canary&a=tmgoogletagmanager&ec=0&o=28&ttf=1822.8999996185303&tts=1504.5&ttse=1820.5&fbp=fb.1.1671020349918.1192690142&it=1671020349603&coo=false&exp=a1&rqm=GET
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Dec 2022 12:19:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
visit-data
in.hotjar.com/api/v2/client/sites/939942/
147 B
322 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/939942/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e446dd48ad4c173d0779.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.187.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-187-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
281d704874a4f296b2e6ec2fcd9464321440a876204662f267df4b0347aff7ca

Request headers

Referer
https://nexo.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 12:19:10 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
7796e2d81ce59a3f
nexo.io/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 7085
2 B
413 B
XHR
General
Full URL
https://nexo.io/cdn-cgi/challenge-platform/h/b/cv/result/7796e2d81ce59a3f
Requested by
Host: nexo.io
URL: https://nexo.io/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1671019200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 12:19:10 GMT
content-encoding
gzip
server
cloudflare
cf-ray
7796e2e44e659a3f-FRA
content-type
text/plain; charset=UTF-8
identify_a213e.js
analytics.tiktok.com/i18n/pixel/static/
114 KB
31 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_a213e.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-akamai-request-id
271aa954
date
Wed, 14 Dec 2022 12:19:10 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2022121314052605503AF28DE6A8272F5D
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a92-123-70-42.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018a6472036dfc57485384f8792aa6da623d594f80e4bb061ba1a5bbaeab7ef97e854c1807918a912428c2e29bcdc8d9b75a6c177f8870f118ff08d06195510d59b8185370730c274dd6f22b46d7815aec
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length
30902
pixel
analytics.tiktok.com/api/v2/
0
691 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI5ZjkwYWMwMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nexo.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
50bd5aee.271aa957
date
Wed, 14 Dec 2022 12:19:10 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a92-123-70-42.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time
105,92.123.70.42
server-timing
cdn-cache; desc=MISS, edge; dur=92, origin; dur=17, inner; dur=15
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2022121412191061C741A83D69995CBD7A
x-cache-remote
TCP_MISS from a23-220-104-204.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
17,23.220.104.204
x-tt-trace-host
010df6296fdbb6dbd3dbc52f3fcb2de0d7cb97c53a76930924002b05eacc47d1f51a2c22df0c538eb74d4e08d8db6b3accfb23b6b2b286d9b8e039ece58fc39f93e6590f0c3d4fac268d550262f87d0dad3160e5fd7a32625eef055d593a1b8149
expires
Wed, 14 Dec 2022 12:19:10 GMT
is
100.20.58.101/
0
0

esw.html
service.force.com/embeddedservice/5.0/ Frame 7DF7
194 B
1 KB
Document
General
Full URL
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://nexo.io/ref/ragdrlweop?src=web-link
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.2.166 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nexo.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
public,max-age=86400
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html;charset=UTF-8
Date
Wed, 14 Dec 2022 12:19:10 GMT
Expires
Thu, 15 Dec 2022 12:19:10 GMT
Last-Modified
Fri, 02 Aug 2019 08:43:42 GMT
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
eswFrame.min.js
service.force.com/embeddedservice/5.0/ Frame 7DF7
5 KB
2 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.2.166 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
9ba7853e578c8036077b1780006fc85ee9ba730046884b4f20ebc25e887c6a6e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://nexo.io/ref/ragdrlweop?src=web-link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:07:43 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 06 Oct 2022 23:36:44 GMT
Content-Encoding
gzip
Age
687
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
1889
X-XSS-Protection
1; mode=block
Expires
Thu, 15 Dec 2022 12:07:43 GMT
st
px.mountain.com/
2 KB
2 KB
Script
General
Full URL
https://px.mountain.com/st?ga_tracking_id=UA-107280697-8&ga_client_id=553640448.1671020350&shpt=Referral%20Program%20%E2%80%93%20Sign%20up%20%26%20Earn%20%2425%20in%20BTC%20%E2%80%A2%20Nexo&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-107280697-8%22%2C%22ga_client_id%22%3A%22553640448.1671020350%22%2C%22shpt%22%3A%22Referral%20Program%20%E2%80%93%20Sign%20up%20%26%20Earn%20%2425%20in%20BTC%20%E2%80%A2%20Nexo%22%2C%22dcm_cid%22%3A%221671020349.1%22%2C%22dcm_gid%22%3A%221808827196.1671020350%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getTrackingIdByGA%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1671020349.1&dcm_gid=1808827196.1671020350&dxver=4.0.0&shaid=33615&plh=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&cb=70430728839577730term%3Dvalue
Requested by
Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33615&tdr=&plh=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&cb=70430728839577730term=value
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.37.218.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-218-4.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
b5f7263c41ee306097fa7992584792e243ad7ddb55c48717a4b99e2a500215f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:11 GMT
content-encoding
gzip
server
istio-envoy
transfer-encoding
chunked
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time
2
connection
close
session.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 7DF7
2 KB
1 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.2.166 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://nexo.io/ref/ragdrlweop?src=web-link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:10:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 02 Mar 2021 18:51:46 GMT
Content-Encoding
gzip
Age
514
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
768
X-XSS-Protection
1; mode=block
Expires
Thu, 15 Dec 2022 12:10:36 GMT
broadcast.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 7DF7
2 KB
1 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.2.166 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://nexo.io/ref/ragdrlweop?src=web-link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:10:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 18 Feb 2021 00:07:24 GMT
Content-Encoding
gzip
Age
514
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
779
X-XSS-Protection
1; mode=block
Expires
Thu, 15 Dec 2022 12:10:36 GMT
chasitor.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 7DF7
23 KB
5 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.2.166 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
6497c23700ad2835951df9c4fbe73b575fc55d7b95d2415e7b76ca03032c80a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://nexo.io/ref/ragdrlweop?src=web-link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:12:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 09 Dec 2022 15:50:32 GMT
Content-Encoding
gzip
Age
405
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
5096
X-XSS-Protection
1; mode=block
Expires
Thu, 15 Dec 2022 12:12:26 GMT
EmbeddedServiceConfig.jsonp
d.la2-c1-fra.salesforceliveagent.com/chat/rest/EmbeddedService/
16 KB
4 KB
Script
General
Full URL
https://d.la2-c1-fra.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D2p00000149P9&EmbeddedServiceConfig.configName=Nexo_Embedded_Chat_with_SF_bot&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.154.122 Frankfurt am Main, Germany, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl5-ncg0-fra3.la2-c1-fra.salesforceliveagent.com
Software
/
Resource Hash
2f9c05bf35545cf5191cb07f3bc47ca0f87710f5f1c073e8a55fc369f8f0a958
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
invite.esw.min.js
service.force.com/embeddedservice/5.0/client/
19 KB
5 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.2.166 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:14:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 24 Sep 2021 16:25:36 GMT
Content-Encoding
gzip
Age
288
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
4540
X-XSS-Protection
1; mode=block
Expires
Thu, 15 Dec 2022 12:14:23 GMT
truncated
/
3 KB
3 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer
https://service.force.com/
Origin
https://nexo.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
application/octet-stream
Settings.jsonp
d.la2-c1-fra.salesforceliveagent.com/chat/rest/Visitor/
344 B
676 B
Script
General
Full URL
https://d.la2-c1-fra.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5737S0000004CAA]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5727S000000Gma9&org_id=00D2p00000149P9&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.154.122 Frankfurt am Main, Germany, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl5-ncg0-fra3.la2-c1-fra.salesforceliveagent.com
Software
/
Resource Hash
677ed4eee14bbbd1f831092a90af63d6bb5c3d59c2e5970a7d1c86b52715ee88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
inert.min.js
service.force.com/embeddedservice/5.0/utils/
8 KB
3 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/utils/inert.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.2.166 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:12:50 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding
gzip
Age
381
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
2469
X-XSS-Protection
1; mode=block
Expires
Thu, 15 Dec 2022 12:12:50 GMT
filetransfer.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 7DF7
473 B
743 B
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/frame/filetransfer.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.2.166 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://nexo.io/ref/ragdrlweop?src=web-link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:07:43 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding
gzip
Age
688
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
231
X-XSS-Protection
1; mode=block
Expires
Thu, 15 Dec 2022 12:07:43 GMT
gs
gs.mountain.com/
144 B
733 B
Script
General
Full URL
https://gs.mountain.com/gs
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.81.162.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-162-201.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
791f0125346c5deaabc42ba4fa77bd64565785e29131592cbc600c126355bb8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:12 GMT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
1
connection
close
access-control-allow-headers
Accept, Content-Type, x-requested-with, X-Custom-Header
content-length
144
x-application-context
application:prod:8080
st
px.mountain.com/
2 KB
1 KB
Script
General
Full URL
https://px.mountain.com/st?ga_tracking_id=UA-107280697-8&ga_client_id=553640448.1671020350&shpt=Referral%20Program%20%E2%80%93%20Sign%20up%20%26%20Earn%20%2425%20in%20BTC%20%E2%80%A2%20Nexo&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-107280697-8%22%2C%22ga_client_id%22%3A%22553640448.1671020350%22%2C%22shpt%22%3A%22Referral%20Program%20%E2%80%93%20Sign%20up%20%26%20Earn%20%2425%20in%20BTC%20%E2%80%A2%20Nexo%22%2C%22dcm_cid%22%3A%221671020349.1%22%2C%22dcm_gid%22%3A%221808827196.1671020350%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getTrackingIdByGA%22%3A%22OK%22%2C%22getClientIdByGA%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1671020349.1&dcm_gid=1808827196.1671020350&dxver=4.0.0&shaid=33615&plh=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&cb=1671020351603770&shguid=353b124b-8654-3fb7-9dfd-f25e85f00a0c&shgts=1671020352389
Requested by
Host: nexo.io
URL: https://nexo.io/ref/ragdrlweop?src=web-link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.37.218.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-218-4.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nexo.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:19:12 GMT
content-encoding
gzip
server
istio-envoy
transfer-encoding
chunked
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time
14
connection
close

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.twitter.com
URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=8d904094-873d-4b6f-9146-77864f79bb6e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=48577cbf-296a-48c1-a034-604ac33195bb&tw_document_href=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nyv4q&type=javascript&version=2.3.29
Domain
analytics.twitter.com
URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=18cccda3-8841-49b5-8bd4-0506153acc12&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=48577cbf-296a-48c1-a034-604ac33195bb&tw_document_href=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o51kx&type=javascript&version=2.3.29
Domain
100.20.58.101
URL
https://100.20.58.101/is

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| oncontentvisibilityautostatechange object| OneTrustStub function| OptanonWrapper object| dataLayer object| analytics object| langbar object| webpackChunk function| IMask object| google_tag_manager object| google_tag_data object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext string| GoogleAnalyticsObject function| ga string| qp function| hj object| _hjSettings object| GooglebQhCsO string| _linkedin_data_partner_id function| obApi string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| twq function| rdt function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq object| embedded_svc string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData function| initESW undefined| s function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_optimize object| gaData function| lintrk boolean| _already_called_lintrk function| __adroll__ string| adroll_sid object| __adroll boolean| adroll_sendrolling_cross_device object| adroll_form_fields function| adroll_tpc_callback object| Optanon object| OneTrust object| regeneratorRuntime object| twttr object| __adroll_consent_data object| adroll_exp_list object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country string| dcm_cid undefined| dcm_tid undefined| dcm_gid object| irongate object| mntn

36 Cookies

Domain/Path Name / Value
nexo.io/ Name: referer
Value:
.nexo.io/ Name: _gcl_au
Value: 1.1.1333720453.1671020349
.nexo.io/ Name: _ga_9PLS786W8X
Value: GS1.1.1671020349.1.0.1671020349.60.0.0
.nexo.io/ Name: _ga_WCQVMDL2Y6
Value: GS1.1.1671020349.1.0.1671020349.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.nexo.io/ Name: _rdt_uuid
Value: 1671020349607.02b3263b-f013-4c8c-b445-dde340e954ac
.nexo.io/ Name: _ga
Value: GA1.2.553640448.1671020350
.nexo.io/ Name: _gid
Value: GA1.2.1808827196.1671020350
.nexo.io/ Name: _dc_gtm_UA-107280697-8
Value: 1
.nexo.io/ Name: ajs_anonymous_id
Value: 7facc656-6931-475f-ae6e-14c5682e6b73
.tiktok.com/ Name: _ttp
Value: 2Iu8wyMtxUAPg7qse2gaHHTIcIg
.nexo.io/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Dec+14+2022+12%3A19%3A09+GMT%2B0000+(GMT)&version=6.37.0&isIABGlobal=false&hosts=&consentId=7e16ce61-1838-46a0-ba45-f78880f3ed84&interactionCount=0&landingPath=https%3A%2F%2Fnexo.io%2Fref%2Fragdrlweop%3Fsrc%3Dweb-link&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.nexo.io/ Name: ln_or
Value: d
.nexo.io/ Name: _fbp
Value: fb.1.1671020349918.1192690142
.nexo.io/ Name: _hjSessionUser_939942
Value: eyJpZCI6IjJiMDJhNmI4LWRmM2MtNWEwZC1hNDNkLWU1MDFmNmYwYWUxYiIsImNyZWF0ZWQiOjE2NzEwMjAzNDk4OTMsImV4aXN0aW5nIjpmYWxzZX0=
.nexo.io/ Name: _hjFirstSeen
Value: 1
nexo.io/ Name: _hjIncludedInSessionSample
Value: 0
.nexo.io/ Name: _hjSession_939942
Value: eyJpZCI6ImIwMzU4ZWQ4LWUzNTEtNDkxYS1hZGFlLTljNzYyZmYzZmU4OCIsImNyZWF0ZWQiOjE2NzEwMjAzNDk5MjIsImluU2FtcGxlIjpmYWxzZX0=
nexo.io/ Name: _hjIncludedInPageviewSample
Value: 1
.nexo.io/ Name: _hjAbsoluteSessionInProgress
Value: 0
.linkedin.com/ Name: UserMatchHistory
Value: AQL3x6xwZrRADgAAAYUQkwmww63wdwMhzgu3p5hAAcR-PAMhEAeRDyARIKjVAS8IRpXsFI4S-5fd2A
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIfX5Emx1XnPAAAAYUQkwmw4JL4_ys3QAd3tuYklCK_m6mHQZtfpvgdnfmk8ym5FByWdtpe_klf4yQfkZ6org
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&24ede9b7-9c2b-403d-8be1-f156dc11cd28"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2437:u=1:x=1:i=1671020349:t=1671106749:v=2:sig=AQHI2IvYyrJQ_nc-cX2u8yC4a_uac32r"
.t.co/ Name: muc_ads
Value: 32ce1d9d-9116-44b0-9a69-1912fe75f40c
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202212141219103cc2f2ed-c36f-493d-8309-5b99d1bc6181AQHijOPFGvaFnOw7FGDC2f5SJfyeTVZU"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzEwMjAzNTA7MjswMjEsopcX7LkxgQP0FQlqmX0ebzOItl9Y5MOeEoyaApuJZA==
.nexo.io/ Name: _tt_enable_cookie
Value: 1
.nexo.io/ Name: _ttp
Value: y_amrYPPjGZuunUWJB6lmOj6jr_
nexo.io/ Name: outbrain_cid_fetch
Value: true
.nexo.io/ Name: __cf_bm
Value: ixwzuZEHPlDJjz.2jgLifpbKAEJ5v0hqZ4IPSDJ6fMc-1671020350-0-AbGcoBhzxLIJdSKvFD8wH8Rr9sx45YIOrR6wzgU3i0zwG64WEjjfon4DeqZsupd31ekk6C8N+teK+oxkAzcPsP8pys04RCsVn6gs4ZM/NFGEqZ9szknsTQxd3k6gptvOGx1NgicVu+i8YI7xPtbr7TfH5+UMfJ3ea401g+1d4jTqhRgDkZ3L2jspRmoB9oLJKQ==
.force.com/ Name: BrowserId_sec
Value: g8S2-HupEe2IGIPeZoCdPg
.mountain.com/ Name: guid
Value: 8433cc81-7ba9-11ed-879b-2d23e5172a65
.px.mountain.com/ Name: tt
Value: H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://platform.nexo.io/
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100.20.58.101
alb.reddit.com
amplify.outbrain.com
analytics.tiktok.com
analytics.twitter.com
cdn.cookielaw.org
cdn.linkedin.oribi.io
cdn.segment.com
connect.facebook.net
d.adroll.com
d.la2-c1-fra.salesforceliveagent.com
dx.mountain.com
events.eu1.segmentapis.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gs.mountain.com
in.hotjar.com
nexo.io
px.ads.linkedin.com
px.mountain.com
px4.ads.linkedin.com
q.quora.com
region1.analytics.google.com
region1.google-analytics.com
s.adroll.com
script.hotjar.com
service.force.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tr.outbrain.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
100.20.58.101
analytics.twitter.com
104.244.42.69
13.107.42.14
13.224.189.122
13.224.189.97
13.225.78.14
146.75.116.157
151.101.1.140
161.71.2.166
2001:4860:4802:34::36
23.54.61.117
2600:9000:2134:7000:6:9280:1080:93a1
2600:9000:225f:6000:2:53b2:240:93a1
2606:4700::6810:9440
2606:4700::6812:1a55
2606:4700::6812:1c15
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:400c:c08::9b
2a02:26f0:3500:16::215:14a0
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:600::396
2a05:d018:cc3:fe05:993f:ea25:2984:885d
35.81.162.201
35.83.209.52
44.194.108.63
52.31.187.71
52.37.218.4
54.72.152.190
70.42.32.63
85.222.154.122
95.101.111.42
99.86.90.76
0063cb5798dee733f2033f349ff88a2ab10f0cfd303c7780a196cd84cc46c84f
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
02ea7d0808ff8988ec025b9675e9db94b104f5dbd2b6401b69a8d722b9c74022
065cc2a79ed5890cf8ac453fa6c5649226a0b7c920427f3bf7be8eed9c88cdd2
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
1259e9177207d0ee55cc1daa042b1fa96e974dabd1e39ca6dd29984b7d38d1d2
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13df6e830b438d6f38d12ca4475423b7177bfc6434676e862221994c1ceca62a
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
1ccdc085b5be138822c5352d11f93edad63feaf4a7cbcac15314705a863492e7
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d4aebf436750e394d9f1fd9c4ce92d12fe04012bfe4c9440f92a95ec69d6e92
1dcc1102a960f58e62284b54ab4ee57e92a7462795e7164f5b0d9126462a0e47
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2405ef0444f83d8db330313da92739cda43444839120fcbeedadf8baa9eaad25
253b79f91f39edade4630d26a6770076d7016624fe41fe834986232c1404962a
25fbed454e234c46ceb2d7287a1d4a401c4302c56d1fc30b976a461e4d0b211b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
281d704874a4f296b2e6ec2fcd9464321440a876204662f267df4b0347aff7ca
28e7e652bdb6c55c2347e51f218cacfca5645711fa919dc879b25a5c88991aed
2f9c05bf35545cf5191cb07f3bc47ca0f87710f5f1c073e8a55fc369f8f0a958
31ca3697192a1ede5cd4328f960e10ec699668cf8b3a150fdc9145ecbd70a4c7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
36bb568f7ea587228bac2fe3109988061dfb3608fa52bb874f96c4ae1f3f8ac1
3db86cab48a4c54d98025978c81d83818ee64c8767891e703a0ed550b0323b5f
3f4c60011590f30394b37320c277fd7d85360e1cced209f167700efe16f7a26a
42209bbbdca8c2accb4fa9d64076fc20c575a8afb74b8d4cc6db0456179e60a3
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
4248a2b9d69f379c5fa4490bececd8f164e51b94a773519eee2475a3641813ef
4835df3816812fe7f7fb79d9c40a23f77478680d9bef731cd737a4a3eaa0f958
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c09d17405fc079c641533fb989b284d6b25fe4a402017701cfbf0d22b31611
598684d34af3e0b2f2be1338d0bd066877b6df4e4588c3daae0813f59bd1f419
5c12916f87e5480d9afd5ca2a44cea7f1ccd62896cba9a68f57c748db787bad7
5db6866f2c8068fb346729eaf83b9af903a99ddea3748b259328501b326c57e8
5dc63e5408de810bbef2e435e2ec5438c0a3c398f702b8e9bf09aeb79816974d
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
6497c23700ad2835951df9c4fbe73b575fc55d7b95d2415e7b76ca03032c80a5
65de48e1ac82d50b1f5011809116ef7f67653eb6a57dbe2f5badb7d4ee1d506e
666e3742d75ea3563abe5c55d47b058f229562a855bacdb2658c65ecc9b01d1e
677ed4eee14bbbd1f831092a90af63d6bb5c3d59c2e5970a7d1c86b52715ee88
699d7fc443dd3dd626280d50ec357a6670f977180a68afc29a97da60449640a6
6ba57c9340ba6d208ec06cbbee776ff4445c28da00f34159fb598425f7b0ef1c
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
6efdc0e5ca2160df3238c77b693626b94119fbf8057f32d1377e1e9135ee3e3d
7108f6fae7f607ce481a04968f681e82ab8da4c594485526822f0cf9b5fbcda1
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
7607086138634ad8c01872e8955563222d8d26423f9e2a4a2d9684f4543833bf
78248d5bc4df0d1bfa0513be07054e09be971046a307982926142c69ce3e35ec
791f0125346c5deaabc42ba4fa77bd64565785e29131592cbc600c126355bb8a
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
8030cbc787a4222e4ee0df94451e40a734337045371ec211f2ff5646113702ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843a712f28b39b5c7534e883d9d4d0226dcc518f24bc5f54c1545af40722ee71
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859f7ebe1da569f7f954700254e235ea016997d7894b9a8eef6d1dabe8e4b9f7
86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda
87b17f00e90160683856ab41e85365971aa258d53ac36de77aec5fae28e131ce
891c693ce3d3cf4785ef8ce23e9acad133d41dd2b4586d0a5f8d8b0571f913b7
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9ba7853e578c8036077b1780006fc85ee9ba730046884b4f20ebc25e887c6a6e
9f32e7b9ca8cd76dcbd204adfe62bdad13cdd6ff6db014f330caa40a0d90caad
aab0f469772ea7978d8a7131916233a86eff96a6107407967247ddef606341ed
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adbeb79adfc3f39729eb6573b8b933723e9730839df8df19ddbede8f0defbf18
ae4ffe331f45342ad545b81a7dddf1d0651afd2ee44751cccf972d48de6a16e5
af2a12055662ea4b2423379031b2e10b0b38cb7002a893f7d33b5662ada50040
b0e5e7fa34238de7c181acc3ea13bc0b0e25686ba2fafb00eef0f65e0665986a
b330c71595a8f7ac054424440a0461508455b3b001703cae3e74392c351563b6
b40bb5876de4ac6004e27e444a491da61411611e9a481dba3b2ca88e487f5147
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5f7263c41ee306097fa7992584792e243ad7ddb55c48717a4b99e2a500215f8
b913284cc97fcdfe4c8fc0ab3dc70993cb903b5040e8053bde81fc25350b9874
ba53725be8a16b0680e5d5a798c88c5a3413104e785cb73b683e3d7ab6d57fb8
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
c59e9d8c45ca3b2ac497b0251592467e65832d5cd575ea32877c8e97b5c64eb8
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cc040cc51297a8346df93add1b4a856a26b51c59c7254366289770df35e72f2b
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d3e6e86d14d59d51dbca715f07aebdae0cb67013cc823de988f5824a1ce8398d
d69f268036b3545e930a8b74711a739e7e973debc9bd006841cbd2a558b44432
dadd40b75eba37528bf2cbd229cb1d79a40f4e3405ee497ab26fd9e6dd10f7cc
dea4db29da216f38839f5b87723ed2b7fd9e6e4cdb0d961ec95c2801c855de8b
df592448faeab448960b413837530e7d7846dcc9c24a74b1c213df2253f92654
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c19d4ee9832249a4a542057fe1cda984efb525973cb294831ec5ecc42367f7
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ee25d51f2e8b9e40d19f41c3a8df78079a44c494e4ce0cb0c307ec003273ccde
ee3a94394da6a061c63b8c4333b600ce2720480a2ab8a80b3df720b2294deaf5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f154ff8e09cf1791dea1d4fec7252688e904a8d0750ef35bbcee24e9fef647f6
f60a071ab1ac0253190075b86085c6b5efa15e521ec7e6aa2517a270e6a2ff68
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790
fd332999082308d8b3af0b317b1f0bde96f85fe159e6759fc7261d148175b77c
ff3bbb79364884f4e405fe61619d6939492e7894be5188976f24d7edb1213fd8