get.dtitrader.com Open in urlscan Pro
104.18.34.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2BXBgmlcNp...
Effective URL:
https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTE...
Submission: On November 18 via api (November 18th 2024, 2:38:38 am UTC) from BE — Scanned from DE

Summary HTTP 95 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 24 domains to perform 95 HTTP transactions. The main IP is 104.18.34.21, located in and belongs to CLOUDFLARENET, US. The main domain is get.dtitrader.com.
TLS certificate: Issued by E6 on October 20th 2024. Valid for: 3 months.

This is the only time get.dtitrader.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:286e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	2606:4700:310... 2606:4700:3108::ac42:2b0e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:6fdf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	192.190.221.37 192.190.221.37	32244 (LIQUIDWEB) (LIQUIDWEB)
4	104.18.34.21 104.18.34.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.86.4.38 99.86.4.38	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	18.245.33.62 18.245.33.62	16509 (AMAZON-02) (AMAZON-02)
4	99.86.4.81 99.86.4.81	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.2.109 151.101.2.109	54113 (FASTLY) (FASTLY)
1 2	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	141.193.213.10 141.193.213.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
2	20.57.85.160 20.57.85.160	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	141.226.228.48 141.226.228.48	200478 (TABOOLA-A...) (TABOOLA-AS Taboola.com ltd)
95	30

1 2606:4700:10::6816:286e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

email.analystratings.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3108::ac42:2b0e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.marketbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:6fdf (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.190.221.37 (United States) 1 redirects

ASN32244 (LIQUIDWEB, US)
PTR: cloudhost-4486585.us-midwest-2.nxcli.net

lp.prosperitypub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.34.21 (None, )

ASN13335 (CLOUDFLARENET, US)

get.dtitrader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-38.fra6.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.33.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-33-62.fra56.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.4.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-81.fra6.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.109 (San Francisco, United States)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.255 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

paid.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

prosperitypub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.57.85.160 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	marketbeat.com 1 redirects www.marketbeat.com — Cisco Umbrella Rank: 82779	241 KB
14	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 934 psb.taboola.com — Cisco Umbrella Rank: 6026 trc.taboola.com — Cisco Umbrella Rank: 763 trc-events.taboola.com — Cisco Umbrella Rank: 2914	48 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	822 KB
6	outbrain.com 1 redirects amplify.outbrain.com — Cisco Umbrella Rank: 3405 wave.outbrain.com — Cisco Umbrella Rank: 4277 tr.outbrain.com — Cisco Umbrella Rank: 3357 paid.outbrain.com — Cisco Umbrella Rank: 8676	13 KB
5	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 625 e.clarity.ms — Cisco Umbrella Rank: 8266	30 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	422 B
4	bing.net bat.bing.net — Cisco Umbrella Rank: 8327	705 B
4	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 29996	57 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	127 KB
4	dtitrader.com get.dtitrader.com	25 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	78 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 359	18 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 5669 onesignal.com — Cisco Umbrella Rank: 1761	73 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108
2	cloudfront.net d9hhrg4mnvzow.cloudfront.net	146 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 25566 app.unbounce.com Failed	44 KB
2	prosperitypub.com 1 redirects lp.prosperitypub.com prosperitypub.com — Cisco Umbrella Rank: 485580	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 10745	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	555 B
1	vimeocdn.com extend.vimeocdn.com — Cisco Umbrella Rank: 12029	6 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	31 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415	31 KB
1	analystratings.net 1 redirects email.analystratings.net — Cisco Umbrella Rank: 289291	715 B
95	24

	Domain	Requested by
16	www.marketbeat.com	1 redirects www.marketbeat.com
10	www.googletagmanager.com	get.dtitrader.com www.googletagmanager.com www.google-analytics.com
8	trc-events.taboola.com	cdn.taboola.com
4	www.facebook.com	get.dtitrader.com
4	bat.bing.net	bat.bing.com get.dtitrader.com
4	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
4	cdnjs.cloudflare.com	get.dtitrader.com cdnjs.cloudflare.com
4	get.dtitrader.com	www.marketbeat.com get.dtitrader.com
3	www.clarity.ms	bat.bing.com www.clarity.ms
3	connect.facebook.net	www.marketbeat.com connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com
2	e.clarity.ms	www.clarity.ms
2	trc.taboola.com	cdn.taboola.com
2	psb.taboola.com	cdn.taboola.com
2	tr.outbrain.com	1 redirects amplify.outbrain.com
2	amplify.outbrain.com	www.marketbeat.com amplify.outbrain.com
2	cdn.taboola.com	www.googletagmanager.com www.marketbeat.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	d9hhrg4mnvzow.cloudfront.net	get.dtitrader.com
2	builder-assets.unbounce.com	get.dtitrader.com
2	cdn.onesignal.com	www.marketbeat.com cdn.onesignal.com
1	prosperitypub.com
1	www.google.de	get.dtitrader.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	paid.outbrain.com	get.dtitrader.com
1	wave.outbrain.com	amplify.outbrain.com
1	extend.vimeocdn.com	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	code.jquery.com	get.dtitrader.com
1	onesignal.com	cdn.onesignal.com
1	lp.prosperitypub.com	1 redirects
1	ajax.googleapis.com	www.marketbeat.com
1	email.analystratings.net	1 redirects
0	app.unbounce.com Failed	get.dtitrader.com
95	35

This site contains links to these domains. Also see Links.

Domain
prosperitypub.com

Subject Issuer	Validity	Valid
marketbeat.com WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.onesignal.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
get.dtitrader.com E6	`2024-10-20` - `2025-01-18`	3 months	crt.sh
onesignal.com WE1	`2024-10-31` - `2025-01-29`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M02	`2024-11-09` - `2025-12-07`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M03	`2024-05-01` - `2025-05-31`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-27` - `2024-11-25`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-09-24` - `2025-10-26`	a year	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
prosperitypub.com E5	`2024-11-17` - `2025-02-15`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB
Frame ID: B256A4E4E1BA2420D4E8001F37B2FF87
Requests: 91 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fget.dtitrader.com
Frame ID: CEDE3813AD77DDE0E44498608C73ED0F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Genesis

Page URL History Show full URLs

https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dR... HTTP 302
https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&in... Page URL
https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&UserID=13091940&SubjectLineID=0&H... HTTP 301
https://lp.prosperitypub.com/go/sco/?af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_c... HTTP 302
https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

96 %
HTTPS

55 %
IPv6

24
Domains

35
Subdomains

30
IPs

5
Countries

1808 kB
Transfer

4856 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://prosperitypub.com/terms-of-service/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://prosperitypub.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2BXBgmlcNpGYCBdk-2B2X1t7LWcrGsAzDgESugn0yId4VAi0-2FSg50Hd3wsIp79mS0kNMAw8SFGcz4IG5BHggbUYEk2DfoWUh0ONtM4yuDkebs6O3dgfX-2FwOJ-2FadNrBC73-2F4Mw7cxT7ZZd0rqjkI3n8Va0F7vP2TKu80aJ7xVrBYV4UgO53CdZILGhGm6VgBy5DE5m3mzMabgaJfzyIyB2GU8u3jSomHWVWWg6VH5WMO8BDhXnWKmxAMuyj35PhesX1Ikh3S-2FL9Q0n9o9oBTwbRJalS-2Bv3kQQW1W9f0Nh-2FM46CXjZJcq-2BFW-2BdqMt2GobQRb86A3VfsiBaPkIlDtMNzwJdjA-3D-3D2r2Z_tUVFAbhJxF44ufbifaYzyYApcQooCC4WsuZoiwe419OD0yHdMJ7ViotlQBU7xIsyolT-2BJ5Gul2WcyqTw3meMz5YqzDnEbWBuhhuYmqph4S7Wz72x8Z6JJg6ftmvLOdC12QeM-2FRYiityjX2EJgEFRkXef93qCEXD7rHDJeEs1OUpnb3ZhxzG7rryzE9ddrk5LF7eAAMSOl-2Fv8zzx45HGNXJNIwcDO4XTn-2F0edTlB5nixoeM8xwjTlTcXDgelMALaF HTTP 302
https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail Page URL
https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&UserID=13091940&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail HTTP 301
https://lp.prosperitypub.com/go/sco/?af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_campaign=1731000143960vo01e&utm_source=MKB&utm_term=HLB&redirect=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F&sco=GEN01I&email=suspect@safeonweb.be HTTP 302
https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2BXBgmlcNpGYCBdk-2B2X1t7LWcrGsAzDgESugn0yId4VAi0-2FSg50Hd3wsIp79mS0kNMAw8SFGcz4IG5BHggbUYEk2DfoWUh0ONtM4yuDkebs6O3dgfX-2FwOJ-2FadNrBC73-2F4Mw7cxT7ZZd0rqjkI3n8Va0F7vP2TKu80aJ7xVrBYV4UgO53CdZILGhGm6VgBy5DE5m3mzMabgaJfzyIyB2GU8u3jSomHWVWWg6VH5WMO8BDhXnWKmxAMuyj35PhesX1Ikh3S-2FL9Q0n9o9oBTwbRJalS-2Bv3kQQW1W9f0Nh-2FM46CXjZJcq-2BFW-2BdqMt2GobQRb86A3VfsiBaPkIlDtMNzwJdjA-3D-3D2r2Z_tUVFAbhJxF44ufbifaYzyYApcQooCC4WsuZoiwe419OD0yHdMJ7ViotlQBU7xIsyolT-2BJ5Gul2WcyqTw3meMz5YqzDnEbWBuhhuYmqph4S7Wz72x8Z6JJg6ftmvLOdC12QeM-2FRYiityjX2EJgEFRkXef93qCEXD7rHDJeEs1OUpnb3ZhxzG7rryzE9ddrk5LF7eAAMSOl-2Fv8zzx45HGNXJNIwcDO4XTn-2F0edTlB5nixoeM8xwjTlTcXDgelMALaF HTTP 302
https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Request Chain 57

https://tr.outbrain.com/unifiedPixel?au=false&bust=02325957709038049&referrer=https%3A%2F%2Fwww.marketbeat.com%2F&cht=gtm&marketerId=0032ad3142d99057fb1224ac3c7e34ab43&name=PAGE_VIEW&dl=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&g=1&zone=euZone1&obApiVersion=1.1&obtpVersion=2.0.5 HTTP 302
https://paid.outbrain.com/network/trigger?trigger_data=0

95 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

redirect.aspx Show response
www.marketbeat.com/scripts/
Redirect Chain

https://email.analystratings.net/ls/click?upn=u001.WeKo-2BCuHku2kJmVIsYmGxteRO-2BqdkFdZns7E8OZ0trgZRhaAY0f4dRd5bGXo8w1-2BXBgmlcNpGYCBdk-2B2X1t7LWcrGsAzDgESugn0yId4VAi0-2FSg50Hd3wsIp79mS0kNMAw8SFGcz...
https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD...

5 KB
3 KB

211ms
159ms

Document
text/html

2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

5a0cf06464c134638ca5597c2d6979e3c0a16646117052c9269b689074557c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8e44958a0c8d3632-FRA
content-encoding: gzip
content-length: 2847
content-type: text/html; charset=utf-8
date: Mon, 18 Nov 2024 02:38:24 GMT
server: cloudflare
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8e44958848601cbd-FRA
content-type: text/html; charset=utf-8
date: Mon, 18 Nov 2024 02:38:24 GMT
location: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail
server: cloudflare
x-robots-tag: noindex, nofollow

GET
H2 200 Barlow-400.woff2
www.marketbeat.com/Style/fonts/ 21 KB
21 KB 59ms
55ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fonts/Barlow-400.woff2

Requested by

Host: www.marketbeat.com
URL: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Response headers

cf-cache-status: HIT
etag: "a6fc5c89788bda1:0"
age: 71254
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Apr 2024 18:54:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e44958b2ce83632-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21144
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 Barlow-500.woff2
www.marketbeat.com/Style/fonts/ 20 KB
21 KB 36ms
33ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fonts/Barlow-500.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Response headers

cf-cache-status: HIT
etag: "3039a889788bda1:0"
age: 82495
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Apr 2024 18:54:38 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e44958b2ce93632-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20960
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 Barlow-600.woff2
www.marketbeat.com/Style/fonts/ 21 KB
21 KB 60ms
56ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fonts/Barlow-600.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Response headers

cf-cache-status: HIT
etag: "3d43765175da1:0"
age: 68091
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: application/font-woff2
last-modified: Wed, 13 Mar 2024 14:16:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e44958b2cea3632-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21796
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 Barlow-700.woff2
www.marketbeat.com/Style/fonts/ 21 KB
21 KB 59ms
56ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fonts/Barlow-700.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Response headers

cf-cache-status: HIT
etag: "54672e8a788bda1:0"
age: 20628
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Apr 2024 18:54:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e44958b2ceb3632-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21724
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 Barlow-Condensed-500.woff2
www.marketbeat.com/Style/fonts/ 20 KB
20 KB 36ms
33ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fonts/Barlow-Condensed-500.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Response headers

cf-cache-status: HIT
etag: "62fb8c55175da1:0"
age: 3328
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: application/font-woff2
last-modified: Wed, 13 Mar 2024 14:16:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e44958b2cec3632-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20432
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 Barlow-Condensed-600.woff2
www.marketbeat.com/Style/fonts/ 21 KB
21 KB 37ms
34ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fonts/Barlow-Condensed-600.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Response headers

cf-cache-status: HIT
etag: "dc9c6b55175da1:0"
age: 86233
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: application/font-woff2
last-modified: Wed, 13 Mar 2024 14:16:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e44958b2ced3632-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21352
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 fa-regular-400.woff2
www.marketbeat.com/Style/fontawesome/webfonts/ 15 KB
15 KB 60ms
57ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fontawesome/webfonts/fa-regular-400.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ab2f779b241fd51e4c0356c96edc743e3937e6c9c501080e536a33fd703922ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Response headers

cf-cache-status: HIT
etag: "48275f59fd3da1:0"
age: 68594
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Jul 2024 21:23:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e44958b2cee3632-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15516
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 fa-solid-900.woff2
www.marketbeat.com/Style/fontawesome/webfonts/ 2 KB
2 KB 59ms
57ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fontawesome/webfonts/fa-solid-900.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

771350bc6fdd297030acb2cdc64e3d06c9e2ebb1fe38ab88bdd53c3add83dbf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Response headers

cf-cache-status: HIT
etag: "72a79459fd3da1:0"
age: 80733
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Jul 2024 21:23:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e44958b2cef3632-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1584
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 fa-brands-400.woff2
www.marketbeat.com/Style/fontawesome/webfonts/ 5 KB
5 KB 62ms
59ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fontawesome/webfonts/fa-brands-400.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d15aea2408195a5da3a49875fac7e584f3068dfe7fdb262f48a6fc05c9c48c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Response headers

cf-cache-status: HIT
etag: "162a3659fd3da1:0"
age: 80657
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Jul 2024 21:23:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e44958b2cf03632-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4764
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 custom-icons.woff2
www.marketbeat.com/Style/fontawesome/webfonts/ 11 KB
11 KB 61ms
58ms Font
application/font-woff2 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fontawesome/webfonts/custom-icons.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

98d16230356b70fd7563c3b57822a33519101d5ff8408e06778371a436c35c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.marketbeat.com
Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Response headers

cf-cache-status: HIT
etag: "a8af559fd3da1:0"
age: 78159
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: application/font-woff2
last-modified: Wed, 10 Jul 2024 21:23:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e44958b4d033632-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11472
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 fonts.css
www.marketbeat.com/Style/fonts/ 5 KB
668 B 61ms
59ms Stylesheet
text/css 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fonts/fonts.css?v=20240710

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4e289765f35b5ba01042d13c1a6d0e325b233f91552b8092f53b47f9dd8ad825

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "7edecb5efd3da1:0"
age: 73363
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: text/css
last-modified: Wed, 10 Jul 2024 21:23:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e44958b2cf13632-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 552
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 all.min.css
www.marketbeat.com/Style/fontawesome/css/ 27 KB
6 KB 61ms
59ms Stylesheet
text/css 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/fontawesome/css/all.min.css?v=20240710

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

54ae92531c5cb4a7e8c8f7240035894921a898c615e812ac4dd9ff6e0b5213a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "b62d2f5afd3da1:0"
age: 81618
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: text/css
last-modified: Wed, 10 Jul 2024 21:23:05 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=31536000
cf-ray: 8e44958b4d013632-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5886
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 allstyles10.css
www.marketbeat.com/Style/ 252 KB
65 KB 81ms
79ms Stylesheet
text/css 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marketbeat.com/Style/allstyles10.css?v=202411

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

132d8a44fa30ee1840095c4fcf4235886104a9e2f335ad99903744afba43a499

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Response headers

strict-transport-security: max-age=2592000
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: "d1282e55131db1:0"
age: 17144
cf-ray: 8e44958b4d023632-FRA
access-control-allow-origin: *
date: Mon, 18 Nov 2024 02:38:24 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Thu, 07 Nov 2024 20:16:15 GMT
vary: Accept-Encoding
server: cloudflare
x-powered-by: ASP.NET

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 83ms
27ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/

Response headers

content-encoding: gzip
age: 334789
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 05:38:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 05:38:35 GMT
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31017
x-xss-protection: 0
server: sffe

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 60ms
33ms Script
application/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
content-encoding: br
cf-cache-status: HIT
etag: W/"09282956186c8515ef0d208902803581"
age: 21
via: 1.1 google
cf-ray: 8e44958b48028fdd-FRA
expires: Thu, 21 Nov 2024 02:38:24 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: OneSignal-Subscription-Id

GET
H2 200 MarketBeat-logo-r-white.svg
www.marketbeat.com/images/master/ 4 KB
2 KB 81ms
80ms Image
image/svg+xml 2606:4700:3108::ac42:2b0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marketbeat.com/images/master/MarketBeat-logo-r-white.svg?v=2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f1c1b8cf0ccef4a39fe24c6d1f5f49dff7c54e5c1755047fb021b8747f1f9fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail

Response headers

strict-transport-security: max-age=2592000
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"366bc23b4daad61:0"
age: 464293
cf-ray: 8e44958b4d043632-FRA
access-control-allow-origin: *
date: Mon, 18 Nov 2024 02:38:24 GMT
x-xss-protection: 1; mode=block
content-type: image/svg+xml
last-modified: Sat, 24 Oct 2020 21:32:54 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H3 200 OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 284 KB
68 KB 37ms
36ms Script
application/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=259200
content-encoding: br
cf-cache-status: HIT
etag: W/"7e91359b46e1da637080a03b759164fa"
age: 2690
via: 1.1 google
cf-ray: 8e44958be8198fdd-FRA
expires: Thu, 21 Nov 2024 02:38:24 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: OneSignal-Subscription-Id

GET
H2

200

Primary Request / Show response
get.dtitrader.com/genesis-tom-sms-int/
Redirect Chain

https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&UserID=13091940&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC476...
https://lp.prosperitypub.com/go/sco/?af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_campaign=1731000143960vo01e&utm_sour...
https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_E...

34 KB
9 KB

225ms
107ms

Document
text/html

104.18.34.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.21 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfc8f63cc973b60de93a7c23762631ce8ae8835f1ba4c37f8003f2a586712942

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8e4495b1da1de51f-TXL
content-encoding: gzip
content-length: 8650
content-location: https://get.dtitrader.com/genesis-tom-sms-int/
content-security-policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
content-type: text/html; charset=utf-8
date: Mon, 18 Nov 2024 02:38:30 GMT
etag: "a:3c1e87e5907346399c67229d00d7e9e1"
link: <https://get.dtitrader.com/genesis-tom-sms-int/>; rel="canonical"
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-content-type-options: nosniff
x-unbounce-pageid: 3a6b8eff-6205-438a-8503-4880b8378289
x-unbounce-variant: a
x-unbounce-visitorid: 3c1e87e5-9073-4639-9c67-229d00d7e9e1

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Nov 2024 02:38:30 GMT
location: https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB
server: nginx
x-cache-nxaccel: BYPASS

GET
H3 200 web
onesignal.com/api/v1/sync/92d0557c-79b3-4742-9ab4-9155a42d6a49/ 3 KB
2 KB 61ms
33ms Script
text/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/92d0557c-79b3-4742-9ab4-9155a42d6a49/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.marketbeat.com/

Response headers

x-request-id: 8db1a14b-2ca7-4c71-92f0-6f0e3040f088
content-encoding: br
cf-cache-status: HIT
etag: W/"c1a1c986b02c76c773939be3b70db31f"
age: 2883
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 03:38:24 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 02:38:24 GMT
content-type: text/javascript; charset=utf-8
vary: Origin, Accept-Encoding
x-runtime: 0.039856
access-control-allow-headers: SDK-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=3600
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 google
cf-ray: 8e44958cae46dc5e-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 main-ebbfc5e.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 87ms
26ms Stylesheet
text/css 99.86.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://builder-assets.unbounce.com/published-css/main-ebbfc5e.z.css

Requested by

Host: get.dtitrader.com
URL: https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-38.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ebbfc5eb12dd3766d82cc8a2584d8bf9d2db1a8ead8c9d5f0e03d9ee4bac3389

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: gzip
etag: "54bf75d03e588470d1a76cdbd7ab5c1d"
x-amz-version-id: utZr4xtDVNV4ci6RrOc0u53V1VtRvrrG
age: 5197834
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: UeeMJ4Di-Hvh7kg-F3rea1Zk59g3BlZQn57PXXC69FkCJu9ku5gLMQ==
date: Wed, 18 Sep 2024 22:47:57 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 21:13:25 GMT
cache-control: max-age=31536000
referrer-policy: no-referrer
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2944
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 404 tb-image.original.png
get.dtitrader.com/assets/85b57f48-1bec-4908-8f84-5f30e58a476c/ 47 B
47 B 45ms
40ms Image
text/html 104.18.34.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://get.dtitrader.com/assets/85b57f48-1bec-4908-8f84-5f30e58a476c/tb-image.original.png?1730889059

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.21 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB

Response headers

content-security-policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-ray: 8e4495b2bb4ce51f-TXL
content-length: 47
date: Mon, 18 Nov 2024 02:38:30 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
31 KB 79ms
22ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: get.dtitrader.com
URL: https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://get.dtitrader.com
Referer: https://get.dtitrader.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d9d"
age: 420801
x-cache: HIT, HIT
date: Mon, 18 Nov 2024 02:38:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 8, 172019
x-served-by: cache-lga21931-LGA, cache-fra-etou8220083-FRA
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1731897511.877777,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30875
server: nginx

GET
H3 200 intlTelInput.min.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/ 19 KB
2 KB 58ms
30ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://get.dtitrader.com
Referer: https://get.dtitrader.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f902e27-4ad5"
age: 377798
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KS42WYGW4HU4buuGF29fhhbsPBPCBaueVrc1kNBUuY14qycWC8W9DfEymSX1H%2FoivEJZtS4O025J7pJ0pBR0Vt6BJr3tmdlZMkBfvYWVNF42eGT3G%2FABxey0WnI9KrxZzpGAFlkcKJoNUQdMHwUGqBiA"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 08 Nov 2025 02:38:30 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 02:38:30 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 21 Oct 2020 12:48:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e4495b2ca18367f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1820
server: cloudflare

GET
H2 200 786ffa188154a7a81202c5d108dc70f1e0214262.js Show response
get.dtitrader.com/_ub/static/ts/ 44 KB
15 KB 68ms
66ms Script
application/javascript 104.18.34.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.dtitrader.com/_ub/static/ts/786ffa188154a7a81202c5d108dc70f1e0214262.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.21 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

870e33c07dfab900ffc54747f4d21e61f6557c9ddf22ffd892624ae522b824cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB

Response headers

content-encoding: br
cf-cache-status: HIT
x-amz-version-id: Gs6AC.4YTqhBRS9cAYuxlXQ5U5YOYxx2
etag: W/"a29b73706e355af9cecf33791dd81c03"
age: 1964296
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 02:38:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: K5Pg0gpokCso5W0HZUMNY33hTlPyZ0qOif3mQT10xlDmnv36aZTNWA==
date: Mon, 18 Nov 2024 02:38:30 GMT
content-type: application/javascript
last-modified: Wed, 23 Oct 2024 21:59:14 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
referrer-policy: no-referrer
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
cf-ray: 8e4495b33bfde51f-TXL
x-amz-cf-pop: FRA56-C2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
98 KB 207ms
66ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-616425453

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6fac60646192456cc0ca24dddf4b4f5d23ed049aaa9066dfbf77073afefc18e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 18 Nov 2024 02:38:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 18 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99890
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 intlTelInput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ 29 KB
9 KB 60ms
32ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f902e0e-72d9"
age: 289606
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JC4gpxkL%2F0neh4LvsbNyiK%2FhgGrj7GVtM9S89gywNN99KoMs8ws8Dz9ZuFK3JifbehwGycIx3%2BlGqrvQfqbaO1mGpySUKtYhO4Vi9%2BGFtsUEdOWrf3veO1LHURCnbV%2Bh2gFO%2Fhb3C95jhjdOyTCpQgOR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 08 Nov 2025 02:38:30 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 02:38:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e4495b2cea4d280-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8889
server: cloudflare

GET
H2 200 main.bundle-ef43f79.z.js Show response
builder-assets.unbounce.com/published-js/ 138 KB
41 KB 39ms
38ms Script
application/javascript 99.86.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://builder-assets.unbounce.com/published-js/main.bundle-ef43f79.z.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-38.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ef43f79a4b7786a0bbaed0d9f169a48585838b4aad0d1e076fe8a2a92d16f07f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: gzip
etag: "59c747416fe6e8275df491b97242c673"
x-amz-version-id: q9wfXOSL2QRM8zmj2vWnPDqMxa.XqnJm
age: 5197833
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: YInAScAuhappv_YN0Magl6K48cNetiLtcOM0Se0J6lwg6vx_mBwa0A==
date: Wed, 18 Sep 2024 22:47:58 GMT
content-type: application/javascript
last-modified: Wed, 18 Sep 2024 21:13:21 GMT
cache-control: max-age=31536000
referrer-policy: no-referrer
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 41618
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET e8b13f04-1d93-4a49-8691-ced0821e303e
https://app.unbounce.com/ 0
0

GET da2b35ba-3679-4a2b-a743-0a92a03675cd
https://app.unbounce.com/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 366 KB
117 KB 164ms
36ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PL87DCP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

636292d0e2f72322fe721f58a13b869faceeb0242dc8c4e6602bfa4b558a07c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 18 Nov 2024 02:38:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 18 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 119074
x-xss-protection: 0
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H3 200 flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/ 69 KB
70 KB 118ms
117ms Image
image/png 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/flags.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.min.css

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f902e0e-114c9"
age: 292926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=akhuQkih3aiWz5D%2FN7U%2FUt6MMYHtkuA7dNT%2FLV%2F%2Boa%2F9i6K%2FCV2tLU7qu3DmW%2BqyF9m95aShKZzSEAjtO75eqJJFXar4o8ws%2BeARsv8aoj7K7kpkwCkcxtqwTizcbLMbgZH2Ct4gI1zeYHjPLYV%2FOuH9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 08 Nov 2025 02:38:30 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 02:38:30 GMT
content-type: image/png; charset=utf-8
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e4495b37f3ad280-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 70862
server: cloudflare

GET
H2 200 48137a9b-tb-bg-new_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.dtitrader.com/genesis-tom-sms-int/ 142 KB
143 KB 156ms
29ms Image
image/png 18.245.33.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.dtitrader.com/genesis-tom-sms-int/48137a9b-tb-bg-new_1000000000000000000028.png
Requested by: Host: get.dtitrader.com
URL: https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.33.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-33-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df372965cc39e768c022bdff15687ee6527dde447ac79facf95f848986c2fba6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cache-control: max-age=31557600
x-amz-version-id: mn37YYXM9ztaqj4bllC7DFSTFyaMhaXd
etag: "be9d7e29f42d717f60e11d4d7d9bafa5"
age: 72120
via: 1.1 2146d75cb402f16f98928cb19acf5ff6.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 145583
x-amz-cf-id: d5FfbRmDcNycfF9M8WDFPr7HmZ5PAcKOoXF2yGtlZUSKqNiFKl2jsQ==
date: Sun, 17 Nov 2024 06:36:31 GMT
content-type: image/png
last-modified: Thu, 14 Nov 2024 14:09:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256

POST
H2 200 i
get.dtitrader.com/_ub/ 2 B
250 B 444ms
442ms Ping
text/plain 104.18.34.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.dtitrader.com/_ub/i

Requested by

Host: get.dtitrader.com
URL: https://get.dtitrader.com/_ub/static/ts/786ffa188154a7a81202c5d108dc70f1e0214262.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.21 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB

Response headers

content-security-policy: default-src 'none'; style-src 'unsafe-inline'
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
referrer-policy: no-referrer
cf-ray: 8e4495b3cccbe51f-TXL
access-control-allow-origin: https://get.dtitrader.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
BLOB 200
OK 8917393f-1195-47e8-b7e4-c281229950fa
https://get.dtitrader.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://get.dtitrader.com/8917393f-1195-47e8-b7e4-c281229950fa
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-ef43f79.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 864f0c1802a7465b482adcd88aaf38cd752a29860a96e432cbc15e7164894d48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/css
Content-Length: 5475

GET
H2 200 css
fonts.ub-assets.com/ 5 KB
1 KB 108ms
24ms Stylesheet
text/css 99.86.4.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Montserrat:700,regular%7CPoppins:500italic,600

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-ef43f79.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-81.fra6.r.cloudfront.net

Software

Resource Hash

f423c2457eb5ca263566488398b3bed12887c4403dc4fcc8efb4ba7ed80dd9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: gzip
age: 63973
x-content-type-options: nosniff
x-amzn-requestid: cbaa2ca0-a245-4be5-8efe-885f312de4f2
x-cache: Hit from cloudfront
x-amz-cf-id: 6gGYNf_5gWwoRDbbgC-AyuRMH9qs0aXcDZv_HfgCK_0iGQqKF2xQQw==
date: Sun, 17 Nov 2024 08:52:18 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-amz-apigw-id: BYg-gEuZoAMEJ1A=
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6739aec2-6c2531ff3d4476455b2a879f
referrer-policy: no-referrer
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 672
x-xss-protection: 0
x-amz-cf-pop: FRA6-C1

GET
H2 200 88e69a52-logopp_107901g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.dtitrader.com/genesis-tom-sms-int/ 3 KB
3 KB 79ms
73ms Image
image/png 18.245.33.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.dtitrader.com/genesis-tom-sms-int/88e69a52-logopp_107901g000000000000028.png
Requested by: Host: get.dtitrader.com
URL: https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.33.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-33-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e0abb8e1a013b91daf6b7a0a72c9fb2054d4022816e3a36f80072d8439436d2e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cache-control: max-age=31557600
x-amz-version-id: hqhOSMEO19ZlBsYC6wo1oaNa41c6CtDT
etag: "93cba66654004ab1b36c1e9dc8ec599f"
age: 63972
via: 1.1 2146d75cb402f16f98928cb19acf5ff6.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2946
x-amz-cf-id: k5VXkKMcotN5E8X4D_YETRTlS3fOzFfb1Q2hEjnQzv5CoLNzNpw9xw==
date: Sun, 17 Nov 2024 08:52:19 GMT
content-type: image/png
last-modified: Thu, 14 Nov 2024 14:09:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.ub-assets.com/fonts/s/montserrat/v29/ 37 KB
38 KB 79ms
32ms Font
font/woff2 99.86.4.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Montserrat:700,regular%7CPoppins:500italic,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-81.fra6.r.cloudfront.net

Software

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://get.dtitrader.com
Referer

Response headers

x-amzn-remapped-content-length: 37828
content-encoding: gzip
age: 956565
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
x-amzn-requestid: 2a7b8aa4-27c9-4c2c-9452-4782839dfdea
x-cache: Hit from cloudfront
x-amz-cf-id: 8c4V4kkUbNfk3gjouPlfobXDzLDI1JqeGdzyzMmJi0gEou7N9Eqb2g==
date: Thu, 07 Nov 2024 00:55:46 GMT
content-type: font/woff2
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: A2dy4GuKIAMEUlg=
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-672c1012-7651703c44798720118ea1ff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
referrer-policy: no-referrer
access-control-allow-origin: *
content-length: 37861
x-xss-protection: 0
x-amz-cf-pop: FRA6-C1

GET
H2 200 pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2
fonts.ub-assets.com/fonts/s/poppins/v21/ 8 KB
9 KB 75ms
28ms Font
font/woff2 99.86.4.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Montserrat:700,regular%7CPoppins:500italic,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-81.fra6.r.cloudfront.net

Software

Resource Hash

1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://get.dtitrader.com
Referer

Response headers

x-amzn-remapped-content-length: 8504
content-encoding: gzip
age: 5361754
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
x-amzn-requestid: 6c9e6104-3694-4dd1-be3f-2b17cfb8f2a2
x-cache: Hit from cloudfront
x-amz-cf-id: f7YNRtlvIAwcf0PZccBfu71crQxDeF9KTEMC1MAFUJWoBXoqmjTmxA==
date: Tue, 17 Sep 2024 01:15:57 GMT
content-type: font/woff2
last-modified: Fri, 22 Mar 2024 00:00:34 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: eOa8MGrvoAMEONQ=
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-66e8d84d-28d73fca58c011df1e263e06
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
referrer-policy: no-referrer
access-control-allow-origin: *
content-length: 8527
x-xss-protection: 0
x-amz-cf-pop: FRA6-C1

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.ub-assets.com/fonts/s/poppins/v21/ 8 KB
9 KB 75ms
28ms Font
font/woff2 99.86.4.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Montserrat:700,regular%7CPoppins:500italic,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-81.fra6.r.cloudfront.net

Software

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://get.dtitrader.com
Referer

Response headers

x-amzn-remapped-content-length: 8000
content-encoding: gzip
age: 2208388
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
x-amzn-requestid: e29047ed-c16f-4111-94e2-df69e36d3b1b
x-cache: Hit from cloudfront
x-amz-cf-id: xWrPCMik3PenM_MwYgh2CBrEDbHFcbTzGPwHHBs-WzsHSB0hRmmBdA==
date: Wed, 23 Oct 2024 13:12:03 GMT
content-type: font/woff2
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: AGtloHgNIAMEKOw=
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6718f623-79ebf7ca0dbed00f7a7c4e1d
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
referrer-policy: no-referrer
access-control-allow-origin: *
content-length: 8023
x-xss-protection: 0
x-amz-cf-pop: FRA6-C1

POST
H3 200 collect
www.google.com/ccm/ 0
0 89ms
34ms Ping
text/plain 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dr=www.marketbeat.com&dl=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1635270020.1731897511&auid=1983895209.1731897511&npa=1&gtm=45He4bc0v830494420za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&tft=1731897511241&tfd=6631&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87DCP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
98 KB 42ms
40ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1071725429&l=dataLayer&cx=c&gtm=45He4bc0v830494420za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87DCP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73bdb6ce57e6d6f418656aae7d5345a1a31cf9461a25fa216144e57e0e213e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 18 Nov 2024 02:38:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 18 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100433
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 116ms
50ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87DCP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: gzip
age: 7027
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 02:41:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 00:41:24 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 246 KB
88 KB 46ms
40ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-619007671&l=dataLayer&cx=c&gtm=45He4bc0v830494420za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87DCP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14de81d979de9ca9ac2a2b3794cdda342a23d00271089432582e30c6192a93fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 18 Nov 2024 02:38:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 18 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90323
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 284 KB
98 KB 44ms
38ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-616425453&l=dataLayer&cx=c&gtm=45He4bc0v830494420za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87DCP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92f219ce59c3ff8a78374e455de325dde2b7eec206bca9261b30ed0e0f1c9e51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 18 Nov 2024 02:38:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 18 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99941
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 126ms
45ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87DCP

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7083B0ACD7E64A70869DD750534D2204 Ref B: FRA31EDGE0721 Ref C: 2024-11-18T02:38:31Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Mon, 18 Nov 2024 02:38:30 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 286 KB
98 KB 45ms
40ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1071725429&l=dataLayer&cx=c&gtm=45He4bc0v830494420za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87DCP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4cd99476c706bd38e731b4bc1aa481ff8867c771b6bf9b9d963835dfed104cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 18 Nov 2024 02:38:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 18 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100301
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1731815/ 71 KB
22 KB 354ms
259ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1731815/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87DCP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d2277def59e333e97d3a4bdc30e5aa6375b823bb5b042cb557c164712182c30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: gzip
etag: "d5019b60a38a41ba664ec1fd05012204"
x-amz-version-id: I5_AeL0sc6NCeknNU02Wzg8GMkI6ymKF
age: 0
x-cache: HIT
date: Mon, 18 Nov 2024 02:38:31 GMT
last-modified: Sun, 17 Nov 2024 11:05:50 GMT
x-served-by: cache-cph2320051-CPH
x-cache-hits: 0
content-type: application/javascript; charset=utf-8
x-amz-id-2: /G+CDKOjPIK4o/BwJHAz1CQW0ugqGQ+MxpTrzl6FpQz2/Ah20pF+iLb6XdV1DOYmaXSoRSHKDag=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14401
x-timer: S1731897511.371141,VS0,VE216
via: 1.1 varnish
x-amz-request-id: 2W9WBYGP6PEGD6K9
accept-ranges: bytes
access-control-allow-origin: *
abp: 52
content-length: 22029
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 58ms
27ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-FnFhjQls' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-FnFhjQls' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4444, tp=9, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: +bjXKOW6XBjfUUGFs+CHwB3fCCqgjW6h36UAqQPWTb+truXPtybD4CCyBqYuOcR1Yds9/edaKWH3llbuqk1r/g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62152
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 30 KB
9 KB 101ms
28ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.marketbeat.com
URL: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: aaddae4cf259110e05bc9316a9563557ac1d6ab3534b25c74ca4ff986811a859

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

Cache-Control: max-age=1200
Content-Encoding: gzip
ETag: "42ffad564668bf8061aec37490452aea:1731511830.33127"
Connection: keep-alive
Expires: Mon, 18 Nov 2024 02:58:31 GMT
Accept-Ranges: bytes
X-CC: DE
Content-Length: 9182
X-RG: EU
Date: Mon, 18 Nov 2024 02:38:31 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 13 Nov 2024 15:28:35 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1729561/ 71 KB
22 KB 340ms
251ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1729561/tfa.js
Requested by: Host: www.marketbeat.com
URL: https://www.marketbeat.com/scripts/redirect.aspx?MessageQueueID=26817&interstitial=1&UserID=13091940&interstitial=1&SubjectLineID=0&Hash=99E2922EEB6FEC86743F5DB2C0E84BA5899D68F68F1472F885291F590EAD713452D3376C362A15DEDE29DFC4761637FD6FDD698F31176C60366847F610D6C32C&ReferralType=MarketingEmail
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 706155b3ade0ae2892f5f93c7bdb34aec0662068e20c4eb3bd2d52464deba390

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: gzip
etag: "63c52a3c66ac5c03efd617fb766d1cd4"
x-amz-version-id: RcpeTqINRy0pq72PJZ_9M8Ku_H9pdW1F
age: 0
x-cache: HIT
date: Mon, 18 Nov 2024 02:38:31 GMT
last-modified: Sun, 17 Nov 2024 11:09:14 GMT
x-served-by: cache-cph2320051-CPH
x-cache-hits: 0
content-type: application/javascript; charset=utf-8
x-amz-id-2: 8y1Pq+B6tYKFgfQR80D760zvZpCl0uPMcPUq3BqklmsRnS9DoFDwNolDWSyhL0NUC3BXp0bSCDKAdkia2oegq+s5760DVCwdY1HhCkTxHuI=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14401
x-timer: S1731897511.370685,VS0,VE211
via: 1.1 varnish
x-amz-request-id: 2W9VN3SVHVAABBQD
accept-ranges: bytes
access-control-allow-origin: *
abp: 28
content-length: 22023
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
98 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-616425453&l=dataLayer&cx=c&gtm=45He4bc0v830494420za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87DCP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e7235ce40e888ff3df3e4883f618e1c4cc4a9d6b03e2d7a7458198838342a29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 18 Nov 2024 02:38:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 18 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99814
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 2543066.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 147ms
41ms Script
text/javascript 151.101.2.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/2543066.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87DCP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.109 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: gzip
etag: "421e-626ab9be4f340-gzip"
age: 523548
expires: Fri, 10 Nov 2034 01:12:43 GMT
x-cache: HIT
date: Mon, 18 Nov 2024 02:38:31 GMT
last-modified: Mon, 11 Nov 2024 23:39:17 GMT
x-bapp-server: assets-5ff7d64d98-vldr6
x-cache-hits: 30327
content-type: text/javascript; charset=utf-8
x-served-by: cache-cph2320031-CPH
vary: Accept-Encoding
x-vimeo-dc: ge
cache-control: max-age=86400
timing-allow-origin: *
x-timer: S1731897511.392517,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
content-length: 5579
server: Apache

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame CEDE 0
0 89ms
25ms Document
text/html 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fget.dtitrader.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL87DCP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 279220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 21:04:51 GMT
expires: Fri, 14 Nov 2025 21:04:51 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1608449652648250 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 93ms
92ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1608449652648250?v=2.9.177&r=stable&domain=get.dtitrader.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3fee7ab39febd20645d89307a7ba11057cd0dcb9758bcbe57da695b3d72fca51

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-W3HymnJG' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-W3HymnJG' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=77, mss=1232, tbw=71000, tp=68, tpl=0, uplat=70, ullat=0
pragma: public
x-fb-debug: /pSCz7jIvwn1ComXrJqKRIFIYbMKAisn/YosuuYobsLVIFCyUv27pnzpsR8mV09eZBa2PIK0hfPzxibN0TF7uA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK 0032ad3142d99057fb1224ac3c7e34ab43 Show response
wave.outbrain.com/mtWavesBundler/handler/ 3 KB
2 KB 77ms
23ms Script
text/html 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/0032ad3142d99057fb1224ac3c7e34ab43

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-17-67.deploy.static.akamaitechnologies.com

Software

Resource Hash

3089a12e21ef2af051dc02e4d2ef93c57d74859e7d7b37403734f406cd71a5b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=60
ob-sent-time: 1731819675393
Content-Encoding: gzip
ETag: W/"cf7-IwCgRi5dHh32s7cJHw9jyjMheaw"
Connection: keep-alive
Expires: Mon, 18 Nov 2024 02:39:31 GMT
Access-Control-Allow-Origin: *
X-CC: DE
Content-Length: 1506
X-RG: EU
Date: Mon, 18 Nov 2024 02:38:31 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
x-traceid: 649888406ac121759bafc18fb841625c

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ 26 B
301 B 67ms
22ms Fetch
text/html 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

Cache-Control: max-age=1200
Connection: keep-alive
Observe-Browsing-Topics: ?1
Expires: Mon, 18 Nov 2024 02:58:31 GMT
Access-Control-Allow-Origin: *
X-CC: DE
Content-Length: 26
X-RG: EU
Date: Mon, 18 Nov 2024 02:38:31 GMT
Content-Type: text/html

GET
H2

200

trigger Show response
paid.outbrain.com/network/
Redirect Chain

https://tr.outbrain.com/unifiedPixel?au=false&bust=02325957709038049&referrer=https%3A%2F%2Fwww.marketbeat.com%2F&cht=gtm&marketerId=0032ad3142d99057fb1224ac3c7e34ab43&name=PAGE_VIEW&dl=https%3A%2F...
https://paid.outbrain.com/network/trigger?trigger_data=0

43 B
462 B

217ms
133ms

Fetch
image/gif

151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://paid.outbrain.com/network/trigger?trigger_data=0

Requested by

Protocol

Server

151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-encoding: br
x-timer: S1731897512.892218,VS0,VE95
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache: MISS, MISS
content-length: 49
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"1328718966473767092"}]}
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: image/gif
x-served-by: cache-lga21960-LGA, cache-cph2320049-CPH
x-cache-hits: 0, 0
x-traceid: 37c86f69ed14dbc7c0a6c077368cd21c
traffic-path: NYDC1, LGA, CPH, Europe1

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
location: https://paid.outbrain.com/network/trigger?trigger_data=0
content-length: 0
date: Mon, 18 Nov 2024 02:38:31 GMT
x-traceid: 08c921812b663f0a9a518ec215afb387

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 346ms
115ms Script
application/javascript 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=0032ad3142d99057fb1224ac3c7e34ab43

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 39
content-encoding: br
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/javascript
x-traceid: 0958f5d5d9bf1294fc29c0db9d4217b9

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
435 B 31ms
30ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=913943396&t=pageview&_s=1&dl=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&dr=https%3A%2F%2Fwww.marketbeat.com%2F&ul=de-de&de=UTF-8&dt=Genesis&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=1715109743&gjid=50778279&cid=1844192258.1731897511&tid=UA-173175010-1&_gid=1772423120.1731897511&_r=1&_slc=1&gtm=45He4bc0n81PL87DCPv830494420za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&npa=1&z=2086200662

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

4a8a8273c16ea67eaf6596fe6ecaad232cbb92bb7907bd5a983b9904eeaa78e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://get.dtitrader.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 02:38:31 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://get.dtitrader.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 150000471.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 48ms
48ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/150000471.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73ad09944129c8fdb5042974d0418142fcfbad3501bcdd98c8409ef340a6e45b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 23CF8F4CC31B4347B0EB8692FC9121A6 Ref B: FRA31EDGE0721 Ref C: 2024-11-18T02:38:31Z
x-cache: CONFIG_NOCACHE
date: Mon, 18 Nov 2024 02:38:30 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 355025689.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 48ms
48ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/355025689.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d379d6a7d9a9ed02e94d8378d8d5c1165ead9d137e9db0d8c45e9571217282ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D6DF205BB7124A4BA12FFD1E72CAB6D4 Ref B: FRA31EDGE0721 Ref C: 2024-11-18T02:38:31Z
x-cache: CONFIG_NOCACHE
date: Mon, 18 Nov 2024 02:38:30 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 391 KB
127 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F6G57FW018&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

765d3d3ee483bd16e4855aa583b9fd027661c8b406fb71c4dbb57c6bdc099f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 18 Nov 2024 02:38:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129529
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 0
bat.bing.net/actionp/ 0
119 B 157ms
84ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=150000471&Ver=2&mid=6ef9a015-9bce-4089-8205-753544c9044e&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FC4927DFE8C140698465A87D918D8F7E Ref B: FRA31EDGE0222 Ref C: 2024-11-18T02:38:31Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 18 Nov 2024 02:38:31 GMT

GET
H2 200 150000471 Show response
www.clarity.ms/tag/uet/ 744 B
999 B 271ms
201ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/150000471?insights=1
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/150000471.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8ba09181fca0d0730f67cfa5c6af09e9353f989f7de52b8d541c89727ad4c20d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 744
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/x-javascript
x-azure-ref: 20241118T023831Z-15f56cb949cptc46hC1FRAk3gg00000003b0000000001qaw

GET
H2 204 0
bat.bing.net/action/ 0
120 B 157ms
85ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=150000471&Ver=2&mid=6ef9a015-9bce-4089-8205-753544c9044e&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Genesis&p=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&r=https%3A%2F%2Fwww.marketbeat.com%2F&lt=6345&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=297208
Requested by: Host: get.dtitrader.com
URL: https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 232887B3E0D9472F839EA1284DF04CF1 Ref B: FRA31EDGE0222 Ref C: 2024-11-18T02:38:31Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 18 Nov 2024 02:38:31 GMT

POST
H2 204 0
bat.bing.net/actionp/ 0
120 B 155ms
83ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=355025689&Ver=2&mid=afd4b4d6-0567-45e7-b632-c65ff9895546&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 563A3D815CC64C50B8E0258D94706EE9 Ref B: FRA31EDGE0222 Ref C: 2024-11-18T02:38:31Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 18 Nov 2024 02:38:31 GMT

GET
H2 200 355025689 Show response
www.clarity.ms/tag/uet/ 744 B
999 B 272ms
204ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/355025689?insights=1
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/355025689.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9e14c453ad219e3400aec34580ad10d35ea5d79b31a39da650bd3bfc06761b34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 744
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/x-javascript
x-azure-ref: 20241118T023831Z-15f56cb949cptc46hC1FRAk3gg00000003b0000000001qav

GET
H2 204 0
bat.bing.net/action/ 0
346 B 155ms
84ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=355025689&Ver=2&mid=afd4b4d6-0567-45e7-b632-c65ff9895546&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Genesis&p=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&r=https%3A%2F%2Fwww.marketbeat.com%2F&lt=6345&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=915086
Requested by: Host: get.dtitrader.com
URL: https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB6306BFE8824B8B9AAEBD38D664906F Ref B: FRA31EDGE0222 Ref C: 2024-11-18T02:38:31Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 18 Nov 2024 02:38:31 GMT

GET
H3 200 396676407964280 Show response
connect.facebook.net/signals/config/ 26 KB
3 KB 164ms
163ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/396676407964280?v=2.9.177&r=stable&domain=get.dtitrader.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C234%2C116%2C127%2C235%2C165%2C119%2C237%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66ff7b8e76a6d162d5a2b6914af385c3e9f3ba0661f98c69e26f372e998a47e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-jpikgpjg' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-jpikgpjg' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=90, mss=1232, tbw=87281, tp=84, tpl=0, uplat=140, ullat=0
pragma: public
x-fb-debug: 8JZmpXH858D4AJZ9u9oPddntCIrTZ3N80qh/jeVrDIOXVo6RGLhp4WgUH42L56ddflDABa5ix7Wcp8bAoYlnnw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 51ms
23ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1608449652648250&ev=PageView&dl=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&rl=https%3A%2F%2Fwww.marketbeat.com%2F&if=false&ts=1731897511576&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1731897511574.264172524794067547&ler=other&cdl=API_unavailable&it=1731897511456&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4440, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 178ms
178ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1608449652648250&ev=PageView&dl=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&rl=https%3A%2F%2Fwww.marketbeat.com%2F&if=false&ts=1731897511576&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1731897511574.264172524794067547&ler=other&cdl=API_unavailable&it=1731897511456&coo=false&rqm=FGET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438443171139995694"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: XxMXr2HEaM81ukRCL1XCp4iWN4by69PSAFE8qc+zcotjitUFzIMveUm3B56f9krjdZIuMNfToCZsdRIkx9fMdA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438443171139995694", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=5144, tp=17, tpl=0, uplat=155, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
281 B 111ms
35ms Fetch
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1729561/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cache-control: private, max-age=2592000
retry-after: 0
x-timer: S1731897512.700790,VS0,VE0
observe-browsing-topics: ?1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 65
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: text/html; charset=utf-8
x-served-by: cache-cph2320030-CPH
server: Varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1731815/trc/3/ 3 KB
2 KB 79ms
71ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1731815/trc/3/json?tim=1731897511615&data=%7B%22id%22%3A997%2C%22ii%22%3A%22%2Fgenesis-tom-sms-int%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1731897511610%2C%22cv%22%3A%2220241116-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB%22%2C%22e%22%3A%22https%3A%2F%2Fwww.marketbeat.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dfinmc-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1731897511614%2C%22ref%22%3A%22https%3A%2F%2Fwww.marketbeat.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1729561/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 396b079e7042d5e32e214291de3c1682dfdce5871a20d5be9598d680f523e104

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding: gzip
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-cph2320051-CPH
x-cache-hits: 0
vary: Accept-Encoding
x-fastly-to-nlb-rtt: 13343
x-timer: S1731897512.660745,VS0,VE28
x-vcl-time-ms: 28
access-control-allow-credentials: true
via: 1.1 varnish
cpu: 0.12250000000000001
accept-ranges: bytes
access-control-allow-origin: *
x-service-version: v1
server: nginx

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 89ms
31ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-F6G57FW018&gtm=45je4bc0v9127167943za200&_p=1731897510927&_gaz=1&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&ul=de-de&sr=1600x1200&cid=1844192258.1731897511&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&dr=https%3A%2F%2Fwww.marketbeat.com%2F&dt=Genesis&sid=1731897511&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7106
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F6G57FW018&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://get.dtitrader.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
555 B 94ms
30ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-F6G57FW018&cid=1844192258.1731897511&gtm=45je4bc0v9127167943za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F6G57FW018&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://get.dtitrader.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 71ms
38ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F6G57FW018&cid=1844192258.1731897511&gtm=45je4bc0v9127167943za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855&tag_exp=101925629~102067555~102067808~102077855&z=527499592

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 18 Nov 2024 02:38:31 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
0 0ms
0ms Fetch
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1729561/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cache-control: private, max-age=2592000
retry-after: 0
x-timer: S1731897512.700790,VS0,VE0
observe-browsing-topics: ?1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 65
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: text/html; charset=utf-8
x-served-by: cache-cph2320030-CPH
server: Varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1729561/trc/3/ 3 KB
1 KB 72ms
72ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1729561/trc/3/json?tim=1731897511727&data=%7B%22id%22%3A221%2C%22ii%22%3A%22%2Fgenesis-tom-sms-int%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1731897511610%2C%22cv%22%3A%2220241116-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB%22%2C%22e%22%3A%22https%3A%2F%2Fwww.marketbeat.com%2F%22%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dfinmc-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1731897511618%2C%22ref%22%3A%22https%3A%2F%2Fwww.marketbeat.com%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1729561/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 418c34aaada6324ac9e0223ca0fbfe412743af4f164379a40bd22e1005acd57f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding: gzip
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-cph2320051-CPH
x-cache-hits: 0
vary: Accept-Encoding
x-fastly-to-nlb-rtt: 13360
x-timer: S1731897512.761308,VS0,VE22
x-vcl-time-ms: 22
access-control-allow-credentials: true
via: 1.1 varnish
cpu: 0.06525
accept-ranges: bytes
access-control-allow-origin: *
x-service-version: v1
server: nginx

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 24ms
23ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=396676407964280&ev=PageView&dl=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&rl=https%3A%2F%2Fwww.marketbeat.com%2F&if=false&ts=1731897511747&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1731897511574.264172524794067547&ler=other&cdl=API_unavailable&it=1731897511456&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4952, tp=15, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 91ms
91ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=396676407964280&ev=PageView&dl=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&rl=https%3A%2F%2Fwww.marketbeat.com%2F&if=false&ts=1731897511747&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1731897511574.264172524794067547&ler=other&cdl=API_unavailable&it=1731897511456&coo=false&rqm=FGET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438443170123747590"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438443170123747590", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: VzTsafJZXgR6g4rrO2GPJSKtBZDnCumYFz/4L8s3DaQ9mzn4a5F5rC46rUNYfTy1qPYQModn0mkBKD6OuUsDDQ==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=26, mss=1232, tbw=7960, tp=21, tpl=0, uplat=67, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.56/ 66 KB
28 KB 43ms
42ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.56/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/150000471?insights=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

x-azure-ref: 20241118T023831Z-15f56cb949cptc46hC1FRAk3gg00000003b0000000001qb6
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD041B2B98F09E"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 4b028e60-101e-0017-0f3f-3687d0000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 19:41:29 GMT

GET
H3 200 utils.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ 241 KB
45 KB 33ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdcdee66eb73eaff67c185ce622c4f82d65cdc893b785259b0207e3e60c8ca9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f902e0e-3c35d"
age: 762339
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vcLHMC%2BhKgUeG%2BNtN%2B4di4mpoBGkV%2FdCjuTV4afQNEsLJNVIR028KplJDPbT%2BU%2FNHs2zCO0dVfEB5JHiY0OXN2rBjV5AjHllqgSjEtCSDpfOfM%2BmH%2F3SRPBinZH9rYX5CTbNrefb5ers3CsCMZmGb58E"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 08 Nov 2025 02:38:31 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 02:38:31 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e4495b98d4ad280-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45687
server: cloudflare

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 30ms
30ms Image
text/html 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1904615870&rv=4bc0&tag_exp=101925629~102067555~102067808~102077855&u=AAAAAAAAAAAAACA&h=Ag&gtm=45je4bc0v9127167943za200&ccid=127167943&cid=G-F6G57FW018&l=L6316.S92.B0.E198.I6344.EC6.TC29.HTC0~gtm.init.S0.V0.E83.TS5ogtgasend.TI10.TE0.TS5ogtreferralexclusion.TI12.TE1.TS5ogtsessiontimeout.TI13.TE0.TS5ogt1pdatav2.TI14.TE1.TS5ccdgalast.TI15.TE0.TS5ccdautoredact.TI16.TE0.TS5ogteventcreate.TI17.TE0.TS5ogteventcreate.TI18.TE1.TS5ogteventcreate.TI19.TE0.TS5ogteventcreate.TI20.TE0.TS5ogteventcreate.TI21.TE0.TS5ogteventcreate.TI22.TE0.TS5ogteventcreate.TI23.TE0.TS5ogteventcreate.TI24.TE0.TS5ogteventcreate.TI25.TE0.TS5ogteventcreate.TI26.TE0.TS5ogteventcreate.TI27.TE0.TS5ogteventcreate.TI28.TE0.TS5ogteventcreate.TI29.TE0.TS5ogteventcreate.TI30.TE0.TS5ogteventcreate.TI31.TE0.TS5ogteventcreate.TI32.TE0.TS5ccdconversionmarking.TI33.TE0.TS5ccdgaregscope.TI34.TE1.TS5ogtgooglesignals.TI35.TE0.TS5ccdgaadslink.TI36.TE0.TS5setproductsettings.TI37.TE0.TS5ccdgafirst.TI38.TE0~gtm.js.S0.V0.E68.TS5gct.TI7.TE0~gtm.dom.S0.V0.E62~*~gtm.load.S0.V0.E0~gtm.init_consent.S2.V1.E80~GA791

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Mon, 18 Nov 2024 02:38:31 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 favicon.png
prosperitypub.com/wp-content/uploads/2021/09/ 1 KB
2 KB 110ms
39ms Other
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://prosperitypub.com/wp-content/uploads/2021/09/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f86c9e9b4eab8f84e7d1ddfc0793532576962a32623bbaea9db121dc921207d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://get.dtitrader.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "64b52cf6-1128"
age: 150748
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=4392
alt-svc: h3=":443"; ma=86400
date: Mon, 18 Nov 2024 02:38:32 GMT
content-type: image/webp
content-disposition: inline; filename="favicon.webp"
vary: Accept
last-modified: Mon, 17 Jul 2023 11:58:46 GMT
cache-control: public, max-age=31536000
cf-ray: 8e4495ba0dcc9ba6-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1382
server: cloudflare

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
281 B 532ms
233ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://get.dtitrader.com/

Response headers

Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin: https://get.dtitrader.com
Date: Mon, 18 Nov 2024 02:38:32 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 204 unip Show response
trc-events.taboola.com/1729561/log/3/ 0
247 B 113ms
42ms XHR
text/plain 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1729561/log/3/unip?en=pre_d_eng_tb&tos=1612&scd=0&ssd=1&est=1731897511613&ver=36&isls=true&src=i&invt=1500&msa=270&rv=1&tim=1731897513225&vi=1731897511610&ri=b45464f1bf5bd562c9c37fe1e9a300b3&ref=https%3A%2F%2Fwww.marketbeat.com%2F&cv=20241116-3-RELEASE&item-url=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&ler=other&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1731815/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://get.dtitrader.com/

Response headers

access-control-allow-origin: https://get.dtitrader.com
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Mon, 18 Nov 2024 02:38:33 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

GET
H2 204 unip Show response
trc-events.taboola.com/1731815/log/3/ 0
248 B 117ms
43ms XHR
text/plain 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1731815/log/3/unip?en=pre_d_eng_tb&tos=1615&scd=0&ssd=1&est=1731897511613&ver=36&isls=true&src=i&invt=1500&msa=270&rv=1&tim=1731897513227&vi=1731897511610&ri=7fa1ecd6f3a6d7591178c72ca028aa13&ref=https%3A%2F%2Fwww.marketbeat.com%2F&cv=20241116-3-RELEASE&item-url=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&ler=other&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1731815/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://get.dtitrader.com/

Response headers

access-control-allow-origin: https://get.dtitrader.com
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Mon, 18 Nov 2024 02:38:33 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1729561/log/3/ Frame 0
0 281ms
24ms Preflight 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1729561/log/3/unip?en=pre_d_eng_tb&tos=1612&scd=0&ssd=1&est=1731897511613&ver=36&isls=true&src=i&invt=1500&msa=270&rv=1&tim=1731897513225&vi=1731897511610&ri=b45464f1bf5bd562c9c37fe1e9a300b3&ref=https%3A%2F%2Fwww.marketbeat.com%2F&cv=20241116-3-RELEASE&item-url=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&ler=other&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://get.dtitrader.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://get.dtitrader.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Mon, 18 Nov 2024 02:38:33 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

OPTIONS
H2 200 unip
trc-events.taboola.com/1731815/log/3/ Frame 0
0 280ms
24ms Preflight 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1731815/log/3/unip?en=pre_d_eng_tb&tos=1615&scd=0&ssd=1&est=1731897511613&ver=36&isls=true&src=i&invt=1500&msa=270&rv=1&tim=1731897513227&vi=1731897511610&ri=7fa1ecd6f3a6d7591178c72ca028aa13&ref=https%3A%2F%2Fwww.marketbeat.com%2F&cv=20241116-3-RELEASE&item-url=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&ler=other&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://get.dtitrader.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://get.dtitrader.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Mon, 18 Nov 2024 02:38:33 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
281 B 170ms
119ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://get.dtitrader.com/

Response headers

Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin: https://get.dtitrader.com
Date: Mon, 18 Nov 2024 02:38:33 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 204 unip Show response
trc-events.taboola.com/1729561/log/3/ 0
247 B 62ms
39ms XHR
text/plain 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1729561/log/3/unip?en=pre_d_eng_tb&tos=4617&scd=0&ssd=1&est=1731897511613&ver=36&isls=true&src=i&invt=3000&msa=270&rv=1&tim=1731897516230&vi=1731897511610&ri=b45464f1bf5bd562c9c37fe1e9a300b3&ref=https%3A%2F%2Fwww.marketbeat.com%2F&cv=20241116-3-RELEASE&item-url=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&ler=other&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1731815/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://get.dtitrader.com/

Response headers

access-control-allow-origin: https://get.dtitrader.com
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Mon, 18 Nov 2024 02:38:36 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

GET
H2 204 unip Show response
trc-events.taboola.com/1731815/log/3/ 0
247 B 61ms
38ms XHR
text/plain 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1731815/log/3/unip?en=pre_d_eng_tb&tos=4618&scd=0&ssd=1&est=1731897511613&ver=36&isls=true&src=i&invt=3000&msa=270&rv=1&tim=1731897516231&vi=1731897511610&ri=7fa1ecd6f3a6d7591178c72ca028aa13&ref=https%3A%2F%2Fwww.marketbeat.com%2F&cv=20241116-3-RELEASE&item-url=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&ler=other&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1731815/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://get.dtitrader.com/

Response headers

access-control-allow-origin: https://get.dtitrader.com
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Mon, 18 Nov 2024 02:38:36 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1729561/log/3/ Frame 0
0 37ms
28ms Preflight 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1729561/log/3/unip?en=pre_d_eng_tb&tos=4617&scd=0&ssd=1&est=1731897511613&ver=36&isls=true&src=i&invt=3000&msa=270&rv=1&tim=1731897516230&vi=1731897511610&ri=b45464f1bf5bd562c9c37fe1e9a300b3&ref=https%3A%2F%2Fwww.marketbeat.com%2F&cv=20241116-3-RELEASE&item-url=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&ler=other&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://get.dtitrader.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://get.dtitrader.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Mon, 18 Nov 2024 02:38:36 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

OPTIONS
H2 200 unip
trc-events.taboola.com/1731815/log/3/ Frame 0
0 38ms
28ms Preflight 141.226.228.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1731815/log/3/unip?en=pre_d_eng_tb&tos=4618&scd=0&ssd=1&est=1731897511613&ver=36&isls=true&src=i&invt=3000&msa=270&rv=1&tim=1731897516231&vi=1731897511610&ri=7fa1ecd6f3a6d7591178c72ca028aa13&ref=https%3A%2F%2Fwww.marketbeat.com%2F&cv=20241116-3-RELEASE&item-url=https%3A%2F%2Fget.dtitrader.com%2Fgenesis-tom-sms-int%2F%3Fsco_id%3DGEN01I%26email%3Dsuspect%40safeonweb.be%26af%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_source%3DMKB%26utm_content%3DMKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO%26utm_medium%3DDED%26utm_campaign%3D1731000143960vo01e%26utm_term%3DHLB&ler=other&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://get.dtitrader.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://get.dtitrader.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Mon, 18 Nov 2024 02:38:36 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.unbounce.com
URL: blob:https://app.unbounce.com/e8b13f04-1d93-4a49-8691-ced0821e303e

Domain: app.unbounce.com
URL: blob:https://app.unbounce.com/da2b35ba-3679-4a2b-a743-0a92a03675cd

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
get.dtitrader.com/genesis-tom-sms-int/	1970-01-21 05:29:55	Name: ubpv Value: a%2C3a6b8eff-6205-438a-8503-4880b8378289
www.marketbeat.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: zddsooeivkv0u0nciipntaro
.onesignal.com/	1970-01-21 01:04:59	Name: __cf_bm Value: RMFEJ0Z1mAe3lFKuPjWMiHzdKO0BVHgnC.NFoAKP9bI-1731897504-1.0.1.1-t_mgOg4JW4q3mx8XEOpyPTjTCQiTIzFKF_2O_pJNNVoZ0EfdrKoFvmviY7xNOPt2Yta2BJaPfAcpRyeIbuHipg
get.dtitrader.com/	1970-01-21 05:24:09	Name: ubvs Value: 3c1e87e5-9073-4639-9c67-229d00d7e9e1
.dtitrader.com/	1970-01-21 01:09:16	Name: ubvt Value: v2%7C3c1e87e5-9073-4639-9c67-229d00d7e9e1%7C3a6b8eff-6205-438a-8503-4880b8378289%3Aa%3Asingle%3Asingle
.get.dtitrader.com/	1970-01-21 01:04:59	Name: __cf_bm Value: kqNlB9yNPhKcu3MlobgbOTdeRXqlkjnI1Z..LyyH2As-1731897510-1.0.1.1-VwdP19DHmjbko11wSgFN_ymiNcvJR3Jwy3caypjW0NamPxdquE.HeRFs0KDt4MEwl30btH_qJjVPFlj58ljfog
.dtitrader.com/	1970-01-21 03:14:33	Name: _gcl_au Value: 1.1.1983895209.1731897511
.dtitrader.com/	1970-01-21 10:40:57	Name: _ga Value: GA1.2.1844192258.1731897511
.dtitrader.com/	1970-01-21 01:06:23	Name: _gid Value: GA1.2.1772423120.1731897511
.dtitrader.com/	1970-01-21 01:04:57	Name: _gat_UA-173175010-1 Value: 1
.dtitrader.com/	1970-01-21 03:14:33	Name: _fbp Value: fb.1.1731897511574.264172524794067547
.dtitrader.com/	1970-01-21 10:40:57	Name: _ga_F6G57FW018 Value: GS1.2.1731897511.1.0.1731897511.60.0.0
get.dtitrader.com/	1970-01-21 01:04:57	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1731897511811%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB(Line 9) Message: Not allowed to load local resource: blob:https://app.unbounce.com/e8b13f04-1d93-4a49-8691-ced0821e303e
javascript	error	URL: https://get.dtitrader.com/genesis-tom-sms-int/?sco_id=GEN01I&email=suspect@safeonweb.be&af=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_source=MKB&utm_content=MKB_TB_DED_GEN_GENLAU_NON_SYSTEM_EXT_HLB_CTO&utm_medium=DED&utm_campaign=1731000143960vo01e&utm_term=HLB(Line 9) Message: Not allowed to load local resource: blob:https://app.unbounce.com/da2b35ba-3679-4a2b-a743-0a92a03675cd
network	error	URL: https://get.dtitrader.com/assets/85b57f48-1bec-4908-8f84-5f30e58a476c/tb-image.original.png?1730889059 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
amplify.outbrain.com
app.unbounce.com
bat.bing.com
bat.bing.net
builder-assets.unbounce.com
cdn.onesignal.com
cdn.taboola.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
d9hhrg4mnvzow.cloudfront.net
e.clarity.ms
email.analystratings.net
extend.vimeocdn.com
fonts.ub-assets.com
get.dtitrader.com
lp.prosperitypub.com
onesignal.com
paid.outbrain.com
prosperitypub.com
psb.taboola.com
region1.analytics.google.com
stats.g.doubleclick.net
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
wave.outbrain.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.marketbeat.com
app.unbounce.com
104.18.34.21
141.193.213.10
141.226.228.48
151.101.1.44
151.101.129.44
151.101.194.132
151.101.2.109
18.245.33.62
184.30.17.67
192.190.221.37
20.57.85.160
2001:4860:4802:34::36
2606:4700:10::6816:286e
2606:4700:3108::ac42:2b0e
2606:4700::6811:190e
2606:4700::6811:6fdf
2620:1ec:33::10
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:800::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c06::9b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::649
70.42.32.255
99.86.4.38
99.86.4.81
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb
132d8a44fa30ee1840095c4fcf4235886104a9e2f335ad99903744afba43a499
14de81d979de9ca9ac2a2b3794cdda342a23d00271089432582e30c6192a93fe
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
3089a12e21ef2af051dc02e4d2ef93c57d74859e7d7b37403734f406cd71a5b6
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
396b079e7042d5e32e214291de3c1682dfdce5871a20d5be9598d680f523e104
3d2277def59e333e97d3a4bdc30e5aa6375b823bb5b042cb557c164712182c30
3fee7ab39febd20645d89307a7ba11057cd0dcb9758bcbe57da695b3d72fca51
418c34aaada6324ac9e0223ca0fbfe412743af4f164379a40bd22e1005acd57f
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
4a8a8273c16ea67eaf6596fe6ecaad232cbb92bb7907bd5a983b9904eeaa78e9
4cd99476c706bd38e731b4bc1aa481ff8867c771b6bf9b9d963835dfed104cf6
4e289765f35b5ba01042d13c1a6d0e325b233f91552b8092f53b47f9dd8ad825
54ae92531c5cb4a7e8c8f7240035894921a898c615e812ac4dd9ff6e0b5213a7
5a0cf06464c134638ca5597c2d6979e3c0a16646117052c9269b689074557c00
636292d0e2f72322fe721f58a13b869faceeb0242dc8c4e6602bfa4b558a07c5
64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
66ff7b8e76a6d162d5a2b6914af385c3e9f3ba0661f98c69e26f372e998a47e3
6c649cc3d4aee7683250622541a6045ad4ac3beb93df1fcdd3ec1f7f12a1ff44
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
706155b3ade0ae2892f5f93c7bdb34aec0662068e20c4eb3bd2d52464deba390
73ad09944129c8fdb5042974d0418142fcfbad3501bcdd98c8409ef340a6e45b
73bdb6ce57e6d6f418656aae7d5345a1a31cf9461a25fa216144e57e0e213e52
765d3d3ee483bd16e4855aa583b9fd027661c8b406fb71c4dbb57c6bdc099f5d
771350bc6fdd297030acb2cdc64e3d06c9e2ebb1fe38ab88bdd53c3add83dbf9
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
864f0c1802a7465b482adcd88aaf38cd752a29860a96e432cbc15e7164894d48
870e33c07dfab900ffc54747f4d21e61f6557c9ddf22ffd892624ae522b824cd
8ba09181fca0d0730f67cfa5c6af09e9353f989f7de52b8d541c89727ad4c20d
92f219ce59c3ff8a78374e455de325dde2b7eec206bca9261b30ed0e0f1c9e51
98d16230356b70fd7563c3b57822a33519101d5ff8408e06778371a436c35c75
9e14c453ad219e3400aec34580ad10d35ea5d79b31a39da650bd3bfc06761b34
9e7235ce40e888ff3df3e4883f618e1c4cc4a9d6b03e2d7a7458198838342a29
a6fac60646192456cc0ca24dddf4b4f5d23ed049aaa9066dfbf77073afefc18e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
aaddae4cf259110e05bc9316a9563557ac1d6ab3534b25c74ca4ff986811a859
ab2f779b241fd51e4c0356c96edc743e3937e6c9c501080e536a33fd703922ed
bdcdee66eb73eaff67c185ce622c4f82d65cdc893b785259b0207e3e60c8ca9d
bfc8f63cc973b60de93a7c23762631ce8ae8835f1ba4c37f8003f2a586712942
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457
d15aea2408195a5da3a49875fac7e584f3068dfe7fdb262f48a6fc05c9c48c76
d379d6a7d9a9ed02e94d8378d8d5c1165ead9d137e9db0d8c45e9571217282ad
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df372965cc39e768c022bdff15687ee6527dde447ac79facf95f848986c2fba6
e0abb8e1a013b91daf6b7a0a72c9fb2054d4022816e3a36f80072d8439436d2e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
ebbfc5eb12dd3766d82cc8a2584d8bf9d2db1a8ead8c9d5f0e03d9ee4bac3389
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef43f79a4b7786a0bbaed0d9f169a48585838b4aad0d1e076fe8a2a92d16f07f
f1c1b8cf0ccef4a39fe24c6d1f5f49dff7c54e5c1755047fb021b8747f1f9fcd
f423c2457eb5ca263566488398b3bed12887c4403dc4fcc8efb4ba7ed80dd9aa
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f86c9e9b4eab8f84e7d1ddfc0793532576962a32623bbaea9db121dc921207d8
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

get.dtitrader.com Open in urlscan Pro 104.18.34.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

96 %HTTPS

55 %IPv6

24 Domains

35 Subdomains

30 IPs

5 Countries

1808 kBTransfer

4856 kBSize

13 Cookies

2 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

get.dtitrader.com Open in urlscan Pro
104.18.34.21 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

96 %
HTTPS

55 %
IPv6

24
Domains

35
Subdomains

30
IPs

5
Countries

1808 kB
Transfer

4856 kB
Size

13
Cookies

95 HTTP transactions
1 data transactions