tradingwire.com Open in urlscan Pro
172.67.212.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.mail.beehiiv.com/ss/c/u001.IE4mAnrdxucO-dUSghciKDgUyVSlJWrfTtFbTom34ZLJN9ST4YQrAXJsRIqWMLMZIaQq4SZoByBziOqBDj-r88...
Effective URL:
https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Submission: On October 22 via api (October 22nd 2024, 1:15:15 pm UTC) from BE — Scanned from CA

Summary HTTP 37 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 21 domains to perform 37 HTTP transactions. The main IP is 172.67.212.36, located in United States and belongs to CLOUDFLARENET, US. The main domain is tradingwire.com.
TLS certificate: Issued by WE1 on September 9th 2024. Valid for: 3 months.

This is the only time tradingwire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.68.40 104.18.68.40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.211.190.162 54.211.190.162	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.197.163.17 34.197.163.17	14618 (AMAZON-AES) (AMAZON-AES)
3 5	54.156.254.128 54.156.254.128	14618 (AMAZON-AES) (AMAZON-AES)
1 15	172.67.212.36 172.67.212.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.202.93 172.67.202.93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
3	142.250.81.232 142.250.81.232	15169 (GOOGLE) (GOOGLE)
1	142.250.80.74 142.250.80.74	15169 (GOOGLE) (GOOGLE)
1	142.250.81.234 142.250.81.234	15169 (GOOGLE) (GOOGLE)
1	172.64.147.188 172.64.147.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.47.12 104.21.47.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.218.233.240 52.218.233.240	16509 (AMAZON-02) (AMAZON-02)
6 6	54.152.61.229 54.152.61.229	14618 (AMAZON-AES) (AMAZON-AES)
3 3	54.69.252.125 54.69.252.125	16509 (AMAZON-02) (AMAZON-02)
1 2	23.33.42.81 23.33.42.81	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.251.40.195 142.251.40.195	15169 (GOOGLE) (GOOGLE)
1	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
1	142.251.32.110 142.251.32.110	15169 (GOOGLE) (GOOGLE)
1	142.250.80.100 142.250.80.100	15169 (GOOGLE) (GOOGLE)
1	142.250.64.99 142.250.64.99	15169 (GOOGLE) (GOOGLE)
1	108.139.47.92 108.139.47.92	16509 (AMAZON-02) (AMAZON-02)
1 2	54.210.234.94 54.210.234.94	14618 (AMAZON-AES) (AMAZON-AES)
37	19

1 104.18.68.40 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

link.mail.beehiiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.190.162 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-190-162.compute-1.amazonaws.com

dsadserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.163.17 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-163-17.compute-1.amazonaws.com

ioadserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.156.254.128 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-254-128.compute-1.amazonaws.com

intof.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.67.212.36 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tradingwire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.202.93 (United States)

ASN13335 (CLOUDFLARENET, US)

websitevisitorleads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.81.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.74 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.234 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.147.188 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.47.12 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.233.240 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.152.61.229 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-61-229.compute-1.amazonaws.com

rdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.69.252.125 (Boardman, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-252-125.us-west-2.compute.amazonaws.com

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.33.42.81 (Piscataway, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-33-42-81.deploy.static.akamaitechnologies.com

aa.trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.195 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.2 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.110 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.47.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-92.jfk50.r.cloudfront.net

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.210.234.94 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-234-94.compute-1.amazonaws.com

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	tradingwire.com 1 redirects tradingwire.com	607 KB
6	rdcdn.com 6 redirects rdcdn.com — Cisco Umbrella Rank: 53411	4 KB
5	intof.io 3 redirects intof.io — Cisco Umbrella Rank: 547074	7 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3517 rp.liadm.com — Cisco Umbrella Rank: 925	45 KB
3	alocdn.com 3 redirects p.alocdn.com — Cisco Umbrella Rank: 9321	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	201 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192	2 KB
2	trkn.us 1 redirects aa.trkn.us — Cisco Umbrella Rank: 18749	1 KB
2	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 76249	487 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 ajax.googleapis.com — Cisco Umbrella Rank: 412	32 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	50 KB
2	ioadserve.com 2 redirects ioadserve.com — Cisco Umbrella Rank: 379742	1 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 12143	64 B
1	google.com www.google.com — Cisco Umbrella Rank: 3	64 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	gstatic.com fonts.gstatic.com	32 KB
1	amazonaws.com s3-us-west-2.amazonaws.com	88 KB
1	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1955
1	websitevisitorleads.com websitevisitorleads.com — Cisco Umbrella Rank: 142172	2 KB
1	dsadserve.com 1 redirects dsadserve.com	378 B
1	beehiiv.com 1 redirects link.mail.beehiiv.com — Cisco Umbrella Rank: 51550	591 B
37	21

	Domain	Requested by
15	tradingwire.com	1 redirects tradingwire.com
6	rdcdn.com	6 redirects
5	intof.io	3 redirects tradingwire.com
3	p.alocdn.com	3 redirects
3	www.googletagmanager.com	tradingwire.com www.googletagmanager.com
2	rp.liadm.com	1 redirects
2	aa.trkn.us	1 redirects tradingwire.com
2	cdn.useproof.com	tradingwire.com cdn.useproof.com
2	cdn.jsdelivr.net	tradingwire.com
2	ioadserve.com	2 redirects
1	b-code.liadm.com	s3-us-west-2.amazonaws.com
1	www.google.ca	tradingwire.com
1	www.google.com	tradingwire.com
1	www.google-analytics.com	www.googletagmanager.com
1	td.doubleclick.net	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	s3-us-west-2.amazonaws.com	websitevisitorleads.com
1	kit.fontawesome.com	tradingwire.com
1	ajax.googleapis.com	tradingwire.com
1	fonts.googleapis.com	tradingwire.com
1	websitevisitorleads.com	tradingwire.com
1	dsadserve.com	1 redirects
1	link.mail.beehiiv.com	1 redirects
37	24

This site contains links to these domains. Also see Links.

Domain
www.tradingwire.com

Subject Issuer	Validity	Valid
tradingwire.com WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
websitevisitorleads.com WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
useproof.com WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-09-14` - `2025-08-29`	a year	crt.sh
*.intof.io GeoTrust TLS RSA CA G1	`2024-04-19` - `2025-04-21`	a year	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.ca WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Frame ID: 0618A576F14AD63ECC599A40664FDB44
Requests: 34 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1017543105?random=1729602908910&cv=11&fst=1729602908910&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9104736700za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Ftradingwire.com%2Fpmax%2Findex.php%3Femail%3Dverdacht%40safeonweb.be&hn=www.googleadservices.com&frm=0&tiba=TradingWire.com&npa=0&pscdl=noapi&auid=395632571.1729602909&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 4C869E6FD84F3DCAFD735851E75DD0DE
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Ftradingwire.com
Frame ID: 3EC7CC55772ECC9F1E899BDEDEAD0727
Requests: 1 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: CA129C9DA70170B39E27903A6FF5E6C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TradingWire.com

Page URL History Show full URLs

https://link.mail.beehiiv.com/ss/c/u001.IE4mAnrdxucO-dUSghciKDgUyVSlJWrfTtFbTom34ZLJN9ST4YQrAXJsRIqWMLMZIa... HTTP 302
http://dsadserve.com/711/1662/166df238831f3d/verdacht@safeonweb.be/redirect?_bhlid=471f69d582493b... HTTP 307
https://dsadserve.com/711/1662/166df238831f3d/verdacht@safeonweb.be/redirect?_bhlid=471f69d582493b... HTTP 302
http://ioadserve.com/email/166df238831f3d/711:0:1662/verdacht@safeonweb.be/redirect HTTP 307
https://ioadserve.com/email/166df238831f3d/711:0:1662/verdacht@safeonweb.be/redirect HTTP 302
https://intof.io/cto/click.php?email=verdacht@safeonweb.be&cid=20152&pid=711&aid=1825&au=1662... HTTP 302
https://tradingwire.com/pmax/cto.php?email=verdacht@safeonweb.be HTTP 307
http://ioadserve.com/email/166df238831f3d/711:0:1662/verdacht@safeonweb.be/redirect HTTP 302
https://intof.io/cto/click.php?email=verdacht@safeonweb.be&cid=20152&pid=711&aid=1825&au=1662... HTTP 302
https://tradingwire.com/pmax/cto.php?email=verdacht@safeonweb.be HTTP 302
https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Chart.js (JavaScript Graphics) Expand

Overall confidence: 75%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

37
Requests

92 %
HTTPS

0 %
IPv6

21
Domains

24
Subdomains

19
IPs

2
Countries

1553 kB
Transfer

2487 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tradingwire.com/
Title: Trading Wire

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.mail.beehiiv.com/ss/c/u001.IE4mAnrdxucO-dUSghciKDgUyVSlJWrfTtFbTom34ZLJN9ST4YQrAXJsRIqWMLMZIaQq4SZoByBziOqBDj-r884-zXPWwnjTNjsubHIEe6kRztDcG0IouMmaRJ2mDnBF9wZkdMdCA37cc0CYRqwK_nTRfTFZhZXkKybSB95kNtvzab9f-65HIDDohQzSjbCA/4at/OxF60YX_RluMIh7ICvEaxA/h37/h001.pJ6lRmDUsrFXgjNvRePySG57jpH8SFX3wqM9NQN_-uA HTTP 302
http://dsadserve.com/711/1662/166df238831f3d/verdacht@safeonweb.be/redirect?_bhlid=471f69d582493b51b47f3b283758600cc17c79bf HTTP 307
https://dsadserve.com/711/1662/166df238831f3d/verdacht@safeonweb.be/redirect?_bhlid=471f69d582493b51b47f3b283758600cc17c79bf HTTP 302
http://ioadserve.com/email/166df238831f3d/711:0:1662/verdacht@safeonweb.be/redirect HTTP 307
https://ioadserve.com/email/166df238831f3d/711:0:1662/verdacht@safeonweb.be/redirect HTTP 302
https://intof.io/cto/click.php?email=verdacht@safeonweb.be&cid=20152&pid=711&aid=1825&au=1662&r=aHR0cHM6Ly90cmFkaW5nd2lyZS5jb20vcG1heC9jdG8ucGhwP2VtYWlsPXZlcmRhY2h0QHNhZmVvbndlYi5iZQ==&ck=9df2248fbec7e0ca6a7e0dd8c7b51efa875e124e HTTP 302
https://tradingwire.com/pmax/cto.php?email=verdacht@safeonweb.be HTTP 307
http://ioadserve.com/email/166df238831f3d/711:0:1662/verdacht@safeonweb.be/redirect HTTP 302
https://intof.io/cto/click.php?email=verdacht@safeonweb.be&cid=20152&pid=711&aid=1825&au=1662&r=aHR0cHM6Ly90cmFkaW5nd2lyZS5jb20vcG1heC9jdG8ucGhwP2VtYWlsPXZlcmRhY2h0QHNhZmVvbndlYi5iZQ==&ck=9df2248fbec7e0ca6a7e0dd8c7b51efa875e124e HTTP 302
https://tradingwire.com/pmax/cto.php?email=verdacht@safeonweb.be HTTP 302
https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://intof.io/itag HTTP 301
https://intof.io/itag/?id=itag

Request Chain 21

https://rdcdn.com/rt?aid=25875&e=1&img=1&referrer=null HTTP 302
https://rdcdn.com/ttd?label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTNhJTJmJTJmcmRjZG4uY29tJTJmcnQlM2ZhaWQlM2QyNTg3NSUyNmUlM2QxJTI2aW1nJTNkMSUyNnJlZmVycmVyJTNkbnVsbA%3D%3D HTTP 302
https://p.alocdn.com/c/jk32ih/a/xtarget/p.gif?label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTNhJTJmJTJmcmRjZG4uY29tJTJmcnQlM2ZhaWQlM2QyNTg3NSUyNmUlM2QxJTI2aW1nJTNkMSUyNnJlZmVycmVyJTNkbnVsbA== HTTP 302
https://p.alocdn.com/c/jk32ih/a/xtarget/p.gif?tdc=1&url=https%3A%2F%2Ftradingwire.com%2Fpmax%2Findex.php%3Femail%3Dverdacht%40safeonweb.be&label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTNhJTJmJTJmcmRjZG4uY29tJTJmcnQlM2ZhaWQlM2QyNTg3NSUyNmUlM2QxJTI2aW1nJTNkMSUyNnJlZmVycmVyJTNkbnVsbA== HTTP 302
https://rdcdn.com/tdm?m=&label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTNhJTJmJTJmcmRjZG4uY29tJTJmcnQlM2ZhaWQlM2QyNTg3NSUyNmUlM2QxJTI2aW1nJTNkMSUyNnJlZmVycmVyJTNkbnVsbA== HTTP 302
https://rdcdn.com/ttdp?label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTNhJTJmJTJmcmRjZG4uY29tJTJmcnQlM2ZhaWQlM2QyNTg3NSUyNmUlM2QxJTI2aW1nJTNkMSUyNnJlZmVycmVyJTNkbnVsbA%3D%3D HTTP 302
https://p.alocdn.com/c/g8dlwlwy/a/xtarget/p.gif?label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTNhJTJmJTJmcmRjZG4uY29tJTJmcnQlM2ZhaWQlM2QyNTg3NSUyNmUlM2QxJTI2aW1nJTNkMSUyNnJlZmVycmVyJTNkbnVsbA== HTTP 302
https://rdcdn.com/tdmp?label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTNhJTJmJTJmcmRjZG4uY29tJTJmcnQlM2ZhaWQlM2QyNTg3NSUyNmUlM2QxJTI2aW1nJTNkMSUyNnJlZmVycmVyJTNkbnVsbA== HTTP 302
https://rdcdn.com/tcts?label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTNhJTJmJTJmcmRjZG4uY29tJTJmcnQlM2ZhaWQlM2QyNTg3NSUyNmUlM2QxJTI2aW1nJTNkMSUyNnJlZmVycmVyJTNkbnVsbA%3D%3D HTTP 302
https://aa.trkn.us/1/e/c.gif?cid=c013&evid=2b29d913-05d3-4e66-9874-71270281d409&dmn=tradingwire.com&v1=25875&v2=912011e9c17f062d9c0d3b15bd5c3654 HTTP 302
https://aa.trkn.us/e/a.gif?gdpr=T&tt=c.gif&reload=true&z_evid=EABB6A3C34480ADACD0EA4AF9C4BC5387C0E889670D90EFEC5A6C475AA8ABEE9

Request Chain 35

https://rp.liadm.com/j?dtstmp=1729602911324&se=e30&duid=1dc6af6e30d9--01jat5vyz13g1njssp9sqj5g22&tv=v3.2.0&pu=https%3A%2F%2Ftradingwire.com%2Fpmax%2Findex.php%3Femail%3Dverdacht%40safeonweb.be&wpn=lc-bundle&wpv=v3.2.0&cd=.tradingwire.com HTTP 302
https://rp.liadm.com/j?dtstmp=1729602911324&se=e30&duid=1dc6af6e30d9--01jat5vyz13g1njssp9sqj5g22&tv=v3.2.0&pu=https%3A%2F%2Ftradingwire.com%2Fpmax%2Findex.php%3Femail%3Dverdacht%40safeonweb.be&wpn=lc-bundle&wpv=v3.2.0&cd=.tradingwire.com&n3pc=true

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.php Show response
tradingwire.com/pmax/
Redirect Chain

https://link.mail.beehiiv.com/ss/c/u001.IE4mAnrdxucO-dUSghciKDgUyVSlJWrfTtFbTom34ZLJN9ST4YQrAXJsRIqWMLMZIaQq4SZoByBziOqBDj-r884-zXPWwnjTNjsubHIEe6kRztDcG0IouMmaRJ2mDnBF9wZkdMdCA37cc0CYRqwK_nTRfTFZh...
http://dsadserve.com/711/1662/166df238831f3d/verdacht@safeonweb.be/redirect?_bhlid=471f69d582493b51b47f3b283758600cc17c79bf
https://dsadserve.com/711/1662/166df238831f3d/verdacht@safeonweb.be/redirect?_bhlid=471f69d582493b51b47f3b283758600cc17c79bf
http://ioadserve.com/email/166df238831f3d/711:0:1662/verdacht@safeonweb.be/redirect
https://ioadserve.com/email/166df238831f3d/711:0:1662/verdacht@safeonweb.be/redirect
https://intof.io/cto/click.php?email=verdacht@safeonweb.be&cid=20152&pid=711&aid=1825&au=1662&r=aHR0cHM6Ly90cmFkaW5nd2lyZS5jb20vcG1heC9jdG8ucGhwP2VtYWlsPXZlcmRhY2h0QHNhZmVvbndlYi5iZQ==&ck=9df2248fb...
https://tradingwire.com/pmax/cto.php?email=verdacht@safeonweb.be
http://ioadserve.com/email/166df238831f3d/711:0:1662/verdacht@safeonweb.be/redirect
https://intof.io/cto/click.php?email=verdacht@safeonweb.be&cid=20152&pid=711&aid=1825&au=1662&r=aHR0cHM6Ly90cmFkaW5nd2lyZS5jb20vcG1heC9jdG8ucGhwP2VtYWlsPXZlcmRhY2h0QHNhZmVvbndlYi5iZQ==&ck=9df2248fb...
https://tradingwire.com/pmax/cto.php?email=verdacht@safeonweb.be
https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

33 KB
9 KB

262ms
260ms

Document
text/html

172.67.212.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.212.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 6525453e01a8d5b1e92f543893b9bc09162ef11bce03a7891342746aa1a0ac67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d69c119aae5ab8d-YYZ
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 22 Oct 2024 13:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2B1lIJyKrkTyogeD575QYM%2B1eKTkMhQane2VxIN9azwt5OKAluZy%2Fe1vSuPKXJ55ZBJs%2FlQFgRM3bvKPlDo0QmCnz5jYHctNNUOQ98VNpfMHEJSKTczC0NG1YqVB9kpz%2B5o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=21828&sent=11&recv=16&lost=0&retrans=0&sent_bytes=4683&recv_bytes=2497&delivery_rate=216198&cwnd=256&unsent_bytes=0&cid=b7146a16f7f54224&ts=8292&x=0"
x-powered-by: PHP/7.3.33

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d69c115dfabab8d-YYZ
content-type: text/html; charset=UTF-8
date: Tue, 22 Oct 2024 13:15:07 GMT
location: /pmax/index.php?email=verdacht@safeonweb.be
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Faboj8TWZT5hQhyAAw%2BgaTa70scYcn%2BPZwHOZlr1ure0o2TTuL2J%2Fu%2FWw2c4Ya3AHOwbYPzOYVp37DfOIHyv96%2F9lOMWxfb2NSBsGWeXiEErbBjatPUKok5clwACCyHqwxE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=22909&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4021&recv_bytes=2413&delivery_rate=216198&cwnd=254&unsent_bytes=0&cid=b7146a16f7f54224&ts=8021&x=0"
x-powered-by: PHP/7.3.33

GET
H3 200 3765.js Show response
websitevisitorleads.com/px/ 2 KB
2 KB 421ms
362ms Script
application/x-javascript 172.67.202.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://websitevisitorleads.com/px/3765.js
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.202.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ce7f75cc3ac841d2ecd536ede7b73bb412b325e32a9389cd98efded061c06d0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

content-encoding: gzip
cf-cache-status: BYPASS
etag: "8b89aedfb615db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=atMVg2xvWMHujDJBf6lN%2FXBjgqd4O%2ByyiLdaCrka%2BLDBy81oS9fEDo5zoUd946i3clLW1ICERRRt4aORgpSZwrYTLQlo%2B8Gxu0%2BG2ajYflrSloY4zuUNlED%2Bn2fQAOaAzXc6EmMP%2FfBF1g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22192&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4196&recv_bytes=4371&delivery_rate=463&cwnd=12000&unsent_bytes=0&cid=cfc808b949e2e641&ts=378&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 13:15:07 GMT
content-type: application/x-javascript
last-modified: Thu, 03 Oct 2024 17:08:31 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d69c11c2af6ab4c-YYZ
accept-ranges: bytes
content-length: 1319
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/ 79 KB
23 KB 1093ms
19ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"13b51-3cbp6tbRaukjc5nOQejBYgzFnDY"
age: 2903537
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 22 Oct 2024 13:15:08 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230062-FRA, cache-yyz4534-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22790
x-jsd-version: 5.3.3

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
97 KB 129ms
56ms Script
application/javascript 142.250.81.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1017543105

Requested by

Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

faecbe6b97953b65bcb6782b9685669ec99342416b50ab2ec2354ebef9e43d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 22 Oct 2024 13:15:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:15:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 22 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98428
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1

200
OK

/ Show response
intof.io/itag/
Redirect Chain

https://intof.io/itag
https://intof.io/itag/?id=itag

6 KB
6 KB

40ms
40ms

Script
application/javascript

54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://intof.io/itag/?id=itag
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: fa1cb237372d86c71a568f5fcd882d5470963e32ea235917147143fc0d7f5317

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Connection: Keep-Alive
Content-Length: 5643
Keep-Alive: timeout=5, max=99
Date: Tue, 22 Oct 2024 13:08:43 GMT
Content-Type: application/javascript
X-Powered-By: PHP/7.0.25
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25

Redirect headers

Location: https://intof.io/itag/?id=itag
Content-Length: 238
Keep-Alive: timeout=5, max=100
Date: Tue, 22 Oct 2024 13:08:43 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25
Connection: Keep-Alive

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 1164ms
57ms Stylesheet
text/css 142.250.80.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;700;900&display=swap

Requested by

Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.74 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f10.1e100.net

Software

ESF /

Resource Hash

183786a3e3ee09de64ffe04747ea65553326b3ef8285a66e296537e1f060e78d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 13:15:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:15:08 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 13:15:08 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 1139ms
33ms Script
text/javascript 142.250.81.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.234 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f10.1e100.net

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

content-encoding: gzip
age: 319281
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sat, 18 Oct 2025 20:33:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 20:33:47 GMT
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30774
x-xss-protection: 0
server: sffe

GET
H3 200 chart.js Show response
tradingwire.com/script/ 195 KB
69 KB 202ms
199ms Script
application/javascript 172.67.212.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tradingwire.com/script/chart.js
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be6d6f33248b053056b1eb4c98cbbadc08596859566990db0b0fed36592a6a7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"30b87-5f6c9bbb19eae"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vdCcTa8MgxabhM%2B2xdw04w%2BghzqYahXOpw6nRIhX1jQRm1ANaSjt%2BPfpmgY7LnapPZoB0%2F%2BmRVgA9K%2BVRcEkx1BOGumuvU%2F38CtfVACjujCmgZ1rSoOvFZ%2FBT3H3odFzHrs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d69c11c0c1baaf7-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19867&sent=16&recv=11&lost=0&retrans=2&sent_bytes=5954&recv_bytes=5175&delivery_rate=8566&cwnd=12000&unsent_bytes=0&cid=36f8b3e90535a3b4&ts=525&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 13:15:07 GMT
content-type: application/javascript
last-modified: Mon, 13 Mar 2023 15:26:21 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 200 menu.png
tradingwire.com/img/ 461 B
1 KB 141ms
138ms Image
image/png 172.67.212.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradingwire.com/img/menu.png
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8683a7fd7aa72a24d3fbcdaa244abf212d1f69410759ec6bba6a6e4dafca5563

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Response headers

cf-cache-status: MISS
etag: "1cd-5f6c9c248be16"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=byAGZHndIQfV3OqVQARiOhxtGMFW9dGObWGYZA4yfE0l1PXlwtfsdsvSFHPfNtLkOfu0j3Xr%2BSEAwispu%2BjtPmPFQHfUoJq7d2uJx6QYh49ymmbOeVYNJg8Bq1IdaPCY2SA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19757&sent=14&recv=10&lost=0&retrans=2&sent_bytes=4760&recv_bytes=4753&delivery_rate=11223&cwnd=12000&unsent_bytes=0&cid=36f8b3e90535a3b4&ts=464&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 13:15:07 GMT
content-type: image/png
last-modified: Mon, 13 Mar 2023 15:28:11 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d69c11bdbf3aaf7-YYZ
accept-ranges: bytes
content-length: 461
server: cloudflare

GET
H2 403 23fd6ce197.js
kit.fontawesome.com/ 0
0 1144ms
69ms Script
text/plain 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/23fd6ce197.js
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

access-control-max-age: 3000
x-request-id: GADIrnlfn8Md0rt44ddh
cache-control: max-age=0, private, must-revalidate
cf-cache-status: MISS
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d69c1228fdb5413-YYZ
access-control-allow-origin: *
content-length: 9
date: Tue, 22 Oct 2024 13:15:08 GMT
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H3 200 happy-young-man-standing-isolated-using-mobile-phone.png
tradingwire.com/signup/img/ 290 KB
291 KB 254ms
254ms Image
image/png 172.67.212.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradingwire.com/signup/img/happy-young-man-standing-isolated-using-mobile-phone.png
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9f8c1a17dbb0d6381323e3aff06027cc80ab738912614edff27dd57ea570e29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Response headers

cf-cache-status: MISS
etag: "4882f-11c75f9898000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6qFFiQZdfBw9BHgSTZVY0RZ0Iue7LFlcAiGoOKHKJ9qgjkBP%2FkqV%2BVjaURkm7aUXkBV2mz8KkKW1kc6wyHaXmFpTenE%2Bk5cHNVh7XIoezRSiIFhttQM1LbKL3QT%2BXizJ30c%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19969&sent=80&recv=42&lost=0&retrans=2&sent_bytes=78301&recv_bytes=6519&delivery_rate=590743&cwnd=45600&unsent_bytes=0&cid=36f8b3e90535a3b4&ts=722&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 13:15:07 GMT
content-type: image/png
last-modified: Fri, 30 Nov 1979 00:00:00 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d69c11cbcc6aaf7-YYZ
accept-ranges: bytes
content-length: 297007
server: cloudflare

GET
H3 200 logo-dow-jones.png
tradingwire.com/signup/img/ 4 KB
5 KB 130ms
129ms Image
image/png 172.67.212.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradingwire.com/signup/img/logo-dow-jones.png
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b482626106338d9d68f538bb7070ca629b5f1eb5222a7ebec2efceb1f6ac6874

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Response headers

cf-cache-status: MISS
etag: "1075-11c75f9898000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cYWpJ9fFBA369lmB00o6YlOAdL%2FKPSL%2FycOeeqfcr0CDAr3MLK614mLzeqDlNDOhJfsj91gWBsrBLDjlgFjhGvkCK5tBLDgFkOe2K1xZsDUK4Bb%2BpD8H1%2BjG973BM9dR%2FZE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19924&sent=339&recv=81&lost=0&retrans=2&sent_bytes=382732&recv_bytes=8613&delivery_rate=7187537&cwnd=160800&unsent_bytes=0&cid=36f8b3e90535a3b4&ts=944&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 13:15:08 GMT
content-type: image/png
last-modified: Fri, 30 Nov 1979 00:00:00 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d69c11eee7aaaf7-YYZ
accept-ranges: bytes
content-length: 4213
server: cloudflare

GET
H3 200 logo-cnn-money.png
tradingwire.com/signup/img/ 4 KB
5 KB 125ms
124ms Image
image/png 172.67.212.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradingwire.com/signup/img/logo-cnn-money.png
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c36be9cdb908e3f84d2904b480e4fd3217e0d6e8a9ca12d0f940c7a9613117b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Response headers

cf-cache-status: MISS
etag: "fdd-11c75f9898000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gaaQCPhYD6PS8JwIBbQTlb4UoiEUkOKlPAKLAPhunP%2FEivuoIbLZtB%2F0CJigb%2BK0jUuONPKxFxmofhCLGihCGUXmiyHC3Xalz7n9s%2FkXhT%2BU1VrsidUEGed4gkajOZ3JA0I%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19760&sent=345&recv=82&lost=0&retrans=2&sent_bytes=387747&recv_bytes=9009&delivery_rate=39061&cwnd=160800&unsent_bytes=0&cid=36f8b3e90535a3b4&ts=1071&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 13:15:08 GMT
content-type: image/png
last-modified: Fri, 30 Nov 1979 00:00:00 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d69c11fbf0caaf7-YYZ
accept-ranges: bytes
content-length: 4061
server: cloudflare

GET
H3 200 logo-nasdaq.png
tradingwire.com/signup/img/ 3 KB
4 KB 136ms
136ms Image
image/png 172.67.212.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradingwire.com/signup/img/logo-nasdaq.png
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45bbe60e3cc7a300f700c4911d26e5b4bac78e4faa52391275c8ce6d132e3343

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Response headers

cf-cache-status: MISS
etag: "c45-11c75f9898000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D6pGqF8dK7vLFWSOLxJF%2FKGtdghT0EpwJ8grlBiEci7bE4nizX%2FxUyUemLMOO%2FtMMUh6YMXjufifjheAUsS43tb8qwtTosSY1fkOoGrUM8LkFAMmWKsM%2BAd%2BCjiBJpZdSDI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19682&sent=351&recv=83&lost=0&retrans=2&sent_bytes=392610&recv_bytes=9403&delivery_rate=38357&cwnd=160800&unsent_bytes=0&cid=36f8b3e90535a3b4&ts=1209&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 13:15:08 GMT
content-type: image/png
last-modified: Fri, 30 Nov 1979 00:00:00 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d69c1208fb0aaf7-YYZ
accept-ranges: bytes
content-length: 3141
server: cloudflare

GET
H3 200 logo-inc.png
tradingwire.com/signup/img/ 2 KB
2 KB 142ms
140ms Image
image/png 172.67.212.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradingwire.com/signup/img/logo-inc.png
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f90911c5aa8aa5950c61a09f32c6fc2e99092ec2253be367612e35a1b0b03ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Response headers

cf-cache-status: MISS
etag: "762-11c75f9898000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C6pFbNQK8TAWz%2FboQiOkqu5yxd0w%2BcicCen7C32mbOZGFobbQ82ozqmBtWXNqvYYreJWqtrQjGHaF%2F3i5oOQwsYVF%2FQm7viXpg8pMUTLH1RXfeHdiIDeSMJhBdQBsCl5z6U%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20001&sent=362&recv=91&lost=0&retrans=2&sent_bytes=400014&recv_bytes=11763&delivery_rate=47714&cwnd=160800&unsent_bytes=0&cid=36f8b3e90535a3b4&ts=1658&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 13:15:08 GMT
content-type: image/png
last-modified: Fri, 30 Nov 1979 00:00:00 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d69c1234a49aaf7-YYZ
accept-ranges: bytes
content-length: 1890
server: cloudflare

GET
H3 200 logo-twsj.png
tradingwire.com/signup/img/ 3 KB
4 KB 135ms
134ms Image
image/png 172.67.212.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradingwire.com/signup/img/logo-twsj.png
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abfe5f8faa1c78bc0d41bc9088a39a125c1fa41945d40e7117bdad61b9227ac9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Response headers

cf-cache-status: MISS
etag: "c4e-11c75f9898000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=asunQWI9FwbpNqbABKzJamXKTHLEU%2Fl0bdCSCK%2FNsfYSkJ949ZgZUpAF5%2B3MjvCJeUiBC%2FLG5YLneXDULeReZNfNRHIJTVvLqHsspQuayUjP6sZ7uLT%2B8ELm5MWbFYo1%2FSE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20001&sent=365&recv=91&lost=0&retrans=2&sent_bytes=402632&recv_bytes=11763&delivery_rate=47714&cwnd=160800&unsent_bytes=0&cid=36f8b3e90535a3b4&ts=1668&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 13:15:08 GMT
content-type: image/png
last-modified: Fri, 30 Nov 1979 00:00:00 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d69c1236a56aaf7-YYZ
accept-ranges: bytes
content-length: 3150
server: cloudflare

GET
H3 200 logo-google-finance.png
tradingwire.com/signup/img/ 5 KB
6 KB 1150ms
1148ms Image
image/png 172.67.212.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradingwire.com/signup/img/logo-google-finance.png
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34d7195aa930b24307a4b027fc6d55ade04ccb225d6c0f9da3874336129895be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Response headers

cf-cache-status: MISS
etag: "137d-11c75f9898000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kr%2Fmfc1R0GB4e8l3CzPtR3VntWmV%2FryeM9bM62f4vuZ6n2p2y3VaYcoMLRmT%2B31V9dnsWL7PmqeW7WgHUh28UAujuKaS8yzvgqoMBLtzpwRGOvjiEZv9zvUZDYPSrXruev8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19577&sent=555&recv=112&lost=0&retrans=2&sent_bytes=623878&recv_bytes=12709&delivery_rate=4053865&cwnd=211200&unsent_bytes=0&cid=36f8b3e90535a3b4&ts=2682&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 13:15:09 GMT
content-type: image/png
last-modified: Fri, 30 Nov 1979 00:00:00 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d69c1236a57aaf7-YYZ
accept-ranges: bytes
content-length: 4989
server: cloudflare

GET
H3 200 logo-forbes.png
tradingwire.com/signup/img/ 3 KB
3 KB 55ms
53ms Image
image/png 172.67.212.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradingwire.com/signup/img/logo-forbes.png
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72c54b02042da9441d0acd833a8f2441f437810efa84c54424a4f15f67b6a142

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Response headers

cf-cache-status: MISS
etag: "a7d-11c75f9898000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kZf%2BLBPiycB0nYqjAPerMqzI5l6WOdUblserJwGDrx58Un9bRxtadACVMjrkC9DbS5l6RrfEydM4SBeH2%2Bm7aSPjtbckw0noz9IQlxMBYZ9zIoBfu003ZJDNciN55HMKc4M%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20114&sent=359&recv=90&lost=0&retrans=2&sent_bytes=396603&recv_bytes=11718&delivery_rate=28160&cwnd=160800&unsent_bytes=0&cid=36f8b3e90535a3b4&ts=1587&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 13:15:08 GMT
content-type: image/png
last-modified: Fri, 30 Nov 1979 00:00:00 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d69c1236a58aaf7-YYZ
accept-ranges: bytes
content-length: 2685
server: cloudflare

GET
H3 200 logo-yahoo-finance.png
tradingwire.com/signup/img/ 8 KB
8 KB 136ms
134ms Image
image/png 172.67.212.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradingwire.com/signup/img/logo-yahoo-finance.png
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce310732b8886b740f46a29e3b9544ac55d28810a1e7b40f9cf231c6f31777ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Response headers

cf-cache-status: REVALIDATED
etag: "1e7b-11c75f9898000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nBQfCLU9TDD6uiPJAhSWKS3fFgeDQ3kFJ7TnN%2BkSCBAMbPU%2Bv8M%2FN0OPfLB47keTKv90zEvdwXaqxgtvscopBgxsMBM8d8vLMuuTByguwMrv4TH52zd1qbOQk49FNMrNbtQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20001&sent=369&recv=91&lost=0&retrans=2&sent_bytes=406540&recv_bytes=11763&delivery_rate=47714&cwnd=160800&unsent_bytes=0&cid=36f8b3e90535a3b4&ts=1668&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 13:15:08 GMT
content-type: image/png
last-modified: Fri, 30 Nov 1979 00:00:00 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d69c1236a59aaf7-YYZ
accept-ranges: bytes
content-length: 7803
server: cloudflare

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/ 227 KB
27 KB 69ms
20ms Stylesheet
text/css 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css

Requested by

Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://tradingwire.com
Referer: https://tradingwire.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"38d63-xawd7pYctZoEUlbsID9p4xeHL3w"
age: 3757968
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 22 Oct 2024 13:15:08 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230118-FRA, cache-yyz4572-YYZ
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27432
x-jsd-version: 5.3.3

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 1108ms
30ms Script
application/javascript 104.21.47.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=XirADazAkOX9lmGuHK79PFmWIcR2
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.47.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

cf-cache-status: HIT
etag: "0426397a9b31146729ac86c5be8595d3"
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
age: 14504976
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=heavcnzCo3JGORgPLs%2F0ri9OTe1AFE2u0JYUlY%2FAqev9bHfgrespFeSGgQKxoZhzx%2Ff9O5LclB3nVkOZrU7Wx2C1RdmpjU8TM3zECTvnKtqNLR3h3PUCTAzs4uPqxnqEoEC7"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=18152&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3980&recv_bytes=2193&delivery_rate=214576&cwnd=212&unsent_bytes=0&cid=bca8c9200e81f56e&ts=36&x=0"
date: Tue, 22 Oct 2024 13:15:09 GMT
content-type: application/javascript
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
vary: Accept-Encoding
x-amz-id-2: DRFGzJzTIiHkhGp6+YV/7kQKmtVImvCw7iz+YJTe6ZX9pzk1hvT572WW3HiXLEFoP6ghj8VL3EI=
cache-control: public, max-age=315360000, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M3S6WS80RZ1WTJZR
cf-ray: 8d69c12a190cac03-YYZ
accept-ranges: bytes
content-length: 497733
server: cloudflare

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/jsstore/a/ZRKH4W9/ 88 KB
88 KB 1722ms
506ms Script
application/javascript 52.218.233.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/jsstore/a/ZRKH4W9/ge.js
Requested by: Host: websitevisitorleads.com
URL: https://websitevisitorleads.com/px/3765.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.233.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5bcf7a6715800a44e424ddcc5561a0a47ee076cd6451ee994fa23750c4945a86

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

x-amz-id-2: YRDmtlFAu/87aRsB/vC3SObRoTQloTGfVgHcoHYFgmyYmPsyAZ2f7FYMZtm9YIZL+3bwXwPt+fM=
Cache-Control: max-age=2592000
ETag: "f824782fbf07411cdba9134c9023dabd"
x-amz-request-id: X71H731811VE1JVS
Expires: Wed, 20 Nov 2024 18:04:09 GMT
Accept-Ranges: bytes
Content-Length: 89787
Date: Tue, 22 Oct 2024 13:15:11 GMT
Last-Modified: Mon, 21 Oct 2024 18:04:11 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1

204
No Content

a.gif
aa.trkn.us/e/
Redirect Chain

https://rdcdn.com/rt?aid=25875&e=1&img=1&referrer=null
https://rdcdn.com/ttd?label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTNhJTJmJTJmcmRjZG4uY29tJTJmc...
https://p.alocdn.com/c/jk32ih/a/xtarget/p.gif?label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTNhJ...
https://p.alocdn.com/c/jk32ih/a/xtarget/p.gif?tdc=1&url=https%3A%2F%2Ftradingwire.com%2Fpmax%2Findex.php%3Femail%3Dverdacht%40safeonweb.be&label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJl...
https://rdcdn.com/tdm?m=&label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTNhJTJmJTJmcmRjZG4uY29tJT...
https://rdcdn.com/ttdp?label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTNhJTJmJTJmcmRjZG4uY29tJTJm...
https://p.alocdn.com/c/g8dlwlwy/a/xtarget/p.gif?label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTN...
https://rdcdn.com/tdmp?label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTNhJTJmJTJmcmRjZG4uY29tJTJm...
https://rdcdn.com/tcts?label=YWlkPTI1ODc1JnJlZj1odHRwcyUzYSUyZiUyZnRyYWRpbmd3aXJlLmNvbSUyZnBtYXglMmZpbmRleC5waHAlM2ZlbWFpbCUzZHZlcmRhY2h0JTQwc2FmZW9ud2ViLmJlJmltZz1odHRwJTNhJTJmJTJmcmRjZG4uY29tJTJm...
https://aa.trkn.us/1/e/c.gif?cid=c013&evid=2b29d913-05d3-4e66-9874-71270281d409&dmn=tradingwire.com&v1=25875&v2=912011e9c17f062d9c0d3b15bd5c3654
https://aa.trkn.us/e/a.gif?gdpr=T&tt=c.gif&reload=true&z_evid=EABB6A3C34480ADACD0EA4AF9C4BC5387C0E889670D90EFEC5A6C475AA8ABEE9

0
192 B

37ms
37ms

Image
text/plain

23.33.42.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.trkn.us/e/a.gif?gdpr=T&tt=c.gif&reload=true&z_evid=EABB6A3C34480ADACD0EA4AF9C4BC5387C0E889670D90EFEC5A6C475AA8ABEE9
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Server: 23.33.42.81 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-33-42-81.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Response headers

Expires: Tue, 22 Oct 2024 13:15:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 22 Oct 2024 13:15:10 GMT
Connection: keep-alive

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Location: /e/a.gif?gdpr=T&tt=c.gif&reload=true&z_evid=EABB6A3C34480ADACD0EA4AF9C4BC5387C0E889670D90EFEC5A6C475AA8ABEE9
Pragma: no-cache
Connection: keep-alive
Expires: Tue, 22 Oct 2024 13:15:10 GMT
Content-Length: 0
Date: Tue, 22 Oct 2024 13:15:10 GMT
Content-Type: text/html
Edge-Log-Oth: 0!bei!c013!null!aa.trkn.us!%2f1%2fe%2fc.gif!1729602910!CA!149.88.16.228!Mozilla%2f5.0%20(X11%3b%20Linux%20x86_64)%20AppleWebKit%2f537.36%20(KHTML%2c%20like%20Gecko)%20Chrome%2f129.0.0.0%20Safari%2f537.36!image%2favif%2cimage%2fwebp%2cimage%2fapng%2cimage%2fsvg+xml%2cimage%2f*%2c*%2f*%3bq%3d0.8!en-CA%2cen%3bq%3d0.9!gzip%2c%20deflate%2c%20br%2c%20zstd!ON!43.67!-79.42!!!EST!!!TORONTO!!!vhigh!,z_evid=EABB6A3C34480ADACD0EA4AF9C4BC5387C0E889670D90EFEC5A6C475AA8ABEE9,ip=149.88.16.228,tls_version=tls1.3,cipher=TLS_AES_256_GCM_SHA384,newuu=1,ck_barometric[cuid]=FyEqUWcXpV4s0taJAC0EAg

GET
H/1.1 200
OK /
intof.io/iocmap/ 43 B
411 B 41ms
40ms Image
image/gif 54.156.254.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intof.io/iocmap/?iocid=null&iocmap=null
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.254.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-254-128.compute-1.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25 / PHP/7.0.25
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Connection: Keep-Alive
Content-Length: 43
Keep-Alive: timeout=5, max=98
Date: Tue, 22 Oct 2024 13:08:44 GMT
Content-Type: image/gif
X-Powered-By: PHP/7.0.25
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.25

GET
H3 200 signupbg.jpeg
tradingwire.com/assets/ 199 KB
199 KB 138ms
137ms Image
image/jpeg 172.67.212.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tradingwire.com/assets/signupbg.jpeg
Requested by: Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4f81a03ea8ec32821c0a072c567d980a9f116404997a06adf3ce8fa46d472b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Response headers

cf-cache-status: REVALIDATED
etag: "31a6d-5f6f76339999d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D7M9yheFiRYm3hxV6vcT5j93VCTIjjysDN3EH6IkuuYvIgppKWx2IV5xs503p%2BPjX4YJcDwFghzTTdVsF7Ieq7yQEZt4TwHfkqcbye6xCZ8mmMUbNDSzOKiUfTE8x%2BkZbEc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20001&sent=377&recv=91&lost=0&retrans=2&sent_bytes=415198&recv_bytes=11763&delivery_rate=47714&cwnd=160800&unsent_bytes=0&cid=36f8b3e90535a3b4&ts=1681&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 13:15:08 GMT
content-type: image/jpeg
last-modified: Wed, 15 Mar 2023 21:54:25 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d69c1237a67aaf7-YYZ
accept-ranges: bytes
content-length: 203373
server: cloudflare

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 82ms
38ms Font
font/woff2 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://tradingwire.com
Referer: https://fonts.googleapis.com/

Response headers

age: 450403
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 08:08:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 08:08:25 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1017543105/ 5 KB
2 KB 130ms
64ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1017543105/?random=1729602908910&cv=11&fst=1729602908910&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9104736700za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Ftradingwire.com%2Fpmax%2Findex.php%3Femail%3Dverdacht%40safeonweb.be&hn=www.googleadservices.com&frm=0&tiba=TradingWire.com&npa=0&pscdl=noapi&auid=395632571.1729602909&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1017543105

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

f8594db1a0e2a3af34b9ee811d67b858a1b268632416fd3d96ac9d67053db425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2344
date: Tue, 22 Oct 2024 13:15:09 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 1017543105
td.doubleclick.net/td/rul/ Frame 4C86 0
0 150ms
72ms Document
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/1017543105?random=1729602908910&cv=11&fst=1729602908910&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9104736700za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Ftradingwire.com%2Fpmax%2Findex.php%3Femail%3Dverdacht%40safeonweb.be&hn=www.googleadservices.com&frm=0&tiba=TradingWire.com&npa=0&pscdl=noapi&auid=395632571.1729602909&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1017543105

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tradingwire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Oct 2024 13:15:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 311 KB
104 KB 71ms
70ms Script
application/javascript 142.250.81.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W8HR800Z40&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1017543105

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b26f1ad3b9136798e6e506315629d2177c5c365df58e6902cdb09e5fba2e0914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 22 Oct 2024 13:15:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:15:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106183
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 3EC7 0
0 1144ms
45ms Document
text/html 142.250.81.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Ftradingwire.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1017543105

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.232 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f8.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Oct 2024 13:15:10 GMT
expires: Wed, 22 Oct 2025 13:15:10 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 140ms
54ms Fetch
text/plain 142.251.32.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W8HR800Z40&gtm=45je4ah0v9105752520za200zb9104736700&_p=1729602908580&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101823848~101836706&cid=1846517888.1729602909&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729602909&sct=1&seg=0&dl=https%3A%2F%2Ftradingwire.com%2Fpmax%2Findex.php%3Femail%3Dverdacht%40safeonweb.be&dt=TradingWire.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=16473
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W8HR800Z40&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.32.110 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s77-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://tradingwire.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:15:09 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 /
www.google.com/pagead/1p-user-list/1017543105/ 42 B
64 B 124ms
50ms Image
image/gif 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1017543105/?random=1729602908910&cv=11&fst=1729602000000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9104736700za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Ftradingwire.com%2Fpmax%2Findex.php%3Femail%3Dverdacht%40safeonweb.be&hn=www.googleadservices.com&frm=0&tiba=TradingWire.com&npa=0&pscdl=noapi&auid=395632571.1729602909&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfg-ss6zFmk9ZyvGwNNcXsWeTcQCjq1Q&random=3465315560&rmt_tld=0&ipr=y

Requested by

Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 22 Oct 2024 13:15:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/1017543105/ 42 B
64 B 105ms
56ms Image
image/gif 142.250.64.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1017543105/?random=1729602908910&cv=11&fst=1729602000000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9104736700za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2Ftradingwire.com%2Fpmax%2Findex.php%3Femail%3Dverdacht%40safeonweb.be&hn=www.googleadservices.com&frm=0&tiba=TradingWire.com&npa=0&pscdl=noapi&auid=395632571.1729602909&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfg-ss6zFmk9ZyvGwNNcXsWeTcQCjq1Q&random=3465315560&rmt_tld=1&ipr=y

Requested by

Host: tradingwire.com
URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 22 Oct 2024 13:15:09 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 index.html
cdn.useproof.com/proxy/ Frame CA12 0
0 173ms
108ms Document
text/html 104.21.47.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=XirADazAkOX9lmGuHK79PFmWIcR2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.47.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://tradingwire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 8d69c12b8c3bab16-YYZ
content-length: 325
content-type: text/html
date: Tue, 22 Oct 2024 13:15:10 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UonfR%2Fc%2BuM%2BOdXHnqxW%2FELXX5awhGJsQQhIH3dQdWDk4T%2FSjqqHTX6SWS799aqerzA6zH0a9I46WXiEQKw3b%2B6dLvL8yJSOg2NUVCd2sEZXYosuHrkC%2BdVuO8JdQiQ7tf8K1"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=18150&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3928&recv_bytes=2310&delivery_rate=215537&cwnd=254&unsent_bytes=0&cid=de14cd4688282fa1&ts=113&x=0"
x-amz-id-2: VtY+3WTcXctCzM568ddwhcKyBjjn7oMH99CGrqffO+0L8x0dEZgrkM0BDEZInne5C+DyFBTwxPc=
x-amz-request-id: X71SJ5AFYYY5CQGG
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

GET
H2 200 lc2.js Show response
b-code.liadm.com/ 130 KB
44 KB 371ms
37ms Script
application/javascript 108.139.47.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/lc2.js
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/jsstore/a/ZRKH4W9/ge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-92.jfk50.r.cloudfront.net
Software: /
Resource Hash: 45ff887a3441145243854b5fe6f917100fb5ffe1e35d14a533c4685817e78510

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

cache-control: public,max-age=86400
content-encoding: gzip
age: 70648
via: 1.1 db615220fdf1b471c82cd306c2f4717a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: -mxQR4h7KDEsAmAoV5sqJkdWPUSvKsHrdG-P_wpOXhDM8HTUFH0nAA==
date: Mon, 21 Oct 2024 17:37:43 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-cf-pop: JFK50-P1

GET
H3 200 favicon-32x32.png
tradingwire.com/ 508 B
1 KB 132ms
131ms Other
image/png 172.67.212.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tradingwire.com/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b5214401c61db636561354dcb7659b7587f598bd2e5febdb65f7da8d4fdc441

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be

Response headers

cf-cache-status: MISS
etag: "1fc-5f6e75c2d396b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P3b1uoLsgY0Gi7fuyIgLPHm8RiXiQ5f5ZnhHXAisssWPN44qIpZsx5D%2BdKDX2SNygRpHtZtYpHh%2FBVkKjFTC2uTyjMmn3q9OeZjpDio5aks7BXlgInE0fZsUcerLOJlKt0c%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19522&sent=561&recv=114&lost=0&retrans=2&sent_bytes=629669&recv_bytes=13316&delivery_rate=243836&cwnd=211200&unsent_bytes=0&cid=36f8b3e90535a3b4&ts=4188&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 13:15:11 GMT
content-type: image/png
last-modified: Wed, 15 Mar 2023 02:47:07 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d69c1332936aaf7-YYZ
accept-ranges: bytes
content-length: 508
server: cloudflare

GET
H2

200

j Show response
rp.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1729602911324&se=e30&duid=1dc6af6e30d9--01jat5vyz13g1njssp9sqj5g22&tv=v3.2.0&pu=https%3A%2F%2Ftradingwire.com%2Fpmax%2Findex.php%3Femail%3Dverdacht%40safeonweb.be&wpn=...
https://rp.liadm.com/j?dtstmp=1729602911324&se=e30&duid=1dc6af6e30d9--01jat5vyz13g1njssp9sqj5g22&tv=v3.2.0&pu=https%3A%2F%2Ftradingwire.com%2Fpmax%2Findex.php%3Femail%3Dverdacht%40safeonweb.be&wpn=...

13 B
360 B

42ms
41ms

XHR
application/json

54.210.234.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp.liadm.com/j?dtstmp=1729602911324&se=e30&duid=1dc6af6e30d9--01jat5vyz13g1njssp9sqj5g22&tv=v3.2.0&pu=https%3A%2F%2Ftradingwire.com%2Fpmax%2Findex.php%3Femail%3Dverdacht%40safeonweb.be&wpn=lc-bundle&wpv=v3.2.0&cd=.tradingwire.com&n3pc=true
Protocol: H2
Server: 54.210.234.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-234-94.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tradingwire.com/

Response headers

x-pixel-event-id: 1e613f3d-bbf4-43e6-b417-169ca606f4c1
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://tradingwire.com
content-length: 13
date: Tue, 22 Oct 2024 13:15:11 GMT
content-type: application/json

Redirect headers

access-control-allow-origin: https://tradingwire.com
location: /j?dtstmp=1729602911324&se=e30&duid=1dc6af6e30d9--01jat5vyz13g1njssp9sqj5g22&tv=v3.2.0&pu=https%3A%2F%2Ftradingwire.com%2Fpmax%2Findex.php%3Femail%3Dverdacht%40safeonweb.be&wpn=lc-bundle&wpv=v3.2.0&cd=.tradingwire.com&n3pc=true
content-length: 0
access-control-expose-headers: *
date: Tue, 22 Oct 2024 13:15:11 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 10:02:42	Name: lidid Value: 340d3722-c03e-4d34-bc6b-2d6c94cc7ab0
.beehiiv.com/	1970-01-21 00:26:44	Name: __cf_bm Value: EhOaZvN5Lv2LpYxj11hMJPPduzAcgl8X3B1fJ9cap7Q-1729602895-1.0.1.1-v_TUUsOUyCZeFQaGyR3.U_m7k2akgOCJU6ifEvxLfZ3ZkEnuFPpVv1xxu1JoxO2ju8tvBfZfj2uVqgPoiNgw4w
.ioadserve.com/	1970-01-21 00:28:09	Name: e87636cb66b0a9f6aa2c9758d0594f39047cac01 Value: %257B%252220241022%2522%253A%255Bnull%255D%257D
.websitevisitorleads.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: d213d50cebc66552156a6e43c878e18897a6d8a42ddfe9cf6fe33b940872ab2d
.tradingwire.com/	1970-01-21 02:36:18	Name: _gcl_au Value: 1.1.395632571.1729602909
.doubleclick.net/	1970-01-21 00:26:43	Name: test_cookie Value: CheckForPermission
.tradingwire.com/	1970-01-21 10:02:42	Name: _ga_W8HR800Z40 Value: GS1.1.1729602909.1.0.1729602909.0.0.0
.tradingwire.com/	1970-01-21 10:02:42	Name: _ga Value: GA1.1.1846517888.1729602909
.alocdn.com/	1970-01-21 09:12:18	Name: uuid Value: d2a9319d-7444-4891-bf1e-3123fd42496c
.trkn.us/	1970-01-21 10:02:42	Name: barometric[cuid] Value: FyEqUWcXpV4s0taJAC0EAg
.tradingwire.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .tradingwire.com
.tradingwire.com/	1970-01-21 10:02:42	Name: _lc2_fpi Value: 1dc6af6e30d9--01jat5vyz13g1njssp9sqj5g22
tradingwire.com/	1970-01-21 04:45:54	Name: _geuid Value: 0e19b02b-e197-48df-9953-0a6920e01a20
.liadm.com/	1970-01-21 10:02:42	Name: lidid Value: 340d3722-c03e-4d34-bc6b-2d6c94cc7ab0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kit.fontawesome.com/23fd6ce197.js Message: Failed to load resource: the server responded with a status of 403 ()
rendering	warning	URL: https://tradingwire.com/pmax/index.php?email=verdacht@safeonweb.be(Line 22) Message: The key "target-densitydpi" is not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.trkn.us
ajax.googleapis.com
b-code.liadm.com
cdn.jsdelivr.net
cdn.useproof.com
dsadserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
intof.io
ioadserve.com
kit.fontawesome.com
link.mail.beehiiv.com
p.alocdn.com
rdcdn.com
rp.liadm.com
s3-us-west-2.amazonaws.com
td.doubleclick.net
tradingwire.com
websitevisitorleads.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
104.18.68.40
104.21.47.12
108.139.47.92
142.250.176.194
142.250.64.99
142.250.80.100
142.250.80.74
142.250.81.232
142.250.81.234
142.251.32.110
142.251.40.195
142.251.41.2
151.101.193.229
172.64.147.188
172.67.202.93
172.67.212.36
23.33.42.81
34.197.163.17
52.218.233.240
54.152.61.229
54.156.254.128
54.210.234.94
54.211.190.162
54.69.252.125
0833b2e9c3a26c258476c46266e6877fc75218625162e0460be9a3a098a61c6c
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
183786a3e3ee09de64ffe04747ea65553326b3ef8285a66e296537e1f060e78d
34d7195aa930b24307a4b027fc6d55ade04ccb225d6c0f9da3874336129895be
3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
45bbe60e3cc7a300f700c4911d26e5b4bac78e4faa52391275c8ce6d132e3343
45ff887a3441145243854b5fe6f917100fb5ffe1e35d14a533c4685817e78510
5bcf7a6715800a44e424ddcc5561a0a47ee076cd6451ee994fa23750c4945a86
6525453e01a8d5b1e92f543893b9bc09162ef11bce03a7891342746aa1a0ac67
6f90911c5aa8aa5950c61a09f32c6fc2e99092ec2253be367612e35a1b0b03ac
72c54b02042da9441d0acd833a8f2441f437810efa84c54424a4f15f67b6a142
7b5214401c61db636561354dcb7659b7587f598bd2e5febdb65f7da8d4fdc441
8683a7fd7aa72a24d3fbcdaa244abf212d1f69410759ec6bba6a6e4dafca5563
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abfe5f8faa1c78bc0d41bc9088a39a125c1fa41945d40e7117bdad61b9227ac9
b26f1ad3b9136798e6e506315629d2177c5c365df58e6902cdb09e5fba2e0914
b482626106338d9d68f538bb7070ca629b5f1eb5222a7ebec2efceb1f6ac6874
b9f8c1a17dbb0d6381323e3aff06027cc80ab738912614edff27dd57ea570e29
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
be6d6f33248b053056b1eb4c98cbbadc08596859566990db0b0fed36592a6a7e
c36be9cdb908e3f84d2904b480e4fd3217e0d6e8a9ca12d0f940c7a9613117b2
ce310732b8886b740f46a29e3b9544ac55d28810a1e7b40f9cf231c6f31777ab
ce7f75cc3ac841d2ecd536ede7b73bb412b325e32a9389cd98efded061c06d0a
d4f81a03ea8ec32821c0a072c567d980a9f116404997a06adf3ce8fa46d472b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f8594db1a0e2a3af34b9ee811d67b858a1b268632416fd3d96ac9d67053db425
fa1cb237372d86c71a568f5fcd882d5470963e32ea235917147143fc0d7f5317
faecbe6b97953b65bcb6782b9685669ec99342416b50ab2ec2354ebef9e43d4f

tradingwire.com Open in urlscan Pro 172.67.212.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

92 %HTTPS

0 %IPv6

21 Domains

24 Subdomains

19 IPs

2 Countries

1553 kBTransfer

2487 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tradingwire.com Open in urlscan Pro
172.67.212.36 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

92 %
HTTPS

0 %
IPv6

21
Domains

24
Subdomains

19
IPs

2
Countries

1553 kB
Transfer

2487 kB
Size

14
Cookies

37 HTTP transactions
0 data transactions