ec.forexprostools.com Open in urlscan Pro
2606:4700:4400::6812:2aef Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ec.forexprostools.com/
Effective URL:
https://ec.forexprostools.com/
Submission: On February 07 via api (February 7th 2024, 9:18:31 am UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 12 domains to perform 41 HTTP transactions. The main IP is 2606:4700:4400::6812:2aef, located in United States and belongs to CLOUDFLARENET, US. The main domain is ec.forexprostools.com.
TLS certificate: Issued by GTS CA 1P5 on January 27th 2024. Valid for: 3 months.

This is the only time ec.forexprostools.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:440... 2606:4700:4400::ac40:9111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::6812:2aef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700:440... 2606:4700:4400::ac40:9b69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2097	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	23.109.14.210 23.109.14.210	7979 (SERVERS-COM) (SERVERS-COM)
2 2	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 1	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1 3	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 5	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
41	17

1 2606:4700:4400::ac40:9111 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ec.forexprostools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:2aef (United States)

ASN13335 (CLOUDFLARENET, US)

ec.forexprostools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:4400::ac40:9b69 (United States)

ASN13335 (CLOUDFLARENET, US)

i-invdn-com.investing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2097 (United States)

ASN13335 (CLOUDFLARENET, US)

streamjs.investing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.14.210 (Netherlands)

ASN7979 (SERVERS-COM, US)

streaming.forexpros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9b (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net

3598367.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	investing.com i-invdn-com.investing.com — Cisco Umbrella Rank: 41687 streamjs.investing.com — Cisco Umbrella Rank: 288844	253 KB
10	doubleclick.net 4 redirects ad.doubleclick.net — Cisco Umbrella Rank: 163 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 fls.doubleclick.net — Cisco Umbrella Rank: 512 3598367.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	8 KB
6	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 5048 s2.adform.net — Cisco Umbrella Rank: 7060	35 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 98	1 KB
4	forexprostools.com 1 redirects ec.forexprostools.com	148 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6518	669 B
3	google-analytics.com 2 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 570	17 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	66 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	68 KB
1	forexpros.com streaming.forexpros.com — Cisco Umbrella Rank: 40146	213 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	10 KB
41	12

	Domain	Requested by
14	i-invdn-com.investing.com	ec.forexprostools.com
5	track.adform.net	2 redirects 3598367.fls.doubleclick.net track.adform.net
4	ec.forexprostools.com	1 redirects ec.forexprostools.com
3	3598367.fls.doubleclick.net	1 redirects ec.forexprostools.com www.googletagmanager.com
3	www.google.de	ec.forexprostools.com
3	www.google.com	2 redirects ec.forexprostools.com
3	ssl.google-analytics.com	2 redirects ec.forexprostools.com
3	ad.doubleclick.net	ec.forexprostools.com 3598367.fls.doubleclick.net
2	adservice.google.com	3598367.fls.doubleclick.net
2	connect.facebook.net	ec.forexprostools.com connect.facebook.net
2	stats.g.doubleclick.net	2 redirects
1	www.facebook.com	ec.forexprostools.com
1	s2.adform.net	3598367.fls.doubleclick.net
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.googletagmanager.com	ec.forexprostools.com
1	fls.doubleclick.net	1 redirects
1	streaming.forexpros.com	cdnjs.cloudflare.com
1	streamjs.investing.com	ec.forexprostools.com
1	cdnjs.cloudflare.com	ec.forexprostools.com
41	19

This site contains links to these domains. Also see Links.

Domain
www.investing.com
app.appsflyer.com

Subject Issuer	Validity	Valid
ec.forexprostools.com GTS CA 1P5	`2024-01-27` - `2024-04-26`	3 months	crt.sh
i-invdn-com.investing.com GTS CA 1P5	`2024-01-24` - `2024-04-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
streamjs.investing.com GTS CA 1P5	`2024-01-23` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.forexpros.com Sectigo ECC Domain Validation Secure Server CA	`2023-10-09` - `2024-11-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://ec.forexprostools.com/
Frame ID: 5386A6A3F105FC1BF595D6DA25DB3650
Requests: 30 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N5872.2079124INVAFF/B9105698.123658976;sz=95x24;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=
Frame ID: E18B1CB2CA0AD3EC19D98F2A3E782C4F
Requests: 1 HTTP requests in this frame

Frame: https://3598367.fls.doubleclick.net/activityi;dc_pre=CLbDruvymIQDFeNhkQUdMy8G_g;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506
Frame ID: A4C5810763F9D9AB6D623FF8AF90FBC4
Requests: 5 HTTP requests in this frame

Frame: https://3598367.fls.doubleclick.net/activityi;dc_pre=CJPzs-vymIQDFWcJogMdjeQDqg;src=3598367;type=site_844;cat=gtm_t964;ord=1
Frame ID: 4B711A999C42C9004CED92E4EFFC5C37
Requests: 3 HTTP requests in this frame

Frame: https://track.adform.net/serving/container/?pm=116109&lid=2431153&ctype=0&media=0&rnd=1295259181&cpref=https%3a%2f%2fec.forexprostools.com%2f&loc=https%3a%2f%2f3598367.fls.doubleclick.net%2factivityi%3bdc_pre%3dCLbDruvymIQDFeNhkQUdMy8G_g%3bsrc%3d3598367%3btype%3dwmt_i753%3bcat%3den_wm661%3bu2%3d%3bu1%3d%3bord%3d1%3bnum%3d1707297506%3f
Frame ID: 3B747B706D765BF8B04DF1494EF8F734
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ec.forexprostools.com/ HTTP 301
https://ec.forexprostools.com/ Page URL

Detected technologies

JS Charts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

jscharts.{0,32}\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

41
Requests

90 %
HTTPS

70 %
IPv6

12
Domains

19
Subdomains

17
IPs

6
Countries

603 kB
Transfer

1961 kB
Size

16
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.investing.com/

Search URL Search Domain Scan URL

URL: https://app.appsflyer.com/com.fusionmedia.investing?pid=direct_inv&c=web&af_channel=ec.forexprostools.com/&af_adset=ec&af_ad=wmt&af_sub1=WMT
Title: Download App

Search URL Search Domain Scan URL

URL: https://app.appsflyer.com/id909998122?pid=direct_inv&c=web&af_channel=ec.forexprostools.com/&af_adset=ec&af_ad=wmt&af_sub1=WMT
Title: Download App

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ec.forexprostools.com/ HTTP 301
https://ec.forexprostools.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=463286177&utmhn=ec.forexprostools.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=553057030&utmr=-&utmp=%2F&utmht=1707297506756&utmac=UA-2555300-21&utmcc=__utma%3D182656306.503667663.1707297507.1707297507.1707297507.1%3B%2B__utmz%3D182656306.1707297507.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1798724529&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2555300-21&cid=503667663.1707297507&jid=1798724529&_v=5.7.2&z=463286177 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=503667663.1707297507&jid=1798724529&_v=5.7.2&z=463286177 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=503667663.1707297507&jid=1798724529&_v=5.7.2&z=463286177&slf_rd=1&random=3461828210

Request Chain 22

https://fls.doubleclick.net/activityi;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506 HTTP 302
https://3598367.fls.doubleclick.net/activityi;dc_pre=CLbDruvymIQDFeNhkQUdMy8G_g;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506

Request Chain 25

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=518857569&utmhn=ec.forexprostools.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=553057030&utmr=-&utmp=%2F&utmht=1707297506760&utmac=UA-2555300-21&utmcc=__utma%3D182656306.503667663.1707297507.1707297507.1707297507.1%3B%2B__utmz%3D182656306.1707297507.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1816456811&utmredir=1&utmmt=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2555300-21&cid=503667663.1707297507&jid=1816456811&_v=5.7.2&z=518857569 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=503667663.1707297507&jid=1816456811&_v=5.7.2&z=518857569 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=503667663.1707297507&jid=1816456811&_v=5.7.2&z=518857569&slf_rd=1&random=1958607363

Request Chain 27

https://3598367.fls.doubleclick.net/activityi;src=3598367;type=site_844;cat=gtm_t964;ord=1 HTTP 302
https://3598367.fls.doubleclick.net/activityi;dc_pre=CJPzs-vymIQDFWcJogMdjeQDqg;src=3598367;type=site_844;cat=gtm_t964;ord=1

Request Chain 33

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 37

https://track.adform.net/Serving/TrackPoint/?pm=116109&lid=2431153&ADFdivider=%7C&ord=828869525198&ADFtpmode=2&loc=https%3A%2F%2F3598367.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLbDruvymIQDFeNhkQUdMy8G_g%3Bsrc%3D3598367%3Btype%3Dwmt_i753%3Bcat%3Den_wm661%3Bu2%3D%3Bu1%3D%3Bord%3D1%3Bnum%3D1707297506%3F&CPref=https%3A%2F%2Fec.forexprostools.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=116109&lid=2431153&ADFdivider=%7C&ord=828869525198&ADFtpmode=2&loc=https%3A%2F%2F3598367.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLbDruvymIQDFeNhkQUdMy8G_g%3Bsrc%3D3598367%3Btype%3Dwmt_i753%3Bcat%3Den_wm661%3Bu2%3D%3Bu1%3D%3Bord%3D1%3Bnum%3D1707297506%3F&CPref=https%3A%2F%2Fec.forexprostools.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ec.forexprostools.com/
Redirect Chain

http://ec.forexprostools.com/
https://ec.forexprostools.com/

510 KB
47 KB

260ms
238ms

Document
text/html

2606:4700:4400::6812:2aef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2aef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9dc4008efeea9d818152ec8b806649652a32f0b909ef857fb7832ded91b4190

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 851a8ba56a0a0497-FRA
content-encoding: gzip
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 09:18:26 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent

Redirect headers

CF-RAY: 851a8ba51f901903-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 07 Feb 2024 09:18:26 GMT
Expires: Wed, 07 Feb 2024 10:18:26 GMT
Location: https://ec.forexprostools.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 ads.js Show response
i-invdn-com.investing.com/js/ 73 B
432 B 99ms
64ms Script
application/x-javascript 2606:4700:4400::ac40:9b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/js/ads.js
Requested by: Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a519b27a0b5a76d84f6abc48cb53662626cda81e843f723802145843134c8b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Dec 2015 10:31:34 GMT
server: cloudflare
age: 75607
vary: Accept-Encoding
content-type: application/x-javascript
x-timestamp: 1450348293.51193
cache-control: public, max-age=325750
cf-ray: 851a8ba7cff01e51-FRA
alt-svc: h3=":443"; ma=86400
x-trans-id: txaa9cfc0efea44353aef28-0064951245dfw1
expires: Sun, 11 Feb 2024 03:47:36 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
i-invdn-com.investing.com/js/ 91 KB
33 KB 103ms
68ms Script
application/x-javascript 2606:4700:4400::ac40:9b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/js/jquery-1.10.2.min.js
Requested by: Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Jun 2015 12:00:04 GMT
server: cloudflare
age: 64619
vary: Accept-Encoding
content-type: application/x-javascript
x-timestamp: 1433332803.85067
cache-control: public, max-age=128107
cf-ray: 851a8ba7cff41e51-FRA
alt-svc: h3=":443"; ma=86400
x-trans-id: tx6eec86ab8cda4e35a1844-0065589a3ddfw1
expires: Thu, 08 Feb 2024 20:53:33 GMT

GET
H2 200 jquery.pseudo-1.1.min.js Show response
i-invdn-com.investing.com/js/ 949 B
903 B 86ms
51ms Script
application/x-javascript 2606:4700:4400::ac40:9b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/js/jquery.pseudo-1.1.min.js
Requested by: Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3a53e18261af4a4f08f746e5da5cdea0c26d3c50fbd065349f2e3cafe444f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Mar 2012 12:32:55 GMT
server: cloudflare
age: 68993
vary: Accept-Encoding
content-type: application/x-javascript
x-timestamp: 1331814774.40632
cache-control: public, max-age=196128
cf-ray: 851a8ba7cff61e51-FRA
alt-svc: h3=":443"; ma=86400
x-trans-id: txf95d2815a36544c0ac5e1-006561cc1ddfw1
expires: Fri, 09 Feb 2024 15:47:14 GMT

GET
H2 200 jquery-ui-1.9.1.min.js Show response
i-invdn-com.investing.com/js/ 232 KB
63 KB 90ms
56ms Script
application/x-javascript 2606:4700:4400::ac40:9b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/js/jquery-ui-1.9.1.min.js
Requested by: Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab93def9c8ab32ca511f05bed2f7f0722924203a46283465b3615688ab6f6d9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Jun 2015 12:00:06 GMT
server: cloudflare
age: 64429
vary: Accept-Encoding
content-type: application/x-javascript
x-timestamp: 1433332805.65379
cache-control: public, max-age=72131
cf-ray: 851a8ba7cfef1e51-FRA
alt-svc: h3=":443"; ma=86400
x-trans-id: txdd3a5843b76c4138ac8a0-0064fa31cadfw1
expires: Thu, 08 Feb 2024 05:20:37 GMT

GET
H2 200 dlinks.js Show response
i-invdn-com.investing.com/js/ 361 B
683 B 83ms
48ms Script
application/x-javascript 2606:4700:4400::ac40:9b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/js/dlinks.js
Requested by: Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f63f0d973b692bf5c0938f26dce888401ec8c5a0cb29cf6e15ce765e8974fb0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Feb 2016 15:59:27 GMT
server: cloudflare
age: 7730
vary: Accept-Encoding
content-type: application/x-javascript
x-timestamp: 1456156766.46427
cache-control: public, max-age=536252
cf-ray: 851a8ba7cff51e51-FRA
alt-svc: h3=":443"; ma=86400
x-trans-id: tx9ad19d2b1e5c4ae095ede-0064fc95dfdfw1
expires: Tue, 13 Feb 2024 14:15:58 GMT

GET
H2 200 ecaltool_v2.js Show response
ec.forexprostools.com/view/ 54 KB
12 KB 49ms
49ms Script
application/javascript 2606:4700:4400::6812:2aef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.forexprostools.com/view/ecaltool_v2.js

Requested by

Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2aef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da7abd553eb3b496b376ad2787b27b08fc3ca4133c93d460fb1ac09afe17e22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Mar 2023 06:44:19 GMT
server: cloudflare
etag: W/"d802-5f7635f76d6c0"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 851a8ba78dfc0497-FRA
expires: Wed, 07 Feb 2024 13:18:26 GMT

GET
H2 200 nyx_classes_75.css
i-invdn-com.investing.com/webmaster-tools/buttons-css/ 11 KB
2 KB 96ms
62ms Stylesheet
text/css 2606:4700:4400::ac40:9b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/webmaster-tools/buttons-css/nyx_classes_75.css
Requested by: Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5272ebc76ee36a369f155347cb3da728eb1cdb0d3312b0aa062703d6f011b566

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
content-encoding: br
origin: https://mycloud.rackspace.com
cf-cache-status: HIT
age: 79033
cf-polished: origSize=12753
alt-svc: h3=":443"; ma=86400
x-trans-id: txa0b0167f69544ffbb01ec-0064fab81cdfw1
cf-bgj: minify
last-modified: Mon, 03 Apr 2017 05:11:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-timestamp: 1491196287.02982
cache-control: public, max-age=559936
cf-ray: 851a8ba7cfed1e51-FRA
expires: Tue, 13 Feb 2024 20:50:42 GMT

GET
H2 200 investingLogo-137x25.png
i-invdn-com.investing.com/logos/ 1 KB
2 KB 38ms
38ms Image
image/webp 2606:4700:4400::ac40:9b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i-invdn-com.investing.com/logos/investingLogo-137x25.png
Requested by: Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f6707614539cf1103e30661c400f1d62a380161c132af507daa7422febcbaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
cf-cache-status: HIT
age: 66832
cf-polished: origFmt=png, origSize=3496
content-disposition: inline; filename="investingLogo-137x25.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1448
x-trans-id: tx8523ca36ff424a29964ae-00653f448adfw1
cf-bgj: imgq:100,h2pri
last-modified: Sun, 15 Sep 2013 09:12:02 GMT
server: cloudflare
etag: 319e7b5bffaabc971ef555d00b8f666c
vary: Accept
content-type: image/webp
x-timestamp: 1379236321.54088
cache-control: public, max-age=166732
accept-ranges: bytes
cf-ray: 851a8ba7d80e1e51-FRA
expires: Fri, 09 Feb 2024 07:37:18 GMT

GET
H2 200 ajax-loader-big.gif
i-invdn-com.investing.com/images/ 6 KB
6 KB 37ms
36ms Image
image/webp 2606:4700:4400::ac40:9b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i-invdn-com.investing.com/images/ajax-loader-big.gif
Requested by: Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab33051ad67c103bbef6ffba3b37b0cd313430a615f25eba19c563c2304f1f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
cf-cache-status: HIT
age: 48909
cf-polished: origFmt=gif, origSize=7378
content-disposition: inline; filename="ajax-loader-big.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5756
x-trans-id: tx6a36c25d2c16412089973-0064fe928fdfw1
cf-bgj: imgq:100,h2pri
last-modified: Wed, 12 Mar 2014 07:48:05 GMT
server: cloudflare
etag: 7518558d5681934df3bd69583c66a717
vary: Accept
content-type: image/webp
x-timestamp: 1394610484.36278
cache-control: public, max-age=471125
accept-ranges: bytes
cf-ray: 851a8ba7d80f1e51-FRA
expires: Mon, 12 Feb 2024 20:10:31 GMT

GET
H2 200 datepicker_v8.css
i-invdn-com.investing.com/css/ 9 KB
2 KB 90ms
89ms Stylesheet
text/css 2606:4700:4400::ac40:9b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/css/datepicker_v8.css
Requested by: Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c8e8a2c19895515550e9f54a83890f60b1cf05333d0705a5360be9d89b32b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 71293
cf-polished: origSize=10024
alt-svc: h3=":443"; ma=86400
x-trans-id: txe9e6116d3c40407499bd1-0064e52366dfw1
cf-bgj: minify
last-modified: Thu, 30 Jul 2015 07:41:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-timestamp: 1438242072.74277
cache-control: public, max-age=274820
cf-ray: 851a8ba8186c1e51-FRA
expires: Sat, 10 Feb 2024 13:38:46 GMT

GET
H2 200 datepicker-1.6.js Show response
i-invdn-com.investing.com/js/ 35 KB
7 KB 93ms
93ms Script
application/x-javascript 2606:4700:4400::ac40:9b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/js/datepicker-1.6.js
Requested by: Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cdb9c6916a14b81bb19fdaa8e3cfff1a1e171cbd0dc82b55bb2b7bae464be4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Aug 2013 08:04:06 GMT
server: cloudflare
age: 68355
vary: Accept-Encoding
content-type: application/x-javascript
x-timestamp: 1375862645.78314
cache-control: public, max-age=536484
cf-ray: 851a8ba8186f1e51-FRA
alt-svc: h3=":443"; ma=86400
x-trans-id: tx019a188b296349e4bb292-0064ebb7b3dfw1
expires: Tue, 13 Feb 2024 14:19:50 GMT

GET
H2 200 eye.js Show response
i-invdn-com.investing.com/js/ 604 B
834 B 79ms
78ms Script
text/x-c++ 2606:4700:4400::ac40:9b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/js/eye.js
Requested by: Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dac2cbda5435bb48c52ec0f363901174b6ce4674d16afca52d8cecee49b8b0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
cf-cache-status: HIT
age: 57229
alt-svc: h3=":443"; ma=86400
content-length: 604
x-trans-id: tx56068015e7ae407a88e23-00637785e4dfw1
last-modified: Sun, 27 Mar 2011 17:42:21 GMT
server: cloudflare
etag: a7305a07fc5f1123097487e9de66abb1
vary: Accept-Encoding
content-type: text/x-c++
x-timestamp: 1301247740.36305
cache-control: public, max-age=76969
accept-ranges: bytes
cf-ray: 851a8ba828951e51-FRA
expires: Thu, 08 Feb 2024 06:41:15 GMT

GET
H2 200 sockjs.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sockjs-client/0.3.4/ 33 KB
10 KB 37ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sockjs-client/0.3.4/sockjs.min.js

Requested by

Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c165fe7dec11d4716d084722a41e525a04857fb2529b9137aa13193ac0bbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7612889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9551
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-8465"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alHR%2BGdPlfZhzKxIuuLOHtLLwqVJnRpNLoBkOw%2BrPfduxCfYTrEyDQEu8m9oqiHGXrLzraKnNTu%2FQpwQEwqdtzPMXIQuuKTMGIXfK%2FSa6LuuC1CrDs7dTpnhL9MgR5ojg7HokZFe2a3%2FuCG8ZaC6SRzy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 851a8ba84ff1bbcb-FRA
expires: Mon, 27 Jan 2025 09:18:26 GMT

GET
H2 200 fxindex2.js Show response
streamjs.investing.com/tools/ 10 KB
3 KB 71ms
32ms Script
application/javascript 2606:4700:4400::6812:2097
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamjs.investing.com/tools/fxindex2.js

Requested by

Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2097 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd55c263b0f6077b582d7875d3a3f6c2937c75050338a6d022e0ace38fc70cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
content-encoding: br
cf-cache-status: HIT
age: 5302
cross-origin-embedder-policy: unsafe-none
x-cache-status: STALE
content-security-policy-report-only: default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; form-action https:; report-uri https://rbmeuulvihtwm2eltjhwimi2.httpschecker.net/report
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-request-id: 17a35b204315fa42cc4361dff6de0672
last-modified: Mon, 20 Mar 2023 10:29:10 GMT
server: cloudflare
cross-origin-opener-policy: cross-origin
etag: W/"287b-5f75265bfc980"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: public, max-age=1200
cf-ray: 851a8ba869a1718b-FRA
expires: Wed, 07 Feb 2024 09:38:26 GMT

GET
H2 200 jscharts-economic-calendar-2.6.12.min.js Show response
i-invdn-com.investing.com/js/ 10 KB
3 KB 84ms
84ms Script
application/javascript 2606:4700:4400::ac40:9b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/js/jscharts-economic-calendar-2.6.12.min.js
Requested by: Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ec47a7b57ac55644baafb7fec50bcc1ae43943413e24c936a25917d2d1a68cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2017 11:42:13 GMT
server: cloudflare
age: 13151
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-timestamp: 1511782932.21466
cache-control: public, max-age=132308
cf-ray: 851a8ba8289a1e51-FRA
alt-svc: h3=":443"; ma=86400
x-trans-id: tx7dd8862e7e3645ca94d4b-0064fd3d16dfw1
expires: Thu, 08 Feb 2024 22:03:34 GMT

GET
H2 200 highstock.js Show response
ec.forexprostools.com/view/ 259 KB
89 KB 35ms
35ms Script
application/javascript 2606:4700:4400::6812:2aef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.forexprostools.com/view/highstock.js

Requested by

Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2aef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

535ee2077f1a3d499a3765fef50f0aa819798bcb07c780b3106574258b86d744

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Mar 2023 06:44:19 GMT
server: cloudflare
etag: W/"40a31-5f7635f76d6c0"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 851a8ba82f110497-FRA
expires: Wed, 07 Feb 2024 13:18:26 GMT

GET
H2 200 B9105698.123658976;sz=95x24;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment= Show response
ad.doubleclick.net/ddm/adi/N5872.2079124INVAFF/ Frame E18B 26 B
530 B 42ms
15ms Document
text/html 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N5872.2079124INVAFF/B9105698.123658976;sz=95x24;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?

Requested by

Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec.forexprostools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 23
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 09:18:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 newSiteIconsSprite_v30i.png
i-invdn-com.investing.com/ 80 KB
80 KB 32ms
32ms Image
image/webp 2606:4700:4400::ac40:9b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i-invdn-com.investing.com/newSiteIconsSprite_v30i.png
Requested by: Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37a94150a015ae4ed6bc0599dc04ad37e96b94651afa45f19e2851fd9b751ecf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
cf-cache-status: HIT
age: 48633
cf-polished: origFmt=png, origSize=117362
content-disposition: inline; filename="newSiteIconsSprite_v30i.webp"
alt-svc: h3=":443"; ma=86400
content-length: 81484
x-trans-id: tx6c7445ab34554a50b4808-0064f63454dfw1
cf-bgj: imgq:100,h2pri
last-modified: Sun, 07 Sep 2014 05:30:23 GMT
server: cloudflare
etag: 8e2a9da66850d045eede53e683388744
vary: Accept
content-type: image/webp
x-timestamp: 1410067822.16563
cache-control: public, max-age=476208
accept-ranges: bytes
cf-ray: 851a8ba86ebe6901-FRA
expires: Mon, 12 Feb 2024 21:35:14 GMT

GET
H3 200 ce_flags_v6.png
i-invdn-com.investing.com/ 48 KB
49 KB 25ms
25ms Image
image/webp 2606:4700:4400::ac40:9b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i-invdn-com.investing.com/ce_flags_v6.png
Requested by: Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23b3eb27e3fbb9563053013370a453f2a27102d0a3af9bece8968a074ec541b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
cf-cache-status: HIT
age: 35274
cf-polished: origFmt=png, origSize=69656
content-disposition: inline; filename="ce_flags_v6.webp"
alt-svc: h3=":443"; ma=86400
content-length: 49644
x-trans-id: tx8283bef49ba344d1bf220-0064feb1d8dfw1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 07 Jul 2015 10:30:11 GMT
server: cloudflare
etag: 92dfc7b489759a3fd6ee6db945629ecd
vary: Accept
content-type: image/webp
x-timestamp: 1436265010.93784
cache-control: public, max-age=70725
accept-ranges: bytes
cf-ray: 851a8ba86ec16901-FRA
expires: Thu, 08 Feb 2024 04:57:11 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 50ms
8ms Script
text/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ec.forexprostools.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 07:54:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5009
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 07 Feb 2024 09:54:57 GMT

GET
H2 200 info Show response
streaming.forexpros.com/echo/ 75 B
213 B 68ms
13ms XHR
application/json 23.109.14.210
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.forexpros.com/echo/info
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/sockjs-client/0.3.4/sockjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.109.14.210 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 00412a21744555d733f3726d11bb66387f8fade55cba579ab3c8811fad8fb74e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: https://ec.forexprostools.com
date: Wed, 07 Feb 2024 09:18:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 75
content-type: application/json

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=463286177&utmhn=ec.forexprostools.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhi...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2555300-21&cid=503667663.1707297507&jid=1798724529&_v=5.7.2&z=463286177
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=503667663.1707297507&jid=1798724529&_v=5.7.2&z=463286177
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=503667663.1707297507&jid=1798724529&_v=5.7.2&z=463286177&slf_rd=1&random=3461828210

42 B
107 B

52ms
32ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=503667663.1707297507&jid=1798724529&_v=5.7.2&z=463286177&slf_rd=1&random=3461828210

Requested by

Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:18:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:18:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=503667663.1707297507&jid=1798724529&_v=5.7.2&z=463286177&slf_rd=1&random=3461828210
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CLbDruvymIQDFeNhkQUdMy8G_g;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506 Show response
3598367.fls.doubleclick.net/ Frame A4C5
Redirect Chain

https://fls.doubleclick.net/activityi;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506?
https://3598367.fls.doubleclick.net/activityi;dc_pre=CLbDruvymIQDFeNhkQUdMy8G_g;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506?

3 KB
2 KB

97ms
52ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3598367.fls.doubleclick.net/activityi;dc_pre=CLbDruvymIQDFeNhkQUdMy8G_g;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506?

Requested by

Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

d692f24f151abbdf965701aec9654bc8b39984434106d17143a8ef33ff090b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec.forexprostools.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1314
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 09:18:26 GMT
expires: Wed, 07 Feb 2024 09:18:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 09:18:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://3598367.fls.doubleclick.net/activityi;dc_pre=CLbDruvymIQDFeNhkQUdMy8G_g;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 186 KB
68 KB 42ms
21ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9FVQ7

Requested by

Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

046316eff1779ad28713397eba06dd34c64ffa93f4a76e464a73a1fd4d35c999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69138
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Feb 2024 09:18:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 54ms
18ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Feb 2024 09:18:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: tki+Yd5bUkU49GNnvzwGshctsjzJUfMjl+VCeJDwIPzUhAcYWzMOnorc400NBIl2utZ0PFmoCwz7Wm5grdmKwg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=518857569&utmhn=ec.forexprostools.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhi...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2555300-21&cid=503667663.1707297507&jid=1816456811&_v=5.7.2&z=518857569
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=503667663.1707297507&jid=1816456811&_v=5.7.2&z=518857569
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=503667663.1707297507&jid=1816456811&_v=5.7.2&z=518857569&slf_rd=1&random=1958607363

42 B
107 B

52ms
32ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=503667663.1707297507&jid=1816456811&_v=5.7.2&z=518857569&slf_rd=1&random=1958607363

Requested by

Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:18:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:18:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=503667663.1707297507&jid=1816456811&_v=5.7.2&z=518857569&slf_rd=1&random=1958607363
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1000940071/ 3 KB
2 KB 64ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1000940071/?random=1707297506821&cv=11&fst=1707297506821&bg=ffffff&guid=ON&async=1&gtm=45He4250za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fec.forexprostools.com%2F&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9FVQ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0b0dda6dce08395b7f0f88fb2f4eb2490e6ee12a4da51e9ccfeb6c0ed503c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:18:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1235
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CJPzs-vymIQDFWcJogMdjeQDqg;src=3598367;type=site_844;cat=gtm_t964;ord=1 Show response
3598367.fls.doubleclick.net/ Frame 4B71
Redirect Chain

https://3598367.fls.doubleclick.net/activityi;src=3598367;type=site_844;cat=gtm_t964;ord=1?
https://3598367.fls.doubleclick.net/activityi;dc_pre=CJPzs-vymIQDFWcJogMdjeQDqg;src=3598367;type=site_844;cat=gtm_t964;ord=1?

2 KB
1000 B

53ms
53ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3598367.fls.doubleclick.net/activityi;dc_pre=CJPzs-vymIQDFWcJogMdjeQDqg;src=3598367;type=site_844;cat=gtm_t964;ord=1?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9FVQ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

dc2a6d2f9b58a518aec3af11aed99a67346acbfb8cb22267ad857ee72078b345

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 837
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 09:18:26 GMT
expires: Wed, 07 Feb 2024 09:18:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 09:18:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://3598367.fls.doubleclick.net/activityi;dc_pre=CJPzs-vymIQDFWcJogMdjeQDqg;src=3598367;type=site_844;cat=gtm_t964;ord=1?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 167918810261856 Show response
connect.facebook.net/signals/config/ 35 KB
8 KB 159ms
158ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/167918810261856?v=2.9.145&r=stable&domain=ec.forexprostools.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c2f61816eb327a92080934c9b8f436f075ee29c276166a4e428398c56e1653d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Feb 2024 09:18:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: LnwXlTpe7pu5KADOwbc0uxs2bG1ZxOCiD91Im3VcEvjhO5dG0hZi3aVeQU/xCPsBwDK2xGi1mVcccE4K5NGf+g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1000940071/ 42 B
165 B 19ms
18ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1000940071/?random=1707297506821&cv=11&fst=1707296400000&bg=ffffff&guid=ON&async=1&gtm=45He4250za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fec.forexprostools.com%2F&frm=0&npa=0&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_WTIELGkhGKTgkNCp-YnPyC1fs2T_LQ_5r8Bk53v1XV0UpO_p&random=1077992278&rmt_tld=0&ipr=y

Requested by

Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:18:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1000940071/ 42 B
455 B 30ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1000940071/?random=1707297506821&cv=11&fst=1707296400000&bg=ffffff&guid=ON&async=1&gtm=45He4250za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fec.forexprostools.com%2F&frm=0&npa=0&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_WTIELGkhGKTgkNCp-YnPyC1fs2T_LQ_5r8Bk53v1XV0UpO_p&random=1077992278&rmt_tld=1&ipr=y

Requested by

Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:18:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CLbDruvymIQDFeNhkQUdMy8G_g;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506
adservice.google.com/ddm/fls/z/ Frame A4C5 42 B
401 B 62ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLbDruvymIQDFeNhkQUdMy8G_g;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506

Requested by

Host: 3598367.fls.doubleclick.net
URL: https://3598367.fls.doubleclick.net/activityi;dc_pre=CLbDruvymIQDFeNhkQUdMy8G_g;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3598367.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:18:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDM1OTgzNjcKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2ZvcmV4cHJvc3Rvb2xzLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVi...
ad.doubleclick.net/ddm/activity/ Frame A4C5 0
1 KB 38ms
38ms Image
image/png 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDM1OTgzNjcKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2ZvcmV4cHJvc3Rvb2xzLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiAxMTcyMzMwMTYyNjEzMTEyOTI1MgpjdGNfY29udmVyc2lvbl9idWNrZXQ6IDIKYXJjaGV0eXBlX2lkOiAxCmFyY2hldHlwZV9pZDogMwphcmNoZXR5cGVfaWQ6IDQKYXJjaGV0eXBlX2lkOiA1CmFyY2hldHlwZV9pZDogNgphcmNoZXR5cGVfaWQ6IDcKYXJjaGV0eXBlX2lkOiA4CmFyY2hldHlwZV9pZDogOQphcmNoZXR5cGVfaWQ6IDEwCmFyY2hldHlwZV9pZDogMTEKYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphcmNoZXR5cGVfaWQ6IDE2CmFyY2hldHlwZV9pZDogMTcKYXJjaGV0eXBlX2lkOiAxOAphcmNoZXR5cGVfaWQ6IDE5CmFyY2hldHlwZV9pZDogMjAKYXJjaGV0eXBlX2lkOiAyMQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0FDVElWSVRZX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMDA5MjkwCiAgfQp9CmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0NPTlZFUlNJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTA3IgogIH0KfQpicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNTcwNDI1MzQ0CmdjbGlkOiAiIgp0cmlnZ2VyX2RlZHVwbGljYXRpb25fa2V5OiAyNjMwMDA3MTg0MTY5NDQzMjI5Cg

Requested by

Host: 3598367.fls.doubleclick.net
URL: https://3598367.fls.doubleclick.net/activityi;dc_pre=CLbDruvymIQDFeNhkQUdMy8G_g;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3598367.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:18:26 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"2630007184169443229"}],"aggregatable_trigger_data":[{"filters":{"14":["1009290"]},"key_piece":"0xe6fd4bc75d732558","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x180ef3bd088b4aad","not_filters":{"14":["1009290"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["1009290"]},"key_piece":"0x20c53db3949af198","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x32a05c08f474c3b2","not_filters":{"14":["1009290"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"11723301626131129252","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2630007184169443229","filters":{"14":["1009290"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"2630007184169443229","filters":{"14":["1009290"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"2630007184169443229","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"2630007184169443229","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["3598367"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame A4C5
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
31 KB

67ms
18ms

Script
application/javascript

37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: 3598367.fls.doubleclick.net
URL: https://3598367.fls.doubleclick.net/activityi;dc_pre=CLbDruvymIQDFeNhkQUdMy8G_g;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506?
Protocol: H2
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3598367.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:18:27 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000002a4302a981bc3024-00646c8ee1-3295d04c-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Wed, 07 Feb 2024 09:18:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H2 200 dc_pre=CJPzs-vymIQDFWcJogMdjeQDqg;src=3598367;type=site_844;cat=gtm_t964;ord=1
adservice.google.com/ddm/fls/z/ Frame 4B71 42 B
107 B 41ms
40ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJPzs-vymIQDFWcJogMdjeQDqg;src=3598367;type=site_844;cat=gtm_t964;ord=1

Requested by

Host: 3598367.fls.doubleclick.net
URL: https://3598367.fls.doubleclick.net/activityi;dc_pre=CJPzs-vymIQDFWcJogMdjeQDqg;src=3598367;type=site_844;cat=gtm_t964;ord=1?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3598367.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:18:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDM1OTgzNjcKYWR2ZXJ0aXNlcl9kb21haW46ICIiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBDT05WRVJTSU9OCmRlYnVnX2tleTogMTQxODk2MDg4MDE5NDA1Nzc5...
ad.doubleclick.net/ddm/activity/ Frame 4B71 0
22 B 39ms
39ms Image
image/png 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDM1OTgzNjcKYWR2ZXJ0aXNlcl9kb21haW46ICIiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBDT05WRVJTSU9OCmRlYnVnX2tleTogMTQxODk2MDg4MDE5NDA1Nzc5NTUKY3RjX2NvbnZlcnNpb25fYnVja2V0OiA1CmFyY2hldHlwZV9pZDogMQphcmNoZXR5cGVfaWQ6IDMKYXJjaGV0eXBlX2lkOiA0CmFyY2hldHlwZV9pZDogNQphcmNoZXR5cGVfaWQ6IDYKYXJjaGV0eXBlX2lkOiA3CmFyY2hldHlwZV9pZDogOAphcmNoZXR5cGVfaWQ6IDkKYXJjaGV0eXBlX2lkOiAxMAphcmNoZXR5cGVfaWQ6IDExCmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYXJjaGV0eXBlX2lkOiAxNgphcmNoZXR5cGVfaWQ6IDE3CmFyY2hldHlwZV9pZDogMTgKYXJjaGV0eXBlX2lkOiAxOQphcmNoZXR5cGVfaWQ6IDIwCmFyY2hldHlwZV9pZDogMjEKY29udmVyc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogQ09OVkVSU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9BQ1RJVklUWV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTQ1NDI2OQogIH0KfQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9DT05WRVJTSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0wNyIKICB9Cn0KYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDU3MDQyNTM0NApnY2xpZDogIiIKdHJpZ2dlcl9kZWR1cGxpY2F0aW9uX2tleTogODUwNDU3MjMwNDkwNjI1OTk1NAo

Requested by

Host: 3598367.fls.doubleclick.net
URL: https://3598367.fls.doubleclick.net/activityi;dc_pre=CJPzs-vymIQDFWcJogMdjeQDqg;src=3598367;type=site_844;cat=gtm_t964;ord=1?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3598367.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:18:27 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"8504572304906259954"}],"aggregatable_trigger_data":[{"filters":{"14":["1454269"]},"key_piece":"0x18617b8148ecf115","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xcdef17554698809f","not_filters":{"14":["1454269"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["1454269"]},"key_piece":"0xd01e12d7f388f5b1","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xf5600146b9679a03","not_filters":{"14":["1454269"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"14189608801940577955","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"8504572304906259954","filters":{"14":["1454269"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"8504572304906259954","filters":{"14":["1454269"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"8504572304906259954","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"8504572304906259954","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["3598367"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 21ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=167918810261856&ev=PageView&dl=https%3A%2F%2Fec.forexprostools.com%2F&rl=&if=false&ts=1707297507047&sw=1600&sh=1200&v=2.9.145&r=stable&ec=0&o=4124&fbp=fb.1.1707297507046.1605110864&ler=empty&cdl=API_unavailable&it=1707297506858&coo=false&exp=e1&rqm=GET

Requested by

Host: ec.forexprostools.com
URL: https://ec.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Feb 2024 09:18:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame A4C5
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=116109&lid=2431153&ADFdivider=%7C&ord=828869525198&ADFtpmode=2&loc=https%3A%2F%2F3598367.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLbDruvymIQDFeNhk...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=116109&lid=2431153&ADFdivider=%7C&ord=828869525198&ADFtpmode=2&loc=https%3A%2F%2F3598367.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLbDruvymIQD...

427 B
977 B

30ms
30ms

Script
text/javascript

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=116109&lid=2431153&ADFdivider=%7C&ord=828869525198&ADFtpmode=2&loc=https%3A%2F%2F3598367.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLbDruvymIQDFeNhkQUdMy8G_g%3Bsrc%3D3598367%3Btype%3Dwmt_i753%3Bcat%3Den_wm661%3Bu2%3D%3Bu1%3D%3Bord%3D1%3Bnum%3D1707297506%3F&CPref=https%3A%2F%2Fec.forexprostools.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: 3598367.fls.doubleclick.net
URL: https://3598367.fls.doubleclick.net/activityi;dc_pre=CLbDruvymIQDFeNhkQUdMy8G_g;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506?

Protocol

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d21e1029750dabb921c9a0cf5dc984f61fcfb5e6e84bcbf94caa274e024762a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3598367.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:18:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 447
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:18:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=116109&lid=2431153&ADFdivider=%7C&ord=828869525198&ADFtpmode=2&loc=https%3A%2F%2F3598367.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLbDruvymIQDFeNhkQUdMy8G_g%3Bsrc%3D3598367%3Btype%3Dwmt_i753%3Bcat%3Den_wm661%3Bu2%3D%3Bu1%3D%3Bord%3D1%3Bnum%3D1707297506%3F&CPref=https%3A%2F%2Fec.forexprostools.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 / Show response
track.adform.net/serving/container/ Frame 3B74 1 KB
1 KB 29ms
29ms Document
text/html 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/container/?pm=116109&lid=2431153&ctype=0&media=0&rnd=1295259181&cpref=https%3a%2f%2fec.forexprostools.com%2f&loc=https%3a%2f%2f3598367.fls.doubleclick.net%2factivityi%3bdc_pre%3dCLbDruvymIQDFeNhkQUdMy8G_g%3bsrc%3d3598367%3btype%3dwmt_i753%3bcat%3den_wm661%3bu2%3d%3bu1%3d%3bord%3d1%3bnum%3d1707297506%3f

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5a4a02b2214d0b5a387b7f1fb09502597656b5f86794096403561b97219a2646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://3598367.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 09:18:27 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
track.adform.net/Serving/TrackPoint/ Frame 3B74 35 B
519 B 30ms
30ms Image
image/gif 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=116109&lid=3944828

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=116109&lid=2431153&ctype=0&media=0&rnd=1295259181&cpref=https%3a%2f%2fec.forexprostools.com%2f&loc=https%3a%2f%2f3598367.fls.doubleclick.net%2factivityi%3bdc_pre%3dCLbDruvymIQDFeNhkQUdMy8G_g%3bsrc%3d3598367%3btype%3dwmt_i753%3bcat%3den_wm661%3bu2%3d%3bu1%3d%3bord%3d1%3bnum%3d1707297506%3f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://track.adform.net/serving/container/?pm=116109&lid=2431153&ctype=0&media=0&rnd=1295259181&cpref=https%3a%2f%2fec.forexprostools.com%2f&loc=https%3a%2f%2f3598367.fls.doubleclick.net%2factivityi%3bdc_pre%3dCLbDruvymIQDFeNhkQUdMy8G_g%3bsrc%3d3598367%3btype%3dwmt_i753%3bcat%3den_wm661%3bu2%3d%3bu1%3d%3bord%3d1%3bnum%3d1707297506%3f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 09:18:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ec.forexprostools.com/	1970-01-20 18:15:26	Name: geoC Value: DE
.forexprostools.com/	1970-01-20 18:14:59	Name: __cf_bm Value: Olv3tAUaVK4xLrwnRJKtIKJtitxS0OU8_H.HFV2HzfM-1707297506-1-AVcoucaYWVveSRsj+XgC+AOThCrxbKq3XPM+e9CIngep5HnYY3HEv5c7UIQSuaaxkIEsRWgU9WMK2Kr5VFYMEUo=
.investing.com/	1970-01-20 18:14:59	Name: __cf_bm Value: erw0tBzQVkBzu_03mvB1PdSKj.UMV8C_Lvr7SM5sHJE-1707297506-1-AYjWjKmSe6f57g1+ClkeoEB6tH1WiTAo1yIDkVWaaXnH8ZUcNbtLfXbNrI4D7KkrvtqU6uHVUqgVeddm0CwiLxc=
.ec.forexprostools.com/	1970-01-21 03:50:57	Name: __utma Value: 182656306.503667663.1707297507.1707297507.1707297507.1
.ec.forexprostools.com/	1969-12-31 23:59:59	Name: __utmc Value: 182656306
.ec.forexprostools.com/	1970-01-20 22:37:45	Name: __utmz Value: 182656306.1707297507.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.ec.forexprostools.com/	1970-01-20 18:14:58	Name: __utmt Value: 1
.ec.forexprostools.com/	1970-01-20 18:14:58	Name: __utmt_~1 Value: 1
.ec.forexprostools.com/	1970-01-20 18:14:59	Name: __utmb Value: 182656306.2.10.1707297507
.doubleclick.net/	1970-01-21 03:36:33	Name: IDE Value: AHWqTUlcwQBk69quZ4CPWsDFiu-mwN6vv7S9zbGtsrPGwSqmA9CCm3HPFOq1RZ9zvwA
.doubleclick.net/	1970-01-20 22:34:09	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 18:58:09	Name: ar_debug Value: 1
.forexprostools.com/	1970-01-20 20:24:33	Name: _fbp Value: fb.1.1707297507046.1605110864
.adform.net/	1970-01-20 18:56:43	Name: C Value: 1
.adform.net/	1970-01-20 19:41:17	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-20 19:41:17	Name: uid Value: 1950393180461644569

46 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/(Line 5270) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/(Line 5270) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/(Line 5270) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/(Line 5270) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/(Line 5270) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/(Line 5270) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/(Line 5270) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/(Line 5270) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://ec.forexprostools.com/(Line 5867) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ec.forexprostools.com/(Line 5867) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ec.forexprostools.com/(Line 5892) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ec.forexprostools.com/(Line 5892) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://3598367.fls.doubleclick.net/activityi;dc_pre=CLbDruvymIQDFeNhkQUdMy8G_g;src=3598367;type=wmt_i753;cat=en_wm661;u2=;u1=;ord=1;num=1707297506?(Line 15) Message: Mixed Content: The page at 'https://ec.forexprostools.com/' was loaded over HTTPS, but requested an insecure frame 'http://3106981.fls.doubleclick.net/activityi;src=3106981;type=inves761;cat=inves404;ord=1;num=6714822067463.424?'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/167918810261856?v=2.9.145&r=stable&domain=ec.forexprostools.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 66) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ec.forexprostools.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3598367.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
cdnjs.cloudflare.com
connect.facebook.net
ec.forexprostools.com
fls.doubleclick.net
googleads.g.doubleclick.net
i-invdn-com.investing.com
s2.adform.net
ssl.google-analytics.com
stats.g.doubleclick.net
streaming.forexpros.com
streamjs.investing.com
track.adform.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
142.250.184.230
172.217.18.102
216.58.212.166
23.109.14.210
2606:4700:4400::6812:2097
2606:4700:4400::6812:2aef
2606:4700:4400::ac40:9111
2606:4700:4400::ac40:9b69
2606:4700::6811:180e
2a00:1450:4001:806::2008
2a00:1450:4001:811::2008
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c04::9b
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f176:181:face:b00c:0:25de
37.157.5.72
37.157.6.254
00412a21744555d733f3726d11bb66387f8fade55cba579ab3c8811fad8fb74e
046316eff1779ad28713397eba06dd34c64ffa93f4a76e464a73a1fd4d35c999
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0f6707614539cf1103e30661c400f1d62a380161c132af507daa7422febcbaeb
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
23b3eb27e3fbb9563053013370a453f2a27102d0a3af9bece8968a074ec541b6
2dac2cbda5435bb48c52ec0f363901174b6ce4674d16afca52d8cecee49b8b0d
33c8e8a2c19895515550e9f54a83890f60b1cf05333d0705a5360be9d89b32b4
37a94150a015ae4ed6bc0599dc04ad37e96b94651afa45f19e2851fd9b751ecf
4ab33051ad67c103bbef6ffba3b37b0cd313430a615f25eba19c563c2304f1f5
5272ebc76ee36a369f155347cb3da728eb1cdb0d3312b0aa062703d6f011b566
535ee2077f1a3d499a3765fef50f0aa819798bcb07c780b3106574258b86d744
5a4a02b2214d0b5a387b7f1fb09502597656b5f86794096403561b97219a2646
5ec47a7b57ac55644baafb7fec50bcc1ae43943413e24c936a25917d2d1a68cf
61c165fe7dec11d4716d084722a41e525a04857fb2529b9137aa13193ac0bbfe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a519b27a0b5a76d84f6abc48cb53662626cda81e843f723802145843134c8b9
8da7abd553eb3b496b376ad2787b27b08fc3ca4133c93d460fb1ac09afe17e22
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9cdb9c6916a14b81bb19fdaa8e3cfff1a1e171cbd0dc82b55bb2b7bae464be4b
ab93def9c8ab32ca511f05bed2f7f0722924203a46283465b3615688ab6f6d9e
bca51ed2fe251488a1b150edf560d43880f1486740f34d24120ede486f99676b
c2f61816eb327a92080934c9b8f436f075ee29c276166a4e428398c56e1653d5
c9dc4008efeea9d818152ec8b806649652a32f0b909ef857fb7832ded91b4190
d21e1029750dabb921c9a0cf5dc984f61fcfb5e6e84bcbf94caa274e024762a6
d692f24f151abbdf965701aec9654bc8b39984434106d17143a8ef33ff090b0d
dc2a6d2f9b58a518aec3af11aed99a67346acbfb8cb22267ad857ee72078b345
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b0dda6dce08395b7f0f88fb2f4eb2490e6ee12a4da51e9ccfeb6c0ed503c00
f3a53e18261af4a4f08f746e5da5cdea0c26d3c50fbd065349f2e3cafe444f4d
f63f0d973b692bf5c0938f26dce888401ec8c5a0cb29cf6e15ce765e8974fb0c
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
fdd55c263b0f6077b582d7875d3a3f6c2937c75050338a6d022e0ace38fc70cd

ec.forexprostools.com Open in urlscan Pro 2606:4700:4400::6812:2aef Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

90 %HTTPS

70 %IPv6

12 Domains

19 Subdomains

17 IPs

6 Countries

603 kBTransfer

1961 kBSize

16 Cookies

3 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

ec.forexprostools.com Open in urlscan Pro
2606:4700:4400::6812:2aef Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

90 %
HTTPS

70 %
IPv6

12
Domains

19
Subdomains

17
IPs

6
Countries

603 kB
Transfer

1961 kB
Size

16
Cookies

41 HTTP transactions
0 data transactions