mail.hicityinvestmentfx.com Open in urlscan Pro
144.76.107.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mail.hicityinvestmentfx.com/
Effective URL:
https://mail.hicityinvestmentfx.com/
Submission: On December 07 via api (December 7th 2022, 12:03:47 pm UTC) from US — Scanned from US

Summary HTTP 133 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 133 HTTP transactions. The main IP is 144.76.107.13, located in Germany and belongs to HETZNER-AS, DE. The main domain is mail.hicityinvestmentfx.com.
TLS certificate: Issued by R3 on December 4th 2022. Valid for: 3 months.

This is the only time mail.hicityinvestmentfx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 60	144.76.107.13 144.76.107.13	24940 (HETZNER-AS) (HETZNER-AS)
1	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.214.103 13.224.214.103	16509 (AMAZON-02) (AMAZON-02)
1 1	172.67.72.223 172.67.72.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::ac43:4703	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	95.216.228.15 95.216.228.15	24940 (HETZNER-AS) (HETZNER-AS)
5	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:806::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
20	2a02:4780:8:2... 2a02:4780:8:250:0:34a8:6d7e:1	47583 (AS-HOSTINGER) (AS-HOSTINGER)
22	2606:4700:20:... 2606:4700:20::ac43:4991	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1	151.139.237.124 151.139.237.124	() ()
133	15

60 144.76.107.13 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: bh-cloud.bergeservers.com

mail.hicityinvestmentfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-103.phl50.r.cloudfront.net

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.72.223 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

code.tidio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:4703 (United States)

ASN13335 (CLOUDFLARENET, US)

widget-v4.tidiochat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.228.15 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.15.228.216.95.clients.your-server.de

static.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:821::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:806::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:4780:8:250:0:34a8:6d7e:1 (Meppel, Netherlands)

ASN47583 (AS-HOSTINGER, CY)

actionfxtrade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:20::ac43:4991 (United States)

ASN13335 (CLOUDFLARENET, US)

streamja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:823::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.237.124 (None, )

ASN- ()

twemoji.maxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	hicityinvestmentfx.com 1 redirects mail.hicityinvestmentfx.com	2 MB
22	streamja.com streamja.com — Cisco Umbrella Rank: 322505	291 KB
20	actionfxtrade.com actionfxtrade.com	375 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38 Failed	138 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	148 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51 translate.googleapis.com — Cisco Umbrella Rank: 986 ajax.googleapis.com — Cisco Umbrella Rank: 361	142 KB
5	tidiochat.com widget-v4.tidiochat.com — Cisco Umbrella Rank: 18188	275 KB
2	getbutton.io 1 redirects static.getbutton.io — Cisco Umbrella Rank: 41381	93 KB
1	maxcdn.com twemoji.maxcdn.com	2 KB
1	tidio.co 1 redirects code.tidio.co — Cisco Umbrella Rank: 16307	496 B
1	tradingview.com s3.tradingview.com — Cisco Umbrella Rank: 22038
1	google.com translate.google.com — Cisco Umbrella Rank: 1345	26 KB
133	12

	Domain	Requested by
60	mail.hicityinvestmentfx.com	1 redirects mail.hicityinvestmentfx.com
22	streamja.com	mail.hicityinvestmentfx.com streamja.com
20	actionfxtrade.com	mail.hicityinvestmentfx.com actionfxtrade.com ajax.googleapis.com
7	www.google-analytics.com	streamja.com
5	widget-v4.tidiochat.com	mail.hicityinvestmentfx.com code.tidio.co
4	fonts.gstatic.com	fonts.googleapis.com
3	www.gstatic.com	mail.hicityinvestmentfx.com translate.googleapis.com
3	fonts.googleapis.com	mail.hicityinvestmentfx.com widget-v4.tidiochat.com
2	ajax.googleapis.com	actionfxtrade.com
2	translate.googleapis.com
2	static.getbutton.io	1 redirects mail.hicityinvestmentfx.com
1	twemoji.maxcdn.com
1	code.tidio.co	1 redirects
1	s3.tradingview.com	mail.hicityinvestmentfx.com
1	translate.google.com	mail.hicityinvestmentfx.com
133	15

This site contains links to these domains. Also see Links.

Domain
translate.google.com
wa.me

Subject Issuer	Validity	Valid
hicityinvestmentfx.com R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.tradingview.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
actionfxtrade.com R3	`2022-11-15` - `2023-02-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
twemoji.maxcdn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-10-11` - `2023-11-09`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://mail.hicityinvestmentfx.com/
Frame ID: A78062714B2BC316FA6E10418DAC5398
Requests: 72 HTTP requests in this frame

Frame: https://actionfxtrade.com/trade_graph/test2.php
Frame ID: 71DE75FA96621BB031267160069AF566
Requests: 3 HTTP requests in this frame

Frame: https://streamja.com/embed/O4VGe
Frame ID: E2912C0323D7D3441578C1248FA4D645
Requests: 1 HTTP requests in this frame

Frame: https://streamja.com/embed/29Z7z
Frame ID: C3C02A8596E358DD1E188613EAFCCA7E
Requests: 6 HTTP requests in this frame

Frame: https://streamja.com/embed/n37aA
Frame ID: BDD3E612E391C9C79A9A4ED3EA0B7E12
Requests: 1 HTTP requests in this frame

Frame: https://streamja.com/embed/q5z1V
Frame ID: 4157611EDDAF17028A1D49EC18DEC667
Requests: 1 HTTP requests in this frame

Frame: https://streamja.com/embed/0jyOA
Frame ID: F18CC02D2A95E0436777F36B33BBFCA1
Requests: 1 HTTP requests in this frame

Frame: https://streamja.com/embed/6Kd0K
Frame ID: 011ECB8A770F50C14E7A836B254F2CC1
Requests: 1 HTTP requests in this frame

Frame: https://streamja.com/embed/oeR55
Frame ID: BA682E0BE69BD507B541D93143A229C5
Requests: 1 HTTP requests in this frame

Frame: https://actionfxtrade.com/trade_graph/test2.php
Frame ID: 23245B5F9623C22BBF05C82A94C0DF8B
Requests: 20 HTTP requests in this frame

Frame: https://streamja.com/embed/O4VGe
Frame ID: 74FBF8C96EDA1BE772C2309AF2AF0E27
Requests: 6 HTTP requests in this frame

Frame: https://streamja.com/embed/29Z7z
Frame ID: D19BF8BA1E9951678A0E0501E556513D
Requests: 6 HTTP requests in this frame

Frame: https://streamja.com/embed/n37aA
Frame ID: 53B3B885663555FEC220175978FF2C3C
Requests: 6 HTTP requests in this frame

Frame: https://streamja.com/embed/q5z1V
Frame ID: E6D87BC0850BFD46016955F37498DA79
Requests: 6 HTTP requests in this frame

Frame: https://streamja.com/embed/0jyOA
Frame ID: 4B957F36B65CB16E8AED35A4D0B22261
Requests: 6 HTTP requests in this frame

Frame: https://streamja.com/embed/6Kd0K
Frame ID: 2D48AE19F29D7D380F0F5921BDF07924
Requests: 6 HTTP requests in this frame

Frame: https://streamja.com/embed/oeR55
Frame ID: 2DEF3F792720C67CBE482D54F55A4CDA
Requests: 6 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_131_0/static/js/chunk-WidgetIframe-a2ea9bf2d262d5060dc4.js
Frame ID: D470852E7577DE4531796B88F95EE94A
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: 600FB2458F9A73C530825582EDAD97BF
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap
Frame ID: 7632CF01C508ABA388AE0C36EDD8D0FC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

hicityinvestmentfx - Forex, Stocks, ETFs & Options Trading

Page URL History Show full URLs

http://mail.hicityinvestmentfx.com/ HTTP 301
https://mail.hicityinvestmentfx.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

133
Requests

97 %
HTTPS

64 %
IPv6

12
Domains

15
Subdomains

15
IPs

4
Countries

3408 kB
Transfer

7009 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

URL: https://wa.me/14044811454
Title: Message us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mail.hicityinvestmentfx.com/ HTTP 301
https://mail.hicityinvestmentfx.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://code.tidio.co/xhdyjcmv4dqy8pkgbaw78z7oo2sf8fyh.js HTTP 302
https://widget-v4.tidiochat.com/1_131_0/static/js/render.a2ea9bf2d262d5060dc4.js

Request Chain 54

https://static.getbutton.io/widget-send-button/js/init.js HTTP 302
https://static.getbutton.io/widget/bundle.js

133 HTTP transactions
25 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mail.hicityinvestmentfx.com/
Redirect Chain

http://mail.hicityinvestmentfx.com/
https://mail.hicityinvestmentfx.com/

177 KB
13 KB

438ms
215ms

Document
text/html

144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

7dc76e366aa0d3492db6b362343880468ea3041bf12a3e5ec3b14905f82cbec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: public, max-age=2592000
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:33 GMT
expires: Fri, 06 Jan 2023 12:03:33 GMT
server: LiteSpeed
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Wed, 07 Dec 2022 12:03:33 GMT
location: https://mail.hicityinvestmentfx.com/
server: LiteSpeed
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
mail.hicityinvestmentfx.com/ui/css/ 118 KB
18 KB 117ms
112ms Stylesheet
text/css 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/css/bootstrap.min.css

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

4226892cd442d1b41821c1d8d263ce776aa7bd71eb079ee9b867b2676324d4c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 18274
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:33 GMT

GET
H2 200 font-awesome.min.css
mail.hicityinvestmentfx.com/ui/css/ 27 KB
6 KB 223ms
218ms Stylesheet
text/css 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/css/font-awesome.min.css

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

9be4dbae4b06d6f46d8e547d42aab3a940549cb244323c2fafb8485cad7b9db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 5863
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:33 GMT

GET
H2 200 envas-icons.css
mail.hicityinvestmentfx.com/ui/css/ 73 KB
11 KB 116ms
110ms Stylesheet
text/css 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/css/envas-icons.css

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

d3ed077a8fee5f02d06aad9a40fbab79e6c0273269363c3a676546ec646d0ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 11446
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:33 GMT

GET
H2 200 animate.min.css
mail.hicityinvestmentfx.com/ui/css/ 71 KB
4 KB 223ms
218ms Stylesheet
text/css 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/css/animate.min.css

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

8d3fe3468a8cddede0a9e15ebfa1864181213aecd3e74d5d329e6344ca3e3d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 4116
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:33 GMT

GET
H2 200 cubeportfolio.min.css
mail.hicityinvestmentfx.com/ui/css/ 78 KB
11 KB 225ms
220ms Stylesheet
text/css 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/css/cubeportfolio.min.css

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

5b84afdd76e7555b85f9e34c90b93d66543b3a53c2801d45cb90c3bf32c65e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 11121
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:33 GMT

GET
H2 200 owl.carousel.css
mail.hicityinvestmentfx.com/ui/css/ 4 KB
926 B 224ms
219ms Stylesheet
text/css 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/css/owl.carousel.css

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

3a726ccc2e7636120233935a2ba0c398b06bfa08374e474bf1cd2213d866abde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 891
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:33 GMT

GET
H2 200 owl.transitions.css
mail.hicityinvestmentfx.com/ui/css/ 4 KB
687 B 226ms
222ms Stylesheet
text/css 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/css/owl.transitions.css

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

711bc5b0b8c40e39b2560e65797d175e72a89b49ebbc266a7c7b581c4bec4b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 652
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:33 GMT

GET
H2 200 settings.css
mail.hicityinvestmentfx.com/ui/css/ 35 KB
7 KB 225ms
221ms Stylesheet
text/css 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/css/settings.css

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

242633826973d3a91bcacde2837fb54c5746a032588542b92c2c5a23a7923717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 7481
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:33 GMT

GET
H2 200 bootsnav.css
mail.hicityinvestmentfx.com/ui/css/ 34 KB
4 KB 227ms
223ms Stylesheet
text/css 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/css/bootsnav.css

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

3fc62012dd521cffaddf0129b7c25a271ebf9a538b94abb1dbaa38af38c307cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 4508
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:33 GMT

GET
H2 200 loader.css
mail.hicityinvestmentfx.com/ui/css/ 5 KB
733 B 251ms
248ms Stylesheet
text/css 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/css/loader.css

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

c7cc9fca2d1afc1be4ac0e15c9c8fbdf0a39d3b0b21a8db44636dc47dde38e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 698
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:33 GMT

GET
H2 200 style52e552e552e552e5.css
mail.hicityinvestmentfx.com/ui/css/ 62 KB
12 KB 290ms
287ms Stylesheet
text/css 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/css/style52e552e552e552e5.css?p=1587912412

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

9d19d30b3215f8d6fd8156b5a7bd9db07579cfc30d79cc3a3b9e39795664be3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 06 Apr 2022 20:50:08 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 12298
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:33 GMT

GET
H2 200 fake-notification-min.css
mail.hicityinvestmentfx.com/alert/css/ 978 B
427 B 289ms
286ms Stylesheet
text/css 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/alert/css/fake-notification-min.css

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

27ef53faac17a2fcf938097d718cbf926cc54f9b35d79815c26ea0e219156d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 369
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:33 GMT

GET
H2 200 animate.min.css
mail.hicityinvestmentfx.com/alert/css/ 17 KB
2 KB 291ms
288ms Stylesheet
text/css 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/alert/css/animate.min.css

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

0add8fcb5a583b1c16238fbe9d0de17c6272726b42be17fdcd9b4686ef5287d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 2503
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:33 GMT

GET
H2 200 sweetalert.min.html Show response
mail.hicityinvestmentfx.com/unpkg.com/sweetalert%402.1.2/dist/ 3 KB
1 KB 226ms
224ms Script
text/html 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/unpkg.com/sweetalert%402.1.2/dist/sweetalert.min.html

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

d45b287a009587c328f9d41078b757457dc1cacabb9b4e9cc0f3533b932ef64c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 06 Apr 2022 17:27:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/html
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1072
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:33 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 74 KB
26 KB 126ms
57ms Script
text/javascript 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6756d784f3220866b13145b7b90c5abf2e77e96b45eb967644dfa805bc38913b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 12:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.png
mail.hicityinvestmentfx.com/img/ 45 KB
45 KB 863ms
851ms Image
image/png 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/img/logo.png

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

3911ae641bbc4b96e0e39842fe83597be9bcd14f7c1ac1462caa5c73bf5d857f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Aug 2022 00:40:46 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 45735
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H2 403 embed-widget-ticker-tape.html
s3.tradingview.com/external-embedding/ 0
0 169ms
85ms Script
application/xml 13.224.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.html
Requested by: Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-103.phl50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 home1-banner2.jpg
mail.hicityinvestmentfx.com/ui/images/ 71 KB
71 KB 902ms
891ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/home1-banner2.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

4636d2cb8643429792d26a97fbbfb2669038d0ea31593ce78830f193960d6cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 72325
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 home3-banner3.jpg
mail.hicityinvestmentfx.com/ui/images/ 66 KB
66 KB 912ms
900ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/home3-banner3.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

c83e5ad8e5ac67b595dbc256f4b60681b258b2d4f5babfcf52f84808a6815a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 67884
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 good-plans.jpg
mail.hicityinvestmentfx.com/ui/images/ 186 KB
187 KB 931ms
920ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/good-plans.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

614061e779ad90a0a79964cf53e3ddcb332e6c11d935527e3b228dc56ead36e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Sat, 01 May 2021 22:11:52 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 190915
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 grid1.jpg
mail.hicityinvestmentfx.com/ui/images/ 40 KB
40 KB 995ms
983ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/grid1.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

1b04dd83547f82d7d3cd1dc401159c0477559a53bb5af665dd70ac08a7b3d1b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 40543
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 grid3.jpg
mail.hicityinvestmentfx.com/ui/images/ 143 KB
143 KB 996ms
985ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/grid3.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

e7354e8104b8c7acc73962a6fd23d10546e7536026489d4e86f2dfe5fadea925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 05:02:50 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 146261
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 grid2.jpg
mail.hicityinvestmentfx.com/ui/images/ 42 KB
42 KB 1027ms
1016ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/grid2.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

40f54adc2e142297a7abd76113b80551e7137a95514aae6ce0fec4691dec3218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 42999
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 security.jpg
mail.hicityinvestmentfx.com/ui/images/ 49 KB
49 KB 1030ms
1020ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/security.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

4d405be26dd3addf2cc7c34e0635a2d640e88cda3123b3f9da874e5519bb9c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 49987
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 grid5.jpg
mail.hicityinvestmentfx.com/ui/images/ 36 KB
36 KB 1033ms
1023ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/grid5.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

b86a2de15d0ee7293ceb3dfb5803d74266fa62a626240c6fa8dfc5a9737c1930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 37321
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 video-img.jpg
mail.hicityinvestmentfx.com/ui/images/ 189 KB
189 KB 1044ms
1033ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/video-img.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

5350df02f1b57a9b919631f8b7d7bbce85b3ec3a7be5a7d109d666fcae792220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Sat, 01 May 2021 22:11:52 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 193829
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 998bbc715738adbee6391aa77185ed78.jpg
mail.hicityinvestmentfx.com/uploads/testimonies/thumb/ 57 KB
57 KB 1061ms
1051ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/uploads/testimonies/thumb/998bbc715738adbee6391aa77185ed78.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

738282f3e1e7f0b61ae090b4bea02f4b89c4f3217dfa2cef339f46610c9918a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 58240
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 47cbbfcf351a84a2c74ba853146d9713.jpg
mail.hicityinvestmentfx.com/uploads/testimonies/thumb/ 71 KB
72 KB 1084ms
1073ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/uploads/testimonies/thumb/47cbbfcf351a84a2c74ba853146d9713.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

dd89edf5e0efd8289a0fd79aa90edfc6decf848b6c064712ced5e9e2325c7e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 73174
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 20aab71f88a53b30534b49407b1e61b4.jpg
mail.hicityinvestmentfx.com/uploads/testimonies/thumb/ 105 KB
105 KB 1086ms
1076ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/uploads/testimonies/thumb/20aab71f88a53b30534b49407b1e61b4.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

7eafb4440d639f990c05337dae1fe1d293643b64c807ba106a34ae1c2bbe3b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 107274
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 news3.jpg
mail.hicityinvestmentfx.com/ui/images/ 46 KB
46 KB 1088ms
1078ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/news3.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

06db492787188341adab034fef770040e0ec909aa124e564d437a8e00431bfa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Sat, 01 May 2021 22:11:52 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 46958
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 news2.jpg
mail.hicityinvestmentfx.com/ui/images/ 49 KB
49 KB 1089ms
1080ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/news2.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

4d405be26dd3addf2cc7c34e0635a2d640e88cda3123b3f9da874e5519bb9c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Sat, 01 May 2021 22:11:52 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 49987
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 cryptoexchange.jpg
mail.hicityinvestmentfx.com/ui/images/ 7 KB
7 KB 1107ms
1097ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/cryptoexchange.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

ced5a3b3cbcc30760c9ff9b169379ccad136cee1a5356277eccf28f1e1d7a205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Sat, 01 May 2021 22:11:52 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7154
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 news1.jpg
mail.hicityinvestmentfx.com/ui/images/ 27 KB
27 KB 1135ms
1126ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/news1.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

362def2ba0e81b9da5225229293fda88eda09580dfa385179f50ac78042fcd06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Sat, 01 May 2021 22:11:52 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 27425
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 404 logo-footer.png
mail.hicityinvestmentfx.com/img/ 1 KB
1 KB 323ms
314ms Image
text/html 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/img/logo-footer.png

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1238
x-xss-protection: 1; mode=block

GET
H2

200

render.a2ea9bf2d262d5060dc4.js Show response
widget-v4.tidiochat.com/1_131_0/static/js/
Redirect Chain

https://code.tidio.co/xhdyjcmv4dqy8pkgbaw78z7oo2sf8fyh.js
https://widget-v4.tidiochat.com/1_131_0/static/js/render.a2ea9bf2d262d5060dc4.js

22 KB
8 KB

214ms
41ms

Script
application/javascript

2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_131_0/static/js/render.a2ea9bf2d262d5060dc4.js
Requested by: Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/
Protocol: H2
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d6bfdcbff81022f9257db9728a3e39a933c534366e0bd54dab5c01fb8b4ab63

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Dec 2022 08:20:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6138
etag: W/"638da9bb-5713"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rLkl1kY0HATX%2BPjW9qEGmB9t81SvGk4gYh9HlkXTXSBQjxG5vx2029XYbR7%2BUMddaVtTe3stTZcivnSEM9sUZWw0PnMK1HHoWEjh%2Fip492%2BGqJuiufo6bxuMceUFhB%2F7M3O6FF9gvsAGqOnvMdwmKIadJz2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 775d1e6eaadee76c-EWR

Redirect headers

date: Wed, 07 Dec 2022 12:03:34 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
widget-cache-status: HIT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCEmQlzFwE%2B6aioXcY8UFNlTEBCPh%2Fs60BqtBl1%2FsSjaasCfy371vbmDvOUBFVR7DaoK1LO7fD3gYgUwqHtSBSeYZzwK6w3T4pAuD%2FuH3SlPggfPyUWaDAKYdj2BNbM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://widget-v4.tidiochat.com/1_131_0/static/js/render.a2ea9bf2d262d5060dc4.js
cache-control: private, no-cache, no-store, must-revalidate
cf-ray: 775d1e6b4fe919df-EWR

GET
H3 200 jquery-2.2.3.js Show response
mail.hicityinvestmentfx.com/ui/js/ 131 KB
37 KB 110ms
108ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/jquery-2.2.3.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

dc697d84f67d6a1ced4c266228cb29f37d5d278e2ad059c26f25cde7bf477739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 37280
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 bootstrap.min.js Show response
mail.hicityinvestmentfx.com/ui/js/ 36 KB
9 KB 111ms
108ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/bootstrap.min.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

58416e1f1a6cc08613552cca38760083c8136653e11fae84128b37bd4053fc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9456
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 jquery.parallax-1.1.3.js Show response
mail.hicityinvestmentfx.com/ui/js/ 562 B
307 B 663ms
662ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/jquery.parallax-1.1.3.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

d2aa60b6fa5eb8296f2dc939b72753a89ac8dc515add32c812d0343594ba627a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 283
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 jquery.appear.js Show response
mail.hicityinvestmentfx.com/ui/js/ 2 KB
637 B 816ms
803ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/jquery.appear.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

818efe5567259bf3b16aff2277c6ed0f188dd8ae032ea0d68a3f45f107274792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 613
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 jquery-countTo.js Show response
mail.hicityinvestmentfx.com/ui/js/ 1 KB
506 B 817ms
803ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/jquery-countTo.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

3ce64756692c2eaafa7ee671d3b954ec0ee537639db9417a289d4e67258f6ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 482
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 bootsnav.js Show response
mail.hicityinvestmentfx.com/ui/js/ 11 KB
2 KB 665ms
651ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/bootsnav.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

18cd88e7bd7b259144873086ce3e86f28a68e620c8e25be9b8e685fc504f34da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2174
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 jquery.cubeportfolio.min.js Show response
mail.hicityinvestmentfx.com/ui/js/ 95 KB
23 KB 813ms
800ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/jquery.cubeportfolio.min.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

b3f4e07de5a27392c4d2d3a368a0fef82b63dedc8a4be0fa1bdff8a6fc9a4ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 23338
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 owl.carousel.min.js Show response
mail.hicityinvestmentfx.com/ui/js/ 23 KB
6 KB 822ms
809ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/owl.carousel.min.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6271
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 viedobox_video.js Show response
mail.hicityinvestmentfx.com/ui/js/ 44 KB
10 KB 864ms
851ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/viedobox_video.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

35785e59e49c9fee8267e39aa0bc05f38a96b69cad1906c2a5e690a7d41bbdb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10426
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 jquery.themepunch.tools.min.js Show response
mail.hicityinvestmentfx.com/ui/js/ 102 KB
34 KB 827ms
814ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/jquery.themepunch.tools.min.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

61a0ae2e60d2dc81d5893d2f4f0f30b45c54cbf011b1b693ef25c43c7b0e677d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34751
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 jquery.themepunch.revolution.min.js Show response
mail.hicityinvestmentfx.com/ui/js/ 54 KB
14 KB 831ms
818ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/jquery.themepunch.revolution.min.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

469f3b2b13abcaf87c88e1c6205a84b8ed11d8b1d69afa63d43827ee828e6533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14514
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 revolution.extension.layeranimation.min.js Show response
mail.hicityinvestmentfx.com/ui/js/ 31 KB
8 KB 835ms
822ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/revolution.extension.layeranimation.min.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

e4a9116b1fcd85f9c08c024007e4a9f91e22cd9f73934c17f1c27cb3042c1965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8498
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 revolution.extension.navigation.min.js Show response
mail.hicityinvestmentfx.com/ui/js/ 25 KB
6 KB 836ms
823ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/revolution.extension.navigation.min.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

d142eb357e73777500b9b03ba2a8f77019cf1d7d6ab3dd496a40df33c2293fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6554
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 revolution.extension.parallax.min.js Show response
mail.hicityinvestmentfx.com/ui/js/ 8 KB
2 KB 841ms
828ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/revolution.extension.parallax.min.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

68a122bc1b9b6aa0773662afc8e4c73c352f2afc6057503d329936336388b6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2316
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 revolution.extension.slideanims.min.js Show response
mail.hicityinvestmentfx.com/ui/js/ 27 KB
6 KB 842ms
829ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/revolution.extension.slideanims.min.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

714cd3a4cfb1b4f2c998f461e2b06d02387a4a8ce41b6b666b276ababf74af92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6225
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 revolution.extension.video.min.js Show response
mail.hicityinvestmentfx.com/ui/js/ 23 KB
5 KB 857ms
845ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/revolution.extension.video.min.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

4732cd58bf411b55b4fe38012a5d3d1acb5e474455d1a08b05ea26e7961c715b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5505
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 wow.min.js Show response
mail.hicityinvestmentfx.com/ui/js/ 5 KB
2 KB 858ms
846ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/wow.min.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

bf5756b42791ad1d693196b5b2e57e93a387d45dee7ba02322a001c451b8df05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1561
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 functionsaed0aed0aed0aed0.js Show response
mail.hicityinvestmentfx.com/ui/js/ 10 KB
3 KB 859ms
846ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/js/functionsaed0aed0aed0aed0.js?u=1587912412

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

e7b18760b75ad9d312fbe216495e3b2b92b1044ad8af592fa9849e8b8b656ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2896
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H3 200 jquery.fake-notification.min.js Show response
mail.hicityinvestmentfx.com/alert/js/ 3 KB
1 KB 859ms
847ms Script
application/javascript 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/alert/js/jquery.fake-notification.min.js

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

a2e77918046fe456ba3d874ccddd3d0bf40a9774c0ffe5d70b08e069b777e847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1184
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H/1.1

200
OK

bundle.js Show response
static.getbutton.io/widget/
Redirect Chain

https://static.getbutton.io/widget-send-button/js/init.js
https://static.getbutton.io/widget/bundle.js

297 KB
92 KB

261ms
260ms

Script
application/javascript

95.216.228.15
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getbutton.io/widget/bundle.js
Requested by: Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/
Protocol: HTTP/1.1
Server: 95.216.228.15 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.15.228.216.95.clients.your-server.de
Software: nginx/1.16.0 /
Resource Hash: b38627bd775364df4faf30a54e7d6038eef316c78e7b89c27ae70244434336e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 12:03:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Nov 2022 07:07:30 GMT
Server: nginx/1.16.0
ETag: W/"63748c32-4a576"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: keep-alive
Expires: Wed, 07 Dec 2022 15:03:35 GMT

Redirect headers

Location: https://static.getbutton.io/widget/bundle.js
Date: Wed, 07 Dec 2022 12:03:35 GMT
Server: nginx/1.16.0
Connection: keep-alive
Content-Length: 145
Content-Type: text/html

GET
H2 200 css
fonts.googleapis.com/ 28 KB
1 KB 128ms
68ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,800,700italic,700,800italic,900,900italic,600italic,600,500italic,500,400italic,300italic,300,200italic,200,100italic,100

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/ui/css/style52e552e552e552e5.css?p=1587912412

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c46eb219c485ba41cc1e7407cbb6dc0dcb260478485fc5342431e6951bb91f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 12:03:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 12:03:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 102ms
42ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300italic,300,400italic,600,600italic,700,700italic,800,800italic

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/ui/css/style52e552e552e552e5.css?p=1587912412

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 11:03:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 12:03:34 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 87ms
26ms Stylesheet
text/css 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.mDH6gpU_zdI.O/d=1/rs=AN8SPfpc_aBGGGcon5musxLArR6j0bbk_A/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 11:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 07 Dec 2022 12:39:43 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.mDH6gpU_zdI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpc_aBGGGcon5musxLArR6j0bbk_A/ 207 KB
74 KB 88ms
28ms Script
text/javascript 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.mDH6gpU_zdI.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpc_aBGGGcon5musxLArR6j0bbk_A/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.mDH6gpU_zdI.O/d=1/rs=AN8SPfpc_aBGGGcon5musxLArR6j0bbk_A/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13baec7e8be3c4f28a4f61dfa8a40ca67d7075d99ffc5f802d755a2f2878ea2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 04:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75162
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 22:11:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 04:37:54 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 100ms
28ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300italic,300,400italic,600,600italic,700,700italic,800,800italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.hicityinvestmentfx.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 18:52:16 GMT
x-content-type-options: nosniff
age: 148278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:52:16 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 138ms
66ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,800,700italic,700,800italic,900,900italic,600italic,600,500italic,500,400italic,300italic,300,200italic,200,100italic,100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.hicityinvestmentfx.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 03:59:58 GMT
x-content-type-options: nosniff
age: 547416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 03:59:58 GMT

GET
H2 200 test2.php Show response
actionfxtrade.com/trade_graph/ Frame 71DE 4 KB
1 KB 669ms
112ms Document
text/html 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/test2.php

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.32

Resource Hash

1c5b9e7435a6b5449de0d74e9fa5c1b4b565fc8d5866ed4ae6a6bdf6920fdb59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 1178
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:34 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.32

GET
H3 200 fontawesome-webfont3295.html
mail.hicityinvestmentfx.com/ui/fonts/ 65 KB
65 KB 598ms
598ms Font
text/html 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/fonts/fontawesome-webfont3295.html

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/ui/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mail.hicityinvestmentfx.com/ui/css/font-awesome.min.css
Origin: https://mail.hicityinvestmentfx.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 04 Aug 2022 17:22:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/html
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 66631
x-xss-protection: 1; mode=block
expires: Fri, 06 Jan 2023 12:03:34 GMT

GET
H3 200 envas-icons4965.ttf
mail.hicityinvestmentfx.com/ui/fonts/ 369 KB
193 KB 497ms
496ms Font
font/ttf 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.hicityinvestmentfx.com/ui/fonts/envas-icons4965.ttf

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/ui/css/envas-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

77d2855acf16955aeda0f23dfa66d45f3f2156b8e169bf995c4aa54f6957bd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mail.hicityinvestmentfx.com/ui/css/envas-icons.css
Origin: https://mail.hicityinvestmentfx.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 197933
x-xss-protection: 1; mode=block
expires: Wed, 14 Dec 2022 12:03:34 GMT

GET
H2 200 O4VGe
streamja.com/embed/ Frame E291 0
0 808ms
355ms Document
text/html 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamja.com/embed/O4VGe

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775d1e6eabb6c47c-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygSMtsx6DDqXNeIQPjtPLrCf7jrntPMfHNWIRbgQCYJL9LMJmkIBhs5SVylRLWnibv5W2jlmJPV6SqIhAr4zw3voB4BbVrvoyPgA1afiwmx292DX%2BTzzOzpJa%2Bag6QSfj4EllRdcUqg5tw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

GET
H2 200 29Z7z Show response
streamja.com/embed/ Frame C3C0 12 KB
6 KB 554ms
109ms Document
text/html 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamja.com/embed/29Z7z

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

f7aa50e37e8b3ffae1353411c62ddc08657e41e16c605bbdc8f5a515d14302d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775d1e6eabb7c47c-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwnWLbZE2quIW0T0C6weSJKxBFW8JTvda2E6VPWk13IJTmPI8eh9az3aWKM20YJUGY%2F46C76I05SqwGVPNy012Eypoh0cWNcqj50cRgETkPiiDI%2Bosd23yV6VMUMlgorRY%2BdIjzpSLRqZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

GET
H2 200 n37aA
streamja.com/embed/ Frame BDD3 0
0 762ms
323ms Document
text/html 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamja.com/embed/n37aA

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775d1e6eabb9c47c-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fxuHCdSPewMmUIgQ%2BqnHMwT1odNtaa%2FT%2FIpjHZaxLygvFYMLPSaZHMfSDCzEf0VuyDNVg%2FlnTLN5qPruhKYpXip5h9TQi4TxL4lscJ5Dfn%2BVsnRgFGL93Hx1vlMDcMq%2BGIOFIaZgYHLHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

GET
H2 200 q5z1V
streamja.com/embed/ Frame 4157 0
0 800ms
372ms Document
text/html 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamja.com/embed/q5z1V

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775d1e6eabbbc47c-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hLvG4g20wQ0PXb2VUBew8r2Vf%2BVHm9WHe6NGIlY4xBToXaZzMo9lBuaVsQHFsZIUPLTTgzAnziCzM1ZZgCHdRfZeOW%2BjbZJXjptlcI81zwnGVTUgyvNSGH6DoZp5oFOkxKsBn3IhS1%2FBw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

GET
H2 200 0jyOA
streamja.com/embed/ Frame F18C 0
0 793ms
367ms Document
text/html 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamja.com/embed/0jyOA

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775d1e6eabbcc47c-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B61E9BhZVnQYrrSSGcFdp3NM6%2FfvTMF5mniUGnK8d2yA4DiJqWBWOPPlAOA0jWGZdyikwyRLpdWqDQAcFIjIcmU2JVaiHdIPTKsFXVccIidUd%2FUgK6emQC8csu1wEcXPcOuRXJXHNMzS8w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

GET
H2 200 6Kd0K
streamja.com/embed/ Frame 011E 0
0 770ms
346ms Document
text/html 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamja.com/embed/6Kd0K

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775d1e6eabbdc47c-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttj7Mu1XW6ZUqw46xXF%2FKjLaxgVynPDuY%2BOYZywaFZzXgHFrED8LYjvT4aUDbhG3TLtBUGeXzagrq3ci4omomdVStxrrI3NW2Y%2BcaTDGa3WjVoPqqEPXiRpoBkLeCidnM0wtl6H%2B6YislA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

GET
H2 200 oeR55
streamja.com/embed/ Frame BA68 0
0 798ms
375ms Document
text/html 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamja.com/embed/oeR55

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775d1e6eabbec47c-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mM%2FjoaigvQvLIlGrod%2FKt9Whk7sOsTVcXi4fi8B3a7fA8OEjtUBh8A9d%2FwEzoRqh%2FKltUkJapkITkNaNA5TmNJ0nMVEVEFh2nXgVTPzPFFFZkj%2F22I77oQQE7TZkorkp00GnB6S4MBw3wA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

GET
H3 200 video.jpg
mail.hicityinvestmentfx.com/ui/images/ 142 KB
142 KB 953ms
953ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/video.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/ui/css/style52e552e552e552e5.css?p=1587912412

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

55a0511170cdbb9644f83c1a96602e1fb35ca549cd890652ca3fa3604d4b0697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/ui/css/style52e552e552e552e5.css?p=1587912412
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:39:20 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 145505
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 bg-contact2.jpg
mail.hicityinvestmentfx.com/ui/images/ 19 KB
19 KB 738ms
737ms Image
image/jpeg 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/ui/images/bg-contact2.jpg

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/ui/css/style52e552e552e552e5.css?p=1587912412

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

2f9c60ceef95ea01006b61ac7b7eed569efd434f4d2ed9f8f32c5d9ea1dd0d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/ui/css/style52e552e552e552e5.css?p=1587912412
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:34 GMT
x-content-type-options: nosniff
last-modified: Sat, 01 May 2021 22:11:52 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 19345
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 12:03:34 GMT

GET
H3 200 29Z7z.jpg
streamja.com/i/29/ Frame C3C0 23 KB
24 KB 66ms
33ms Image
image/jpeg 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://streamja.com/i/29/29Z7z.jpg
Requested by: Host: streamja.com
URL: https://streamja.com/embed/29Z7z
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 967c448e5a825e332717981391f4f72a08623601e1279256f2c6379afb74257c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/embed/29Z7z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21344
cf-polished: origSize=24511, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23507
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Apr 2022 15:13:20 GMT
server: cloudflare
etag: "624dae10-5fbf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hWAcXK8mySCjDOp5iSDWZLeo8S71klWKrcJe%2FyhNzEh1llSaNNGVO0muKVl3WbVya7Hjz6%2Ffwav%2FkUnD%2FOyZOonsMumvUj4CrW02t7UqZBMu2g6Grfg2JkRA8EcD6uhAqMGkcBlyu%2BvvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1728000
accept-ranges: bytes
cf-ray: 775d1e6fbc661977-EWR
expires: Tue, 27 Dec 2022 06:07:51 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 71DE 87 KB
31 KB 34ms
25ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: actionfxtrade.com
URL: https://actionfxtrade.com/trade_graph/test2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://actionfxtrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 10:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 10:46:09 GMT

GET loader.js
actionfxtrade.com/trade_graph/charts/ Frame 71DE 0
0

GET analytics.js
www.google-analytics.com/ Frame C3C0 0
0

GET
DATA 200
OK truncated
/ Frame C3C0 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a09199b51cf1139097df5a3b44bf236d5af095626ac9e1ef2fe426c6b61e7e41

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C3C0 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdbc5ec79ca685b02987af2d96c728717b490bdbd9f8c3205e195e2bede8968d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C3C0 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22787a5c7961dca7860b0958309b4e34e97da89e98d872f10b0be18101ef6382

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 test2.php Show response
actionfxtrade.com/trade_graph/ Frame 2324 4 KB
1 KB 130ms
108ms Document
text/html 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/test2.php

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/ui/js/jquery-2.2.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.32

Resource Hash

1c5b9e7435a6b5449de0d74e9fa5c1b4b565fc8d5866ed4ae6a6bdf6920fdb59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 1178
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:35 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.32

GET
H3 200 O4VGe Show response
streamja.com/embed/ Frame 74FB 12 KB
6 KB 106ms
106ms Document
text/html 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamja.com/embed/O4VGe

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/ui/js/jquery-2.2.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

4c789d6ac5ffd6b1f05b7fa6a21f04f6e9775704bd27885c9358bfb5c7b1933e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775d1e71dee51977-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbfUjwItXiZ30JUcK8hdbdaRNjm%2FIH%2FX1etstikmvZqltYFOzIv4NPsWYVbkPIdtFKQgU9tfZHYl6VakHeDAkHpXjlrU0gikjDipa3La%2Fw59YGHZxgffx8pLsCI0fG%2BMDNhvgFuzzhDWkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

GET
H3 200 29Z7z Show response
streamja.com/embed/ Frame D19B 12 KB
6 KB 108ms
108ms Document
text/html 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamja.com/embed/29Z7z

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/ui/js/jquery-2.2.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

c6c16d5f5c964cf5e9137fec8e947eac9a97540e63db68be1ed7014fa5058dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775d1e71dee71977-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xuf0sSlZ04yQgEzXdUJXGuz98eMnaHa1bukDM50Gtdn7DjQRdqHeSYa9HNb%2FPeRAasiFpuTv0Mtu5QVyvWma%2FLdU%2Bb8sDInSDsD1a9NtvkKQFIiFRTpn4CqGlHx2ZG0Tco15EoAQBTElw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

GET
H3 200 n37aA Show response
streamja.com/embed/ Frame 53B3 12 KB
6 KB 110ms
107ms Document
text/html 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamja.com/embed/n37aA

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/ui/js/jquery-2.2.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

e9045ff3cd38ab3465147d4fac248b0d5eabdcf7380dc08d56de2af9af4f5484

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775d1e71eeef1977-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wUdU9i%2BXwwhfS3RH2y%2BUqEQcINMn4a9rYHeYOcfbvTnm4%2FfQluHKat3SRKPiCsh7yefWuNSlfFH%2FwtXXYhdROhPsgQJXzHWlECsJjBHF4mITgIpNQasfANTzG8bN75teXA9fhtLgbqx%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

GET
H3 200 q5z1V Show response
streamja.com/embed/ Frame E6D8 12 KB
6 KB 124ms
121ms Document
text/html 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamja.com/embed/q5z1V

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/ui/js/jquery-2.2.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

44154e4d26126032f5fc8b811d0702adf93aa33b62a2e1b32f6b3cd37b41e37a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775d1e71eef21977-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsJROySfWr%2FVBRvEHhLYFmaR3EFsNobzkMqwoCqq5W5Fz1rjdkM3QHJDjC8jRWX5NxubgrlsRWvM42fdAV%2FyGZThMAmPDruA18pZswVhA8LdLt0NAkOusTvpNQ9m7%2Fn0ZOV4%2BaS9CnkYZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

GET
H3 200 0jyOA Show response
streamja.com/embed/ Frame 4B95 12 KB
6 KB 118ms
109ms Document
text/html 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamja.com/embed/0jyOA

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/ui/js/jquery-2.2.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

857b1378b7f17be8829e263d465bd377e63d385ea5f5ace147befce02dbc9d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775d1e71eefd1977-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IoR%2Bev1aFQecptMT11gETdOxQHHdZ9SZaYIYJy8t6Iyem0AV6I0s8DUL1cr3CEmzL590xatP2e5oEsCXb92m9NFVhYp8s1N5mprcsODZKw9FTfDUM13g%2FUYUDGC6oO8tYDVZfo05RhyUdA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

GET
H3 200 6Kd0K Show response
streamja.com/embed/ Frame 2D48 12 KB
6 KB 126ms
118ms Document
text/html 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamja.com/embed/6Kd0K

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/ui/js/jquery-2.2.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

b20fb3e060418c7cff7c4fbd4ee92f4de0185bca60db02634589b9e3532dadc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775d1e71eeff1977-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T04rxhsLFWEqMHMzK1KLUeEkHJUhKBsCrMYxA6Awy5JFH%2FeKM5bDWRBx8RjQTYEZ7Uc3wnmJhPLBaSSCEXoQINuveTwLZ%2FcJsaKQo7%2FLnA%2BmA8vr2E9tU7w3QeOCyC7KOIktkroL%2BfyekA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

GET
H3 200 oeR55 Show response
streamja.com/embed/ Frame 2DEF 12 KB
6 KB 143ms
135ms Document
text/html 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://streamja.com/embed/oeR55

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/ui/js/jquery-2.2.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.30

Resource Hash

6b3b8a8490c19da2f9c3aa014e3509173c610a1fc65152dedeba4f6d01415d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://mail.hicityinvestmentfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 775d1e71ef011977-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 12:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cokksu0A7FIBaJnSDJS5CUXv0YyvUAdQzBBhA%2FXv1u%2B64TKZnz6Y9xWxuV6GOX65oo6RMhS5avuIjDDqTuVprlE61%2FdtgHY0HZl%2FfwBmIXAcrs2KWlPd0DCXUaoBhng5PeQ8OAEChCguXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

GET
H3 404 lightbox-next.png
mail.hicityinvestmentfx.com/images/ 1 KB
1 KB 110ms
108ms Image
text/html 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/images/lightbox-next.png

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 12:03:35 GMT
x-content-type-options: nosniff
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1238
x-xss-protection: 1; mode=block

GET
H3 404 lightbox-prev.png
mail.hicityinvestmentfx.com/images/ 1 KB
1 KB 111ms
109ms Image
text/html 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/images/lightbox-prev.png

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 12:03:35 GMT
x-content-type-options: nosniff
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1238
x-xss-protection: 1; mode=block

GET
H3 404 close-box.png
mail.hicityinvestmentfx.com/images/ 1 KB
1 KB 111ms
110ms Image
text/html 144.76.107.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.hicityinvestmentfx.com/images/close-box.png

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

144.76.107.13 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

bh-cloud.bergeservers.com

Software

LiteSpeed /

Resource Hash

5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 12:03:35 GMT
x-content-type-options: nosniff
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1238
x-xss-protection: 1; mode=block

GET
H2 200 chunk-WidgetIframe-a2ea9bf2d262d5060dc4.js Show response
widget-v4.tidiochat.com/1_131_0/static/js/ Frame D470 345 KB
89 KB 50ms
48ms Script
application/javascript 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_131_0/static/js/chunk-WidgetIframe-a2ea9bf2d262d5060dc4.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/xhdyjcmv4dqy8pkgbaw78z7oo2sf8fyh.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b46edd9de064ab560d77462b2313fbc08749f9f7485fe0c8b8f9e1e6365d641

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Dec 2022 08:20:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6135
etag: W/"638da9bb-56229"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foWR1s0e3lOitpTFqmHBMvCBVmhYf35Yc9phEUl3rylBGToYN0AwHiR6oWN6IoCnbLjk8RrcdbPT0iy77AiZSnd%2BKMUNDghwkgRAjd8nVvfk8s%2B%2BNZDkWaxknqMqPmkXStlcWdyLmGYJLTFPDiOQe%2Bd1bBQA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 775d1e732ee9e76c-EWR

GET
H3 200 O4VGe.jpg
streamja.com/i/o4/ Frame 74FB 35 KB
36 KB 35ms
35ms Image
image/jpeg 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://streamja.com/i/o4/O4VGe.jpg
Requested by: Host: streamja.com
URL: https://streamja.com/embed/O4VGe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dd9fc655f3ca1693b8a90b1d5a2118c6b19822d40efc87d7f5913a14c3ada86

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/embed/O4VGe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21343
cf-polished: origSize=37080, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36077
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Apr 2022 15:00:30 GMT
server: cloudflare
etag: "624dab0e-90d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHS8iuhm0q5vCeJTXNqRdP0TDZ%2BZQm7b5QOkRJsP%2B4t1omNVZ6Hk4yNd1KsjjmOZN1jBaqQmFSGygrYxn%2BKOpJ4GISf0vtuzQfGFYxUKciRSiT7RILqH0WKR8wKSmZp2FxelbVAdMo1Y9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1728000
accept-ranges: bytes
cf-ray: 775d1e7348791977-EWR
expires: Tue, 27 Dec 2022 06:07:52 GMT

GET
H3 200 29Z7z.jpg
streamja.com/i/29/ Frame D19B 23 KB
24 KB 34ms
34ms Image
image/jpeg 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://streamja.com/i/29/29Z7z.jpg
Requested by: Host: streamja.com
URL: https://streamja.com/embed/29Z7z
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 967c448e5a825e332717981391f4f72a08623601e1279256f2c6379afb74257c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/embed/29Z7z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21344
cf-polished: origSize=24511, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23507
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Apr 2022 15:13:20 GMT
server: cloudflare
etag: "624dae10-5fbf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giZl%2FE7DBwnJhFUzSkX79sNVMhP0g94ug%2Fs1QyNvqFxkCzITx9%2F09d2nenQJUyoRTxboEiuHbIjP4%2B9Ohr7LvanZtRVqTF3jpenXq%2FOgWCjeslrobS%2BNwPuCcD6VDA%2BuNAMAOmoMmISuag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1728000
accept-ranges: bytes
cf-ray: 775d1e7378b01977-EWR
expires: Tue, 27 Dec 2022 06:07:51 GMT

GET
H3 200 n37aA.jpg
streamja.com/i/n3/ Frame 53B3 31 KB
31 KB 35ms
34ms Image
image/jpeg 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://streamja.com/i/n3/n37aA.jpg
Requested by: Host: streamja.com
URL: https://streamja.com/embed/n37aA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4b9c02248c8a5003ea2ee59fba59de6cd2651bdac25759213e15125da4156e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/embed/n37aA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21344
cf-polished: origSize=31914, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31490
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Apr 2022 15:08:08 GMT
server: cloudflare
etag: "624dacd8-7caa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k68JC9yWjcbtZZjXCkSmVx35Xh4o4EdpmQba3hmVzvWDgbxOeyYPYM8CWSbInDnuYheHFQOtrPvq%2FGeKxoUG2XAFr5EvPOkwSNIQMrDPXcpOCY16Cw%2FZnIul%2BMBLaOqNM1NbrVhHEFtKLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1728000
accept-ranges: bytes
cf-ray: 775d1e7388c51977-EWR
expires: Tue, 27 Dec 2022 06:07:51 GMT

GET
H3 200 0jyOA.jpg
streamja.com/i/0j/ Frame 4B95 32 KB
32 KB 51ms
43ms Image
image/jpeg 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://streamja.com/i/0j/0jyOA.jpg
Requested by: Host: streamja.com
URL: https://streamja.com/embed/0jyOA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aa66aef9406ff96e8f5f40fdb675084dad357b2971b4bb7ab0da75991982555

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/embed/0jyOA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21342
cf-polished: origSize=33443, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32322
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Apr 2022 15:04:31 GMT
server: cloudflare
etag: "624dabff-82a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljLFdbYOyitlStDStJwaFpbRQsXP8ZTo1A2MVzICEPbUL6U6uuyKAJwRz8Agxm6v9%2BCkgc7YwgQmxOCJt5eCRz0CAD2oE8blVidNKYfwBIXCukESk56dHXpdvv4as%2F5nraZYLdGjZqpmzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1728000
accept-ranges: bytes
cf-ray: 775d1e73a8ef1977-EWR
expires: Tue, 27 Dec 2022 06:07:53 GMT

GET
H3 200 q5z1V.jpg
streamja.com/i/q5/ Frame E6D8 51 KB
52 KB 507ms
506ms Image
image/jpeg 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://streamja.com/i/q5/q5z1V.jpg
Requested by: Host: streamja.com
URL: https://streamja.com/embed/q5z1V
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b49362124b85e72f646bf8beda16d16049501315aae35c4ecef737d0172066f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/embed/q5z1V
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:36 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Apr 2022 15:11:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "624dad9b-cc06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RggMS2ZRwqoagKCFNqgj3CKcJcKkBKTtSNGZERMgiXk5ak5MaWcuALyEYGLAnaSPXWt21WcMeXgawMcADrlvCpPlV67NghSgMcGXX2%2BCCmQIaF41SzViagzwRwv0zu11S%2FHqGruMPaYhPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1728000
accept-ranges: bytes
cf-ray: 775d1e73a8f01977-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52230
expires: Tue, 27 Dec 2022 12:03:35 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 2324 87 KB
30 KB 191ms
32ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: actionfxtrade.com
URL: https://actionfxtrade.com/trade_graph/test2.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://actionfxtrade.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 10:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 10:46:09 GMT

GET
H3 200 loader.js Show response
actionfxtrade.com/trade_graph/charts/ Frame 2324 137 KB
40 KB 133ms
132ms Script
application/x-javascript 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/charts/loader.js

Requested by

Host: actionfxtrade.com
URL: https://actionfxtrade.com/trade_graph/test2.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1328022453b6ef709d52ada95cef454c0beaa882825058ad0493e9589eda2d27

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://actionfxtrade.com/trade_graph/test2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:35 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 26 Mar 2021 08:39:19 GMT
server: LiteSpeed
etag: "2237f-605d9db7-9ba407ad35e9ee36;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 40490
expires: Wed, 14 Dec 2022 12:03:35 GMT

GET
H3 200 6Kd0K.jpg
streamja.com/i/6k/ Frame 2D48 25 KB
26 KB 41ms
40ms Image
image/jpeg 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://streamja.com/i/6k/6Kd0K.jpg
Requested by: Host: streamja.com
URL: https://streamja.com/embed/6Kd0K
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e29352d0dc16fe0157a6eebb63a850a479d8760e3e534edaec6ea9271017880e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/embed/6Kd0K
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21339
cf-polished: origSize=26562, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25665
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Apr 2022 15:15:01 GMT
server: cloudflare
etag: "624dae75-67c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCm%2BfS4Yt04uAcc4eK13X3q0Csj3ausyKC3HxrPFpNwJETILXZYCtifpCO%2BT7jUvPjXD2KscmOYf%2BQkGLO%2FkVo%2FKuyaBoqbe%2BWGX2ZRJi%2F1ih3lGS4%2BMIxF%2B3ptJ5m%2FRLf56GsR6ufJ5ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1728000
accept-ranges: bytes
cf-ray: 775d1e73c9101977-EWR
expires: Tue, 27 Dec 2022 06:07:56 GMT

GET
H3 200 oeR55.jpg
streamja.com/i/oe/ Frame 2DEF 23 KB
24 KB 35ms
35ms Image
image/jpeg 2606:4700:20::ac43:4991
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://streamja.com/i/oe/oeR55.jpg
Requested by: Host: streamja.com
URL: https://streamja.com/embed/oeR55
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4991 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 967c448e5a825e332717981391f4f72a08623601e1279256f2c6379afb74257c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/embed/oeR55
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21342
cf-polished: origSize=24511, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23507
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Apr 2022 15:17:01 GMT
server: cloudflare
etag: "624daeed-5fbf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbplIuBdm7lKJYac6xIF2BKSq7tvfttkyrPnsGfu9csRi7SuQZEOWO9FfaCVHuZfOUrA%2Bb2Vydn6cjFpbO2t7%2FniOpFpgxlKLrK3BxofhHuIWpXbeygQ0XmxJeyg8Fq7SpxhPi4Cxs7kmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=1728000
accept-ranges: bytes
cf-ray: 775d1e73d92b1977-EWR
expires: Tue, 27 Dec 2022 06:07:53 GMT

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame D470 7 KB
7 KB 40ms
40ms Media
audio/mpeg 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Requested by: Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 07 Dec 2022 12:03:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238538
Content-Range: bytes 0-7223/7224
Content-Length: 7224
pragma: public
last-modified: Thu, 24 Nov 2022 13:58:07 GMT
server: cloudflare
etag: "637f786f-1c38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQtze7IfggOixmUBhvwjQQom3naJ12OYTKalhTXS9GRK0CxzX9X0WAKKeJu%2F9T6F7k0tK3mxffmqzn7a0OVRIjg12Z1mDptfTZN5sq4ms5kb63tRofm%2FF9eJ%2FuGbORYcXsJdypzPiRRYGTcXeffvWeFm1JHn"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 775d1e73ef53e76c-EWR
expires: Sun, 18 Dec 2022 17:47:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 74FB 49 KB
20 KB 25ms
25ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: streamja.com
URL: https://streamja.com/embed/O4VGe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 11:46:25 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1030
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 07 Dec 2022 13:46:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame D19B 49 KB
20 KB 32ms
31ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: streamja.com
URL: https://streamja.com/embed/29Z7z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 11:46:25 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1030
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 07 Dec 2022 13:46:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 53B3 49 KB
20 KB 49ms
44ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: streamja.com
URL: https://streamja.com/embed/n37aA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 11:46:25 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1030
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 07 Dec 2022 13:46:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 4B95 49 KB
20 KB 56ms
55ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: streamja.com
URL: https://streamja.com/embed/0jyOA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 11:46:25 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1030
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 07 Dec 2022 13:46:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame E6D8 49 KB
20 KB 60ms
59ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: streamja.com
URL: https://streamja.com/embed/q5z1V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 11:46:25 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1030
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 07 Dec 2022 13:46:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2D48 49 KB
20 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: streamja.com
URL: https://streamja.com/embed/6Kd0K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 11:46:25 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1030
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 07 Dec 2022 13:46:25 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 2DEF 49 KB
20 KB 92ms
25ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: streamja.com
URL: https://streamja.com/embed/oeR55

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://streamja.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 11:46:25 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1030
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 07 Dec 2022 13:46:25 GMT

GET
DATA 200
OK truncated Show response
/ Frame 600F 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 102ms
26ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:34:04 GMT
x-content-type-options: nosniff
age: 73771
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 06 Dec 2023 15:34:04 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1023 B 105ms
30ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: mail.hicityinvestmentfx.com
URL: https://mail.hicityinvestmentfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mail.hicityinvestmentfx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:47:13 GMT
x-content-type-options: nosniff
age: 33382
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 07 Dec 2023 02:47:13 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 101ms
28ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 16:14:03 GMT
x-content-type-options: nosniff
age: 503372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Dec 2023 16:14:03 GMT

GET
DATA 200
OK truncated
/ Frame 74FB 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a09199b51cf1139097df5a3b44bf236d5af095626ac9e1ef2fe426c6b61e7e41

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 74FB 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdbc5ec79ca685b02987af2d96c728717b490bdbd9f8c3205e195e2bede8968d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 74FB 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22787a5c7961dca7860b0958309b4e34e97da89e98d872f10b0be18101ef6382

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D19B 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a09199b51cf1139097df5a3b44bf236d5af095626ac9e1ef2fe426c6b61e7e41

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D19B 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdbc5ec79ca685b02987af2d96c728717b490bdbd9f8c3205e195e2bede8968d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D19B 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22787a5c7961dca7860b0958309b4e34e97da89e98d872f10b0be18101ef6382

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 53B3 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a09199b51cf1139097df5a3b44bf236d5af095626ac9e1ef2fe426c6b61e7e41

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 53B3 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdbc5ec79ca685b02987af2d96c728717b490bdbd9f8c3205e195e2bede8968d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 53B3 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22787a5c7961dca7860b0958309b4e34e97da89e98d872f10b0be18101ef6382

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E6D8 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a09199b51cf1139097df5a3b44bf236d5af095626ac9e1ef2fe426c6b61e7e41

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E6D8 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdbc5ec79ca685b02987af2d96c728717b490bdbd9f8c3205e195e2bede8968d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E6D8 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22787a5c7961dca7860b0958309b4e34e97da89e98d872f10b0be18101ef6382

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4B95 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a09199b51cf1139097df5a3b44bf236d5af095626ac9e1ef2fe426c6b61e7e41

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4B95 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdbc5ec79ca685b02987af2d96c728717b490bdbd9f8c3205e195e2bede8968d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4B95 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22787a5c7961dca7860b0958309b4e34e97da89e98d872f10b0be18101ef6382

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2D48 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a09199b51cf1139097df5a3b44bf236d5af095626ac9e1ef2fe426c6b61e7e41

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2D48 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdbc5ec79ca685b02987af2d96c728717b490bdbd9f8c3205e195e2bede8968d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2D48 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22787a5c7961dca7860b0958309b4e34e97da89e98d872f10b0be18101ef6382

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2DEF 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a09199b51cf1139097df5a3b44bf236d5af095626ac9e1ef2fe426c6b61e7e41

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2DEF 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdbc5ec79ca685b02987af2d96c728717b490bdbd9f8c3205e195e2bede8968d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2DEF 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22787a5c7961dca7860b0958309b4e34e97da89e98d872f10b0be18101ef6382

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 widget.a2ea9bf2d262d5060dc4.js Show response
widget-v4.tidiochat.com/1_131_0/static/js/ Frame D470 526 KB
163 KB 57ms
56ms Script
application/javascript 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_131_0/static/js/widget.a2ea9bf2d262d5060dc4.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/xhdyjcmv4dqy8pkgbaw78z7oo2sf8fyh.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2835949f34f593797d23b4342db33d11a71aea931472e88c76d3463e658d5cb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Dec 2022 08:20:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6122
etag: W/"638da9bb-83714"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6fMmZSza7cEUrP0CjomOCH3uLL8kCccjz26QgFjfIs%2F4g76FbXcBB0vyuAHtKy%2BheZKuRAPftTAbXAaa7pgFawxuTi4lYC1%2BUyD2jlUy0h3wt%2BSIfEvb%2BbfLKzc0Kh3sMZA4fNgO7%2FmbYa7EX6c3uF%2FXe2W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 775d1e7668f6e76c-EWR

GET
H3 200 loader.js Show response
actionfxtrade.com/trade_graph/charts/offlineSaving/ Frame 2324 116 KB
34 KB 121ms
120ms Script
application/x-javascript 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/charts/offlineSaving/loader.js

Requested by

Host: actionfxtrade.com
URL: https://actionfxtrade.com/trade_graph/charts/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8368e612612515b216e1c4c58df786df95d013ced80666cc541514017a02c31c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://actionfxtrade.com/trade_graph/test2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:36 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 26 Mar 2021 08:39:19 GMT
server: LiteSpeed
etag: "1cf8a-605d9db7-b8dcdbf80b9a01c4;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 34510
expires: Wed, 14 Dec 2022 12:03:36 GMT

GET
H3 200 tooltip.css
actionfxtrade.com/trade_graph/charts/offlineSaving/css/core/ Frame 2324 1 KB
486 B 229ms
226ms Stylesheet
text/css 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/charts/offlineSaving/css/core/tooltip.css

Requested by

Host: actionfxtrade.com
URL: https://actionfxtrade.com/trade_graph/charts/offlineSaving/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

30f11138fe7534c338c1bf8b765402f8afedff587a85e764e9cb3703c00b5a49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://actionfxtrade.com/trade_graph/test2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:36 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 26 Mar 2021 08:39:19 GMT
server: LiteSpeed
etag: "5f5-605d9db7-5e2cc7b33697e3ce;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 434
expires: Wed, 14 Dec 2022 12:03:36 GMT

GET
H3 200 util.css
actionfxtrade.com/trade_graph/charts/offlineSaving/css/util/ Frame 2324 12 KB
3 KB 228ms
225ms Stylesheet
text/css 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/charts/offlineSaving/css/util/util.css

Requested by

Host: actionfxtrade.com
URL: https://actionfxtrade.com/trade_graph/charts/offlineSaving/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://actionfxtrade.com/trade_graph/test2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:36 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 26 Mar 2021 08:39:19 GMT
server: LiteSpeed
etag: "31b0-605d9db7-c6c6aded49710672;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2919
expires: Wed, 14 Dec 2022 12:03:36 GMT

GET
H3 200 jsapi_compiled_format_module.js Show response
actionfxtrade.com/trade_graph/charts/offlineSaving/js/ Frame 2324 125 KB
38 KB 498ms
496ms Script
application/x-javascript 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/charts/offlineSaving/js/jsapi_compiled_format_module.js

Requested by

Host: actionfxtrade.com
URL: https://actionfxtrade.com/trade_graph/charts/offlineSaving/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cf71f0cbad48231ff66e55cdd1004f6deedbb6d137f933d56296860a0c137ccc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://actionfxtrade.com/trade_graph/test2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:36 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 26 Mar 2021 08:39:19 GMT
server: LiteSpeed
etag: "1f2b8-605d9db7-b6ff312909e399a9;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 38798
expires: Wed, 14 Dec 2022 12:03:36 GMT

GET
H3 200 jsapi_compiled_default_module.js Show response
actionfxtrade.com/trade_graph/charts/offlineSaving/js/ Frame 2324 162 KB
48 KB 265ms
263ms Script
application/x-javascript 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/charts/offlineSaving/js/jsapi_compiled_default_module.js

Requested by

Host: actionfxtrade.com
URL: https://actionfxtrade.com/trade_graph/charts/offlineSaving/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6da972eb75aff5ebe720daa7aa23b629cbf8456ef8c72c6d28dea8f675726528

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://actionfxtrade.com/trade_graph/test2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:36 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 26 Mar 2021 08:39:19 GMT
server: LiteSpeed
etag: "288d9-605d9db7-d81573f3c6af44bf;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 49174
expires: Wed, 14 Dec 2022 12:03:36 GMT

GET
H3 200 jsapi_compiled_ui_module.js Show response
actionfxtrade.com/trade_graph/charts/offlineSaving/js/ Frame 2324 624 KB
194 KB 301ms
299ms Script
application/x-javascript 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/charts/offlineSaving/js/jsapi_compiled_ui_module.js

Requested by

Host: actionfxtrade.com
URL: https://actionfxtrade.com/trade_graph/charts/offlineSaving/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7ecbe9e3ca55d91ea2bad4a860f4bade408f9a15488cc0b89f19a9e7cc8ca7e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://actionfxtrade.com/trade_graph/test2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:36 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 26 Mar 2021 08:39:19 GMT
server: LiteSpeed
etag: "9c0a8-605d9db7-607f8557f8368c1f;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 198446
expires: Wed, 14 Dec 2022 12:03:36 GMT

GET
H3 200 jsapi_compiled_corechart_module.js Show response
actionfxtrade.com/trade_graph/charts/offlineSaving/js/ Frame 2324 7 KB
892 B 228ms
227ms Script
application/x-javascript 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/charts/offlineSaving/js/jsapi_compiled_corechart_module.js

Requested by

Host: actionfxtrade.com
URL: https://actionfxtrade.com/trade_graph/charts/offlineSaving/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0fd4cb1c5dcb7a7376fe1bd0ceb1568c862803e42704eddba9e896aec1a79d29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://actionfxtrade.com/trade_graph/test2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 12:03:36 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 26 Mar 2021 08:39:19 GMT
server: LiteSpeed
etag: "1ae9-605d9db7-72fe9f45d242de7c;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 839
expires: Wed, 14 Dec 2022 12:03:36 GMT

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame D470 7 KB
7 KB 36ms
35ms Media
audio/mpeg 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 07 Dec 2022 12:03:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 238539
Content-Range: bytes 0-7223/7224
Content-Length: 7224
pragma: public
last-modified: Thu, 24 Nov 2022 13:58:07 GMT
server: cloudflare
etag: "637f786f-1c38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABvf82bsJ8rkL7KSUCf2l3tsUIgB%2B6wUQxLLgUxGfYyv4Nb5fV8%2FCGwS%2BKwanO4QCrtoM1RwIF1mK%2FTJJ7NmIkm2QHgq6FGhyfP5YZW2MPsDI0FAvm3W0H%2BGMlzO6jH7hqWbo%2Frb97ZdgV9JV6kR4ePD5i9O"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 775d1e792aa4e76c-EWR
expires: Sun, 18 Dec 2022 17:47:57 GMT

POST
H3 200 database.php Show response
actionfxtrade.com/trade_graph/ Frame 2324 4 KB
1 KB 235ms
235ms XHR
text/html 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/database.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.32

Resource Hash

8c7c6e1c815b17b17c5c571ccea44d8e3fbed6063db8c99044ff259d0653c275

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: */*
Referer: https://actionfxtrade.com/trade_graph/test2.php
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 12:03:37 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/7.4.32
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
platform: hostinger
content-length: 1405

POST
H3 200 database.php Show response
actionfxtrade.com/trade_graph/ Frame 2324 4 KB
1 KB 236ms
235ms XHR
text/html 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/database.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.32

Resource Hash

83792542af28c8d0199bbaeca21a3a57353ce991b9433f30e6770dc4b0e46d52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: */*
Referer: https://actionfxtrade.com/trade_graph/test2.php
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 12:03:37 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/7.4.32
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
platform: hostinger
content-length: 1401

POST
H3 200 database.php Show response
actionfxtrade.com/trade_graph/ Frame 2324 4 KB
1 KB 232ms
232ms XHR
text/html 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/database.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.32

Resource Hash

f0f7f067b15cd386d27d0e35b3025d45c358d251106f2d8fe568014159ab617f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: */*
Referer: https://actionfxtrade.com/trade_graph/test2.php
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 12:03:37 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/7.4.32
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
platform: hostinger
content-length: 1404

POST
H3 200 database.php Show response
actionfxtrade.com/trade_graph/ Frame 2324 4 KB
1 KB 227ms
226ms XHR
text/html 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/database.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.32

Resource Hash

a855e6ee948e811c23ddccf728f31544ba99bbd91d0136946c938e9f696a24e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: */*
Referer: https://actionfxtrade.com/trade_graph/test2.php
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 12:03:37 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/7.4.32
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
platform: hostinger
content-length: 1401

POST
H3 200 database.php Show response
actionfxtrade.com/trade_graph/ Frame 2324 4 KB
1 KB 200ms
199ms XHR
text/html 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/database.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.32

Resource Hash

e5f3a631e02d35350e9996fc178649b85bc87c9fac1dce9f6c993c5f03686630

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: */*
Referer: https://actionfxtrade.com/trade_graph/test2.php
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 12:03:37 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/7.4.32
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
platform: hostinger
content-length: 1404

GET
H3 200 css2
fonts.googleapis.com/ Frame 7632 3 KB
554 B 43ms
42ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap

Requested by

Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com/1_131_0/static/js/widget.a2ea9bf2d262d5060dc4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9eda616b81dc5eaa73c8ea68dd4d61c78b28e2b54a05d7936d33742e866993a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 12:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 11:49:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 12:03:37 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 7632 27 KB
27 KB 82ms
27ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.hicityinvestmentfx.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 00:37:41 GMT
x-content-type-options: nosniff
age: 559561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 00:37:41 GMT

POST
H3 200 database.php Show response
actionfxtrade.com/trade_graph/ Frame 2324 4 KB
1 KB 281ms
281ms XHR
text/html 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/database.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.32

Resource Hash

e2db66101b836353a7bb388fbe5fdf0007df657d8fbaec4161d9b4cf7990bf96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: */*
Referer: https://actionfxtrade.com/trade_graph/test2.php
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 12:03:42 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/7.4.32
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
platform: hostinger
content-length: 1403

POST
H3 200 database.php Show response
actionfxtrade.com/trade_graph/ Frame 2324 4 KB
1 KB 163ms
163ms XHR
text/html 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/database.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.32

Resource Hash

d0782c7a86da3bef6bfee8b0d475213a3614f1d2ec0f0945211872fa0141a488

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: */*
Referer: https://actionfxtrade.com/trade_graph/test2.php
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 12:03:42 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/7.4.32
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
platform: hostinger
content-length: 1395

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame 7632 27 KB
27 KB 27ms
26ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.hicityinvestmentfx.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 00:37:41 GMT
x-content-type-options: nosniff
age: 559561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 00:37:41 GMT

GET
H2 200 1f44b.png
twemoji.maxcdn.com/v/13.0.1/72x72/ Frame 7632 1 KB
2 KB 1028ms
60ms Image
image/png 151.139.237.124

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.237.124 -, , ASN (),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-fastly-request-id: 1e504cb78c7d0d506bf951fdd988c6aa56376dd0
date: Wed, 07 Dec 2022 12:03:43 GMT
x-proxy-cache: MISS
x-cache: HIT
powered-by: MaxCDN
content-length: 1285
last-modified: Thu, 31 Mar 2022 03:24:17 GMT
server: NetDNA-cache/2.2
x-github-request-id: 2D06:1172:1238485:17F626B:638A8624
etag: "62451ee1-505"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Fri, 06 Jan 2023 12:03:43 GMT

POST
H3 200 database.php Show response
actionfxtrade.com/trade_graph/ Frame 2324 4 KB
1 KB 136ms
136ms XHR
text/html 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/database.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.32

Resource Hash

043d72ebbd6cbe1b366a8a4832dad69c389c4e1ff5b97126f65875aa2759ff03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: */*
Referer: https://actionfxtrade.com/trade_graph/test2.php
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 12:03:42 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/7.4.32
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
platform: hostinger
content-length: 1396

POST
H3 200 database.php
actionfxtrade.com/trade_graph/ Frame 2324 4 KB
1 KB 138ms
138ms XHR
text/html 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/database.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.32

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: */*
Referer: https://actionfxtrade.com/trade_graph/test2.php
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 12:03:45 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/7.4.32
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
platform: hostinger
content-length: 1403

POST
H3 200 database.php
actionfxtrade.com/trade_graph/ Frame 2324 4 KB
1 KB 120ms
119ms XHR
text/html 2a02:4780:8:250:0:34a8:6d7e:1
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://actionfxtrade.com/trade_graph/database.php

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:8:250:0:34a8:6d7e:1 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.32

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: */*
Referer: https://actionfxtrade.com/trade_graph/test2.php
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 12:03:45 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
x-powered-by: PHP/7.4.32
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
platform: hostinger
content-length: 1401

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: actionfxtrade.com
URL: https://actionfxtrade.com/trade_graph/charts/loader.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://mail.hicityinvestmentfx.com/ Message: Refused to execute script from 'https://mail.hicityinvestmentfx.com/unpkg.com/sweetalert%402.1.2/dist/sweetalert.min.html' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.html Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://mail.hicityinvestmentfx.com/img/logo-footer.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mail.hicityinvestmentfx.com/images/lightbox-next.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mail.hicityinvestmentfx.com/images/lightbox-prev.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mail.hicityinvestmentfx.com/images/close-box.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actionfxtrade.com
ajax.googleapis.com
code.tidio.co
fonts.googleapis.com
fonts.gstatic.com
mail.hicityinvestmentfx.com
s3.tradingview.com
static.getbutton.io
streamja.com
translate.google.com
translate.googleapis.com
twemoji.maxcdn.com
widget-v4.tidiochat.com
www.google-analytics.com
www.gstatic.com
actionfxtrade.com
www.google-analytics.com
13.224.214.103
144.76.107.13
151.139.237.124
172.67.72.223
2606:4700:20::ac43:4703
2606:4700:20::ac43:4991
2607:f8b0:4006:806::200a
2607:f8b0:4006:817::2003
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::200a
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::200e
2a02:4780:8:250:0:34a8:6d7e:1
95.216.228.15
043d72ebbd6cbe1b366a8a4832dad69c389c4e1ff5b97126f65875aa2759ff03
06db492787188341adab034fef770040e0ec909aa124e564d437a8e00431bfa9
0add8fcb5a583b1c16238fbe9d0de17c6272726b42be17fdcd9b4686ef5287d1
0d6bfdcbff81022f9257db9728a3e39a933c534366e0bd54dab5c01fb8b4ab63
0fd4cb1c5dcb7a7376fe1bd0ceb1568c862803e42704eddba9e896aec1a79d29
10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
1328022453b6ef709d52ada95cef454c0beaa882825058ad0493e9589eda2d27
13baec7e8be3c4f28a4f61dfa8a40ca67d7075d99ffc5f802d755a2f2878ea2f
18cd88e7bd7b259144873086ce3e86f28a68e620c8e25be9b8e685fc504f34da
1b04dd83547f82d7d3cd1dc401159c0477559a53bb5af665dd70ac08a7b3d1b3
1c5b9e7435a6b5449de0d74e9fa5c1b4b565fc8d5866ed4ae6a6bdf6920fdb59
1dd9fc655f3ca1693b8a90b1d5a2118c6b19822d40efc87d7f5913a14c3ada86
22787a5c7961dca7860b0958309b4e34e97da89e98d872f10b0be18101ef6382
242633826973d3a91bcacde2837fb54c5746a032588542b92c2c5a23a7923717
27ef53faac17a2fcf938097d718cbf926cc54f9b35d79815c26ea0e219156d6b
2f9c60ceef95ea01006b61ac7b7eed569efd434f4d2ed9f8f32c5d9ea1dd0d07
30f11138fe7534c338c1bf8b765402f8afedff587a85e764e9cb3703c00b5a49
35785e59e49c9fee8267e39aa0bc05f38a96b69cad1906c2a5e690a7d41bbdb7
362def2ba0e81b9da5225229293fda88eda09580dfa385179f50ac78042fcd06
3911ae641bbc4b96e0e39842fe83597be9bcd14f7c1ac1462caa5c73bf5d857f
3a726ccc2e7636120233935a2ba0c398b06bfa08374e474bf1cd2213d866abde
3ce64756692c2eaafa7ee671d3b954ec0ee537639db9417a289d4e67258f6ff3
3fc62012dd521cffaddf0129b7c25a271ebf9a538b94abb1dbaa38af38c307cb
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
40f54adc2e142297a7abd76113b80551e7137a95514aae6ce0fec4691dec3218
4226892cd442d1b41821c1d8d263ce776aa7bd71eb079ee9b867b2676324d4c3
44154e4d26126032f5fc8b811d0702adf93aa33b62a2e1b32f6b3cd37b41e37a
4636d2cb8643429792d26a97fbbfb2669038d0ea31593ce78830f193960d6cc6
469f3b2b13abcaf87c88e1c6205a84b8ed11d8b1d69afa63d43827ee828e6533
4732cd58bf411b55b4fe38012a5d3d1acb5e474455d1a08b05ea26e7961c715b
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
4aa66aef9406ff96e8f5f40fdb675084dad357b2971b4bb7ab0da75991982555
4c789d6ac5ffd6b1f05b7fa6a21f04f6e9775704bd27885c9358bfb5c7b1933e
4d405be26dd3addf2cc7c34e0635a2d640e88cda3123b3f9da874e5519bb9c85
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
5350df02f1b57a9b919631f8b7d7bbce85b3ec3a7be5a7d109d666fcae792220
55a0511170cdbb9644f83c1a96602e1fb35ca549cd890652ca3fa3604d4b0697
58416e1f1a6cc08613552cca38760083c8136653e11fae84128b37bd4053fc5c
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5b84afdd76e7555b85f9e34c90b93d66543b3a53c2801d45cb90c3bf32c65e83
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
614061e779ad90a0a79964cf53e3ddcb332e6c11d935527e3b228dc56ead36e5
61a0ae2e60d2dc81d5893d2f4f0f30b45c54cbf011b1b693ef25c43c7b0e677d
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6756d784f3220866b13145b7b90c5abf2e77e96b45eb967644dfa805bc38913b
68a122bc1b9b6aa0773662afc8e4c73c352f2afc6057503d329936336388b6fc
6b3b8a8490c19da2f9c3aa014e3509173c610a1fc65152dedeba4f6d01415d26
6da972eb75aff5ebe720daa7aa23b629cbf8456ef8c72c6d28dea8f675726528
711bc5b0b8c40e39b2560e65797d175e72a89b49ebbc266a7c7b581c4bec4b21
714cd3a4cfb1b4f2c998f461e2b06d02387a4a8ce41b6b666b276ababf74af92
738282f3e1e7f0b61ae090b4bea02f4b89c4f3217dfa2cef339f46610c9918a7
77d2855acf16955aeda0f23dfa66d45f3f2156b8e169bf995c4aa54f6957bd15
7b49362124b85e72f646bf8beda16d16049501315aae35c4ecef737d0172066f
7dc76e366aa0d3492db6b362343880468ea3041bf12a3e5ec3b14905f82cbec2
7eafb4440d639f990c05337dae1fe1d293643b64c807ba106a34ae1c2bbe3b56
7ecbe9e3ca55d91ea2bad4a860f4bade408f9a15488cc0b89f19a9e7cc8ca7e6
818efe5567259bf3b16aff2277c6ed0f188dd8ae032ea0d68a3f45f107274792
8368e612612515b216e1c4c58df786df95d013ced80666cc541514017a02c31c
83792542af28c8d0199bbaeca21a3a57353ce991b9433f30e6770dc4b0e46d52
857b1378b7f17be8829e263d465bd377e63d385ea5f5ace147befce02dbc9d40
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8c46eb219c485ba41cc1e7407cbb6dc0dcb260478485fc5342431e6951bb91f3
8c7c6e1c815b17b17c5c571ccea44d8e3fbed6063db8c99044ff259d0653c275
8d3fe3468a8cddede0a9e15ebfa1864181213aecd3e74d5d329e6344ca3e3d82
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
967c448e5a825e332717981391f4f72a08623601e1279256f2c6379afb74257c
9b46edd9de064ab560d77462b2313fbc08749f9f7485fe0c8b8f9e1e6365d641
9be4dbae4b06d6f46d8e547d42aab3a940549cb244323c2fafb8485cad7b9db1
9d19d30b3215f8d6fd8156b5a7bd9db07579cfc30d79cc3a3b9e39795664be3e
a09199b51cf1139097df5a3b44bf236d5af095626ac9e1ef2fe426c6b61e7e41
a2835949f34f593797d23b4342db33d11a71aea931472e88c76d3463e658d5cb
a2e77918046fe456ba3d874ccddd3d0bf40a9774c0ffe5d70b08e069b777e847
a855e6ee948e811c23ddccf728f31544ba99bbd91d0136946c938e9f696a24e0
b20fb3e060418c7cff7c4fbd4ee92f4de0185bca60db02634589b9e3532dadc5
b38627bd775364df4faf30a54e7d6038eef316c78e7b89c27ae70244434336e8
b3f4e07de5a27392c4d2d3a368a0fef82b63dedc8a4be0fa1bdff8a6fc9a4ccd
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b86a2de15d0ee7293ceb3dfb5803d74266fa62a626240c6fa8dfc5a9737c1930
b9eda616b81dc5eaa73c8ea68dd4d61c78b28e2b54a05d7936d33742e866993a
bf5756b42791ad1d693196b5b2e57e93a387d45dee7ba02322a001c451b8df05
c4b9c02248c8a5003ea2ee59fba59de6cd2651bdac25759213e15125da4156e9
c6c16d5f5c964cf5e9137fec8e947eac9a97540e63db68be1ed7014fa5058dea
c7cc9fca2d1afc1be4ac0e15c9c8fbdf0a39d3b0b21a8db44636dc47dde38e68
c83e5ad8e5ac67b595dbc256f4b60681b258b2d4f5babfcf52f84808a6815a20
ced5a3b3cbcc30760c9ff9b169379ccad136cee1a5356277eccf28f1e1d7a205
cf71f0cbad48231ff66e55cdd1004f6deedbb6d137f933d56296860a0c137ccc
d0782c7a86da3bef6bfee8b0d475213a3614f1d2ec0f0945211872fa0141a488
d142eb357e73777500b9b03ba2a8f77019cf1d7d6ab3dd496a40df33c2293fed
d2aa60b6fa5eb8296f2dc939b72753a89ac8dc515add32c812d0343594ba627a
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d3ed077a8fee5f02d06aad9a40fbab79e6c0273269363c3a676546ec646d0ea9
d45b287a009587c328f9d41078b757457dc1cacabb9b4e9cc0f3533b932ef64c
dc697d84f67d6a1ced4c266228cb29f37d5d278e2ad059c26f25cde7bf477739
dd89edf5e0efd8289a0fd79aa90edfc6decf848b6c064712ced5e9e2325c7e25
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e29352d0dc16fe0157a6eebb63a850a479d8760e3e534edaec6ea9271017880e
e2db66101b836353a7bb388fbe5fdf0007df657d8fbaec4161d9b4cf7990bf96
e4a9116b1fcd85f9c08c024007e4a9f91e22cd9f73934c17f1c27cb3042c1965
e5f3a631e02d35350e9996fc178649b85bc87c9fac1dce9f6c993c5f03686630
e7354e8104b8c7acc73962a6fd23d10546e7536026489d4e86f2dfe5fadea925
e7b18760b75ad9d312fbe216495e3b2b92b1044ad8af592fa9849e8b8b656ffb
e9045ff3cd38ab3465147d4fac248b0d5eabdcf7380dc08d56de2af9af4f5484
e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280
f0f7f067b15cd386d27d0e35b3025d45c358d251106f2d8fe568014159ab617f
f7aa50e37e8b3ffae1353411c62ddc08657e41e16c605bbdc8f5a515d14302d9
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fdbc5ec79ca685b02987af2d96c728717b490bdbd9f8c3205e195e2bede8968d

mail.hicityinvestmentfx.com Open in urlscan Pro 144.76.107.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

133 Requests

97 %HTTPS

64 %IPv6

12 Domains

15 Subdomains

15 IPs

4 Countries

3408 kBTransfer

7009 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 25 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mail.hicityinvestmentfx.com Open in urlscan Pro
144.76.107.13 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

97 %
HTTPS

64 %
IPv6

12
Domains

15
Subdomains

15
IPs

4
Countries

3408 kB
Transfer

7009 kB
Size

0
Cookies

133 HTTP transactions
25 data transactions