application.forex.com Open in urlscan Pro
2606:4700::6812:1e5f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://application.forex.com/en/step/1
Effective URL:
https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Submission: On February 11 via api (February 11th 2022, 10:15:28 pm UTC) from US — Scanned from DE

Summary HTTP 121 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 24 domains to perform 121 HTTP transactions. The main IP is 2606:4700::6812:1e5f, located in United States and belongs to CLOUDFLARENET, US. The main domain is application.forex.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 18th 2021. Valid for: a year.

This is the only time application.forex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	2606:4700::68... 2606:4700::6812:1e5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.111.231.57 104.111.231.57	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	54.216.48.107 54.216.48.107	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::ac43:5d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:710... 2a02:26f0:7100:199::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	65.9.77.9 65.9.77.9	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:210... 2600:9000:2104:dc00:e:786e:9000:93a1	16509 (AMAZON-02) (AMAZON-02)
2	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1b8::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.9.78.83 65.9.78.83	16509 (AMAZON-02) (AMAZON-02)
1	101.33.11.48 101.33.11.48	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	2a05:d018:195... 2a05:d018:195:e404:f71:5aef:23c9:7269	16509 (AMAZON-02) (AMAZON-02)
1	65.9.78.128 65.9.78.128	16509 (AMAZON-02) (AMAZON-02)
2	124.251.13.9 124.251.13.9	9802 (CHINA-ABI...) (CHINA-ABITCOOL AbitcoolChina Inc.)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
11	161.71.0.37 161.71.0.37	14340 (SALESFORCE) (SALESFORCE)
1	65.9.78.79 65.9.78.79	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.16.248.108 52.16.248.108	16509 (AMAZON-02) (AMAZON-02)
1	65.9.78.66 65.9.78.66	16509 (AMAZON-02) (AMAZON-02)
2	13.110.70.224 13.110.70.224	14340 (SALESFORCE) (SALESFORCE)
1 1	110.242.68.135 110.242.68.135	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
5	39.106.29.39 39.106.29.39	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
1 1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	116.211.198.129 116.211.198.129	58563 (CHINATELE...) (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network)
1 1	13.69.222.243 13.69.222.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2408:8711:10:... 2408:8711:10:10::53	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
121	30

41 2606:4700::6812:1e5f (United States)

ASN13335 (CLOUDFLARENET, US)

application.forex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.111.231.57 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-231-57.deploy.static.akamaitechnologies.com

se.monetate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
af.monetate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sb.monetate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.48.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-48-107.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:5d8 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:199::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.77.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-77-9.ams1.r.cloudfront.net

s.salecycle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:dc00:e:786e:9000:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.zuko.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1b8::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.78.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-78-83.ams1.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 101.33.11.48 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

fm.ipinyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:195:e404:f71:5aef:23c9:7269 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

api.zuko.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.78.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-78-128.ams1.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.251.13.9 (China)

ASN9802 (CHINA-ABITCOOL AbitcoolChina Inc., CN)

stats.ipinyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 161.71.0.37 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl1-ncg0-lhr3.um3-lo2.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.78.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-78-79.ams1.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.248.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-248-108.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.78.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-78-66.ams1.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.110.70.224 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl7-ncg1-c6-iad5.la4-c2-ia5.salesforceliveagent.com

d.la4-c2-ia5.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 110.242.68.135 (Beijing, China) 1 redirects

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

cm.pos.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 39.106.29.39 (Beijing, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

cm.ipinyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.211.198.129 (Wuhan, China) 1 redirects

ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN)

ckm.iqiyi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.69.222.243 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ckm.aty.sohu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2408:8711:10:10::53 (China) 1 redirects

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

cm.l.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	forex.com application.forex.com	737 KB
11	force.com service.force.com — Cisco Umbrella Rank: 3535	32 KB
9	monetate.net se.monetate.net — Cisco Umbrella Rank: 5884 af.monetate.net — Cisco Umbrella Rank: 13429 sb.monetate.net — Cisco Umbrella Rank: 6393	147 KB
8	ipinyou.com fm.ipinyou.com — Cisco Umbrella Rank: 284911 Failed stats.ipinyou.com — Cisco Umbrella Rank: 216848 cm.ipinyou.com — Cisco Umbrella Rank: 33366	16 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	89 KB
5	doubleclick.net 1 redirects ad.doubleclick.net — Cisco Umbrella Rank: 167 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	2 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 574 Failed script.hotjar.com — Cisco Umbrella Rank: 726 vars.hotjar.com — Cisco Umbrella Rank: 809 in.hotjar.com — Cisco Umbrella Rank: 1615	69 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	242 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6342 ampcid.google.de — Cisco Umbrella Rank: 50820	1 KB
3	google.com ampcid.google.com — Cisco Umbrella Rank: 1677 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	139 KB
3	zuko.io assets.zuko.io — Cisco Umbrella Rank: 225944 api.zuko.io — Cisco Umbrella Rank: 458604 Failed	10 KB
3	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1150 c.go-mpulse.net — Cisco Umbrella Rank: 549	79 KB
2	salesforceliveagent.com d.la4-c2-ia5.salesforceliveagent.com — Cisco Umbrella Rank: 11913	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	386 B
2	salecycle.com s.salecycle.com — Cisco Umbrella Rank: 16768	650 B
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 4642	6 KB
2	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 5535	14 KB
1	qq.com 1 redirects cm.l.qq.com — Cisco Umbrella Rank: 118352	534 B
1	sohu.com 1 redirects ckm.aty.sohu.com — Cisco Umbrella Rank: 298427	262 B
1	iqiyi.com 1 redirects ckm.iqiyi.com — Cisco Umbrella Rank: 169424	580 B
1	baidu.com 1 redirects cm.pos.baidu.com — Cisco Umbrella Rank: 224332	265 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2057	257 B
0	yahoo.com Failed sp.analytics.yahoo.com Failed
121	24

	Domain	Requested by
41	application.forex.com	application.forex.com
11	service.force.com	application.forex.com service.force.com
6	www.google-analytics.com	www.googletagmanager.com application.forex.com
5	cm.ipinyou.com	blank
4	af.monetate.net	se.monetate.net
4	www.googletagmanager.com	application.forex.com
4	se.monetate.net	application.forex.com se.monetate.net
3	connect.facebook.net	application.forex.com connect.facebook.net
2	d.la4-c2-ia5.salesforceliveagent.com	service.force.com
2	www.facebook.com	application.forex.com
2	www.google.de	application.forex.com
2	www.google.com	application.forex.com
2	stats.g.doubleclick.net	application.forex.com
2	stats.ipinyou.com	fm.ipinyou.com
2	ad.doubleclick.net	www.googletagmanager.com
2	assets.zuko.io	www.googletagmanager.com
2	s.salecycle.com	www.googletagmanager.com
2	s.go-mpulse.net	application.forex.com
2	rum-static.pingdom.net	application.forex.com
2	mpsnare.iesnare.com	application.forex.com mpsnare.iesnare.com
1	cm.l.qq.com	1 redirects
1	ckm.aty.sohu.com	1 redirects
1	ckm.iqiyi.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	cm.pos.baidu.com	1 redirects
1	vc.hotjar.io	application.forex.com
1	in.hotjar.com	application.forex.com
1	ampcid.google.de	application.forex.com
1	vars.hotjar.com	static.hotjar.com
1	ampcid.google.com	application.forex.com
1	script.hotjar.com	static.hotjar.com
1	c.go-mpulse.net	s.go-mpulse.net
1	api.zuko.io	application.forex.com
1	sb.monetate.net
1	fm.ipinyou.com	application.forex.com
1	static.hotjar.com	www.googletagmanager.com
0	sp.analytics.yahoo.com Failed
121	37

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-18` - `2022-08-17`	a year	crt.sh
www.monetate.net DigiCert SHA2 Secure Server CA	`2021-08-30` - `2022-08-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
mpsnare.iesnare.com DigiCert SHA2 Extended Validation Server CA	`2021-04-27` - `2022-05-24`	a year	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2021-12-14` - `2022-12-13`	a year	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
s.salecycle.com Amazon	`2021-11-06` - `2022-12-04`	a year	crt.sh
zuko.io Amazon	`2021-08-12` - `2022-09-10`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-21` - `2022-02-19`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.ipinyou.com RapidSSL RSA CA 2018	`2020-01-28` - `2022-03-28`	2 years	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.um3.force.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-31` - `2022-03-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
la4-c2-ia5.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-01` - `2022-10-31`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Frame ID: 3B75B26A2756A72D3C7645E96B999339
Requests: 94 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/BLXLP-4T6RL-RKJT7-XGN32-M6PRN
Frame ID: 1CD21CFF83270EF3F4C773F8582AE72B
Requests: 1 HTTP requests in this frame

Frame: https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
Frame ID: 9EE143583788FD421250E096622B8B3D
Requests: 3 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/BLXLP-4T6RL-RKJT7-XGN32-M6PRN
Frame ID: A0D94741304D4ABE9DB81ADCFB5640FE
Requests: 2 HTTP requests in this frame

Frame: https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
Frame ID: 4EF3A5ED5A4C7990F19640E5CFA52E3F
Requests: 10 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: F90877AD8319E52E9EED4E59768F84C3
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
Frame ID: B3CC464C057F1B9347BCCA712AFBF539
Requests: 6 HTTP requests in this frame

Frame: https://cm.ipinyou.com/baidu/cms.gif?baidu_error=1&timestamp=1644617727
Frame ID: FA2BF5A137FCA9B68BB25972E8FDC972
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FOREX.com | Account Application

Page URL History Show full URLs

https://application.forex.com/en/step/1 Page URL
https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80 Page URL

Detected technologies

Salesforce Service Cloud (Live chat) Expand

Overall confidence: 100%
Detected patterns

service\.force\.com

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

121
Requests

89 %
HTTPS

47 %
IPv6

24
Domains

37
Subdomains

30
IPs

6
Countries

1590 kB
Transfer

5583 kB
Size

36
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://application.forex.com/en/step/1 Page URL
https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

https://cm.pos.baidu.com/pixel?dspid=6418041&ext_data=8342 HTTP 302
https://cm.ipinyou.com/baidu/cms.gif?baidu_error=1&timestamp=1644617727

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=ipy&google_cm&ext_data=8342 HTTP 302
https://cm.ipinyou.com/gdn/cms.gif?ext_data=8342&google_gid=CAESEHbrLBXIgrKkKnhCdA5ROn4&google_cver=1

Request Chain 117

https://cyes.youku.com/cm.gif?dspid=11112&s=1&ext_data=8342 HTTP 302
https://cm.ipinyou.com/youku/cms.gif?mzid=1644617726482qCb

Request Chain 118

https://ckm.iqiyi.com/pixel?qiyi_nid=71000015&qiyi_sc&ext_data=8342 HTTP 302
https://cm.ipinyou.com/qiyi/cms.gif?qiyi_uid=a4009033aa9a939c31b10720fabb654b

Request Chain 119

https://ckm.aty.sohu.com/cm.gif?ver=1&mid=10012&ext_data=8342 HTTP 302
https://cm.ipinyou.com/sohu/cms.gif?suid=2202120615273831&ver=1

Request Chain 120

https://cm.l.qq.com/?dspid=10016&dspuid=G1LIOs21cjIy&gettuid=1&ext_data=8342 HTTP 302
https://cm.ipinyou.com/qq/cms.gif?tuid=AQEBGBgOHxQyRPRVMILBtGM1soifTHPX8S5T&ver=1

121 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 1 Show response
application.forex.com/en/step/ 268 KB
18 KB 278ms
178ms Document
text/html 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://application.forex.com/en/step/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0be6a022dc0ff0f6b0d5b4ff8dbd683c1a4c13cc86f199bc5e95a73b479cc294

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 11 Feb 2022 22:15:22 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
x-correlation-id: 5364fefc-2fac-4735-bfb5-0f875873c647
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6dc0ef7faac49249-FRA
content-encoding: gzip

GET
H2 200 entry.js Show response
se.monetate.net/js/2/a-7f76b3d0/p/en.forex.com/ 11 KB
5 KB 59ms
19ms Script
application/x-javascript 104.111.231.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://se.monetate.net/js/2/a-7f76b3d0/p/en.forex.com/entry.js
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0d29c88b357f879f874110fe5849ea09a0271a2acfb54e41c554eb6b56142ec2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 10:53:54 GMT
server: AkamaiNetStorage
etag: "1f15692a78eb4852985005b7ac8d7155:1643626434.219188"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 4783

GET
H2 200 CimaEN.css
application.forex.com/bundles/css/ 94 KB
16 KB 38ms
36ms Stylesheet
text/css 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6206dfbaadb48bd5fa7c385111023bc57547a4753745610269409d03fcee7b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef80ee0a9249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: e03851f7-b3a0-4492-8c08-39c9cd4148d1
cf-cache-status: HIT
last-modified: Thu, 10 Feb 2022 17:59:41 GMT
server: cloudflare
age: 101742
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31434258
content-encoding: gzip
expires: Fri, 10 Feb 2023 17:59:41 GMT

GET
H2 200 jquery Show response
application.forex.com/bundles/ 87 KB
31 KB 90ms
89ms Script
text/javascript 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/bundles/jquery?v=9ktsOtIo0upvJP7-7FiXuOoOJe58RLFJ__wIRPL2vGo1
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bffb08be9cf63ca033232441d191efc57504eb569ae09441b1b9cbf0fbdb2366

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef80ee0c9249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 8b3b5188-3db4-459b-af5a-cc5a0d9e3512
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Feb 2022 22:15:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-encoding: gzip
expires: Sat, 11 Feb 2023 22:15:23 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 367 KB
93 KB 282ms
80ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSHGV4L

Requested by

Host: application.forex.com
URL: https://application.forex.com/en/step/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95460
x-xss-protection: 0
expires: Fri, 11 Feb 2022 22:15:23 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 73 KB
29 KB 235ms
33ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54HXRWV

Requested by

Host: application.forex.com
URL: https://application.forex.com/en/step/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29543
x-xss-protection: 0
expires: Fri, 11 Feb 2022 22:15:23 GMT

GET
H2 200 main Show response
application.forex.com/bundles/scripts/ 755 KB
180 KB 95ms
93ms Script
text/javascript 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/bundles/scripts/main?v=oyT-d_qpyUAx3W7RLOgkbBKAejSWJ83DM5umJO0M8LA1
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e21c2044b5c29601f48ac23c5c2aa8886a82a12daeffc733c5df01292bbd0d03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef810e609249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 08c91b79-0c9d-4ad7-b0da-64b76c83741c
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Feb 2022 22:15:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-encoding: gzip
expires: Sat, 11 Feb 2023 22:15:23 GMT

GET
H2 200 datepicker
application.forex.com/bundles/css/ 3 KB
857 B 88ms
87ms Stylesheet
text/css 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/bundles/css/datepicker?v=_pAOeIDu5RjCCmZd4OWGt97v2NpXj42WIhHoMfL5XcM1
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23823d2310d77cf7324cefb5bde8429869b48321b549144b7fb12c28d2128b99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef810e649249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: c95b7135-5c4c-4a04-8cc1-046ef9e1555d
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Feb 2022 22:15:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
content-encoding: gzip
expires: Sat, 11 Feb 2023 22:15:23 GMT

GET
H/1.1 200
OK snare.js Show response
mpsnare.iesnare.com/ 38 KB
13 KB 182ms
41ms Script
text/javascript 54.216.48.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/snare.js

Requested by

Host: application.forex.com
URL: https://application.forex.com/en/step/1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.48.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-48-107.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3bbb71833c449fd7760a487bffe05dfdf1eeea4e967b5ad1395c7bc2925d5d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 22:15:23 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: 0

GET
H2 200 salesforce-chat Show response
application.forex.com/bundles/ 30 KB
8 KB 125ms
124ms Script
text/javascript 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/bundles/salesforce-chat?v=ds3AFS0w275iwHnqdf3vKVwzTiB4bt79Y9HA93CWsXo1
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4513a22dfc8d1e2fd93c29af5a699e2ac72aa68777cf7985d1753c2f27ccb2f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef810e679249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 26320ac6-91c6-4cd4-90c7-63d824837090
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Feb 2022 22:15:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-encoding: gzip
expires: Sat, 11 Feb 2023 22:15:23 GMT

GET
H2 200 chat-btn.png
application.forex.com/Content/css/img/ 480 B
658 B 46ms
43ms Image
image/webp 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://application.forex.com/Content/css/img/chat-btn.png
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7808e49c9c7cb5661e6b33331032fb1ea9156a7b0085bb2b352b57a67b9c3735

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: e25c6041-b61d-41a2-a41b-41daaa44b577
cf-cache-status: HIT
age: 101742
cf-polished: origFmt=png, origSize=536
content-disposition: inline; filename="chat-btn.webp"
content-length: 480
last-modified: Fri, 04 Feb 2022 13:23:36 GMT
server: cloudflare
etag: "07c16aca19d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 13 Mar 2022 22:15:23 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6dc0ef81d8c19249-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 offline.min.js Show response
application.forex.com/Scripts/ 9 KB
3 KB 40ms
36ms Script
application/javascript 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/Scripts/offline.min.js
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88e8cdc3ec6ff5dec467d749e7573c9d257fe5952777fc599f537faf6209d501

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef81d8bd9249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 6e580c84-a53e-4489-8c32-53a4390e5f77
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 10:17:50 GMT
server: cloudflare
age: 1193400
etag: W/"05bb024b0ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
content-encoding: gzip
expires: Sun, 13 Mar 2022 22:15:23 GMT

GET
H2 200 offline
application.forex.com/bundles/css/ 6 KB
1 KB 85ms
82ms Stylesheet
text/css 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/bundles/css/offline?v=i9n8k-tatywH1FSeT5bgHmWACs03Zx1j9O-bkEAgCfY1
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfcc1b5632d2c069d79a8724f431b52174337619c2750f12399ec93066f9ae1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef81d8c09249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 79ff33de-8159-4fa6-b487-5f143c6cf92e
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Feb 2022 22:15:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
content-encoding: gzip
expires: Sat, 11 Feb 2023 22:15:23 GMT

GET
H2 200 custom.js Show response
se.monetate.net/js/3/a-7f76b3d0/p/en.forex.com/t1590480046/ac10a499181fa337/ 178 KB
60 KB 36ms
33ms Script
application/x-javascript 104.111.231.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://se.monetate.net/js/3/a-7f76b3d0/p/en.forex.com/t1590480046/ac10a499181fa337/custom.js
Requested by: Host: se.monetate.net
URL: https://se.monetate.net/js/2/a-7f76b3d0/p/en.forex.com/entry.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4a72dc3ff341bcfd3d4b2503ef8351216baad44e6b016a591df5fc428aacc9ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 10:53:51 GMT
server: AkamaiNetStorage
etag: "15f61b77a2ed99017a130bc8bc99a6c9:1643626431.335728"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 prum.min.js
rum-static.pingdom.net/ 6 KB
3 KB 240ms
31ms Script
application/javascript 2606:4700:10::ac43:5d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/prum.min.js
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:5d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 14:01:38 GMT
server: cloudflare
age: 3384
etag: W/"609a8e42-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=43200
cf-ray: 6dc0ef832d779061-FRA

GET
H2 200 BLXLP-4T6RL-RKJT7-XGN32-M6PRN
s.go-mpulse.net/boomerang/ Frame 1CD2 155 KB
39 KB 227ms
17ms Script
application/javascript 2a02:26f0:7100:199::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/BLXLP-4T6RL-RKJT7-XGN32-M6PRN
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:199::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: br
last-modified: Mon, 17 Jan 2022 23:44:41 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 39823

GET
H2 200 FOREX-logo-en.svg
application.forex.com/Content/css/CimaEN/img/ 3 KB
1 KB 46ms
44ms Image
image/svg+xml 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://application.forex.com/Content/css/CimaEN/img/FOREX-logo-en.svg
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8b7fed088d0d77794ded0fb4833721c2665c53a807d67f44c617e63d4e0f329

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef81d8c39249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 21169c9a-986a-4674-96f4-dc6f8deb37c2
cf-cache-status: HIT
last-modified: Fri, 04 Feb 2022 13:23:34 GMT
server: cloudflare
age: 9984
etag: W/"04fd068ca19d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
content-encoding: gzip
expires: Sun, 13 Mar 2022 22:15:23 GMT

GET
H2 200 sprite_icon_utility.png
application.forex.com/Content/css/CimaEN/img/ 594 B
867 B 34ms
31ms Image
image/webp 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://application.forex.com/Content/css/CimaEN/img/sprite_icon_utility.png
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d9a6fd47bbc0fe516fd14c9a88f37f136bc123b96a046f61a38b677e4b94b98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 9a5ec637-88e7-40f7-862a-5b2f9b0f5ed1
cf-cache-status: HIT
age: 101742
cf-polished: origFmt=png, origSize=833
content-disposition: inline; filename="sprite_icon_utility.webp"
content-length: 594
last-modified: Fri, 04 Feb 2022 13:23:34 GMT
server: cloudflare
etag: "04fd068ca19d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 13 Mar 2022 22:15:23 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6dc0ef81d8c49249-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 icon__lock.png
application.forex.com/Content/css/CimaEN/img/ 810 B
956 B 39ms
36ms Image
image/webp 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://application.forex.com/Content/css/CimaEN/img/icon__lock.png
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e220f86ca1dedc22ed5650694d8a720fb88ac4986ff07088c2e51389f2c1d8b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 8385c55c-78b1-46b3-b1c0-9247c3b02aed
cf-cache-status: HIT
age: 3972
cf-polished: origFmt=png, origSize=996
content-disposition: inline; filename="icon__lock.webp"
content-length: 810
last-modified: Fri, 04 Feb 2022 13:23:34 GMT
server: cloudflare
etag: "04fd068ca19d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 13 Mar 2022 22:15:23 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6dc0ef81d8c69249-FRA
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 612 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbc2e461a97cbfda3d8ee8a3fe1b2709939425b62ffb8dfdef870e9f1a8564bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 GothamNarrow-Book.woff
application.forex.com/Content/fonts/ 32 KB
32 KB 37ms
35ms Font
font/x-woff 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/Content/fonts/GothamNarrow-Book.woff
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a5af2c8e228db8baf048b35cf7ffeddd1697612770af54a9ed6a3815f0c55a

Request headers

Referer: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Origin: https://application.forex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef81e8ec9249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 8a9020d0-ab28-4991-a6b2-59a8203c004b
cf-cache-status: HIT
last-modified: Fri, 04 Feb 2022 13:23:36 GMT
server: cloudflare
age: 14653
etag: W/"07c16aca19d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/x-woff
cache-control: public, max-age=2592000
content-encoding: gzip
expires: Sun, 13 Mar 2022 22:15:23 GMT

GET
H2 200 calendar-icon.png
application.forex.com/Content/css/CimaEN/img/ 1 KB
1 KB 35ms
33ms Image
image/webp 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://application.forex.com/Content/css/CimaEN/img/calendar-icon.png
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74886aac083e91bee8f59ac1532769dd0b59004136ede2e72e084f30c590cc51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 2e041f5c-6ec7-4d5e-a465-59a767447029
cf-cache-status: HIT
age: 9984
cf-polished: origFmt=png, origSize=4193
content-disposition: inline; filename="calendar-icon.webp"
content-length: 1242
last-modified: Fri, 04 Feb 2022 13:23:34 GMT
server: cloudflare
etag: "04fd068ca19d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 13 Mar 2022 22:15:23 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6dc0ef81e8f89249-FRA
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 514 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44ac675ff9314744d06b4673372a2de64c051be02461340d538ffc1ce916d2c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 GothamNarrow-Bold.woff
application.forex.com/Content/fonts/ 32 KB
32 KB 46ms
45ms Font
font/x-woff 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/Content/fonts/GothamNarrow-Bold.woff
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bccc81de1eae76a3227f93faf8cba3abf908f2020d24154ae041d23d6982581

Request headers

Referer: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Origin: https://application.forex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef81f9099249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 5173e09b-a3cc-4414-a81d-1cb0571a4703
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 10:17:48 GMT
server: cloudflare
age: 1508559
etag: W/"02e7f23b0ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/x-woff
cache-control: public, max-age=2592000
content-encoding: gzip
expires: Sun, 13 Mar 2022 22:15:23 GMT

GET
H2 200 GothamNarrow-Medium.woff
application.forex.com/Content/fonts/ 32 KB
32 KB 40ms
40ms Font
font/x-woff 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/Content/fonts/GothamNarrow-Medium.woff
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58667d018907bbcca2260bf481ad115202a70733db44f6a48f4a6ae901307ec7

Request headers

Referer: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Origin: https://application.forex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef81f90b9249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 41818076-5b2f-4c9b-9fe4-dcd235e53099
cf-cache-status: HIT
last-modified: Fri, 04 Feb 2022 13:23:36 GMT
server: cloudflare
age: 14653
etag: W/"07c16aca19d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/x-woff
cache-control: public, max-age=2592000
content-encoding: gzip
expires: Sun, 13 Mar 2022 22:15:23 GMT

GET
H2 200 GothamNarrow-BookItalic.woff
application.forex.com/Content/fonts/ 34 KB
34 KB 33ms
33ms Font
font/x-woff 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/Content/fonts/GothamNarrow-BookItalic.woff
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1889771925a4c6b610557c0560c55cf4c3193f21a95b8c11532a58fc91bb51

Request headers

Referer: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Origin: https://application.forex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef81f90d9249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: fab27f1f-6c90-4221-9a23-7db30a44bf38
cf-cache-status: HIT
last-modified: Fri, 04 Feb 2022 13:23:36 GMT
server: cloudflare
age: 14653
etag: W/"07c16aca19d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/x-woff
cache-control: public, max-age=2592000
content-encoding: gzip
expires: Sun, 13 Mar 2022 22:15:23 GMT

GET
H/1.1 200
OK logo.js
mpsnare.iesnare.com/script/ 96 B
610 B 41ms
41ms Script
text/javascript 54.216.48.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/script/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/snare.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.216.48.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-48-107.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 22:15:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: Sat, 11 Feb 2023 22:15:23 GMT

GET
H2 200 SalesforceChat.html
application.forex.com/Resources/SalesforceChat/ Frame 9EE1 3 KB
1 KB 88ms
88ms Document
text/html 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/1

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-type: text/html
cache-control: public,max-age=2592000
last-modified: Fri, 04 Feb 2022 13:23:36 GMT
x-correlation-id: 724eceb9-6ab6-4c9d-a92a-ff3476649f85
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6dc0ef830baf9249-FRA
content-encoding: gzip

GET
H2 200 GetCountryOfResidenceSelectionResult
application.forex.com/form/ 246 B
341 B 108ms
108ms XHR
application/json 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/form/GetCountryOfResidenceSelectionResult?countryId=&getCountryFromIp=true
Requested by: Host: application.forex.com
URL: https://application.forex.com/Scripts/offline.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

applicationProcessId: 00000000-0000-0000-0000-000000000000
Accept-Language: de-DE,de;q=0.9
currentStep: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
applicationFormConfigurationId: en
Accept: */*
Referer: https://application.forex.com/en/step/1
X-Requested-With: XMLHttpRequest
__RequestVerificationToken: uVzJSNrBkGVW4WEF0Wuzc2JJmtCFWwlEIc6EO9yO9sswIzGgyNbmSyVUoJyIbOXegWWYNSypr4s0sZZ5_qpHie90AGU1

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 23a7fe1c-276e-4466-a546-654f1826a3ac
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6dc0ef833c319249-FRA
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
expires: -1

GET
H2 200 1055532734-0
af.monetate.net/trk/4/s/a-7f76b3d0/p/en.forex.com/ 3 KB
2 KB 104ms
84ms Script
application/x-javascript 104.111.231.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://af.monetate.net/trk/4/s/a-7f76b3d0/p/en.forex.com/1055532734-0?mr=t1590480046&mi=%272.1055722881.1644617723079%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1600&sh=1200&sc=24&j=!f&u=%27https://application.forex.com/en/step/1%27&fl=!f&hvc=!t&eoq=!t
Requested by: Host: se.monetate.net
URL: https://se.monetate.net/js/3/a-7f76b3d0/p/en.forex.com/t1590480046/ac10a499181fa337/custom.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-57.deploy.static.akamaitechnologies.com
Software: Monetate /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: gzip
server: Monetate
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store
server-timing: total;dur=32.3
timing-allow-origin: *
content-length: 1360
expires: Fri, 11 Feb 2022 22:15:23 GMT

GET
H2 200 corRedirect
application.forex.com/en/step/ 0
0 133ms
125ms Document
text/html 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/scripts/main?v=oyT-d_qpyUAx3W7RLOgkbBKAejSWJ83DM5umJO0M8LA1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/1

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
x-correlation-id: f8f1a698-6cc4-4521-8279-c7ebc90ee021
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6dc0ef841e649249-FRA
content-encoding: gzip

GET
H2 200 GetCountryOfResidenceSelectionResult
application.forex.com/form/ 246 B
276 B 108ms
103ms XHR
application/json 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/form/GetCountryOfResidenceSelectionResult?countryId=80&getCountryFromIp=false
Requested by: Host: application.forex.com
URL: https://application.forex.com/Scripts/offline.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

applicationProcessId: 00000000-0000-0000-0000-000000000000
Accept-Language: de-DE,de;q=0.9
currentStep: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
applicationFormConfigurationId: en
Accept: */*
Referer: https://application.forex.com/en/step/1
X-Requested-With: XMLHttpRequest
__RequestVerificationToken: uVzJSNrBkGVW4WEF0Wuzc2JJmtCFWwlEIc6EO9yO9sswIzGgyNbmSyVUoJyIbOXegWWYNSypr4s0sZZ5_qpHie90AGU1

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: b4cbfbc9-627d-4071-89a4-2df57c0bc552
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6dc0ef841e669249-FRA
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
expires: -1

GET
H2 200 boomerang-beacon.html
application.forex.com/ 122 B
122 B 95ms
94ms Image
text/html 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://application.forex.com/boomerang-beacon.html?nt_red_cnt=0&nt_nav_type=0&nt_nav_st=1644617722715&nt_red_st=0&nt_red_end=0&nt_fet_st=1644617722715&nt_dns_st=1644617722716&nt_dns_end=1644617722766&nt_con_st=1644617722766&nt_con_end=1644617722811&nt_req_st=1644617722815&nt_res_st=1644617722994&nt_res_end=1644617723038&nt_domloading=1644617722998&nt_domint=1644617723340&nt_domcontloaded_st=1644617723340&nt_domcontloaded_end=1644617723341&nt_domcomp=0&nt_load_st=0&nt_load_end=0&nt_unload_st=0&nt_unload_end=0&nt_ssl_st=1644617722784&nt_spdy=1&nt_cinf=h2&nt_first_paint=1644617723.266&rt.start=none&rt.bstart=1644617723299&rt.blstart=1644617723161&rt.end=1644617723503&rt.quit=&rt.abld=&u=https%3A%2F%2Fapplication.forex.com%2Fen%2Fstep%2F1&v=%25boomerang_version%25&vis.st=visible&ua.plt=Linux%20x86_64&ua.vnd=Google%20Inc.&pid=kw1bgg2g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 03971745-e4be-4f49-a984-d81a0185790e
cf-cache-status: DYNAMIC
last-modified: Fri, 04 Feb 2022 13:23:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6dc0ef841e679249-FRA
content-type: text/html
cache-control: public,max-age=2592000
content-encoding: gzip

GET
H2 200 salesforcechat.css
application.forex.com/Content/css/SalesforceChat/ Frame 9EE1 825 B
453 B 35ms
34ms Stylesheet
text/css 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/Content/css/SalesforceChat/salesforcechat.css
Requested by: Host: application.forex.com
URL: https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef841e6c9249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 5dfb3a8d-eaee-4112-b528-61b61c9635c6
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 10:17:48 GMT
server: cloudflare
age: 1508558
etag: W/"02e7f23b0ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-encoding: gzip
expires: Sun, 13 Mar 2022 22:15:23 GMT

GET
H2 200 esw-5.0.0.min.js
application.forex.com/Scripts/Main/SalesforceChat/ Frame 9EE1 29 KB
8 KB 35ms
35ms Script
application/javascript 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/Scripts/Main/SalesforceChat/esw-5.0.0.min.js
Requested by: Host: application.forex.com
URL: https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef841e6e9249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 9522e001-4703-4078-b260-0783aa394e61
cf-cache-status: HIT
last-modified: Thu, 27 Jan 2022 09:33:16 GMT
server: cloudflare
age: 139876
etag: W/"0d656e96013d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
content-encoding: gzip
expires: Sun, 13 Mar 2022 22:15:23 GMT

GET
H2 200 optimize.js
www.google-analytics.com/gtm/ 86 KB
34 KB 100ms
30ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-NCG4L59

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSHGV4L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34672
x-xss-protection: 0
expires: Fri, 11 Feb 2022 22:15:23 GMT

GET hotjar-1082258.js
static.hotjar.com/c/ 0
0

GET
H2 200 bundle.js
s.salecycle.com/gaincapital/ 0
325 B 127ms
35ms Script
application/javascript 65.9.77.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.salecycle.com/gaincapital/bundle.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSHGV4L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-77-9.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:10:15 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
last-modified: Mon, 19 Oct 2020 11:21:10 GMT
server: AmazonS3
age: 309
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
content-length: 0
x-amz-cf-id: 2_g5TpMlb70f2sbGQRF9scwmnveEh_xIrVbqFWAgKofFWRu2pPGq9A==

GET a.js
fm.ipinyou.com/j/ 0
0

GET
H2 200 client.min.js
assets.zuko.io/js/v2/ 13 KB
5 KB 105ms
23ms Script
application/javascript 2600:9000:2104:dc00:e:786e:9000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zuko.io/js/v2/client.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSHGV4L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:dc00:e:786e:9000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:04:23 GMT
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 08:30:57 GMT
server: AmazonS3
age: 663
etag: W/"8b14049d989c1b65994d17a86d26ebf0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: HSN5qqZTqsLr9pDcO9fQzecY6F1dK3eQOSsW0zVtrPggHmxEamQAhA==

GET
H2 200 B10522013.140342051;sz=1x2;ord=76331294
ad.doubleclick.net/ddm/adj/N5877.197812NSO.CODESRV/ 11 B
649 B 107ms
35ms Script
text/javascript 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N5877.197812NSO.CODESRV/B10522013.140342051;sz=1x2;ord=76331294?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSHGV4L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 99 KB
27 KB 61ms
17ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: application.forex.com
URL: https://application.forex.com/en/step/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: kSZOxXUdRwZAKDNA9hUcd56xJyx8dAyqHUnchfSiwxDs+WJos9g+U+hRPuVWeI3fZxHA3eL1uM0GLylKPeJ69w==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 11 Feb 2022 22:15:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET spp.pl
sp.analytics.yahoo.com/ 0
0

GET
H2 200 Primary Request corRedirect Show response
application.forex.com/en/step/ 247 KB
14 KB 88ms
88ms Document
text/html 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/scripts/main?v=oyT-d_qpyUAx3W7RLOgkbBKAejSWJ83DM5umJO0M8LA1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4983c4032fb16770e7d64348af51ace2dbd5871437183042b0b6d5b3216d193d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/1

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
x-correlation-id: ad4b1aeb-375b-4846-9bf6-1fcb7d2d0a4f
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6dc0ef84f89f9249-FRA
content-encoding: gzip

GET
H2 200 UqvqilQCsUtAWleBMyp4zoLxVZP4G4Efgvw.0iQLW2EaPkRBGHyoJC-WBi1kWL3hiaf28WXfHn2Ot4Y.png
sb.monetate.net/img/1/c/9265/c27377180fcdd8f3baee28deb38742aaf42e04bd/6.13.eJzNks9OxCAQxt8Frz1QSpemT6CJXtTEgzENLdMtWRYaoLp_0nd3uuim3vboiZnvm8L8vvRMOqO/73clZCKR-PxNpIqkJyVAPqVBHK_e6e9R2l4SB1Izh4aFH4... 15 KB
15 KB 50ms
40ms Image
image/png 104.111.231.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.monetate.net/img/1/c/9265/c27377180fcdd8f3baee28deb38742aaf42e04bd/6.13.eJzNks9OxCAQxt8Frz1QSpemT6CJXtTEgzENLdMtWRYaoLp_0nd3uuim3vboiZnvm8L8vvRMOqO/73clZCKR-PxNpIqkJyVAPqVBHK_e6e9R2l4SB1Izh4aFH4a4zLgDKJrlGHsE_KGxyyigKoxuTg8U96O0/Qr-0T2KmVHnvrkvIMQZ9ka2ClvXTeGYNzYS1GGae18Oqc-XvXm1ZxSG_5dCwvNwFMj_VXojiQuhRlRo6/k5nN2K3_Jb-BnQvxv_JJe-HPBLvx5Vc0fV95m9G4EH_XyY5znjGhkEjznG4EXglXgm1F6uV_sVWweZNS/f0CzjdjImI3CIYIN2FidGu10S_MmhoPSaI8o6NL-fkxqdqOMliWXdBLOhFDcJCI8LhkGi2TFRCJFXtO-/UqvqilQCsUtAWleBMyp4zoLxVZP4G4Efgvw.0iQLW2EaPkRBGHyoJC-WBi1kWL3hiaf28WXfHn2Ot4Y.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-57.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
server: nginx
timing-allow-origin: *
content-length: 15287
allow: GET, HEAD
content-type: image/png

GET
H2 200 1055532734-1
af.monetate.net/trk/4/i/a-7f76b3d0/p/en.forex.com/ 36 B
197 B 51ms
51ms Image
image/gif 104.111.231.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://af.monetate.net/trk/4/i/a-7f76b3d0/p/en.forex.com/1055532734-1?mr=t1590480046&mi=%272.1055722881.1644617723079%27&u=%27https://application.forex.com/en/step/1%23submitted%27&e=!(xi)&ii=!(%274,2,84507,,,,1644617723,0,1644617723%27)&eoq=!t
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-57.deploy.static.akamaitechnologies.com
Software: Monetate /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:23 GMT
server: Monetate
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 36
expires: Fri, 11 Feb 2022 22:15:23 GMT

GET
H2 200 1055532734-2
af.monetate.net/trk/4/i/a-7f76b3d0/p/en.forex.com/ 36 B
197 B 43ms
43ms Image
image/gif 104.111.231.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://af.monetate.net/trk/4/i/a-7f76b3d0/p/en.forex.com/1055532734-2?mr=t1590480046&mi=%272.1055722881.1644617723079%27&u=%27https://application.forex.com/en/step/1%23submitted%27&e=!(xi)&ii=!(%274,2,87209,,,,1644617723,1,1644617723%27)&eoq=!t
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-57.deploy.static.akamaitechnologies.com
Software: Monetate /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:23 GMT
server: Monetate
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 36
expires: Fri, 11 Feb 2022 22:15:23 GMT

GET 320214932486851
connect.facebook.net/signals/config/ 0
0

GET event
api.zuko.io/v2/ 0
0

GET analytics.js
www.google-analytics.com/ 0
0

GET
H2 200 entry.js Show response
se.monetate.net/js/2/a-7f76b3d0/p/en.forex.com/ 11 KB
5 KB 21ms
19ms Script
application/x-javascript 104.111.231.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://se.monetate.net/js/2/a-7f76b3d0/p/en.forex.com/entry.js
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0d29c88b357f879f874110fe5849ea09a0271a2acfb54e41c554eb6b56142ec2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 10:53:54 GMT
server: AkamaiNetStorage
etag: "1f15692a78eb4852985005b7ac8d7155:1643626434.219188"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 4783

GET
H2 200 CimaEN.css
application.forex.com/bundles/css/ 94 KB
16 KB 36ms
34ms Stylesheet
text/css 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6206dfbaadb48bd5fa7c385111023bc57547a4753745610269409d03fcee7b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef85aa519249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: e03851f7-b3a0-4492-8c08-39c9cd4148d1
cf-cache-status: HIT
last-modified: Thu, 10 Feb 2022 17:59:41 GMT
server: cloudflare
age: 101742
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31434258
content-encoding: gzip
expires: Fri, 10 Feb 2023 17:59:41 GMT

GET
H2 200 jquery Show response
application.forex.com/bundles/ 87 KB
31 KB 49ms
47ms Script
text/javascript 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/bundles/jquery?v=9ktsOtIo0upvJP7-7FiXuOoOJe58RLFJ__wIRPL2vGo1
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bffb08be9cf63ca033232441d191efc57504eb569ae09441b1b9cbf0fbdb2366

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef85aa539249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 191e8d3d-0f59-4e87-bdfc-cffb4e5292e0
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Feb 2022 22:15:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-encoding: gzip
expires: Sat, 11 Feb 2023 22:15:23 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 359 KB
90 KB 109ms
60ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSHGV4L

Requested by

Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

68774d0c4bac95ac45e5b645926e9bc4285ab3266269ec5488e0f6dcf62cea76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92546
x-xss-protection: 0
expires: Fri, 11 Feb 2022 22:15:23 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 73 KB
29 KB 81ms
32ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54HXRWV

Requested by

Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4b1c5e5f2f9693e76bfb513fbab68305ca865fa225056fc241d0e5ae95da325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29543
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 21:25:10 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Feb 2022 22:15:23 GMT

GET
H2 200 main Show response
application.forex.com/bundles/scripts/ 755 KB
180 KB 106ms
105ms Script
text/javascript 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/bundles/scripts/main?v=oyT-d_qpyUAx3W7RLOgkbBKAejSWJ83DM5umJO0M8LA1
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e21c2044b5c29601f48ac23c5c2aa8886a82a12daeffc733c5df01292bbd0d03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef85ba8b9249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: d7f4d844-0293-4da6-a136-49c08da070d5
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Feb 2022 22:15:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-encoding: gzip
expires: Sat, 11 Feb 2023 22:15:23 GMT

GET
H2 200 datepicker
application.forex.com/bundles/css/ 3 KB
857 B 47ms
46ms Stylesheet
text/css 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/bundles/css/datepicker?v=_pAOeIDu5RjCCmZd4OWGt97v2NpXj42WIhHoMfL5XcM1
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23823d2310d77cf7324cefb5bde8429869b48321b549144b7fb12c28d2128b99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef85ba8f9249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 5e06a434-e339-4756-aa18-caab9986df82
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Feb 2022 22:15:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
content-encoding: gzip
expires: Sat, 11 Feb 2023 22:15:23 GMT

GET
H2 200 salesforce-chat Show response
application.forex.com/bundles/ 30 KB
8 KB 46ms
45ms Script
text/javascript 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/bundles/salesforce-chat?v=ds3AFS0w275iwHnqdf3vKVwzTiB4bt79Y9HA93CWsXo1
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4513a22dfc8d1e2fd93c29af5a699e2ac72aa68777cf7985d1753c2f27ccb2f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef85ba909249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: cee13e98-681c-4167-8ff8-8e45d2315527
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Feb 2022 22:15:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-encoding: gzip
expires: Sat, 11 Feb 2023 22:15:23 GMT

GET
H2 200 chat-btn.png
application.forex.com/Content/css/img/ 480 B
718 B 54ms
46ms Image
image/webp 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://application.forex.com/Content/css/img/chat-btn.png
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7808e49c9c7cb5661e6b33331032fb1ea9156a7b0085bb2b352b57a67b9c3735

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: e25c6041-b61d-41a2-a41b-41daaa44b577
cf-cache-status: HIT
age: 101742
cf-polished: origFmt=png, origSize=536
content-disposition: inline; filename="chat-btn.webp"
content-length: 480
last-modified: Fri, 04 Feb 2022 13:23:36 GMT
server: cloudflare
etag: "07c16aca19d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 13 Mar 2022 22:15:23 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6dc0ef862b849249-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 offline.min.js Show response
application.forex.com/Scripts/ 9 KB
3 KB 85ms
77ms Script
application/javascript 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/Scripts/offline.min.js
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88e8cdc3ec6ff5dec467d749e7573c9d257fe5952777fc599f537faf6209d501

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef862b7e9249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 6e580c84-a53e-4489-8c32-53a4390e5f77
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 10:17:50 GMT
server: cloudflare
age: 1193400
etag: W/"05bb024b0ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
content-encoding: gzip
expires: Sun, 13 Mar 2022 22:15:23 GMT

GET
H2 200 offline
application.forex.com/bundles/css/ 6 KB
1 KB 98ms
90ms Stylesheet
text/css 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/bundles/css/offline?v=i9n8k-tatywH1FSeT5bgHmWACs03Zx1j9O-bkEAgCfY1
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfcc1b5632d2c069d79a8724f431b52174337619c2750f12399ec93066f9ae1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef862b829249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: d77b759c-ba0c-4f9b-afb9-85354643c542
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Feb 2022 22:15:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
content-encoding: gzip
expires: Sat, 11 Feb 2023 22:15:23 GMT

GET
H2 200 custom.js Show response
se.monetate.net/js/3/a-7f76b3d0/p/en.forex.com/t1590480046/ac10a499181fa337/ 178 KB
60 KB 55ms
48ms Script
application/x-javascript 104.111.231.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://se.monetate.net/js/3/a-7f76b3d0/p/en.forex.com/t1590480046/ac10a499181fa337/custom.js
Requested by: Host: se.monetate.net
URL: https://se.monetate.net/js/2/a-7f76b3d0/p/en.forex.com/entry.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4a72dc3ff341bcfd3d4b2503ef8351216baad44e6b016a591df5fc428aacc9ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 10:53:51 GMT
server: AkamaiNetStorage
etag: "15f61b77a2ed99017a130bc8bc99a6c9:1643626431.335728"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 prum.min.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 52ms
44ms Script
application/javascript 2606:4700:10::ac43:5d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/prum.min.js
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:5d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 14:01:38 GMT
server: cloudflare
age: 3384
etag: W/"609a8e42-1849"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=43200
cf-ray: 6dc0ef862c1c9061-FRA

GET
H2 200 BLXLP-4T6RL-RKJT7-XGN32-M6PRN Show response
s.go-mpulse.net/boomerang/ Frame A0D9 155 KB
39 KB 27ms
19ms Script
application/javascript 2a02:26f0:7100:199::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/BLXLP-4T6RL-RKJT7-XGN32-M6PRN
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:199::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8480446e5e20ccd3b4685bbf81b7e1f0dce0f8dd0c51c0f6eabd9febd0345092

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
content-encoding: br
last-modified: Mon, 17 Jan 2022 23:44:41 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 39823

GET
H2 200 FOREX-logo-en.svg
application.forex.com/Content/css/CimaEN/img/ 3 KB
1 KB 52ms
46ms Image
image/svg+xml 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://application.forex.com/Content/css/CimaEN/img/FOREX-logo-en.svg
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8b7fed088d0d77794ded0fb4833721c2665c53a807d67f44c617e63d4e0f329

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef862b889249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 21169c9a-986a-4674-96f4-dc6f8deb37c2
cf-cache-status: HIT
last-modified: Fri, 04 Feb 2022 13:23:34 GMT
server: cloudflare
age: 9984
etag: W/"04fd068ca19d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
content-encoding: gzip
expires: Sun, 13 Mar 2022 22:15:23 GMT

GET
H2 200 sprite_icon_utility.png
application.forex.com/Content/css/CimaEN/img/ 594 B
771 B 95ms
90ms Image
image/webp 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://application.forex.com/Content/css/CimaEN/img/sprite_icon_utility.png
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d9a6fd47bbc0fe516fd14c9a88f37f136bc123b96a046f61a38b677e4b94b98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 9a5ec637-88e7-40f7-862a-5b2f9b0f5ed1
cf-cache-status: HIT
age: 101742
cf-polished: origFmt=png, origSize=833
content-disposition: inline; filename="sprite_icon_utility.webp"
content-length: 594
last-modified: Fri, 04 Feb 2022 13:23:34 GMT
server: cloudflare
etag: "04fd068ca19d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 13 Mar 2022 22:15:23 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6dc0ef862b8a9249-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 icon__lock.png
application.forex.com/Content/css/CimaEN/img/ 810 B
971 B 82ms
77ms Image
image/webp 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://application.forex.com/Content/css/CimaEN/img/icon__lock.png
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e220f86ca1dedc22ed5650694d8a720fb88ac4986ff07088c2e51389f2c1d8b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 8385c55c-78b1-46b3-b1c0-9247c3b02aed
cf-cache-status: HIT
age: 3972
cf-polished: origFmt=png, origSize=996
content-disposition: inline; filename="icon__lock.webp"
content-length: 810
last-modified: Fri, 04 Feb 2022 13:23:34 GMT
server: cloudflare
etag: "04fd068ca19d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 13 Mar 2022 22:15:23 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6dc0ef862b8b9249-FRA
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 514 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44ac675ff9314744d06b4673372a2de64c051be02461340d538ffc1ce916d2c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 GothamNarrow-Bold.woff
application.forex.com/Content/fonts/ 32 KB
32 KB 76ms
72ms Font
font/x-woff 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/Content/fonts/GothamNarrow-Bold.woff
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bccc81de1eae76a3227f93faf8cba3abf908f2020d24154ae041d23d6982581

Request headers

Referer: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Origin: https://application.forex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef862b869249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 5173e09b-a3cc-4414-a81d-1cb0571a4703
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 10:17:48 GMT
server: cloudflare
age: 1508559
etag: W/"02e7f23b0ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/x-woff
cache-control: public, max-age=2592000
content-encoding: gzip
expires: Sun, 13 Mar 2022 22:15:23 GMT

GET
H2 200 GothamNarrow-Book.woff
application.forex.com/Content/fonts/ 32 KB
32 KB 51ms
46ms Font
font/x-woff 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/Content/fonts/GothamNarrow-Book.woff
Requested by: Host: application.forex.com
URL: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a5af2c8e228db8baf048b35cf7ffeddd1697612770af54a9ed6a3815f0c55a

Request headers

Referer: https://application.forex.com/bundles/css/CimaEN.css?v=V_wfJkkklBjt4TGzHmI738-6_G06UcK86PIWw2B8iBs1
Origin: https://application.forex.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef862b879249-FRA
date: Fri, 11 Feb 2022 22:15:23 GMT
x-correlation-id: 8a9020d0-ab28-4991-a6b2-59a8203c004b
cf-cache-status: HIT
last-modified: Fri, 04 Feb 2022 13:23:36 GMT
server: cloudflare
age: 14653
etag: W/"07c16aca19d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/x-woff
cache-control: public, max-age=2592000
content-encoding: gzip
expires: Sun, 13 Mar 2022 22:15:23 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame A0D9 573 B
846 B 99ms
36ms XHR
application/json 2a02:26f0:6c00:1b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=BLXLP-4T6RL-RKJT7-XGN32-M6PRN&d=application.forex.com&t=5482059&v=1.500.0&if=&sl=0&si=q4r8wrt20t-NaN&plugins=ConfigOverride,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/BLXLP-4T6RL-RKJT7-XGN32-M6PRN
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f4c149632880fcf5d757444734725c0c2428e4671045d2784a6030015464978f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 22:15:24 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 573
Content-Type: application/json

GET
H2 200 SalesforceChat.html Show response
application.forex.com/Resources/SalesforceChat/ Frame 4EF3 3 KB
1 KB 46ms
46ms Document
text/html 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d20b25bc677c80b784d493a6759a86213366ac0ae01cffb669614ccf480e6877

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80

Response headers

date: Fri, 11 Feb 2022 22:15:24 GMT
content-type: text/html
cache-control: public,max-age=2592000
last-modified: Fri, 04 Feb 2022 13:23:36 GMT
vary: Accept-Encoding
x-correlation-id: ff990e4b-bba5-462a-a1e0-8ee11eb4f80f
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6dc0ef870e309249-FRA
content-encoding: gzip

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSHGV4L

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2430
date: Fri, 11 Feb 2022 21:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Feb 2022 23:34:54 GMT

GET
H3 200 optimize.js Show response
www.google-analytics.com/gtm/ 88 KB
35 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-NCG4L59

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSHGV4L

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

420b684f9ae6d2db43b764308c9dc73534529b24a113052a4e54003051073a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:24 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35700
x-xss-protection: 0
expires: Fri, 11 Feb 2022 22:15:24 GMT

GET
H2 200 hotjar-1082258.js Show response
static.hotjar.com/c/ 66 KB
6 KB 35ms
35ms Script
application/javascript 65.9.78.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1082258.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSHGV4L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-83.ams1.r.cloudfront.net

Software

Resource Hash

ea70856da8845d823e663a4bb32dface1386422e7cf9b52454db138e5746d49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 33
etag: W/999238f3021bf4501b506fce544928de
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: kC55m7dQLsdHFw9lHXOQcDTaYA7_3tQqSRlDbiQB060jaDFqSd1Eqw==
via: 1.1 4d43f2ff38c53dabf47263f1495ad9c0.cloudfront.net (CloudFront)

GET
H2 200 bundle.js Show response
s.salecycle.com/gaincapital/ 0
325 B 28ms
28ms Script
application/javascript 65.9.77.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.salecycle.com/gaincapital/bundle.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSHGV4L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-77-9.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:10:15 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
last-modified: Mon, 19 Oct 2020 11:21:10 GMT
server: AmazonS3
age: 310
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
content-length: 0
x-amz-cf-id: hC_cuh7793E3aHVSVXzX-8cHyavrM8wPvhc4l1U3aEvq6UluS2qzWQ==

GET
H2 200 a.js Show response
fm.ipinyou.com/j/ 29 KB
11 KB 17ms
17ms Script
application/x-javascript 101.33.11.48
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://fm.ipinyou.com/j/a.js
Requested by: Host: application.forex.com
URL: https://application.forex.com/en/step/1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.33.11.48 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWS_Oversea_AP /
Resource Hash: 22fd62a5862a45a917dfd81995fb8cfd0050a905bf861ef6b75900f45b6c6d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:24 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified: Thu, 17 Sep 2020 03:42:38 GMT
server: NWS_Oversea_AP
etag: "5f62db2e-72a5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 998f0163-a51f-4a1f-b094-22be5e890743
accept-ranges: bytes
content-length: 10523
expires: Fri, 11 Feb 2022 22:25:23 GMT

GET
H2 200 client.min.js Show response
assets.zuko.io/js/v2/ 13 KB
5 KB 26ms
26ms Script
application/javascript 2600:9000:2104:dc00:e:786e:9000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zuko.io/js/v2/client.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSHGV4L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:dc00:e:786e:9000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f1052b54111bbee89214ac149ab9b2cccf5b12b550d1e35f4672a009ca7d05d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:04:23 GMT
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 08:30:57 GMT
server: AmazonS3
age: 664
etag: W/"8b14049d989c1b65994d17a86d26ebf0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: JNe1azHMIyVpQA2BXMsJQ_2-blSFnhXBFF7hdw0OpPwYc8TZLVheXw==

GET
H3 200 B10522013.140342051;sz=1x2;ord=2113196954 Show response
ad.doubleclick.net/ddm/adj/N5877.197812NSO.CODESRV/ 11 B
39 B 62ms
33ms Script
text/javascript 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N5877.197812NSO.CODESRV/B10522013.140342051;sz=1x2;ord=2113196954?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSHGV4L

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 24ms
24ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: application.forex.com
URL: https://application.forex.com/en/step/1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: kSZOxXUdRwZAKDNA9hUcd56xJyx8dAyqHUnchfSiwxDs+WJos9g+U+hRPuVWeI3fZxHA3eL1uM0GLylKPeJ69w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 11 Feb 2022 22:15:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1630718978-0 Show response
af.monetate.net/trk/4/s/a-7f76b3d0/p/en.forex.com/ 2 KB
749 B 50ms
50ms Script
application/x-javascript 104.111.231.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://af.monetate.net/trk/4/s/a-7f76b3d0/p/en.forex.com/1630718978-0?mr=t1590480046&mi=%272.1055722881.1644617723079%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&r=%27https://application.forex.com/en/step/1%27&sw=1600&sh=1200&sc=24&j=!f&tg=!(!(57590))&u=%27https://application.forex.com/en/step/corRedirect%3Ftype%3Dsoftstop%26country%3Dde%26countryId%3D80%27&fl=!f&hvc=!t&eoq=!t
Requested by: Host: se.monetate.net
URL: https://se.monetate.net/js/3/a-7f76b3d0/p/en.forex.com/t1590480046/ac10a499181fa337/custom.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.231.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-231-57.deploy.static.akamaitechnologies.com
Software: Monetate /
Resource Hash: 31988639d0c426a4955ed6374af705a4a4aec80e9b23544d7499b592d24dd972

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:24 GMT
content-encoding: gzip
server: Monetate
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store
server-timing: total;dur=6.0
timing-allow-origin: *
content-length: 523
expires: Fri, 11 Feb 2022 22:15:24 GMT

GET
H2 200 salesforcechat.css
application.forex.com/Content/css/SalesforceChat/ Frame 4EF3 825 B
399 B 40ms
39ms Stylesheet
text/css 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/Content/css/SalesforceChat/salesforcechat.css
Requested by: Host: application.forex.com
URL: https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1faa0f0fd3f6260ce5c6556fa9c12c9336733d27fd571e3ae56a0033eb2e8ef5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef87bfcf9249-FRA
date: Fri, 11 Feb 2022 22:15:24 GMT
x-correlation-id: 5dfb3a8d-eaee-4112-b528-61b61c9635c6
cf-cache-status: HIT
last-modified: Fri, 21 Jan 2022 10:17:48 GMT
server: cloudflare
age: 1508559
etag: W/"02e7f23b0ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-encoding: gzip
expires: Sun, 13 Mar 2022 22:15:24 GMT

GET
H2 200 esw-5.0.0.min.js Show response
application.forex.com/Scripts/Main/SalesforceChat/ Frame 4EF3 29 KB
8 KB 39ms
37ms Script
application/javascript 2606:4700::6812:1e5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://application.forex.com/Scripts/Main/SalesforceChat/esw-5.0.0.min.js
Requested by: Host: application.forex.com
URL: https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd4f3c25f50a41ccf6a64fe4e7f0f832c562be787bd3640eab735e8ec4335251

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray: 6dc0ef87bfd39249-FRA
date: Fri, 11 Feb 2022 22:15:24 GMT
x-correlation-id: 9522e001-4703-4078-b260-0783aa394e61
cf-cache-status: HIT
last-modified: Thu, 27 Jan 2022 09:33:16 GMT
server: cloudflare
age: 139877
etag: W/"0d656e96013d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
content-encoding: gzip
expires: Sun, 13 Mar 2022 22:15:24 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 23ms
23ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1927526065&t=event&ni=1&_s=1&dl=https%3A%2F%2Fapplication.forex.com%2Fen%2Fstep%2FcorRedirect%3Ftype%3Dsoftstop%26country%3Dde%26countryId%3D80&ul=en-us&de=UTF-8&dt=FOREX.com%20%7C%20Account%20Application&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=OLS%20Form%20COR%20Redirects&ea=softstop&el=de&_u=YEBAAAABQAAAAC~&jid=1977676961&gjid=89218565&cid=1952900239.1644617724&tid=UA-84589865-40&_gid=1603155994.1644617724&_r=1&gtm=2wg290NSHGV4L&cd2=false&z=606845177

Requested by

Host: application.forex.com
URL: https://application.forex.com/Scripts/offline.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://application.forex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://application.forex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 202 event Show response
api.zuko.io/v2/ 0
121 B 41ms
41ms XHR
text/plain 2a05:d018:195:e404:f71:5aef:23c9:7269
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.zuko.io/v2/event?visitorId=RIurdFfKQ6aYM6SznwGv4gzlWkB0xIx3&formSlug=cima-en_step1&domain=forex.com&attributes%5BvistorType%5D=New%20Visitor&timeStamp=1644617724115&type=completion
Requested by: Host: application.forex.com
URL: https://application.forex.com/Scripts/offline.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:195:e404:f71:5aef:23c9:7269 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 11 Feb 2022 22:15:24 GMT
x-powered-by: Express
content-length: 0
x-request-id: 22523e3a-e78e-4ff0-8d1d-2f8dfe7bea1f

GET
H2 200 modules.855de5fca5328f4d913a.js Show response
script.hotjar.com/ 235 KB
62 KB 95ms
25ms Script
application/javascript 65.9.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.855de5fca5328f4d913a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1082258.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.78.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-78-128.ams1.r.cloudfront.net

Software

Resource Hash

23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 17:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104118
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 62578
access-control-allow-origin: *
last-modified: Thu, 10 Feb 2022 17:19:42 GMT
etag: "6f96b4466f1ad2a1f9575d6ac84a137f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5e828cc6ff056cb59ec35c3467ec45f4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: eiFOryedD1R-DFe_YY21QKX4B1pu_XmUzjgAFBsNhgpTma4GpY45IA==

GET
H/1.1 200
OK presadv Show response
stats.ipinyou.com/ 475 B
1 KB 873ms
211ms Script
text/javascript 124.251.13.9
CHINA-ABITCOOL Ab...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.ipinyou.com/presadv?a=Lsh..Mk8siSGarl77bKn8zPja-0&cb=py.cb
Requested by: Host: fm.ipinyou.com
URL: https://fm.ipinyou.com/j/a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 124.251.13.9 , China, ASN9802 (CHINA-ABITCOOL AbitcoolChina Inc., CN),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 5bcff95879449b41f47dfbc9e19b2dd16479e51b779bc35e1628e4cbfa6c2b2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 22:15:24 GMT
Server: nginx/1.10.3
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript;charset=utf-8
Content-Length: 475
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 320214932486851 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 130ms
130ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/320214932486851?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6190e0c73e66772e1d544de07412cbc71e8433ba876aa5b0bf20aaf4c1d01508

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: fn3q+yl93wGm4c7stEf9g1HA330NleqozS4g7YrSE43UexpZnxR3hWZAQqmcaiNfHkcGlGH4sdHqxdtCC2ow8A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 11 Feb 2022 22:15:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
536 B 94ms
23ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: application.forex.com
URL: https://application.forex.com/Scripts/offline.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://application.forex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Feb 2022 22:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://application.forex.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 81ms
30ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-84589865-40&cid=1952900239.1644617724&jid=1977676961&gjid=89218565&_gid=1603155994.1644617724&_u=YEBAAAAAQAAAAC~&z=956728467

Requested by

Host: application.forex.com
URL: https://application.forex.com/Scripts/offline.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://application.forex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Feb 2022 22:15:24 GMT
content-type: text/plain
access-control-allow-origin: https://application.forex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ Frame 4EF3 3 KB
2 KB 156ms
30ms Script
application/x-javascript 161.71.0.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: application.forex.com
URL: https://application.forex.com/Scripts/Main/SalesforceChat/esw-5.0.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

a743cabdf56f0bec67d35ef5435b030a7ef10a02f41153403fbc77c79724ade5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 20:12:59 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 15 Sep 2021 20:20:28 GMT
Age: 7345
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 1375
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Feb 2022 20:12:59 GMT

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame F908 2 KB
1 KB 104ms
22ms Document
text/html 65.9.78.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1082258.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-79.ams1.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5e828cc6ff056cb59ec35c3467ec45f4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: vn1XSLYd_0UHNTLRZroAxZezH47sRHI3aBmbzpZkOnigWDRitQgq1Q==
age: 652998

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 82ms
28ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-84589865-40&cid=1952900239.1644617724&jid=1977676961&_u=YEBAAAAAQAAAAC~&z=326512990

Requested by

Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 83ms
26ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-84589865-40&cid=1952900239.1644617724&jid=1977676961&_u=YEBAAAAAQAAAAC~&z=326512990

Requested by

Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
465 B 98ms
28ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: application.forex.com
URL: https://application.forex.com/Scripts/offline.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://application.forex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Feb 2022 22:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://application.forex.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 66ms
19ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=320214932486851&ev=PageView&dl=https%3A%2F%2Fapplication.forex.com%2Fen%2Fstep%2FcorRedirect%3Ftype%3Dsoftstop%26country%3Dde%26countryId%3D80&rl=https%3A%2F%2Fapplication.forex.com%2Fen%2Fstep%2F1&if=false&ts=1644617724319&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644617724313.420605241&it=1644617724127&coo=false&exp=p0&rqm=GET

Requested by

Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 11 Feb 2022 22:15:24 GMT

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ Frame 4EF3 9 KB
4 KB 33ms
30ms Stylesheet
text/css 161.71.0.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: application.forex.com
URL: https://application.forex.com/Scripts/Main/SalesforceChat/esw-5.0.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 20:14:55 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 27 Aug 2021 14:11:56 GMT
Age: 7229
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 4027
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Feb 2022 20:14:55 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ Frame 4EF3 20 KB
6 KB 65ms
29ms Script
application/x-javascript 161.71.0.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: application.forex.com
URL: https://application.forex.com/Scripts/Main/SalesforceChat/esw-5.0.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

a1186fc137bb42d3bcaace62718d533a37817301f66c2733edd02bc350c077ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 20:11:43 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 16 Sep 2021 16:54:32 GMT
Age: 7421
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 5758
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Feb 2022 20:11:43 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1082258/ 146 B
323 B 130ms
42ms XHR
application/json 52.16.248.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1082258/visit-data?sv=7
Requested by: Host: application.forex.com
URL: https://application.forex.com/Scripts/offline.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.248.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-248-108.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd

Request headers

Referer: https://application.forex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 11 Feb 2022 22:15:24 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 1082258 Show response
vc.hotjar.io/sessions/ 0
257 B 124ms
46ms XHR
text/plain 65.9.78.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1082258?s=0.25&r=0.23067422570810092
Requested by: Host: application.forex.com
URL: https://application.forex.com/Scripts/offline.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-66.ams1.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:24 GMT
via: 1.1 cc03ea6a31b592e93e84115778cdc494.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: uh7FYjMI0x07dRiR_qSWQBCT9317vlwdLPk0EFUjXQHiLAbbvJpNyQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 25ms
25ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1927526065&t=pageview&_s=1&dl=https%3A%2F%2Fapplication.forex.com%2Fen%2Fstep%2FcorRedirect%3Ftype%3Dsoftstop%26country%3Dde%26countryId%3D80&ul=en-us&de=UTF-8&dt=FOREX.com%20%7C%20Account%20Application&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAAABQAQCAC~&jid=1352076455&gjid=322707132&cid=1952900239.1644617724&tid=UA-84589865-40&_gid=1603155994.1644617724&_r=1&gtm=2wg290NSHGV4L&cd2=1952900239.1644617724&cd66=https%3A%2F%2Fapplication.forex.com%2Fen%2Fstep%2F1&cd71=nshgv4l&z=355780299

Requested by

Host: application.forex.com
URL: https://application.forex.com/Scripts/offline.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://application.forex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://application.forex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
16ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1927526065&t=event&ni=1&_s=2&dl=https%3A%2F%2Fapplication.forex.com%2Fen%2Fstep%2FcorRedirect%3Ftype%3Dsoftstop%26country%3Dde%26countryId%3D80&ul=en-us&de=UTF-8&dt=FOREX.com%20%7C%20Account%20Application&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Monetate&ea=Data-Collect-Abandoned-Applications_1343710&el=Experiment&_u=aHDAAAABQAQCAC~&jid=&gjid=&cid=1952900239.1644617724&tid=UA-84589865-40&_gid=1603155994.1644617724&gtm=2wg290NSHGV4L&cd2=false&z=1225025037

Requested by

Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 05:37:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59895
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 55ms
25ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-84589865-40&cid=1952900239.1644617724&jid=1352076455&gjid=322707132&_gid=1603155994.1644617724&_u=aHDAAAABQAQCAC~&z=1091294725

Requested by

Host: application.forex.com
URL: https://application.forex.com/Scripts/offline.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://application.forex.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Feb 2022 22:15:24 GMT
content-type: text/plain
access-control-allow-origin: https://application.forex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK esw.html Show response
service.force.com/embeddedservice/5.0/ Frame B3CC 194 B
1 KB 34ms
31ms Document
text/html 161.71.0.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html

Requested by

Host: application.forex.com
URL: https://application.forex.com/Scripts/Main/SalesforceChat/esw-5.0.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/

Response headers

Date: Fri, 11 Feb 2022 22:15:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Expires: Sat, 12 Feb 2022 22:15:24 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H/1.1 200
OK eswFrame.min.js Show response
service.force.com/embeddedservice/5.0/ Frame B3CC 5 KB
2 KB 30ms
29ms Script
application/x-javascript 161.71.0.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 20:11:43 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 04 Mar 2021 00:36:08 GMT
Age: 7421
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 1804
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Feb 2022 20:11:43 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 57ms
29ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-84589865-40&cid=1952900239.1644617724&jid=1352076455&_u=aHDAAAABQAQCAC~&z=1233730871

Requested by

Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 52ms
26ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-84589865-40&cid=1952900239.1644617724&jid=1352076455&_u=aHDAAAABQAQCAC~&z=1233730871

Requested by

Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK session.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame B3CC 2 KB
1 KB 29ms
28ms Script
application/x-javascript 161.71.0.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 20:12:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Mar 2021 18:51:46 GMT
Age: 7381
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 768
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Feb 2022 20:12:23 GMT

GET
H/1.1 200
OK broadcast.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame B3CC 2 KB
1 KB 28ms
27ms Script
application/x-javascript 161.71.0.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 19:08:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Feb 2021 00:07:24 GMT
Age: 11216
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 779
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Feb 2022 19:08:28 GMT

GET
H/1.1 200
OK chasitor.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame B3CC 22 KB
5 KB 29ms
29ms Script
application/x-javascript 161.71.0.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

dc1ec9e02f7fd28a008997a1e9ef0360dba6866fe21e7553cee19ad23c41901e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 20:11:43 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 25 May 2021 17:01:20 GMT
Age: 7421
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 5016
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Feb 2022 20:11:43 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la4-c2-ia5.salesforceliveagent.com/chat/rest/EmbeddedService/ Frame 4EF3 16 KB
4 KB 805ms
107ms Script
text/javascript 13.110.70.224
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c2-ia5.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D300000000CHg&EmbeddedServiceConfig.configName=Forex_com_CIMA_EN&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.70.224 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg1-c6-iad5.la4-c2-ia5.salesforceliveagent.com

Software

Resource Hash

8cceaf14dc15ca60334878db5f11d4113ba519b4cc724393c607d14d95a58457

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK invite.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ Frame 4EF3 18 KB
5 KB 28ms
28ms Script
application/x-javascript 161.71.0.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: application.forex.com
URL: https://application.forex.com/Scripts/Main/SalesforceChat/esw-5.0.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

98efd9f1b80ef8fb38694de1212745a8067a60f027cb87b08f4ed8920a72aa82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 20:13:01 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 15 Apr 2021 16:21:22 GMT
Age: 7343
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 4477
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Feb 2022 20:13:01 GMT

GET
H/1.1 200
OK filetransfer.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame B3CC 473 B
744 B 28ms
28ms Script
application/x-javascript 161.71.0.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/filetransfer.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://application.forex.com/Resources/SalesforceChat/SalesforceChat.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 20:12:23 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Age: 7381
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 231
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Feb 2022 20:12:23 GMT

GET
H/1.1 200
OK Settings.jsonp Show response
d.la4-c2-ia5.salesforceliveagent.com/chat/rest/Visitor/ Frame 4EF3 345 B
675 B 770ms
104ms Script
text/javascript 13.110.70.224
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c2-ia5.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5737V00000000qj]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5727V00000000fg&org_id=00D300000000CHg&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.70.224 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg1-c6-iad5.la4-c2-ia5.salesforceliveagent.com

Software

Resource Hash

12b57e38065a5e4e4e0f57dd99ef2c8346996071b3b251e350aa2d8e54e418ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK inert.min.js Show response
service.force.com/embeddedservice/5.0/utils/ Frame 4EF3 8 KB
3 KB 29ms
28ms Script
application/x-javascript 161.71.0.37
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: application.forex.com
URL: https://application.forex.com/Scripts/Main/SalesforceChat/esw-5.0.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.37 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 20:11:44 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Age: 7420
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 2469
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Feb 2022 20:11:44 GMT

GET
H/1.1 200
OK adv Show response
stats.ipinyou.com/ 0
436 B 194ms
193ms Script
application/javascript 124.251.13.9
CHINA-ABITCOOL Ab...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.ipinyou.com/adv?a=Lsh..Mk8siSGarl77bKn8zPja-0&u=https%3A%2F%2Fapplication.forex.com%2Fen%2Fstep%2FcorRedirect%3Ftype%3Dsoftstop%26country%3Dde%26countryId%3D80&r=https%3A%2F%2Fapplication.forex.com%2Fen%2Fstep%2F1&rd=1644617725010&v=2&e=sr%3D1600x1200%26sc%3D24-bit%26je%3Dfalse%26lg%3Den-us%26vb%3D1%26did%3D%26dt%3D%26ps%3D1600x1200%26vp%3D1600x1200%26ec%3DUTF-8%26vbt%3D885%26sp%3D100%26ur%3D%26st%3D%26ev%3Dvg
Requested by: Host: fm.ipinyou.com
URL: https://fm.ipinyou.com/j/a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 124.251.13.9 , China, ASN9802 (CHINA-ABITCOOL AbitcoolChina Inc., CN),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 22:15:25 GMT
Server: nginx/1.10.3
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

cms.gif
cm.ipinyou.com/baidu/ Frame FA2B
Redirect Chain

https://cm.pos.baidu.com/pixel?dspid=6418041&ext_data=8342
https://cm.ipinyou.com/baidu/cms.gif?baidu_error=1&timestamp=1644617727

43 B
736 B

433ms
173ms

Image
image/gif

39.106.29.39
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.ipinyou.com/baidu/cms.gif?baidu_error=1&timestamp=1644617727
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 39.106.29.39 Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 22:15:27 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://cm.ipinyou.com/baidu/cms.gif?baidu_error=1&timestamp=1644617727
Date: Fri, 11 Feb 2022 22:15:27 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/html
Content-Length: 0
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

cms.gif
cm.ipinyou.com/gdn/ Frame FA2B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=ipy&google_cm&ext_data=8342
https://cm.ipinyou.com/gdn/cms.gif?ext_data=8342&google_gid=CAESEHbrLBXIgrKkKnhCdA5ROn4&google_cver=1

43 B
735 B

510ms
173ms

Image
image/gif

39.106.29.39
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.ipinyou.com/gdn/cms.gif?ext_data=8342&google_gid=CAESEHbrLBXIgrKkKnhCdA5ROn4&google_cver=1
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 39.106.29.39 Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 22:15:25 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 22:15:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.ipinyou.com/gdn/cms.gif?ext_data=8342&google_gid=CAESEHbrLBXIgrKkKnhCdA5ROn4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

cms.gif
cm.ipinyou.com/youku/ Frame FA2B
Redirect Chain

https://cyes.youku.com/cm.gif?dspid=11112&s=1&ext_data=8342
https://cm.ipinyou.com/youku/cms.gif?mzid=1644617726482qCb

0
0

GET
H/1.1

200
OK

cms.gif
cm.ipinyou.com/qiyi/ Frame FA2B
Redirect Chain

https://ckm.iqiyi.com/pixel?qiyi_nid=71000015&qiyi_sc&ext_data=8342
https://cm.ipinyou.com/qiyi/cms.gif?qiyi_uid=a4009033aa9a939c31b10720fabb654b

43 B
737 B

501ms
174ms

Image
image/gif

39.106.29.39
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.ipinyou.com/qiyi/cms.gif?qiyi_uid=a4009033aa9a939c31b10720fabb654b
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 39.106.29.39 Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 22:15:27 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://cm.ipinyou.com/qiyi/cms.gif?qiyi_uid=a4009033aa9a939c31b10720fabb654b
Date: Fri, 11 Feb 2022 22:15:26 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="ALL DSP COR NID"

GET
H/1.1

200
OK

cms.gif
cm.ipinyou.com/sohu/ Frame FA2B
Redirect Chain

https://ckm.aty.sohu.com/cm.gif?ver=1&mid=10012&ext_data=8342
https://cm.ipinyou.com/sohu/cms.gif?suid=2202120615273831&ver=1

43 B
736 B

411ms
172ms

Image
image/gif

39.106.29.39
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.ipinyou.com/sohu/cms.gif?suid=2202120615273831&ver=1
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 39.106.29.39 Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 22:15:27 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://cm.ipinyou.com/sohu/cms.gif?suid=2202120615273831&ver=1
date: Fri, 11 Feb 2022 22:15:27 GMT
fss-proxy: Powered by 6512038.11492784.7384562, Powered by 4544565.5003327.7961660
server: nginx
content-type: text/html

GET
H/1.1

200
OK

cms.gif
cm.ipinyou.com/qq/ Frame FA2B
Redirect Chain

https://cm.l.qq.com/?dspid=10016&dspuid=G1LIOs21cjIy&gettuid=1&ext_data=8342
https://cm.ipinyou.com/qq/cms.gif?tuid=AQEBGBgOHxQyRPRVMILBtGM1soifTHPX8S5T&ver=1

43 B
736 B

173ms
172ms

Image
image/gif

39.106.29.39
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.ipinyou.com/qq/cms.gif?tuid=AQEBGBgOHxQyRPRVMILBtGM1soifTHPX8S5T&ver=1
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 39.106.29.39 Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 22:15:26 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: http://cm.ipinyou.com/qq/cms.gif?tuid=AQEBGBgOHxQyRPRVMILBtGM1soifTHPX8S5T&ver=1
Date: Fri, 11 Feb 2022 22:15:26 GMT
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=GB2312

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 39ms
18ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=320214932486851&ev=Microdata&dl=https%3A%2F%2Fapplication.forex.com%2Fen%2Fstep%2FcorRedirect%3Ftype%3Dsoftstop%26country%3Dde%26countryId%3D80&rl=https%3A%2F%2Fapplication.forex.com%2Fen%2Fstep%2F1&if=false&ts=1644617725827&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20FOREX.com%20%7C%20Account%20Application%5Cn%20%20%20%20%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644617724313.420605241&it=1644617724127&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: application.forex.com
URL: https://application.forex.com/en/step/corRedirect?type=softstop&country=de&countryId=80

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://application.forex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 22:15:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 11 Feb 2022 22:15:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1082258.js?sv=7

Domain: fm.ipinyou.com
URL: https://fm.ipinyou.com/j/a.js

Domain: sp.analytics.yahoo.com
URL: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10175521&ea=signup&gtmcb=226369236

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/320214932486851?v=2.9.52&r=stable

Domain: api.zuko.io
URL: https://api.zuko.io/v2/event?visitorId=RIurdFfKQ6aYM6SznwGv4gzlWkB0xIx3&formSlug=cima-en_step1&domain=forex.com&attributes%5BVisitor%20Type%5D=New&attributes%5Bform%5D=AT&attributes%5BvistorType%5D=New%20Visitor&timeStamp=1644617723732&type=formView

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: cm.ipinyou.com
URL: https://cm.ipinyou.com/youku/cms.gif?mzid=1644617726482qCb

Verdicts & Comments Add Verdict or Comment

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.forex.com/	1970-01-20 05:09:29	Name: refUrl Value:
.forex.com/	1970-01-20 00:50:21	Name: landingPage Value: http://application.forex.com/en/step/1
application.forex.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: 188VIxiG3_hZqmSAlQ7DOWT13d6mWVEQ4MFMHhp5W3FG6OCc3Lh08LiwBhTBzel4Ij8eoqpDeejg9X7919g1v2PgFMo1
application.forex.com/	1969-12-31 23:59:59	Name: BIGipServerGTRDgYZ9lounGlmX9/KP2w Value: !gsv3C2D2rurhIE4Qf7eg3BC3oAUTsxYk7nm7PfvS3gEhSGeVh50vejsxd/eWWxkMdjS/5Yyzo2JUYA==
.forex.com/	1970-01-21 20:38:17	Name: mt.v Value: 2.1055722881.1644617723079
mpsnare.iesnare.com/	1970-01-20 09:35:53	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: Uj32TjYNC+fO7Lwsul3xnisIdVpLJQPYwNPPCFD2B4A=
.forex.com/	1970-01-20 01:00:22	Name: GUID Value: "23c383d7-75d0-4b9b-ad5e-feec1d727383"
.forex.com/	1970-01-20 02:59:53	Name: _gcl_au Value: 1.1.114930849.1644617724
.forex.com/	1970-01-20 05:13:05	Name: firstLandingPagePath Value: /en/step/1
.forex.com/	1970-01-20 18:21:29	Name: gaVisitNumCookie Value: 1
.forex.com/	1970-01-20 00:50:19	Name: gaSessionIdCookie Value: 20220211\|08999610
.forex.com/	1970-01-20 01:33:29	Name: Application_Starts Value: true
.forex.com/	1970-01-20 09:35:53	Name: zukoVisitorId Value: RIurdFfKQ6aYM6SznwGv4gzlWkB0xIx3
.forex.com/	1970-01-20 09:35:53	Name: zukoVisitorId-cima-en_step1 Value: RIurdFfKQ6aYM6SznwGv4gzlWkB0xIx3
.forex.com/	1970-01-20 01:00:22	Name: EH-RUM-RT Value: "r=https%3A%2F%2Fapplication.forex.com%2Fen%2Fstep%2F1&ul=1644617723659&hd=1644617723758"
.application.forex.com/	1970-01-20 01:33:29	Name: pageviewCount Value: 2
.application.forex.com/	1970-01-20 01:00:22	Name: EH-RUM-RT Value: "dm=application.forex.com&si=970d1ad4-947d-4ddf-8380-4d8608fbd5a8&ss=1644617723837&sl=0&tt=0&obo=0&sh=&bcn=%2Fboomerang-beacon.html"
.application.forex.com/	1970-01-20 18:21:29	Name: _ga Value: GA1.3.1952900239.1644617724
.application.forex.com/	1970-01-20 00:51:44	Name: _gid Value: GA1.3.1603155994.1644617724
.application.forex.com/	1970-01-20 00:50:17	Name: _gat_UA-84589865-40 Value: 1
.doubleclick.net/	1970-01-20 10:11:53	Name: IDE Value: AHWqTUnu4Km7sYtQWq3SAEKbVmcGuUGH2SOMnJZOEDfg1JXuOYhdgVRCVR8MbmF9Jc4
.forex.com/	1970-01-20 09:35:53	Name: _pykey_ Value: 691c8584-42fe-526d-9a36-bd86ddac1cd0
.forex.com/	1970-01-20 02:59:53	Name: _fbp Value: fb.1.1644617724313.420605241
.forex.com/	1970-01-20 09:35:53	Name: _hjSessionUser_1082258 Value: eyJpZCI6IjllNzk0YzMzLTU0NTItNTAzYS04MGZlLTg0OGJmMjExMTVkMCIsImNyZWF0ZWQiOjE2NDQ2MTc3MjQyNjMsImV4aXN0aW5nIjpmYWxzZX0=
.forex.com/	1970-01-20 00:50:19	Name: _hjFirstSeen Value: 1
application.forex.com/	1970-01-20 00:50:17	Name: _hjIncludedInSessionSample Value: 1
.forex.com/	1970-01-20 00:50:19	Name: _hjSession_1082258 Value: eyJpZCI6IjBiMGQ1YWRjLWM5MWItNDMyZC05ZWIzLThjY2Y1YTZhMzdkZSIsImNyZWF0ZWQiOjE2NDQ2MTc3MjQzNDksImluU2FtcGxlIjp0cnVlfQ==
application.forex.com/	1970-01-20 00:50:17	Name: _hjIncludedInPageviewSample Value: 1
.forex.com/	1970-01-20 00:50:19	Name: _hjAbsoluteSessionInProgress Value: 1
.forex.com/	1970-01-20 00:50:21	Name: AMP_TOKEN Value: %24NOT_FOUND
.application.forex.com/	1970-01-20 00:50:17	Name: _gat Value: 1
.force.com/	1970-01-20 09:35:53	Name: BrowserId_sec Value: HBIJ_ouIEeysA2lJCcII1w
.ipinyou.com/	1970-01-20 18:21:29	Name: PYID Value: M2C6FODeyzG
.iqiyi.com/	1970-01-20 09:35:53	Name: T00404 Value: f903307ac120941bbb0a5ba9943aa360
.iqiyi.com/	1970-01-20 00:57:29	Name: T00700 Value: EgcIz7-tIRAB
.ipinyou.com/	1970-01-20 01:04:41	Name: CMBMP Value: IWCP

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
af.monetate.net
ampcid.google.com
ampcid.google.de
api.zuko.io
application.forex.com
assets.zuko.io
c.go-mpulse.net
ckm.aty.sohu.com
ckm.iqiyi.com
cm.g.doubleclick.net
cm.ipinyou.com
cm.l.qq.com
cm.pos.baidu.com
connect.facebook.net
d.la4-c2-ia5.salesforceliveagent.com
fm.ipinyou.com
in.hotjar.com
mpsnare.iesnare.com
rum-static.pingdom.net
s.go-mpulse.net
s.salecycle.com
sb.monetate.net
script.hotjar.com
se.monetate.net
service.force.com
sp.analytics.yahoo.com
static.hotjar.com
stats.g.doubleclick.net
stats.ipinyou.com
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
api.zuko.io
cm.ipinyou.com
connect.facebook.net
fm.ipinyou.com
sp.analytics.yahoo.com
static.hotjar.com
www.google-analytics.com
101.33.11.48
104.111.231.57
110.242.68.135
116.211.198.129
124.251.13.9
13.110.70.224
13.69.222.243
161.71.0.37
172.217.16.130
216.58.212.134
2408:8711:10:10::53
2600:9000:2104:dc00:e:786e:9000:93a1
2606:4700:10::ac43:5d8
2606:4700::6812:1e5f
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:811::200e
2a00:1450:4001:827::200e
2a00:1450:400c:c08::9a
2a02:26f0:6c00:1b8::11a6
2a02:26f0:7100:199::11a6
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:d018:195:e404:f71:5aef:23c9:7269
39.106.29.39
52.16.248.108
54.216.48.107
65.9.77.9
65.9.78.128
65.9.78.66
65.9.78.79
65.9.78.83
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
0bccc81de1eae76a3227f93faf8cba3abf908f2020d24154ae041d23d6982581
0be6a022dc0ff0f6b0d5b4ff8dbd683c1a4c13cc86f199bc5e95a73b479cc294
0d29c88b357f879f874110fe5849ea09a0271a2acfb54e41c554eb6b56142ec2
0f1052b54111bbee89214ac149ab9b2cccf5b12b550d1e35f4672a009ca7d05d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
12b57e38065a5e4e4e0f57dd99ef2c8346996071b3b251e350aa2d8e54e418ed
1faa0f0fd3f6260ce5c6556fa9c12c9336733d27fd571e3ae56a0033eb2e8ef5
22fd62a5862a45a917dfd81995fb8cfd0050a905bf861ef6b75900f45b6c6d9c
23823d2310d77cf7324cefb5bde8429869b48321b549144b7fb12c28d2128b99
23b3d2b54537739075db04f57c66bd7a4b95aef7a8d95cfd50516c51ec094250
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2e1889771925a4c6b610557c0560c55cf4c3193f21a95b8c11532a58fc91bb51
31988639d0c426a4955ed6374af705a4a4aec80e9b23544d7499b592d24dd972
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
3bbb71833c449fd7760a487bffe05dfdf1eeea4e967b5ad1395c7bc2925d5d4b
420b684f9ae6d2db43b764308c9dc73534529b24a113052a4e54003051073a42
44ac675ff9314744d06b4673372a2de64c051be02461340d538ffc1ce916d2c7
4513a22dfc8d1e2fd93c29af5a699e2ac72aa68777cf7985d1753c2f27ccb2f9
4983c4032fb16770e7d64348af51ace2dbd5871437183042b0b6d5b3216d193d
4a72dc3ff341bcfd3d4b2503ef8351216baad44e6b016a591df5fc428aacc9ba
58667d018907bbcca2260bf481ad115202a70733db44f6a48f4a6ae901307ec7
5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9
5bcff95879449b41f47dfbc9e19b2dd16479e51b779bc35e1628e4cbfa6c2b2a
6190e0c73e66772e1d544de07412cbc71e8433ba876aa5b0bf20aaf4c1d01508
68774d0c4bac95ac45e5b645926e9bc4285ab3266269ec5488e0f6dcf62cea76
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
74886aac083e91bee8f59ac1532769dd0b59004136ede2e72e084f30c590cc51
7808e49c9c7cb5661e6b33331032fb1ea9156a7b0085bb2b352b57a67b9c3735
7d9a6fd47bbc0fe516fd14c9a88f37f136bc123b96a046f61a38b677e4b94b98
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8480446e5e20ccd3b4685bbf81b7e1f0dce0f8dd0c51c0f6eabd9febd0345092
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88e8cdc3ec6ff5dec467d749e7573c9d257fe5952777fc599f537faf6209d501
8cceaf14dc15ca60334878db5f11d4113ba519b4cc724393c607d14d95a58457
98efd9f1b80ef8fb38694de1212745a8067a60f027cb87b08f4ed8920a72aa82
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a1186fc137bb42d3bcaace62718d533a37817301f66c2733edd02bc350c077ae
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6206dfbaadb48bd5fa7c385111023bc57547a4753745610269409d03fcee7b5
a743cabdf56f0bec67d35ef5435b030a7ef10a02f41153403fbc77c79724ade5
a750919176d0c7e5da823c285c7535f9bae86ec214c47656915ef1c23e473a22
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bd50219667293fd4ee2c24ca0ab2140a609854fc6b1facb507cbf1d5d1a5effd
bfcc1b5632d2c069d79a8724f431b52174337619c2750f12399ec93066f9ae1a
bffb08be9cf63ca033232441d191efc57504eb569ae09441b1b9cbf0fbdb2366
c19455754ead9313cc2221c64f1c66e8378501d8099bdcb3d90bb0b1a170b5ec
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d20b25bc677c80b784d493a6759a86213366ac0ae01cffb669614ccf480e6877
dc1ec9e02f7fd28a008997a1e9ef0360dba6866fe21e7553cee19ad23c41901e
dd4f3c25f50a41ccf6a64fe4e7f0f832c562be787bd3640eab735e8ec4335251
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e21c2044b5c29601f48ac23c5c2aa8886a82a12daeffc733c5df01292bbd0d03
e220f86ca1dedc22ed5650694d8a720fb88ac4986ff07088c2e51389f2c1d8b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b1c5e5f2f9693e76bfb513fbab68305ca865fa225056fc241d0e5ae95da325
e6a5af2c8e228db8baf048b35cf7ffeddd1697612770af54a9ed6a3815f0c55a
e8b7fed088d0d77794ded0fb4833721c2665c53a807d67f44c617e63d4e0f329
ea70856da8845d823e663a4bb32dface1386422e7cf9b52454db138e5746d49d
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f4c149632880fcf5d757444734725c0c2428e4671045d2784a6030015464978f
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790
fbc2e461a97cbfda3d8ee8a3fe1b2709939425b62ffb8dfdef870e9f1a8564bc

application.forex.com Open in urlscan Pro 2606:4700::6812:1e5f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

89 %HTTPS

47 %IPv6

24 Domains

37 Subdomains

30 IPs

6 Countries

1590 kBTransfer

5583 kBSize

36 Cookies

0 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

application.forex.com Open in urlscan Pro
2606:4700::6812:1e5f Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

89 %
HTTPS

47 %
IPv6

24
Domains

37
Subdomains

30
IPs

6
Countries

1590 kB
Transfer

5583 kB
Size

36
Cookies

121 HTTP transactions
2 data transactions