Submitted URL: https://account.forex.com//
Effective URL: https://account.forex.com/account/login?ReturnUrl=%2F
Submission: On August 29 via api from US — Scanned from DE

Summary

This website contacted 17 IPs in 4 countries across 9 domains to perform 53 HTTP transactions. The main IP is 2606:4700::6812:1e5f, located in United States and belongs to CLOUDFLARENET, US. The main domain is account.forex.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 5th 2022. Valid for: a year.
This is the only time account.forex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
18 forex.com
account.forex.com
197 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 9
region1.analytics.google.com — Cisco Umbrella Rank: 5695
ampcid.google.com — Cisco Umbrella Rank: 1867
25 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
533 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6076
ampcid.google.de — Cisco Umbrella Rank: 56069
1 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 619
script.hotjar.com — Cisco Umbrella Rank: 853
vars.hotjar.com — Cisco Umbrella Rank: 858
in.hotjar.com — Cisco Umbrella Rank: 1567
71 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
283 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 108
398 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
20 KB
3 monetate.net
se.monetate.net — Cisco Umbrella Rank: 5358
ad.monetate.net — Cisco Umbrella Rank: 28103
63 KB
53 9
Domain Requested by
18 account.forex.com 1 redirects account.forex.com
6 www.gstatic.com www.google.com
www.gstatic.com
6 www.google.com account.forex.com
www.gstatic.com
www.google.com
4 www.googletagmanager.com account.forex.com
www.googletagmanager.com
3 www.google.de account.forex.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 se.monetate.net account.forex.com
se.monetate.net
1 fonts.gstatic.com www.google.com
1 in.hotjar.com script.hotjar.com
1 ampcid.google.de www.google-analytics.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 ampcid.google.com www.google-analytics.com
1 region1.analytics.google.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 ad.monetate.net se.monetate.net
53 17

This site contains links to these domains. Also see Links.

Domain
trade.loginandtrade.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-01-05 -
2023-01-05
a year crt.sh
www.monetate.net
DigiCert TLS RSA SHA256 2020 CA1
2022-07-02 -
2023-07-06
a year crt.sh
www.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
www.google.de
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.google.de
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh

This page contains 4 frames:

Primary Page: https://account.forex.com/account/login?ReturnUrl=%2F
Frame ID: 9124789E781F643E5D81E6BD5892802C
Requests: 43 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdFt4ZAAAAAAAERACEae5iK3pd79L9US4T1J4_&co=aHR0cHM6Ly9hY2NvdW50LmZvcmV4LmNvbTo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=normal&cb=t75lu7jo6jcj
Frame ID: 159AE8CFF5886A0C7D4570190B77C7E6
Requests: 8 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Frame ID: 7D8404D799CFD5C36BE261BA0EE12C3F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&k=6LcdFt4ZAAAAAAAERACEae5iK3pd79L9US4T1J4_
Frame ID: 737C5FC061BC7E764FD33657F71E2419
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Secure MyAccount Login - Forex.com

Page URL History Show full URLs

  1. https://account.forex.com// HTTP 302
    https://account.forex.com/account/login?ReturnUrl=%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

53
Requests

100 %
HTTPS

69 %
IPv6

9
Domains

17
Subdomains

17
IPs

4
Countries

1194 kB
Transfer

3319 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://account.forex.com// HTTP 302
    https://account.forex.com/account/login?ReturnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
account.forex.com/account/
Redirect Chain
  • https://account.forex.com//
  • https://account.forex.com/account/login?ReturnUrl=%2F
9 KB
3 KB
Document
General
Full URL
https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb0207e881450c26e04c685155a951cc4465a78790b09104a3fa60c63bd79c5
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
742521710be79b21-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Aug 2022 12:01:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
x-frame-options
DENY

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
742521704ac99b21-FRA
content-length
0
date
Mon, 29 Aug 2022 12:01:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://account.forex.com/account/login?ReturnUrl=%2F
server
cloudflare
MyAccountCommonUI
account.forex.com/bundles/
143 KB
23 KB
Stylesheet
General
Full URL
https://account.forex.com/bundles/MyAccountCommonUI?v=fe0RsKIo1P-U_wLB4F4zuUxPBLjbAR6lMtxz3V-ePok1
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d8d117f0d865b16bffb54987b05422e8292799ba9aaecdbe4bcf24eac88aa2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/account/login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Aug 2022 12:01:12 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
content-type
text/css; charset=utf-8
cache-control
public
cf-ray
742521720d589b21-FRA
server
cloudflare
expires
Tue, 29 Aug 2023 12:01:12 GMT
FRXC
account.forex.com/css/
112 KB
18 KB
Stylesheet
General
Full URL
https://account.forex.com/css/FRXC?v=KcCpIXhAdQufHvT9TcxD4Tjbkiqp5rZtQXvzc9oqaJU1
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63d7c95a1fb3032fe5d589ac69db6874846a24725d8bf01fc35dccff9702e92b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/account/login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Aug 2022 12:01:12 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
content-type
text/css; charset=utf-8
cache-control
public
cf-ray
742521720d5e9b21-FRA
server
cloudflare
expires
Tue, 29 Aug 2023 12:01:12 GMT
Modernizr
account.forex.com/bundles/
11 KB
4 KB
Script
General
Full URL
https://account.forex.com/bundles/Modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/account/login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Aug 2022 12:01:12 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
cf-ray
742521720d629b21-FRA
server
cloudflare
expires
Tue, 29 Aug 2023 12:01:12 GMT
entry.js
se.monetate.net/js/2/a-7f76b3d0/p/account.forex.com/
6 KB
3 KB
Script
General
Full URL
https://se.monetate.net/js/2/a-7f76b3d0/p/account.forex.com/entry.js
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.231.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-231-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7d590a0e91fecbf46e78d1038747302eb0e74033d83f6ac7200ec978ecb85bce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
last-modified
Sun, 21 Aug 2022 05:40:23 GMT
server
AkamaiNetStorage
etag
"1058bb7698bcd080f116b5cc8b3bb113:1661060423.243127"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
2953
JQuery
account.forex.com/bundles/
98 KB
35 KB
Script
General
Full URL
https://account.forex.com/bundles/JQuery?v=bIucIs35Es2LariM3UsXrO9jALaN5DUulN0BIfcqwhw1
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15a0e4c2eae6371d1d0d39e792dba1c09bd9ff306d6d915dfeeeff97db62ace4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/account/login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Aug 2022 12:01:12 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
cf-ray
742521720d649b21-FRA
server
cloudflare
expires
Tue, 29 Aug 2023 12:01:12 GMT
Bootstrap
account.forex.com/bundles/
49 KB
13 KB
Script
General
Full URL
https://account.forex.com/bundles/Bootstrap?v=lqfHLqrUvYLN0CMPa3s1ObP_ZQputvYYTYiefkVSsfg1
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc4a645c9c654cac3c5e87a4eba779f398ae6c272dbd19bae3effc095ef73f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/account/login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Aug 2022 12:01:12 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
cf-ray
742521720d659b21-FRA
server
cloudflare
expires
Tue, 29 Aug 2023 12:01:12 GMT
JQueryval
account.forex.com/bundles/
32 KB
10 KB
Script
General
Full URL
https://account.forex.com/bundles/JQueryval?v=zx8kaqr6q6CK8-fpwF0gJd_oS0O8Zbp2vDwplKDn06w1
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73f294141fce7243c2a73cca099497772c1f88d1b2b6dc7e2188b394041c4311

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/account/login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Aug 2022 12:01:12 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
cf-ray
742521720d679b21-FRA
server
cloudflare
expires
Tue, 29 Aug 2023 12:01:12 GMT
requesthelper.js
account.forex.com/Scripts/myaccount/typescripts/helpers/
10 KB
2 KB
Script
General
Full URL
https://account.forex.com/Scripts/myaccount/typescripts/helpers/requesthelper.js
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59114b8bf636655e272e052a0b2a4b105f7d54d8b727e0e1592cd829e741b4b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/account/login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Aug 2022 08:55:08 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
age
7111
etag
W/"03e7d17b2d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
742521720d699b21-FRA
server
cloudflare
expires
Mon, 29 Aug 2022 14:01:12 GMT
ServiceBase.js
account.forex.com/Scripts/myaccount/typescripts/Services/
3 KB
821 B
Script
General
Full URL
https://account.forex.com/Scripts/myaccount/typescripts/Services/ServiceBase.js
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ec71061fb1e74e662d7bdfd8e335f1b83c67172a6b57b8d361521e4352385e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/account/login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Aug 2022 08:55:08 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
age
7111
etag
W/"03e7d17b2d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
742521720d6a9b21-FRA
server
cloudflare
expires
Mon, 29 Aug 2022 14:01:12 GMT
TrackingService.js
account.forex.com/Scripts/myaccount/typescripts/Services/
11 KB
2 KB
Script
General
Full URL
https://account.forex.com/Scripts/myaccount/typescripts/Services/TrackingService.js
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d74bd8b0493d6049f732135d1e2977dc894fcbe010f96f512755bac2e113d128

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/account/login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Aug 2022 08:55:08 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
age
7111
etag
W/"03e7d17b2d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
742521720d6d9b21-FRA
server
cloudflare
expires
Mon, 29 Aug 2022 14:01:12 GMT
pwd.js
account.forex.com/Scripts/myaccount/common/helpers/
541 B
358 B
Script
General
Full URL
https://account.forex.com/Scripts/myaccount/common/helpers/pwd.js
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e69710b1c54d253b6e530be119e91465e28e15b86ebae6ea37fa5b4b7793cc7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/account/login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Aug 2022 08:50:28 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
age
7111
etag
W/"0a2226616b2d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
742521720d6e9b21-FRA
server
cloudflare
expires
Mon, 29 Aug 2022 14:01:12 GMT
documentReady.js
account.forex.com/Scripts/myaccount/common/
64 B
143 B
Script
General
Full URL
https://account.forex.com/Scripts/myaccount/common/documentReady.js
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8894a50904a3b6254d653760fd412cd7ce98c4c634f50ebd9b6d88e5049be2bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/account/login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Aug 2022 08:50:28 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
age
7111
etag
W/"0a2226616b2d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
742521724dc59b21-FRA
server
cloudflare
expires
Mon, 29 Aug 2022 14:01:12 GMT
api.js
www.google.com/recaptcha/
909 B
993 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
de160e8334b5ab18a722c6b0d8e6d918211334c7343b63ae380f9b409c7b43fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
580
x-xss-protection
1; mode=block
expires
Mon, 29 Aug 2022 12:01:12 GMT
GothamNarrow-Book.woff
account.forex.com/fonts/
32 KB
32 KB
Font
General
Full URL
https://account.forex.com/fonts/GothamNarrow-Book.woff
Requested by
Host: account.forex.com
URL: https://account.forex.com/css/FRXC?v=KcCpIXhAdQufHvT9TcxD4Tjbkiqp5rZtQXvzc9oqaJU1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6a5af2c8e228db8baf048b35cf7ffeddd1697612770af54a9ed6a3815f0c55a

Request headers

Referer
https://account.forex.com/css/FRXC?v=KcCpIXhAdQufHvT9TcxD4Tjbkiqp5rZtQXvzc9oqaJU1
Origin
https://account.forex.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Aug 2022 08:50:28 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
age
7047
etag
W/"0a2226616b2d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
cache-control
public, max-age=7200
cf-ray
742521730eda9b21-FRA
server
cloudflare
expires
Mon, 29 Aug 2022 14:01:12 GMT
custom.js
se.monetate.net/js/3/a-7f76b3d0/p/account.forex.com/t1590480046/61a45a47a99a0014/
178 KB
60 KB
Script
General
Full URL
https://se.monetate.net/js/3/a-7f76b3d0/p/account.forex.com/t1590480046/61a45a47a99a0014/custom.js
Requested by
Host: se.monetate.net
URL: https://se.monetate.net/js/2/a-7f76b3d0/p/account.forex.com/entry.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.231.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-231-57.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fbd843bb54c3995573024070c3d5bf156f78865cff62c54bb4ac95a79b626940

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
last-modified
Sun, 21 Aug 2022 05:40:19 GMT
server
AkamaiNetStorage
etag
"993590dd397d36cf74b58c6ec9f44b94:1661060419.473967"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
gtm.js
www.googletagmanager.com/
287 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K985GN
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8cc3b970036196a0fec6a702e67a0fb425987bd89cab10c8fbce8d18b8d18f84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86215
x-xss-protection
0
expires
Mon, 29 Aug 2022 12:01:12 GMT
gtm.js
www.googletagmanager.com/
153 KB
55 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-54HXRWV
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
50a89ae4a2eca870560e5fd727dbe648e253dc8f1e38b3445fddbd1d98771e4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56355
x-xss-protection
0
expires
Mon, 29 Aug 2022 12:01:12 GMT
logo-forex.com.svg
account.forex.com/content/img/
3 KB
1 KB
Image
General
Full URL
https://account.forex.com/content/img/logo-forex.com.svg
Requested by
Host: account.forex.com
URL: https://account.forex.com/css/FRXC?v=KcCpIXhAdQufHvT9TcxD4Tjbkiqp5rZtQXvzc9oqaJU1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b7fed088d0d77794ded0fb4833721c2665c53a807d67f44c617e63d4e0f329

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/css/FRXC?v=KcCpIXhAdQufHvT9TcxD4Tjbkiqp5rZtQXvzc9oqaJU1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Aug 2022 08:50:26 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
age
7047
etag
W/"075f16416b2d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=7200
cf-ray
742521734f319b21-FRA
server
cloudflare
expires
Mon, 29 Aug 2022 14:01:12 GMT
ico-show-password.svg
account.forex.com/content/img/
12 KB
2 KB
Image
General
Full URL
https://account.forex.com/content/img/ico-show-password.svg
Requested by
Host: account.forex.com
URL: https://account.forex.com/css/FRXC?v=KcCpIXhAdQufHvT9TcxD4Tjbkiqp5rZtQXvzc9oqaJU1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f6f67bddcae78ba024539257ffd798f5cc2097a2d09884ce41cd692c1c98fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/css/FRXC?v=KcCpIXhAdQufHvT9TcxD4Tjbkiqp5rZtQXvzc9oqaJU1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Aug 2022 08:50:26 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
age
7047
etag
W/"075f16416b2d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=7200
cf-ray
742521734f339b21-FRA
server
cloudflare
expires
Mon, 29 Aug 2022 14:01:12 GMT
GothamNarrow-Medium.woff
account.forex.com/fonts/
32 KB
32 KB
Font
General
Full URL
https://account.forex.com/fonts/GothamNarrow-Medium.woff
Requested by
Host: account.forex.com
URL: https://account.forex.com/css/FRXC?v=KcCpIXhAdQufHvT9TcxD4Tjbkiqp5rZtQXvzc9oqaJU1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58667d018907bbcca2260bf481ad115202a70733db44f6a48f4a6ae901307ec7

Request headers

Referer
https://account.forex.com/css/FRXC?v=KcCpIXhAdQufHvT9TcxD4Tjbkiqp5rZtQXvzc9oqaJU1
Origin
https://account.forex.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Aug 2022 08:50:28 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
age
7111
etag
W/"0a2226616b2d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
cache-control
public, max-age=7200
cf-ray
742521734f359b21-FRA
server
cloudflare
expires
Mon, 29 Aug 2022 14:01:12 GMT
framework-icons.woff
account.forex.com/fonts/
33 KB
18 KB
Font
General
Full URL
https://account.forex.com/fonts/framework-icons.woff
Requested by
Host: account.forex.com
URL: https://account.forex.com/css/FRXC?v=KcCpIXhAdQufHvT9TcxD4Tjbkiqp5rZtQXvzc9oqaJU1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77a1c783915c7d1991a358d9e74ae59c8825d497c5afaea7e4e697552f594922

Request headers

Referer
https://account.forex.com/css/FRXC?v=KcCpIXhAdQufHvT9TcxD4Tjbkiqp5rZtQXvzc9oqaJU1
Origin
https://account.forex.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Aug 2022 08:50:30 GMT
accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Viewport-Width, Width
age
4921
etag
W/"0cf536716b2d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
cache-control
public, max-age=7200
cf-ray
742521734f3d9b21-FRA
server
cloudflare
expires
Mon, 29 Aug 2022 14:01:12 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/
391 KB
156 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.forex.com/
Origin
https://account.forex.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:41:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159350
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Aug 2023 11:41:47 GMT
1482211791-0
ad.monetate.net/trk/4/s/a-7f76b3d0/p/account.forex.com/
105 B
336 B
Script
General
Full URL
https://ad.monetate.net/trk/4/s/a-7f76b3d0/p/account.forex.com/1482211791-0?mr=t1590480046&mi=%272.67153970.1661774472167%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1600&sh=1200&sc=24&j=!f&u=%27https://account.forex.com/account/login%3FReturnUrl%3D%252F%27&fl=!f&hvc=!t&eoq=!t
Requested by
Host: se.monetate.net
URL: https://se.monetate.net/js/3/a-7f76b3d0/p/account.forex.com/t1590480046/61a45a47a99a0014/custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.231.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-231-57.deploy.static.akamaitechnologies.com
Software
Monetate /
Resource Hash
295338bfd676cef898dc2b2a072c658bc3faf0bd3642ec0ee167326beffafb91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
server
Monetate
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store
server-timing
total;dur=87.1
timing-allow-origin
*
content-length
110
expires
Mon, 29 Aug 2022 12:01:12 GMT
js
www.googletagmanager.com/gtag/
202 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XPZTRCXSST&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54HXRWV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ee6f739e8a6c1f7fe0891de178daf20d7b0465fabcec821991627569b9b96252
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73113
x-xss-protection
0
expires
Mon, 29 Aug 2022 12:01:12 GMT
destination
www.googletagmanager.com/gtag/
202 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-XPZTRCXSST&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54HXRWV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
667a1a3f06516e2809a3cbd234cc35912a4bb2535fb2a7ba2cbab91387f4bb90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73119
x-xss-protection
0
expires
Mon, 29 Aug 2022 12:01:12 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K985GN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3552
date
Mon, 29 Aug 2022 11:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 29 Aug 2022 13:02:00 GMT
hotjar-1082258.js
static.hotjar.com/c/
40 KB
5 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1082258.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K985GN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-91.fra56.r.cloudfront.net
Software
/
Resource Hash
6d668297bf5bb9eba7e87ebded25683f9a950b42b490aa7549bb7e2d0b31b6c4
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-C1
etag
W/9a248dd2f5e9eaa2f663911b19d8d3cb
strict-transport-security
max-age=86400; includeSubDomains
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-amz-cf-id
M99T9rPB3I4UpvFwonbp_cg0d39tE7Jjy-IibfYE1s-1sHou5RR4Pw==
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
collect
region1.analytics.google.com/g/
0
348 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-XPZTRCXSST&gtm=2oe8o0&_p=898682809&_gaz=1&cid=1279243068.1661774472&ul=en-us&sr=1600x1200&ir=1&_eu=Q&_z=ccd.v9B&_s=1&dl=https%3A%2F%2Faccount.forex.com%2Faccount%2Flogin&sid=1661774472&sct=1&seg=0&dt=Secure%20MyAccount%20Login%20-%20Forex.com&en=page_view&_fv=1&_nsi=1&_ss=2&ep.environment=live
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XPZTRCXSST&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 12:01:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.forex.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
348 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XPZTRCXSST&cid=1279243068.1661774472&gtm=2oe8o0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XPZTRCXSST&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 12:01:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.forex.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XPZTRCXSST&cid=1279243068.1661774472&gtm=2oe8o0&aip=1&z=1313590639
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 12:01:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 159A
42 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdFt4ZAAAAAAAERACEae5iK3pd79L9US4T1J4_&co=aHR0cHM6Ly9hY2NvdW50LmZvcmV4LmNvbTo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=normal&cb=t75lu7jo6jcj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7283c156c6efc397880e9a82fb268e3e80230bce43fea72059615c1a14a99354
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rhrkFSGbBrNI5fAD7OS5LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.forex.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22600
content-security-policy
script-src 'report-sample' 'nonce-rhrkFSGbBrNI5fAD7OS5LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 12:01:12 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
publisher:getClientId
ampcid.google.com/v1/
74 B
533 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://account.forex.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://account.forex.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
modules.5cffd253af12af6303c3.js
script.hotjar.com/
252 KB
65 KB
Script
General
Full URL
https://script.hotjar.com/modules.5cffd253af12af6303c3.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1082258.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
37aae008e58ea24d2870957c62800093d8873d8503831378d7e2dcd973cfa457
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 15:26:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
333305
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
65635
access-control-allow-origin
*
last-modified
Thu, 25 Aug 2022 15:25:42 GMT
etag
"d238d4598decd6e7569c2a502a453757"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Z96fKUXHILfrnCNSFERhQCRqRkMGVkOHsxrRBlIqzUBFpyfoeiKbaw==
box-1ada912494ba7fc7aca15fcef1c2a7ae.html
vars.hotjar.com/ Frame 7D84
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1082258.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-29.fra60.r.cloudfront.net
Software
/
Resource Hash
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://account.forex.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4073286
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 08:33:06 GMT
etag
"0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified
Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
x-amz-cf-id
MUSag7pleXIpvl7fwtS3w6BJlBaatsCPj8D8Ca8YadQG1cuJdLXwtQ==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
styles__ltr.css
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame 159A
52 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdFt4ZAAAAAAAERACEae5iK3pd79L9US4T1J4_&co=aHR0cHM6Ly9hY2NvdW50LmZvcmV4LmNvbTo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=normal&cb=t75lu7jo6jcj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Aug 2023 11:07:42 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame 159A
391 KB
156 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdFt4ZAAAAAAAERACEae5iK3pd79L9US4T1J4_&co=aHR0cHM6Ly9hY2NvdW50LmZvcmV4LmNvbTo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=normal&cb=t75lu7jo6jcj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:41:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159350
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Aug 2023 11:41:47 GMT
publisher:getClientId
ampcid.google.de/v1/
3 B
462 B
XHR
General
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://account.forex.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 29 Aug 2022 12:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://account.forex.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
visit-data
in.hotjar.com/api/v2/client/sites/1082258/
148 B
322 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/1082258/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5cffd253af12af6303c3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.240.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-240-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
47f866be06afeedbb11f7dafe75b1ddb58fd9e1f7219b95de1af57454d63230c

Request headers

Referer
https://account.forex.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 29 Aug 2022 12:01:13 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=898682809&t=pageview&_s=1&dl=https%3A%2F%2Faccount.forex.com%2Faccount%2Flogin%3FReturnUrl%3D%2F&ul=en-us&de=UTF-8&dt=Secure%20MyAccount%20Login%20-%20Forex.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAQCAC~&jid=730366011&gjid=143661771&cid=1279243068.1661774472&tid=UA-84589865-40&_gid=1245117954.1661774473&_r=1&gtm=2wg8o0K985GN&cd66=&cd68=2022-08-29T12%3A01%3A12.435%2B00%3A00&cd2=1279243068.1661774472&z=1423157305
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.forex.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 12:01:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.forex.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 159A
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 159A
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 159A
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:59:48 GMT
x-content-type-options
nosniff
age
493284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 30 Aug 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 159A
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdFt4ZAAAAAAAERACEae5iK3pd79L9US4T1J4_&co=aHR0cHM6Ly9hY2NvdW50LmZvcmV4LmNvbTo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=normal&cb=t75lu7jo6jcj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 11:18:05 GMT
x-content-type-options
nosniff
age
520988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Aug 2023 11:18:05 GMT
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-84589865-40&cid=1279243068.1661774472&jid=730366011&gjid=143661771&_gid=1245117954.1661774473&_u=YADAAAAAAAQCAC~&z=1729175175
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://account.forex.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 29 Aug 2022 12:01:13 GMT
content-type
text/plain
access-control-allow-origin
https://account.forex.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 737C
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&k=6LcdFt4ZAAAAAAAERACEae5iK3pd79L9US4T1J4_
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6fb4a9e440de3215c09a12598027095aacac81bb474ce7e528e98c9517e94c81
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DnTKl6MrXl1LjYSC4q18ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.forex.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1112
content-security-policy
script-src 'report-sample' 'nonce-DnTKl6MrXl1LjYSC4q18ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 29 Aug 2022 12:01:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
webworker.js
www.google.com/recaptcha/api2/ Frame 159A
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=3TZgZIog-UsaFDv31vC4L9R_
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdFt4ZAAAAAAAERACEae5iK3pd79L9US4T1J4_&co=aHR0cHM6Ly9hY2NvdW50LmZvcmV4LmNvbTo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=normal&cb=t75lu7jo6jcj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5f431019dbc02c29358a84d7071317fa5c496bf3f934e5f0bcc65a3ae68a5620
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdFt4ZAAAAAAAERACEae5iK3pd79L9US4T1J4_&co=aHR0cHM6Ly9hY2NvdW50LmZvcmV4LmNvbTo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=normal&cb=t75lu7jo6jcj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 12:01:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 29 Aug 2022 12:01:13 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame 737C
52 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&k=6LcdFt4ZAAAAAAAERACEae5iK3pd79L9US4T1J4_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3211
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Aug 2023 11:07:42 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame 737C
391 KB
156 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&k=6LcdFt4ZAAAAAAAERACEae5iK3pd79L9US4T1J4_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 11:41:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159350
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Aug 2023 11:41:47 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-84589865-40&cid=1279243068.1661774472&jid=730366011&_u=YADAAAAAAAQCAC~&z=397995248
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 12:01:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-84589865-40&cid=1279243068.1661774472&jid=730366011&_u=YADAAAAAAAQCAC~&z=397995248
Requested by
Host: account.forex.com
URL: https://account.forex.com/account/login?ReturnUrl=%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 12:01:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=898682809&t=event&ni=1&_s=1&dl=https%3A%2F%2Faccount.forex.com%2Faccount%2Flogin%3FReturnUrl%3D%252F&ul=en-us&de=UTF-8&dt=Secure%20MyAccount%20Login%20-%20Forex.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Client%20ID&ea=1279243068.1661774472&el=%2Faccount%2Flogin&_u=aDHAAAABAAQCAC~&jid=83776953&gjid=366787165&cid=1279243068.1661774472&tid=UA-84589865-40&_gid=1245117954.1661774473&_r=1&gtm=2wg8o0K985GN&cd2=1279243068.1661774472&cd61=Undefined&z=557465542
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://account.forex.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 12:01:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.forex.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-84589865-40&cid=1279243068.1661774472&jid=83776953&gjid=366787165&_gid=1245117954.1661774473&_u=aDHAAAABAAQCAC~&z=1914589126
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://account.forex.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 29 Aug 2022 12:01:13 GMT
content-type
text/plain
access-control-allow-origin
https://account.forex.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-84589865-40&cid=1279243068.1661774472&jid=83776953&_u=aDHAAAABAAQCAC~&z=1927260969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 12:01:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-84589865-40&cid=1279243068.1661774472&jid=83776953&_u=aDHAAAABAAQCAC~&z=1927260969
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.forex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 12:01:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| html5 object| Modernizr number| monetateT object| monetate object| dataLayer function| $ function| jQuery object| respond function| foolproof function| __awaiter function| __generator object| Gain function| __extends object| myAccount function| validateLoginForm function| onloadCallback function| onSuccessCallback function| onExpirationCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| monetateQ object| google_tag_manager function| gtag function| postscribe object| google_tag_manager_external object| google_tag_data string| currentHostName string| GoogleAnalyticsObject function| ga function| readCookie function| createCookie function| setCookie function| getCookie function| hj object| _hjSettings undefined| accountStatus undefined| applType undefined| device undefined| fromApp function| LoadContinueTracking function| SendGAEvent function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| closure_lm_996307 object| gaplugins object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaData

18 Cookies

Domain/Path Name / Value
account.forex.com/ Name: BIGipServerZnwrxsKA0MdYFuSj6t2W9A
Value: !ZhCMSEIW6f2XToqSqw3V4drRQqSfXJY8qe/6KCAsxSiMsboO2OYUUYcFUQk9Azt88sCuEiN8Qe5oqg==
account.forex.com/ Name: __RequestVerificationToken
Value: 0RniEUUUOzbZcVaCHmjANoG4rqOLSg9DqiGFd3Am-Zrw9pkxH_0pCfudJHsem9JMx7ysPDzLheM5EL7oGJF1X2X4owk1
.account.forex.com/ Name: mt.v
Value: 2.67153970.1661774472167
.forex.com/ Name: _gcl_au
Value: 1.1.1623343862.1661774472
.account.forex.com/ Name: pageviewCount
Value: 1
.forex.com/ Name: _ga_XPZTRCXSST
Value: GS1.1.1661774472.1.0.1661774472.60.0.0
.forex.com/ Name: _ga
Value: GA1.1.1279243068.1661774472
.forex.com/ Name: _hjSessionUser_1082258
Value: eyJpZCI6IjUwODczNGY2LTkxYjQtNTQ4Zi1hYjI2LWYyNjNkZDExZWYxZiIsImNyZWF0ZWQiOjE2NjE3NzQ0NzI4NjcsImV4aXN0aW5nIjpmYWxzZX0=
.forex.com/ Name: _hjFirstSeen
Value: 1
account.forex.com/ Name: _hjIncludedInSessionSample
Value: 0
.forex.com/ Name: _hjSession_1082258
Value: eyJpZCI6IjI4OGQ4ZTYwLTM0ZWYtNDYwNi04MzIxLTdiZmNmYTVlMTM4OCIsImNyZWF0ZWQiOjE2NjE3NzQ0NzI4ODEsImluU2FtcGxlIjpmYWxzZX0=
account.forex.com/ Name: _hjIncludedInPageviewSample
Value: 1
.forex.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.forex.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.account.forex.com/ Name: _ga
Value: GA1.3.1279243068.1661774472
.account.forex.com/ Name: _gid
Value: GA1.3.1245117954.1661774473
.account.forex.com/ Name: _gat
Value: 1
.account.forex.com/ Name: _gat_UA-84589865-40
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.forex.com
ad.monetate.net
ampcid.google.com
ampcid.google.de
fonts.gstatic.com
in.hotjar.com
region1.analytics.google.com
script.hotjar.com
se.monetate.net
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.111.231.57
18.66.147.29
2001:4860:4802:34::36
2606:4700::6812:1e5f
2a00:1450:4001:800::200e
2a00:1450:4001:801::2004
2a00:1450:4001:803::2003
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9a
34.255.240.59
52.222.236.122
65.9.66.91
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
15a0e4c2eae6371d1d0d39e792dba1c09bd9ff306d6d915dfeeeff97db62ace4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
295338bfd676cef898dc2b2a072c658bc3faf0bd3642ec0ee167326beffafb91
30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf
37aae008e58ea24d2870957c62800093d8873d8503831378d7e2dcd973cfa457
39f6f67bddcae78ba024539257ffd798f5cc2097a2d09884ce41cd692c1c98fb
3d8d117f0d865b16bffb54987b05422e8292799ba9aaecdbe4bcf24eac88aa2c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
47f866be06afeedbb11f7dafe75b1ddb58fd9e1f7219b95de1af57454d63230c
50a89ae4a2eca870560e5fd727dbe648e253dc8f1e38b3445fddbd1d98771e4f
58667d018907bbcca2260bf481ad115202a70733db44f6a48f4a6ae901307ec7
59114b8bf636655e272e052a0b2a4b105f7d54d8b727e0e1592cd829e741b4b5
5f431019dbc02c29358a84d7071317fa5c496bf3f934e5f0bcc65a3ae68a5620
63d7c95a1fb3032fe5d589ac69db6874846a24725d8bf01fc35dccff9702e92b
667a1a3f06516e2809a3cbd234cc35912a4bb2535fb2a7ba2cbab91387f4bb90
6d668297bf5bb9eba7e87ebded25683f9a950b42b490aa7549bb7e2d0b31b6c4
6fb4a9e440de3215c09a12598027095aacac81bb474ce7e528e98c9517e94c81
7283c156c6efc397880e9a82fb268e3e80230bce43fea72059615c1a14a99354
73f294141fce7243c2a73cca099497772c1f88d1b2b6dc7e2188b394041c4311
77a1c783915c7d1991a358d9e74ae59c8825d497c5afaea7e4e697552f594922
7d590a0e91fecbf46e78d1038747302eb0e74033d83f6ac7200ec978ecb85bce
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8894a50904a3b6254d653760fd412cd7ce98c4c634f50ebd9b6d88e5049be2bb
8cc3b970036196a0fec6a702e67a0fb425987bd89cab10c8fbce8d18b8d18f84
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
9eb0207e881450c26e04c685155a951cc4465a78790b09104a3fa60c63bd79c5
9ec71061fb1e74e662d7bdfd8e335f1b83c67172a6b57b8d361521e4352385e3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cc4a645c9c654cac3c5e87a4eba779f398ae6c272dbd19bae3effc095ef73f8c
d74bd8b0493d6049f732135d1e2977dc894fcbe010f96f512755bac2e113d128
de160e8334b5ab18a722c6b0d8e6d918211334c7343b63ae380f9b409c7b43fa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69710b1c54d253b6e530be119e91465e28e15b86ebae6ea37fa5b4b7793cc7a
e6a5af2c8e228db8baf048b35cf7ffeddd1697612770af54a9ed6a3815f0c55a
e8b7fed088d0d77794ded0fb4833721c2665c53a807d67f44c617e63d4e0f329
ee6f739e8a6c1f7fe0891de178daf20d7b0465fabcec821991627569b9b96252
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbd843bb54c3995573024070c3d5bf156f78865cff62c54bb4ac95a79b626940