urlscan.io logo urlscan.io
SecurityTrails logo

forexclient.visiongroup.co.ug Open in urlscan Pro
170.187.146.79  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://forexclient.visiongroup.co.ug/
Effective URL: https://forexclient.visiongroup.co.ug/
Submission: On June 12 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 31 HTTP transactions. The main IP is 170.187.146.79, located in Atlanta, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is forexclient.visiongroup.co.ug.
TLS certificate: Issued by R3 on May 24th 2024. Valid for: 3 months.
This is the only time forexclient.visiongroup.co.ug was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 170.187.146.79 63949 (AKAMAI-LI...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 216.58.206.66 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 172.217.16.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
31 9
12    170.187.146.79 (Atlanta, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 170-187-146-79.ip.linodeusercontent.com
forexclient.visiongroup.co.ug
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
09341035376dbbdf8be0140c7884e726.safeframe.googlesyndication.com
3    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 136
09341035376dbbdf8be0140c7884e726.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 172
127 KB
12 visiongroup.co.ug
forexclient.visiongroup.co.ug
548 KB
2 gstatic.com
fonts.gstatic.com
16 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
174 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
11 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
852 B
31 6
Domain Requested by
12 forexclient.visiongroup.co.ug forexclient.visiongroup.co.ug
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
forexclient.visiongroup.co.ug
pagead2.googlesyndication.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 securepubads.g.doubleclick.net forexclient.visiongroup.co.ug
securepubads.g.doubleclick.net
1 09341035376dbbdf8be0140c7884e726.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdnjs.cloudflare.com forexclient.visiongroup.co.ug
1 fonts.googleapis.com forexclient.visiongroup.co.ug
31 8

This site contains no links.

Subject Issuer Validity Valid
forexclient.visiongroup.co.ug
R3		 2024-05-24 -
2024-08-22		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://forexclient.visiongroup.co.ug/
Frame ID: AA98DD99B5016AF16689A2D7D3F5BD63
Requests: 28 HTTP requests in this frame

Frame: https://09341035376dbbdf8be0140c7884e726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4D94B1A431C8CEEEA9404EB93E819608
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvIQKA6pZTYXaCH48yt-7Qy2myhZRlMlH6MLoA8jkb-gklUMyYlpGuX1AAVsJUrzUPSs8sy6bP2TrM7Eh0LN1ukaRc5RIYWgx4_Yd-duWiEsPXP-K8jXhCa6StPz49EZHvvXKJRmIlgDGPPtedcl6KwbkTdLhCopfNZBC1OVBIQZMGfojQ8ggKH3MrWmUOji5X7wMLVFc4I6gvLfjuhNdq7vzZKeWr6PqZuL9hMp7-JNGfuRTZ0vaH8tnsCZn7gn5eLw7nvDajAH0MtUQvdYm9UKakwp6VMYGCKTyq0fM_WaZf_FEH_ou2XYJZvDzQuRLUyEBfiA9-sN3HsW5ZQ1wKvDD35S9zsrG8QlrijYvaZnBrCjaynVeb5HnhtiQKe55N8NpYEHnhGJQ&sig=Cg0ArKJSzMXcm2FwdK8MEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 1BA1DBF9D2ECB73251754ECB60A95475
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7B1A010F74A9D316DC30F523F002BB5C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

New Vision Forex

Page URL History Show full URLs

  1. http://forexclient.visiongroup.co.ug/ HTTP 307
    https://forexclient.visiongroup.co.ug/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*id="__nuxt"
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

31
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

9
IPs

3
Countries

876 kB
Transfer

1538 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://forexclient.visiongroup.co.ug/ HTTP 307
    https://forexclient.visiongroup.co.ug/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
forexclient.visiongroup.co.ug/
Redirect Chain
  • http://forexclient.visiongroup.co.ug/
  • https://forexclient.visiongroup.co.ug/
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forexclient.visiongroup.co.ug/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.187.146.79 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-146-79.ip.linodeusercontent.com
Software
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9 /
Resource Hash
c26e243c740878c00413092dc9ed0783f2299fb0b78f3ea07b6a8c17cc7cccab

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
5693
Content-Type
text/html; charset=UTF-8
Date
Wed, 12 Jun 2024 10:58:52 GMT
ETag
"163d-616137fb4a9c0"
Keep-Alive
timeout=5, max=100
Last-Modified
Sun, 14 Apr 2024 19:27:43 GMT
Server
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9

Redirect headers

Location
https://forexclient.visiongroup.co.ug/
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/ 		2 KB
852 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap
Requested by
Host: forexclient.visiongroup.co.ug
URL: https://forexclient.visiongroup.co.ug/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ad451e8b28ec1e09590b92eff4648c1c79e5b369608d4331fc62745859a3fa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Origin
https://forexclient.visiongroup.co.ug
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2024 10:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 09:04:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jun 2024 10:58:52 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: forexclient.visiongroup.co.ug
URL: https://forexclient.visiongroup.co.ug/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 10:58:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
486870
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10462
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=06kE%2BXY%2B%2B%2BR4mZXd2YqKfp4aC8SIY8yOfHtTQtgjLerjIgtQZb98LF1uKj%2FnnGoP%2Bi7x1uKlO8J33So95ofjPqEJ3%2F8tpHa3%2B5YTAdmAs9S0F4HoAhKUKL%2By4BnfRca9TAsPuZbZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89295404f9f139c7-FRA
expires
Mon, 02 Jun 2025 10:58:52 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: forexclient.visiongroup.co.ug
URL: https://forexclient.visiongroup.co.ug/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
ff29a28a9b9a0ba829efb931a076e567516451d75801587519d66fbdc2c02f51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 10:58:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30870
x-xss-protection
0
server
cafe
etag
305 / 19886 / 31084477 / config-hash: 9620760999001427522
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 12 Jun 2024 10:58:52 GMT
_payload.json
forexclient.visiongroup.co.ug/ 		62 B
371 B 		Other
General
Check archive.org
Download Go to
Full URL
https://forexclient.visiongroup.co.ug/_payload.json
Requested by
Host: forexclient.visiongroup.co.ug
URL: https://forexclient.visiongroup.co.ug/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.187.146.79 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-146-79.ip.linodeusercontent.com
Software
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9 /
Resource Hash
3ae5d6b34d3a689e5cbd752a696c2860ef68fb21cc8b69dfc3c0293bf36ec385

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Origin
https://forexclient.visiongroup.co.ug
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 10:58:52 GMT
Last-Modified
Sun, 14 Apr 2024 19:27:43 GMT
Server
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9
ETag
"3e-616137fb4a9c0"
Content-Type
application/json
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
62
BkoqznMU.js
forexclient.visiongroup.co.ug/_nuxt/ 		150 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forexclient.visiongroup.co.ug/_nuxt/BkoqznMU.js
Requested by
Host: forexclient.visiongroup.co.ug
URL: https://forexclient.visiongroup.co.ug/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.187.146.79 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-146-79.ip.linodeusercontent.com
Software
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9 /
Resource Hash
906f154e3d9c7ca6130daa3f359a7b2d4b62ca826d99ebc0223e4cbbf3bdd0cc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Origin
https://forexclient.visiongroup.co.ug
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 10:58:52 GMT
Last-Modified
Sun, 14 Apr 2024 19:27:41 GMT
Server
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9
ETag
"25905-616137f962540"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
153861
DNALBvSw.js
forexclient.visiongroup.co.ug/_nuxt/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forexclient.visiongroup.co.ug/_nuxt/DNALBvSw.js
Requested by
Host: forexclient.visiongroup.co.ug
URL: https://forexclient.visiongroup.co.ug/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.187.146.79 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-146-79.ip.linodeusercontent.com
Software
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9 /
Resource Hash
3674645d6a6c4b9d0cd9f77d9be0a93e2d7f04c33148eed7a363751716fca25f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Origin
https://forexclient.visiongroup.co.ug
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 10:58:52 GMT
Last-Modified
Sun, 14 Apr 2024 19:27:41 GMT
Server
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9
ETag
"c8b-616137f962540"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3211
C9A1wbUB.js
forexclient.visiongroup.co.ug/_nuxt/ 		384 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forexclient.visiongroup.co.ug/_nuxt/C9A1wbUB.js
Requested by
Host: forexclient.visiongroup.co.ug
URL: https://forexclient.visiongroup.co.ug/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.187.146.79 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-146-79.ip.linodeusercontent.com
Software
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9 /
Resource Hash
ef1e62ce0150940fe0f91d48280cfea853c5320eb0eed440f4616eb9b280d22e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Origin
https://forexclient.visiongroup.co.ug
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 10:58:52 GMT
Last-Modified
Sun, 14 Apr 2024 19:27:41 GMT
Server
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9
ETag
"180-616137f962540"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
384
fSuK62Db.js
forexclient.visiongroup.co.ug/_nuxt/ 		245 KB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forexclient.visiongroup.co.ug/_nuxt/fSuK62Db.js
Requested by
Host: forexclient.visiongroup.co.ug
URL: https://forexclient.visiongroup.co.ug/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.187.146.79 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-146-79.ip.linodeusercontent.com
Software
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9 /
Resource Hash
ceaa10dadae0a0bd5e4832d82e768482198d6c3569048cbb8ee064a40bada6ed

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Origin
https://forexclient.visiongroup.co.ug
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 10:58:52 GMT
Last-Modified
Sun, 14 Apr 2024 19:27:41 GMT
Server
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9
ETag
"3d44e-616137f962540"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
250958
l_aa9i_m.js
forexclient.visiongroup.co.ug/_nuxt/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forexclient.visiongroup.co.ug/_nuxt/l_aa9i_m.js
Requested by
Host: forexclient.visiongroup.co.ug
URL: https://forexclient.visiongroup.co.ug/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.187.146.79 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-146-79.ip.linodeusercontent.com
Software
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Origin
https://forexclient.visiongroup.co.ug
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 10:58:52 GMT
Last-Modified
Sun, 14 Apr 2024 19:27:41 GMT
Server
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9
ETag
"198b-616137f962540"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6539
D0Dsj-y9.js
forexclient.visiongroup.co.ug/_nuxt/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forexclient.visiongroup.co.ug/_nuxt/D0Dsj-y9.js
Requested by
Host: forexclient.visiongroup.co.ug
URL: https://forexclient.visiongroup.co.ug/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.187.146.79 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-146-79.ip.linodeusercontent.com
Software
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Origin
https://forexclient.visiongroup.co.ug
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 10:58:52 GMT
Last-Modified
Sun, 14 Apr 2024 19:27:41 GMT
Server
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9
ETag
"76b-616137f962540"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1899
forexbackground.png
forexclient.visiongroup.co.ug/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forexclient.visiongroup.co.ug/forexbackground.png
Requested by
Host: forexclient.visiongroup.co.ug
URL: https://forexclient.visiongroup.co.ug/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.187.146.79 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-146-79.ip.linodeusercontent.com
Software
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9 /
Resource Hash
f9cbea3678ff4eb7ccdda3c0b164fbc3af14104841ce74417975510326b740e8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 10:58:52 GMT
Last-Modified
Thu, 21 Mar 2024 06:35:11 GMT
Server
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9
ETag
"1f9b2-61425e8b845c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
129458
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://forexclient.visiongroup.co.ug
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 10:34:27 GMT
x-content-type-options
nosniff
age
87865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 10:34:27 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://forexclient.visiongroup.co.ug
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 11:45:32 GMT
x-content-type-options
nosniff
age
83600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 11:45:32 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/ 		463 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js?cb=31084477
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
a61500a342875a17afc10c79e9c1596ae0e18182bf57f34390b4a68dad5ce1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 10:01:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
3419
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147345
x-xss-protection
0
server
cafe
etag
14651848665127099269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 12 Jun 2025 10:01:53 GMT
favicon.ico
forexclient.visiongroup.co.ug/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forexclient.visiongroup.co.ug/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.187.146.79 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-146-79.ip.linodeusercontent.com
Software
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9 /
Resource Hash
1057b17aec08a7191d134000203947f195a8aa7c84c39f1164cee8d01279762a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 10:58:53 GMT
Last-Modified
Tue, 19 Mar 2024 03:48:33 GMT
Server
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9
ETag
"10be-613fb591c2640"
Content-Type
image/vnd.microsoft.icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4286
ac5d1e27-55f2-4420-bc5d-2c0b47ff7858.json
forexclient.visiongroup.co.ug/_nuxt/builds/meta/ 		151 B
461 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://forexclient.visiongroup.co.ug/_nuxt/builds/meta/ac5d1e27-55f2-4420-bc5d-2c0b47ff7858.json
Requested by
Host: forexclient.visiongroup.co.ug
URL: https://forexclient.visiongroup.co.ug/_nuxt/BkoqznMU.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.187.146.79 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-146-79.ip.linodeusercontent.com
Software
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9 /
Resource Hash
2c22505ac4bec0eb4fac8badc89eb702a2ce79c27b302bf20f0c347a6ce65635

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 10:58:53 GMT
Last-Modified
Sun, 14 Apr 2024 19:27:43 GMT
Server
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9
ETag
"97-616137fb4a9c0"
Content-Type
application/json
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
151
get_forex_api.php
forexclient.visiongroup.co.ug/ 		312 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://forexclient.visiongroup.co.ug/get_forex_api.php
Requested by
Host: forexclient.visiongroup.co.ug
URL: https://forexclient.visiongroup.co.ug/_nuxt/DNALBvSw.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.187.146.79 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-146-79.ip.linodeusercontent.com
Software
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9 / PHP/8.1.25
Resource Hash
88a3960532e8f8d5412180e6a73bcd955e4f4506a1e0623f126b4a6a4fe1d8d3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 10:58:53 GMT
Server
Apache/2.4.58 (Fedora Linux) OpenSSL/3.0.9
X-Powered-By
PHP/8.1.25
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
truncated
/ 		830 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1d7eeef61038f399b31885c6ebfbab44954165ce471d0a1d5c902c860cb70c2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2a882a92139455e28267f5162dcbc8a145a19f510b8db51b45f432ff76f4886

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e352d8acb44622cf669a27ef20d991c87d060acd9b1640ecbf664b176bf2e994

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		701 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf916648517414e341d51a40821bfb3be8a487aa1c024c2d488d1bc2ee17fdef

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22789162765db4dbe50dd4254b1dd07745f1e85e66c867cdd5bfdeedf0bb5a32

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js?cb=31084477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
10e40058903254eee2252b959a6a4fc9c829a80e0f842fab12a46efeddb3b31f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 10:58:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12746
x-xss-protection
0
ads
pagead2.googlesyndication.com/gampad/ 		65 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=1533815378322931&correlator=496696696761793&eid=31083341%2C31084447%2C31084477%2C31078668&output=ldjh&gdfp_req=1&vrg=202406100101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=16375024%2C2024_NV_Forex_MPU4_534X534&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x150&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1718189933493&lmt=1713122863&adxs=175&adys=849&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fforexclient.visiongroup.co.ug%2F&vis=1&psz=-1x-1&msz=-1x-1&fws=4&ohw=200&ga_vid=2024217285.1718189933&ga_sid=1718189933&ga_hid=706844120&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1718189932271&idt=245&adks=1782538690&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js?cb=31084477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ae18d56dd7fbc5fdc07e2f13d96f28f77fe3ac16713cabab7f1b6854c53ee986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 10:58:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24471
x-xss-protection
0
google-lineitem-id
6736512870
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138478325880
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forexclient.visiongroup.co.ug
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
09341035376dbbdf8be0140c7884e726.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4D94 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://09341035376dbbdf8be0140c7884e726.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js?cb=31084477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://forexclient.visiongroup.co.ug/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 12 Jun 2024 10:58:53 GMT
expires
Wed, 12 Jun 2024 10:58:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
pagead2.googlesyndication.com/pcs/ Frame 1BA1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvIQKA6pZTYXaCH48yt-7Qy2myhZRlMlH6MLoA8jkb-gklUMyYlpGuX1AAVsJUrzUPSs8sy6bP2TrM7Eh0LN1ukaRc5RIYWgx4_Yd-duWiEsPXP-K8jXhCa6StPz49EZHvvXKJRmIlgDGPPtedcl6KwbkTdLhCopfNZBC1OVBIQZMGfojQ8ggKH3MrWmUOji5X7wMLVFc4I6gvLfjuhNdq7vzZKeWr6PqZuL9hMp7-JNGfuRTZ0vaH8tnsCZn7gn5eLw7nvDajAH0MtUQvdYm9UKakwp6VMYGCKTyq0fM_WaZf_FEH_ou2XYJZvDzQuRLUyEBfiA9-sN3HsW5ZQ1wKvDD35S9zsrG8QlrijYvaZnBrCjaynVeb5HnhtiQKe55N8NpYEHnhGJQ&sig=Cg0ArKJSzMXcm2FwdK8MEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: forexclient.visiongroup.co.ug
URL: https://forexclient.visiongroup.co.ug/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 10:58:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240606/r20110914/ Frame 1BA1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240606/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js?cb=31084477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
04eead6fba543424a1a18b93608e3dc5a21782d4d168c6777861becb9b98c3ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 20:39:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
51585
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9115
x-xss-protection
0
server
cafe
etag
17693735601268756984
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jun 2024 20:39:08 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240606/r20110914/client/ Frame 1BA1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240606/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js?cb=31084477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 20:39:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
51585
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Jun 2024 20:39:08 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1BA1 		212 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js?cb=31084477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
2227e728350805f64f21073d6f39f5ce2925fca04767cc47386071904f9bbfbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 10:45:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
819
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65961
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-7
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 12 Jun 2024 11:45:14 GMT
6208069876458739998
tpc.googlesyndication.com/simgad/ Frame 1BA1 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6208069876458739998
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js?cb=31084477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb63436283e4d71033ffe12d64d027d7f93aaef33d5fa208d0ca9e6f33dcd4c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 11 Jun 2025 09:40:38 GMT
date
Tue, 11 Jun 2024 09:40:38 GMT
x-content-type-options
nosniff
age
91095
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8879
x-xss-protection
0
last-modified
Sat, 08 Jun 2024 13:34:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 1BA1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c659b98e34705f5dc5d7f6e153f21c98f352979bdee9693caefdf8604a6e80d9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js?cb=31084477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 10:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 12 Jun 2024 10:58:53 GMT
view
pagead2.googlesyndication.com/pcs/ Frame 1BA1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstrD5VPmWOqXCPBeS80K9n99528_tVlji9xufdBJbPuBvBqdLr_qS0VCCQpXa-hfZxxIR7YI98D5NF0SQoq8tsmPH80g-yVICN__VcqVHCrGzohGriV63upePFtqqOGBG6eSSu5opKa2NvKnxEgsTl6CCdw-OGDfkcjBkbMd6Ggq9amX4djxXLq3JBWojDhSSVIENB1EwOw0J8-r3yZEyuLtpySe5VKAJg2Lh_OV9g-wWbDoigPyVmjvnp03YiMKrxF_qvjbDQj390I7MLElf5UvEf18moK-ShLJpdDFGBCQuDWbahV76iMJvaw2Eu6f8mRp288X_S1ubdYaB19uK1RZGBQ6r8B_Q4-wojpxx9b0-Jj9qdvEzXBCycdEm8wFdv7mTk_bFrTEu28&sig=Cg0ArKJSzFY3dYL5_U9kEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 10:58:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BA1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://forexclient.visiongroup.co.ug/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 10:58:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7B1A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://forexclient.visiongroup.co.ug/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
3620
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 12 Jun 2024 09:58:33 GMT
expires
Thu, 12 Jun 2025 09:58:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406100101&jk=1533815378322931&bg=!9vWl9brNAAb64txl2uI7ADQBe5WfOPTEYlzulR7e6HDWGfWbaQG61n8opQx63fcNVdU48MM5hiVW6DVq94pZJKg_SAxSAgAAAFFSAAAABWgBB34ANfxKcGKQz1C-vOP0lwAXfQkDnLFfHqkHwjFqtq7JgVp3aP1iF5a-mdxGpcqyiFZfEXFjNxC_mQKfm9fK55DLAt2ebuGCfpPze3YjvYWKjOrWBgMdVwt7_Jj4eFyNl0n_8tpvSqluQ2iTcK7RkE_5z_RkJBUpVnj0Z98oe879hHLsPPIucbNiFGwao6LmJhGlGo2dPtpWHcHY4Tsc5km7CPM9Qk1EkgJc8dx-6aEA5vsquSUVVncqKV0wakP9EkvzY6YBmsP0cCaCUSceSkpY2H1X8IKX4pdB0_8DmOsT2FyGStJdBpVkdlZRnrSCdIDUDrv2KUvQjtpFY_EZRKUMgAqM9N0QrJD1QYXkt6jrtH3g2g8NWA-eqyqtDEiHqYWlurNORm_TTAHompIBaTeNWYAwLylQrUtY7OwvSRgFt_WCp9y-sK5d831YSLCV-KmA-D5TpDHf2N7mmZPp78iUjOseFuJAYDUjR3CTQJV8Rg7DcB2YlyC_94HZuq8qdEbdofXo8WV761JJIWwWmJ5spsX9Ko_USxJlFKWiqiuuD6NXQycb8LI-_Cl6jokmo2HZkGTcN6hi-PyW2iBfiK4JUqqHd38CGXFuufu0i2aXCMekhRWrOnmOcBoI3pgj5i6LszzKm2yBHVeLq-riZCBRDdCp8qWY71WqRXCZeQUt8_p9H0Urc3lI1qUj5KVZ2jhb24Tkt1S8etLp8ZJu1M0p7epSwfKboXYFX_UJWHIxQpw4opo7nDKtuoDuFb-u1dDFLl-4Hrk1cPHkPxystvUh3-T2DxPg779LXpQ1jLBvmrkYRM37bo5jC3p45INC5iqedY6bjQxygwXwaiGm5h42A5AMdVlq0VdNhqMgzoo75dOSi6aEdb5myvvBy0Tplvw8PqRbjE2an-IBxH27JkIVHLykgUK1GODyuzRaVSw5NW7bnLWK1-a16VPS_86SwCPul64Y_AiTc9o

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| __NUXT__ object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ function| __buildAssetsURL function| __publicAssetsURL function| $fetch object| __unctx__ object| __unctx_async_handlers__ boolean| __VUE__ function| useNuxtApp function| __unhead_injection_handler__ number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.visiongroup.co.ug/ Name: __eoi
Value: ID=9a7693c1cc83ff89:T=1718189933:RT=1718189933:S=AA-Afjb56Cgjam5K0XeN3vmkolt3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

09341035376dbbdf8be0140c7884e726.safeframe.googlesyndication.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
forexclient.visiongroup.co.ug
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
104.17.24.14
170.187.146.79
172.217.16.194
216.58.206.66
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2003
2a00:1450:4001:827::2001
2a00:1450:4001:831::2001
04eead6fba543424a1a18b93608e3dc5a21782d4d168c6777861becb9b98c3ce
0ad451e8b28ec1e09590b92eff4648c1c79e5b369608d4331fc62745859a3fa8
1057b17aec08a7191d134000203947f195a8aa7c84c39f1164cee8d01279762a
10e40058903254eee2252b959a6a4fc9c829a80e0f842fab12a46efeddb3b31f
2227e728350805f64f21073d6f39f5ce2925fca04767cc47386071904f9bbfbc
22789162765db4dbe50dd4254b1dd07745f1e85e66c867cdd5bfdeedf0bb5a32
2c22505ac4bec0eb4fac8badc89eb702a2ce79c27b302bf20f0c347a6ce65635
347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40
3674645d6a6c4b9d0cd9f77d9be0a93e2d7f04c33148eed7a363751716fca25f
3ae5d6b34d3a689e5cbd752a696c2860ef68fb21cc8b69dfc3c0293bf36ec385
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
88a3960532e8f8d5412180e6a73bcd955e4f4506a1e0623f126b4a6a4fe1d8d3
906f154e3d9c7ca6130daa3f359a7b2d4b62ca826d99ebc0223e4cbbf3bdd0cc
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a2a882a92139455e28267f5162dcbc8a145a19f510b8db51b45f432ff76f4886
a61500a342875a17afc10c79e9c1596ae0e18182bf57f34390b4a68dad5ce1cd
ae18d56dd7fbc5fdc07e2f13d96f28f77fe3ac16713cabab7f1b6854c53ee986
c1d7eeef61038f399b31885c6ebfbab44954165ce471d0a1d5c902c860cb70c2
c26e243c740878c00413092dc9ed0783f2299fb0b78f3ea07b6a8c17cc7cccab
c659b98e34705f5dc5d7f6e153f21c98f352979bdee9693caefdf8604a6e80d9
cb63436283e4d71033ffe12d64d027d7f93aaef33d5fa208d0ca9e6f33dcd4c6
ceaa10dadae0a0bd5e4832d82e768482198d6c3569048cbb8ee064a40bada6ed
cf916648517414e341d51a40821bfb3be8a487aa1c024c2d488d1bc2ee17fdef
e352d8acb44622cf669a27ef20d991c87d060acd9b1640ecbf664b176bf2e994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1e62ce0150940fe0f91d48280cfea853c5320eb0eed440f4616eb9b280d22e
f9cbea3678ff4eb7ccdda3c0b164fbc3af14104841ce74417975510326b740e8
ff29a28a9b9a0ba829efb931a076e567516451d75801587519d66fbdc2c02f51