forexinvest.pro Open in urlscan Pro
5.183.95.77  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response forexinvest.pro/	5 KB 3 KB	96ms 7ms	Document text/html	5.183.95.77 ACCELERATED-IT
General Check archive.org Show headers Download Go to Full URL https://forexinvest.pro/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.183.95.77 Frankfurt am Main, Germany, ASN31400 (ACCELERATED-IT, DE), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 3c350b6644cd02ce0195fff926409b1199c7cfef722ad996e65db130cf4a3d43 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 11 Jul 2023 08:24:20 GMT ETag W/"64acea18-13eb" Last-Modified Tue, 11 Jul 2023 05:35:20 GMT Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked
GET H/1.1	200 OK	style.css forexinvest.pro/	2 KB 3 KB	7ms 6ms	Stylesheet text/css	5.183.95.77 ACCELERATED-IT
General Check archive.org Show headers Download Go to Full URL https://forexinvest.pro/style.css Requested by Host: forexinvest.pro URL: https://forexinvest.pro/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.183.95.77 Frankfurt am Main, Germany, ASN31400 (ACCELERATED-IT, DE), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash fc1aab062a43f1c821329d47a04a8551d79c84aa202c09d9ca492e2f89c63c54 Request headers accept-language de-DE,de;q=0.9 Referer https://forexinvest.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 11 Jul 2023 08:24:20 GMT Last-Modified Mon, 10 Jul 2023 19:16:00 GMT Server nginx/1.14.0 (Ubuntu) ETag "64ac58f0-99b" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 2459
GET H2	200	animate.min.css cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/	70 KB 5 KB	33ms 14ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css Requested by Host: forexinvest.pro URL: https://forexinvest.pro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://forexinvest.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 08:24:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 4278019 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 4216 last-modified Mon, 07 Sep 2020 12:33:38 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f5628a2-11846" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14q%2Fb0IDmJRb1%2BwEs8Is%2Fxry9hnEKMOxdeBnRm1jq9cv6fQN0JUNYwyQzFMduKjZRvPMhDbpk2ByXb6eEDPWeOOeppTDk8ZHuW6YqUEvJ2cNq9aX8l9qVr5fFfQUexWSqGn1FUkMWbvBMwY0fuqjNwXN"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7e4fa64a4a8a373a-FRA expires Sun, 30 Jun 2024 08:24:20 GMT
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/	152 KB 25 KB	42ms 7ms	Stylesheet text/css	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css Requested by Host: forexinvest.pro URL: https://forexinvest.pro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://forexinvest.pro/ Origin https://forexinvest.pro accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 11 Jul 2023 08:24:20 GMT x-content-type-options nosniff content-encoding br age 2587103 x-jsd-version 5.0.2 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 25360 x-served-by cache-fra-eddf8230079-FRA x-jsd-version-type version etag W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	tradinggif.gif media.tenor.com/T-zDRVK4XdQAAAAd/	4 MB 4 MB	289ms 221ms	Image image/gif	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://media.tenor.com/T-zDRVK4XdQAAAAd/tradinggif.gif Requested by Host: forexinvest.pro URL: https://forexinvest.pro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d4616e3e14f7b2f42d2bc3c7e37de853794996037be3d9e4aea370127d561d1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forexinvest.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 08:24:21 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3686773 x-xss-protection 0 last-modified Sun, 18 Apr 2021 07:28:42 GMT server sffe report-to {"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="media-tenor-team" expires Wed, 12 Jul 2023 08:24:21 GMT
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/	77 KB 24 KB	8ms 7ms	Script application/javascript	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js Requested by Host: forexinvest.pro URL: https://forexinvest.pro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://forexinvest.pro/ Origin https://forexinvest.pro accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 11 Jul 2023 08:24:20 GMT x-content-type-options nosniff content-encoding br age 4213055 x-jsd-version 5.0.2 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 23943 x-served-by cache-fra-eddf8230079-FRA x-jsd-version-type version etag W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	css2 fonts.googleapis.com/	9 KB 857 B	59ms 20ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,500;0,700;0,900;1,600&display=swap Requested by Host: forexinvest.pro URL: https://forexinvest.pro/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e8d02bedacda3df5a7a0493e2ea5b011b133e1732fdb751f91574a3647a66f60 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forexinvest.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 11 Jul 2023 08:24:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 11 Jul 2023 08:24:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 11 Jul 2023 08:24:20 GMT
GET H2	200	css2 fonts.googleapis.com/	2 KB 976 B	58ms 19ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Oswald:wght@500&display=swap Requested by Host: forexinvest.pro URL: https://forexinvest.pro/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3cee20e9e32fd568b9360359ab4d237f3e01d91055375ef69097a647cffd512a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forexinvest.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 11 Jul 2023 08:24:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 11 Jul 2023 07:05:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 11 Jul 2023 08:24:20 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	171 KB 47 KB	23ms 8ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: forexinvest.pro URL: https://forexinvest.pro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forexinvest.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 11 Jul 2023 08:24:20 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 46863 x-xss-protection 0 pragma public x-fb-debug MEZx069W9jU4PYRKks7iMs9y6InsPOJ/X0MuDPjuZAsSGLQvsflZiD91XnjQFHNOId4Stf4po2HvUyCj4DaLcA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	alert_bg.png forexinvest.pro/img/	2 MB 2 MB	13ms 13ms	Image image/png	5.183.95.77 ACCELERATED-IT
General Check archive.org Show headers Download Go to Show image Full URL https://forexinvest.pro/img/alert_bg.png Requested by Host: forexinvest.pro URL: https://forexinvest.pro/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.183.95.77 Frankfurt am Main, Germany, ASN31400 (ACCELERATED-IT, DE), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash a5b05384de5e4fcdd6ac698c46d19582ac6ca08ea323236bdd411b5e6dbbb30a Request headers accept-language de-DE,de;q=0.9 Referer https://forexinvest.pro/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 11 Jul 2023 08:24:20 GMT Last-Modified Mon, 10 Jul 2023 12:57:06 GMT Server nginx/1.14.0 (Ubuntu) ETag "64ac0022-192dbd" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1650109
GET DATA	200 OK	truncated /	273 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	global-financial-investment-stock-business-chart-trade-market-growth-data-economy-exchange-background-with-abstract-analysis-digital-diagram-profit-rate_79161-1817.jpg img.freepik.com/premium-photo/	4 KB 5 KB	67ms 20ms	Image image/avif	2a02:26f0:3500:598::312e AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://img.freepik.com/premium-photo/global-financial-investment-stock-business-chart-trade-market-growth-data-economy-exchange-background-with-abstract-analysis-digital-diagram-profit-rate_79161-1817.jpg Requested by Host: forexinvest.pro URL: https://forexinvest.pro/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:598::312e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 081ac48e17e10d3d26cc5947a32b65b9cd8c9b9a71fb36a68d1b7d5096106ece Request headers accept-language de-DE,de;q=0.9 Referer https://forexinvest.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 08:24:20 GMT last-modified Fri, 27 Jan 2023 21:25:50 GMT etag "dd5848e994c441e5e916113c566fecec" content-type image/avif cache-control private, no-transform, max-age=604800 server-timing cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="469184_388276366_36527390_239_2711_12_0_-";dur=1 content-length 4394 expires Tue, 18 Jul 2023 08:24:20 GMT
GET H/1.1	200 OK	form_back.png forexinvest.pro/img/	932 KB 932 KB	26ms 13ms	Image image/png	5.183.95.77 ACCELERATED-IT
General Check archive.org Show headers Download Go to Show image Full URL https://forexinvest.pro/img/form_back.png Requested by Host: forexinvest.pro URL: https://forexinvest.pro/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.183.95.77 Frankfurt am Main, Germany, ASN31400 (ACCELERATED-IT, DE), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 8c1fb21333550095fa49838e60dcaecc27aa5a52981bdb7d0a41491221bfd8b9 Request headers accept-language de-DE,de;q=0.9 Referer https://forexinvest.pro/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 11 Jul 2023 08:24:20 GMT Last-Modified Mon, 10 Jul 2023 12:57:05 GMT Server nginx/1.14.0 (Ubuntu) ETag "64ac0021-e9028" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 954408
GET H2	200	va9B4kDNxMZdWfMOD5VnZKveQhf6TF0.woff2 fonts.gstatic.com/s/firasans/v17/	11 KB 11 KB	29ms 9ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnZKveQhf6TF0.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,500;0,700;0,900;1,600&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3170e12116c62fa06f52adc750b1e9db3d4c2593652b6450f203dfa634b61bd9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://forexinvest.pro accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 15:43:49 GMT x-content-type-options nosniff age 232831 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10804 x-xss-protection 0 last-modified Tue, 02 May 2023 14:50:14 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 07 Jul 2024 15:43:49 GMT
GET H2	200	TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2 fonts.gstatic.com/s/oswald/v49/	10 KB 10 KB	30ms 9ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Oswald:wght@500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1f8cb94dc31befeebeb9b93a9ab4194e8b839edd9985d973b23514f7a6c52a0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://forexinvest.pro accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 16:39:26 GMT x-content-type-options nosniff age 229494 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10260 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:12:51 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 07 Jul 2024 16:39:26 GMT
GET H2	200	va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2 fonts.gstatic.com/s/firasans/v17/	23 KB 24 KB	24ms 11ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,500;0,700;0,900;1,600&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://forexinvest.pro accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 07 Jul 2023 15:17:25 GMT x-content-type-options nosniff age 320815 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24020 x-xss-protection 0 last-modified Tue, 02 May 2023 14:50:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 06 Jul 2024 15:17:25 GMT
GET H2	200	TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUJiZTaR.woff2 fonts.gstatic.com/s/oswald/v49/	6 KB 6 KB	29ms 17ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUJiZTaR.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Oswald:wght@500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ad32b64ea826deee09c8fc086dad1aa8897f19e2ca4f24a9cc9a81b00eb918bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://forexinvest.pro accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 14:51:06 GMT x-content-type-options nosniff age 235994 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5888 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:16:43 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 07 Jul 2024 14:51:06 GMT
GET H2	200	837593421035292 Show response connect.facebook.net/signals/config/	378 KB 108 KB	205ms 205ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/837593421035292?v=2.9.111&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9466e2b20088cdb61f7e014d54fe5819ef4224d6b5712035d0704e2acdd9c064 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://forexinvest.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 11 Jul 2023 08:24:21 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug /3Bpxz09PBzz9RhzH4A7yd1dY6d2rkAbQ6aUQ7GwY6YU6bbXqOHrEAHuu/Rpiggky+9gkS/o5i9NG1HVYPDlUQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	25ms 7ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=837593421035292&ev=PageView&dl=https%3A%2F%2Fforexinvest.pro%2F&rl=&if=false&ts=1689063861325&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1689063861322.1979464469&cs_est=true&it=1689063860981&coo=false&rqm=GET Requested by Host: forexinvest.pro URL: https://forexinvest.pro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forexinvest.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 11 Jul 2023 08:24:21 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/tr/	0 54 B	9ms 7ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=837593421035292&ev=Microdata&dl=https%3A%2F%2Fforexinvest.pro%2F&rl=&if=false&ts=1689063862833&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Forexinvest%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1689063861322.1979464469&it=1689063860981&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://forexinvest.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 11 Jul 2023 08:24:22 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| fbq function| _fbq number| uidEvent object| bootstrap

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.forexinvest.pro/	1970-01-20 15:20:39	Name: _fbp Value: fb.1.1689063861322.1979464469

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://forexinvest.pro/(Line 78) Message: Mixed Content: The page at 'https://forexinvest.pro/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://5.183.95.77:3000/'. This endpoint should be made available over a secure connection.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forexinvest.pro
img.freepik.com
media.tenor.com
www.facebook.com
2606:4700::6811:180e
2a00:1450:4001:806::200a
2a00:1450:4001:809::2003
2a00:1450:4001:829::200a
2a02:26f0:3500:598::312e
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::485
5.183.95.77
081ac48e17e10d3d26cc5947a32b65b9cd8c9b9a71fb36a68d1b7d5096106ece
1f8cb94dc31befeebeb9b93a9ab4194e8b839edd9985d973b23514f7a6c52a0c
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
3170e12116c62fa06f52adc750b1e9db3d4c2593652b6450f203dfa634b61bd9
3c350b6644cd02ce0195fff926409b1199c7cfef722ad996e65db130cf4a3d43
3cee20e9e32fd568b9360359ab4d237f3e01d91055375ef69097a647cffd512a
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
8c1fb21333550095fa49838e60dcaecc27aa5a52981bdb7d0a41491221bfd8b9
9466e2b20088cdb61f7e014d54fe5819ef4224d6b5712035d0704e2acdd9c064
953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2
a5b05384de5e4fcdd6ac698c46d19582ac6ca08ea323236bdd411b5e6dbbb30a
ad32b64ea826deee09c8fc086dad1aa8897f19e2ca4f24a9cc9a81b00eb918bf
c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93
d4616e3e14f7b2f42d2bc3c7e37de853794996037be3d9e4aea370127d561d1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d02bedacda3df5a7a0493e2ea5b011b133e1732fdb751f91574a3647a66f60
fc1aab062a43f1c821329d47a04a8551d79c84aa202c09d9ca492e2f89c63c54