Submitted URL: http://direct.fxproru.info/
Effective URL: https://direct.fxproru.info/
Submission: On July 30 via api from US — Scanned from DE

Summary

This website contacted 40 IPs in 8 countries across 30 domains to perform 121 HTTP transactions. The main IP is 172.67.213.65, located in United States and belongs to CLOUDFLARENET, US. The main domain is direct.fxproru.info.
TLS certificate: Issued by E5 on June 27th 2024. Valid for: 3 months.
This is the only time direct.fxproru.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
39 172.67.213.65 13335 (CLOUDFLAR...)
1 2600:9000:275... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 18.245.86.69 16509 (AMAZON-02)
3 10 2a02:6b8::1:119 13238 (YANDEX)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 146.75.120.157 54113 (FASTLY)
1 183.79.249.124 24572 (YAHOO-JP-...)
1 162.159.153.247 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2.20.65.72 16625 (AKAMAI-AS)
4 95.163.52.67 47764 (VK-AS)
2 151.101.1.44 54113 (FASTLY)
2 52.54.13.156 14618 (AMAZON-AES)
1 151.101.65.44 54113 (FASTLY)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 93.184.221.165 15133 (EDGECAST)
1 104.244.42.3 13414 (TWITTER)
1 147.92.191.92 38631 (LINE LINE...)
4 104.18.34.208 13335 (CLOUDFLAR...)
4 2a00:1148:100... 47764 (VK-AS)
2 35.166.106.30 16509 (AMAZON-02)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 18.245.60.3 16509 (AMAZON-02)
1 2620:1ec:bdf::60 8075 (MICROSOFT...)
1 3 142.250.185.130 15169 (GOOGLE)
5 35.186.228.179 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 142.250.186.35 15169 (GOOGLE)
2 3 142.250.185.68 15169 (GOOGLE)
2 18.173.205.24 16509 (AMAZON-02)
1 18.66.112.30 16509 (AMAZON-02)
1 172.217.18.2 15169 (GOOGLE)
4 141.226.228.48 200478 (TABOOLA-AS)
1 2a02:6b8:a::a 13238 (YANDEX)
121 40
Apex Domain
Subdomains
Transfer
39 fxproru.info
direct.fxproru.info
1 MB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6787
4 KB
8 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 7686
privacy-cs.mail.ru — Cisco Umbrella Rank: 13550
61 KB
7 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
www.google.com — Cisco Umbrella Rank: 10
112 B
7 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1198
psb.taboola.com — Cisco Umbrella Rank: 9372
trc.taboola.com — Cisco Umbrella Rank: 1123
trc-events.taboola.com — Cisco Umbrella Rank: 3272
25 KB
5 owox.com
streaming.bi.owox.com — Cisco Umbrella Rank: 209815
801 B
5 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 4671
api.amplitude.com — Cisco Umbrella Rank: 3376
46 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
5 KB
4 fxpro.technology
client-api-global.fxpro.technology
6 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 669
px4.ads.linkedin.com — Cisco Umbrella Rank: 7330
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
448 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6716
191 B
3 quora.com
a.quora.com — Cisco Umbrella Rank: 10322
q.quora.com — Cisco Umbrella Rank: 7176
16 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
15 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2503
yandex.ru — Cisco Umbrella Rank: 1074
71 KB
2 onelink.me
wa.onelink.me — Cisco Umbrella Rank: 14229
880 B
2 appsflyer.com
websdk.appsflyer.com — Cisco Umbrella Rank: 7603
wa.appsflyer.com — Cisco Umbrella Rank: 10250
15 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
75 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
2 KB
1 azureedge.net
direct-web.azureedge.net — Cisco Umbrella Rank: 823115
950 B
1 line.me
tr.line.me — Cisco Umbrella Rank: 15680
425 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1356
727 B
1 t.co
t.co — Cisco Umbrella Rank: 979
376 B
1 line-scdn.net
d.line-scdn.net — Cisco Umbrella Rank: 16097
10 KB
1 yimg.jp
s.yimg.jp — Cisco Umbrella Rank: 9737
11 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1253
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1884
14 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
1 conv.rs
webchat.conv.rs
24 KB
121 30
Domain Requested by
39 direct.fxproru.info direct.fxproru.info
8 mc.yandex.com 2 redirects direct.fxproru.info
mc.yandex.ru
5 streaming.bi.owox.com direct.fxproru.info
4 trc-events.taboola.com direct.fxproru.info
4 region1.analytics.google.com direct.fxproru.info
4 www.facebook.com direct.fxproru.info
4 privacy-cs.mail.ru top-fwz1.mail.ru
direct.fxproru.info
4 client-api-global.fxpro.technology direct.fxproru.info
4 top-fwz1.mail.ru direct.fxproru.info
top-fwz1.mail.ru
4 www.googletagmanager.com direct.fxproru.info
www.googletagmanager.com
3 www.google.com 2 redirects direct.fxproru.info
3 www.google.de direct.fxproru.info
3 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
direct.fxproru.info
3 px.ads.linkedin.com 1 redirects direct.fxproru.info
3 bat.bing.com www.googletagmanager.com
bat.bing.com
direct.fxproru.info
3 cdn.amplitude.com direct.fxproru.info
www.googletagmanager.com
cdn.amplitude.com
2 wa.onelink.me direct.fxproru.info
2 api.amplitude.com direct.fxproru.info
2 q.quora.com direct.fxproru.info
2 connect.facebook.net direct.fxproru.info
connect.facebook.net
2 mc.yandex.ru 1 redirects direct.fxproru.info
1 yandex.ru direct.fxproru.info
1 www.googleadservices.com www.googletagmanager.com
1 wa.appsflyer.com direct.fxproru.info
1 stats.g.doubleclick.net www.googletagmanager.com
1 direct-web.azureedge.net direct.fxproru.info
1 websdk.appsflyer.com direct.fxproru.info
1 tr.line.me direct.fxproru.info
1 analytics.twitter.com direct.fxproru.info
1 t.co direct.fxproru.info
1 px4.ads.linkedin.com direct.fxproru.info
1 trc.taboola.com cdn.taboola.com
1 psb.taboola.com direct.fxproru.info
1 cdn.taboola.com direct.fxproru.info
1 d.line-scdn.net direct.fxproru.info
1 a.quora.com www.googletagmanager.com
1 s.yimg.jp www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 static.cloudflareinsights.com direct.fxproru.info
1 webchat.conv.rs direct.fxproru.info
121 41

This site contains links to these domains. Also see Links.

Domain
www.fxpro.com
www.cysec.gov.cy
promo.fxpro.com
convrs.io
Subject Issuer Validity Valid
direct.fxproru.info
E5
2024-06-27 -
2024-09-25
3 months crt.sh
*.conv.rs
Amazon RSA 2048 M01
2023-10-04 -
2024-10-31
a year crt.sh
cloudflareinsights.com
WE1
2024-07-06 -
2024-10-04
3 months crt.sh
*.google-analytics.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
cdn.amplitude.com
Amazon RSA 2048 M02
2023-12-14 -
2025-01-12
a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2024-05-23 -
2024-11-02
5 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04
2024-06-19 -
2024-12-16
6 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-25 -
2025-06-24
a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4
2024-07-02 -
2025-08-01
a year crt.sh
quora.com
R11
2024-07-09 -
2024-10-07
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-05-08 -
2024-08-06
3 months crt.sh
line-apps.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-13 -
2024-11-13
a year crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018
2023-10-06 -
2024-11-06
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-16 -
2024-12-31
6 months crt.sh
*.quora.com
R11
2024-07-29 -
2024-10-27
3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-07-01 -
2025-01-01
6 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-05-08 -
2025-05-07
a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-31 -
2024-10-29
a year crt.sh
*.line.me
GlobalSign RSA OV SSL CA 2018
2023-08-10 -
2024-09-10
a year crt.sh
*.fxpro.technology
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-24 -
2024-10-23
a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA
2024-01-31 -
2025-03-02
a year crt.sh
*.appsflyer.com
Amazon RSA 2048 M03
2024-02-04 -
2025-03-03
a year crt.sh
*.azureedge.net
Microsoft Azure RSA TLS Issuing CA 03
2024-06-24 -
2025-06-19
a year crt.sh
*.g.doubleclick.net
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
streaming.bi.owox.com
WR3
2024-07-21 -
2024-10-19
3 months crt.sh
*.google.de
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.onelink.me
Amazon RSA 2048 M02
2024-05-05 -
2025-06-02
a year crt.sh
*.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.googleadservices.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018
2024-07-12 -
2025-01-09
6 months crt.sh

This page contains 2 frames:

Primary Page: https://direct.fxproru.info/
Frame ID: 029AAF5C64200E639EA9F278471878FB
Requests: 143 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 180CA6E9AD6FDB3E9DF441971B0E059B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

FxPro Direct - Top-Notch Account Management Tool

Page URL History Show full URLs

  1. http://direct.fxproru.info/ HTTP 307
    https://direct.fxproru.info/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

121
Requests

96 %
HTTPS

36 %
IPv6

30
Domains

41
Subdomains

40
IPs

8
Countries

2244 kB
Transfer

6714 kB
Size

54
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://direct.fxproru.info/ HTTP 307
    https://direct.fxproru.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4697674&time=1722300861813&url=https%3A%2F%2Fdirect.fxproru.info%2F HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4697674&time=1722300861813&url=https%3A%2F%2Fdirect.fxproru.info%2F&e_ipv6=AQI0VmR0gLk_iQAAAZEBIY95J30PI6rFvCiOq2sVhWf1WsPsFiYpLVsaIaop_eN8NMlN13gC
Request Chain 100
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10445.FaMZ05PgxXed_gfIiaOfHclXPP-SJblnA3GKx_vVl6GgU1JD13s3L2jLTw3wOS62.o65qVQDFQdMzxalpD0q8ShVDcMY%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10445.1JC-Wv2SweUmr-rb1ZSTQYkZ34AReTj7GT2WHnFmrOmjRdV9D3iXqtLiS2sKyp0MyzaPcHs_ol9JdurWfRfIWLJWZvb11ywrGHRTIpenXWwQjNeGW_ZKfS0DCnAUhsmCGz4IesKe0TonlrFaF7KfiXkI0jGP8z9gMHQCHkz-Nbzvjuq_KAYSpltozsXPb73jY8KDLjfdh3cr_62VdAinP2BXej8Mp0StzwE4VFxoq0o%2C.kxOqTUZhzo03Z7dqjdpxCpcZbYA%2C
Request Chain 115
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=95250753&rnd=920046445.1722300862&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dma_cps=syphamo&dma=1&npa=0&gtm=45He47t0n81WGF6FQLv833746439za200&auid=1549021099.1722300862 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=95250753&rnd=920046445.1722300862&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dma_cps=syphamo&dma=1&npa=0&gtm=45He47t0n81WGF6FQLv833746439za200&auid=1549021099.1722300862
Request Chain 124
  • https://mc.yandex.com/watch/3923710?wmode=7&page-url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A773456280227%3Ahid%3A1050882117%3Az%3A120%3Ai%3A20240730025422%3Aet%3A1722300862%3Ac%3A1%3Arn%3A416125814%3Arqn%3A1%3Au%3A1722300862179427629%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A320%3Awv%3A2%3Ads%3A24%2C35%2C110%2C3%2C1%2C0%2C%2C32%2C0%2C%2C%2C%2C597%3Aco%3A0%3Acpf%3A1%3Ans%3A1722300860991%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722300863%3At%3AFxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
  • https://mc.yandex.com/watch/3923710/1?wmode=7&page-url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A773456280227%3Ahid%3A1050882117%3Az%3A120%3Ai%3A20240730025422%3Aet%3A1722300862%3Ac%3A1%3Arn%3A416125814%3Arqn%3A1%3Au%3A1722300862179427629%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A320%3Awv%3A2%3Ads%3A24%2C35%2C110%2C3%2C1%2C0%2C%2C32%2C0%2C%2C%2C%2C597%3Aco%3A0%3Acpf%3A1%3Ans%3A1722300860991%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722300863%3At%3AFxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
Request Chain 141
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007393989/?random=1321243897&cv=11&fst=1722300863304&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9165315690z8833746439za201zb833746439&gcs=G111&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&label=KG17COySg-UDEMW5ruAD&hn=www.googleadservices.com&frm=0&tiba=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&value=0&npa=0&pscdl=noapi&auid=1549021099.1722300862&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&data=ads_data_redaction%3Dfalse&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKPFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&eitems=ChEI8PuctQYQ_ICHgauMz4DbARIdAG__P4Z2A_oTA_hZ47UfDWBTp3T83vCy7_DOY4w&pscrd=IhMIisOk2cbNhwMVVo6DBx1oAxuJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2RpcmVjdC5meHByb3J1LmluZm8v HTTP 302
  • https://www.google.com/pagead/1p-conversion/1007393989/?random=1321243897&cv=11&fst=1722300863304&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9165315690z8833746439za201zb833746439&gcs=G111&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&label=KG17COySg-UDEMW5ruAD&hn=www.googleadservices.com&frm=0&tiba=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&value=0&npa=0&pscdl=noapi&auid=1549021099.1722300862&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&data=ads_data_redaction%3Dfalse&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKPFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIisOk2cbNhwMVVo6DBx1oAxuJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2RpcmVjdC5meHByb3J1LmluZm8v&is_vtc=1&cid=CAQSKQDaQooLnfDr0MGgGzU7EJ5aXSTEZizlG43-DG2xPPmNfPmX3vMZUhm3&eitems=ChEI8PuctQYQ_ICHgauMz4DbARIdAG__P4bnyWHzc7c99e5UyuWauwhFoQOeQrphj2M&random=973420180 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1007393989/?random=1321243897&cv=11&fst=1722300863304&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9165315690z8833746439za201zb833746439&gcs=G111&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&label=KG17COySg-UDEMW5ruAD&hn=www.googleadservices.com&frm=0&tiba=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&value=0&npa=0&pscdl=noapi&auid=1549021099.1722300862&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&data=ads_data_redaction%3Dfalse&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKPFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIisOk2cbNhwMVVo6DBx1oAxuJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2RpcmVjdC5meHByb3J1LmluZm8v&is_vtc=1&cid=CAQSKQDaQooLnfDr0MGgGzU7EJ5aXSTEZizlG43-DG2xPPmNfPmX3vMZUhm3&eitems=ChEI8PuctQYQ_ICHgauMz4DbARIdAG__P4bnyWHzc7c99e5UyuWauwhFoQOeQrphj2M&random=973420180&ipr=y

121 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
direct.fxproru.info/
Redirect Chain
  • http://direct.fxproru.info/
  • https://direct.fxproru.info/
33 KB
8 KB
Document
General
Full URL
https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99623b979b052a645774f9d6a0989b158038df7e3211b797e3b3a1d556b6c3d2
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ab1607da8e39306-CPH
content-encoding
br
content-type
text/html
date
Tue, 30 Jul 2024 00:54:21 GMT
last-modified
Mon, 29 Jul 2024 13:22:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5FQb366hdkB4e8h3c%2BOw8Bbl0wl1nWxTrjFvYw3iItWGvu22kPOPz29APZ%2F1uGkOXBDnh2wyqRRsFWUB447QWAAZrji6CfyWPrKzlXkHddmD3yTvWPQgeqTa2nDDD2rO1iKzbFN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY

Redirect headers

Location
https://direct.fxproru.info/
Non-Authoritative-Reason
HttpsUpgrades
Roboto-Light.woff
direct.fxproru.info/assets/fonts/
91 KB
91 KB
Font
General
Full URL
https://direct.fxproru.info/assets/fonts/Roboto-Light.woff
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e3ca7f00dc4f375fd02c1c22581d71002282b5feac20073d211025c30611d87

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48242
etag
W/"1dadf537d67ed20"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5kLgDZL95RHjB%2FxPJmEtUDLTvZHAwq05VHcxfNdny3%2BK3qaFI4C19aW4XZE5WAXP5bFL9rR3HH5E4ITh3Mte4h68fSEcz%2FnS8ql9ZdBlnSJOCBGj0NyJTEe%2BAwv5gWzozdnVGOeL"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=86400
cf-ray
8ab1607e69149306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:19 GMT
Roboto-Regular.woff
direct.fxproru.info/assets/fonts/
92 KB
91 KB
Font
General
Full URL
https://direct.fxproru.info/assets/fonts/Roboto-Regular.woff
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
420751ad85d0a0acf987c22ac94c07d81038fcf3ecd2784593ff562051ff49d1

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48242
etag
W/"1dadf537d67ee58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N5fjBUnu1Azj5M%2FMo54vGUrLHP9rdcp%2BktLEy53i8Lhjwz%2FOgXzGSeKoM%2BOGbNNmZpUGmgJrMGlQ4DnPdyukfFIdK5lolgcdsCNG8TqR5Soch1C9J9XDtzXVN3WHfx8W%2F474pZeR"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=86400
cf-ray
8ab1607e69159306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:19 GMT
Roboto-Medium.woff
direct.fxproru.info/assets/fonts/
92 KB
92 KB
Font
General
Full URL
https://direct.fxproru.info/assets/fonts/Roboto-Medium.woff
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c785c007fcf17fb2ba80bfa7677f11ed8a25762158068cd9bf42f576440ab72c

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48243
etag
W/"1dadf537d67f09c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KeW0yUlUVgzt1hAp49AGS0m75zRjYljivg815LLimZuF8YSXHBa5PvKs6Oa7Vhs8U8V9a4MU7xPqhKDZqYIATE4mkLV0ulKIN3ELZ3J7hXR9zfGnQfBT7VMtiGUuk1B7568OC1Mp"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=86400
cf-ray
8ab1607e69169306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:18 GMT
Roboto-Bold.woff
direct.fxproru.info/assets/fonts/
92 KB
91 KB
Font
General
Full URL
https://direct.fxproru.info/assets/fonts/Roboto-Bold.woff
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa6c7d91c94e5a9dccde99f67d8ed20b5c8bce599ac2479c812c77d8c2fd99a

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48243
etag
W/"1dadf537d67ef58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jue4CpBcGdLlVBxWujaCvzHs14SBo3SboQmFQ5%2BeLiVk%2B3OffXmk7gIoG5d2p%2B5hZLM%2BFyrIJbeiqwU4r0jWNoUeRNuQpouqQ0t1bqXGtJBcWvsLuX6dHZucrENnqXtlRxPnu7AL"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=86400
cf-ray
8ab1607e69179306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:18 GMT
Roboto-Black.woff
direct.fxproru.info/assets/fonts/
92 KB
92 KB
Font
General
Full URL
https://direct.fxproru.info/assets/fonts/Roboto-Black.woff
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88231a627b72fc8219da5d3991a96690e135c75dd9af98b82b7a6a9eff3eff8e

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48243
etag
W/"1dadf537d67f094"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2FrXwveLx%2Fm3VZVUKjrdItwLgi%2FC%2Bgy44KQkHU0fW1K8pnXpT9EVDkZCm7V0CnI4EKEZJHhKqtIAyq41sboEu9Bk15vIw9I1vRWfMxs8YJzo4eBinT%2Fog2VtYEh5peGKxuRQM%2Bl6"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=86400
cf-ray
8ab1607e69199306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:18 GMT
Inter-Medium.woff
direct.fxproru.info/assets/fonts/Inter/
155 KB
150 KB
Font
General
Full URL
https://direct.fxproru.info/assets/fonts/Inter/Inter-Medium.woff
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b54e0083c23bf302a0923f870be1d51a0efa8a5e8167f61403509735148bb698

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48243
etag
W/"1dadf537d64ea78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YYlgu7RBhBZBNaKD3eWRU4EhTjLxoYmQypkWKISgNw%2BjuFuAfCrASapQomvo%2FysfOpErYNqGwziEZDMDGpGYYuaC9Tsv26mdfbGBlQvLJvEK2Bh63p1RY91N3DpoZS2Ydxf17TKj"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=86400
cf-ray
8ab1607e691a9306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:18 GMT
Inter-SemiBold.woff
direct.fxproru.info/assets/fonts/Inter/
156 KB
152 KB
Font
General
Full URL
https://direct.fxproru.info/assets/fonts/Inter/Inter-SemiBold.woff
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1a7d933c745edc61f6ba1c22a2a57a718937dcef5ce38a0b28e297ac6fa1374

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48243
etag
W/"1dadf537d64ef54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ogGue1El2UUKVY6c%2BMgiqsvCG3rQbZfGv4tDbXUtfBn0aH%2FkPZG0QB6PVgsGQMFfHUQfXOT2W%2BtYPl4Zf1yFyZm4rzwZ8piWmseFxxbVWm6B2fAk%2F4iz0U43tWr0KZUH7yJQwAGi"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=86400
cf-ray
8ab1607e691b9306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:18 GMT
b178f989f9e969b294668c15f96e16ce70f3d653.js
webchat.conv.rs/
82 KB
24 KB
Script
General
Full URL
https://webchat.conv.rs/b178f989f9e969b294668c15f96e16ce70f3d653.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3800:c:edf1:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89d6914c51bbca575bcc98df7b2af3fe0113fa59a56c1b4001d16025ce52b47f

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 12:39:10 GMT
content-encoding
br
via
1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
last-modified
Mon, 29 Jul 2024 12:39:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
44112
etag
W/"739b1181ef44866ee47f3b110196e214"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=0
x-amz-cf-id
EmGA55P3u8rNGCS40nRf3s_QGkqAxBAU6785qtMy_zFek6tnFDzkqw==
runtime.150229de214cd238.js
direct.fxproru.info/
5 KB
3 KB
Script
General
Full URL
https://direct.fxproru.info/runtime.150229de214cd238.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b0c70252c8a27d527aa76bf1de10625208e278111710de0b1c9c59169971ca2

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 13:22:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
39540
etag
W/"1dae1ba67a6d0ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U7QlASCXOj2r%2BE%2BDBzUiT8qi23ohHwu5RstU4sUgTO4IAelNAe1UUtJnXBqVGNscog12RCVlSkBfGAn9PurlGk%2F%2FRQT%2Fw%2BZqWS2GyHsl5ULWqbuI6RQt1%2BXR2pXVb6Fbw27HywiA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
8ab1607e691c9306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 13:55:21 GMT
polyfills.e68d4c527ef903dc.js
direct.fxproru.info/
35 KB
13 KB
Script
General
Full URL
https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76164e0dabc6073d1780d57493ddfee1afd962aa96b926032f1e9a1369f5b172

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48242
etag
W/"1dadf537c35dea8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BTvqxnRIZ%2BMc1HL5Xab648IqvGYi241bDfvn2o7sbELA0%2BUy2G6QvZ%2BuwBILfIGUXc5nfxG6TBK6ju%2BfdRr3EPuQQqBo7Yw2dAmvtLk5%2FceFZLyZx%2BhE96CAbI2jWL9yV3%2BRj3%2F1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
8ab1607e691d9306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:19 GMT
vendor.dc4f1280dceeb716.js
direct.fxproru.info/
817 KB
228 KB
Script
General
Full URL
https://direct.fxproru.info/vendor.dc4f1280dceeb716.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e5b1e68849346484e4af51329d7a4836a2bbf0c032c576a0d9e8fa288e8d471

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48242
etag
W/"1dadf537c3990cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vvsOrupQQ9ZKNBxP9lEYWmD7mRN0H0PI0r5m%2F3ea2e7Idf5RrDoOBpw76BT6ZZcfhjb4NnpR%2FK7%2FWILE87UuDcatuV1jhaj91YjilaZwvJ28VDhkZRExc7uVLcwgh1fUrcqmQ8AW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
8ab1607e691e9306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:19 GMT
main.97f068130a8bbdee.js
direct.fxproru.info/
224 KB
55 KB
Script
General
Full URL
https://direct.fxproru.info/main.97f068130a8bbdee.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7318ed29c98f6e112a7a183876a89e9178069833f5464001944c4a7b6c0d0068

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 12:42:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
43590
etag
W/"1dae1b4bf414f8d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BEbpxWe0cZ2cnuJt7gkSZsPbH3q%2FSeDddQAgOC8%2BCPe89%2FScGKRJzScr6KnARuMpCI2rKyB1RqTbJnWPTIPx%2B4iGE6yaphZFaDMc2FjUNeQdL4AzfPjOXClv9HwU5a4zDeJIsHn5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
8ab1607e691f9306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 12:47:51 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8ab1607edd71aca7-TXL
loader.css
direct.fxproru.info/assets/
167 B
622 B
Stylesheet
General
Full URL
https://direct.fxproru.info/assets/loader.css
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb825676e33b26781104f1fb8668b04770508042f7f575035e9e2df08a71359f

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48242
etag
W/"1dadf537d6680a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qo7BKN9m7K%2FTCHZE08ktFFcZ6wlhLKEW9jGjqdqf1lfjrVMpZtOFFLfp6dXZY8MCn98nRNWU4QNI5wI9RpkD93eMTd2I85QXd9wWgre1KdONdGffGBHreoDBpqwR4oy04%2FYE%2Fbff"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8ab1607e89279306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:19 GMT
dr-flags-svg-16.css
direct.fxproru.info/assets/fonts/dr-round-flags/
18 KB
2 KB
Stylesheet
General
Full URL
https://direct.fxproru.info/assets/fonts/dr-round-flags/dr-flags-svg-16.css
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d11accac8a751fc9c4d19ed4924bc1cfae974b5d3e391293201915a8f7a0e33

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48242
etag
W/"1dadf537d66c9cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2WZ5lEDifCVRDKwTjXTV%2Fq7v6I9dEAjUeg6fpwW6bwsu0havA%2BkTTDLbTWidOw5eHS0PaQ3TiP9YWkMNhwX3Rs5Kua9ZpMW%2BxjXmsEYzt%2BseaPLT0K3WKci7QlNvRTNIYzQrBMZM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8ab1607e89289306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:19 GMT
gtm.js
www.googletagmanager.com/
550 KB
134 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGF6FQL
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f0b2ca64698de85f67c7c837812ab4c90188804ab56cfc9e25765fb46a15f72b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137134
x-xss-protection
0
last-modified
Tue, 30 Jul 2024 00:16:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Jul 2024 00:54:21 GMT
amplitude-5.10.0-min.gz.js
cdn.amplitude.com/libs/
57 KB
19 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/amplitude-5.10.0-min.gz.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f52f34104477fb2419e964be4029c734a5a7b4f960bbc3c7953eac1dfa1179f0

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 01 May 2024 06:36:10 GMT
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-version-id
M8gQYqjvk9smBMK6Q3KU0xI4MWwIVNBc
x-amz-cf-pop
FRA60-P6
age
7755492
x-cache
Hit from cloudfront
content-length
18576
last-modified
Tue, 10 Mar 2020 21:56:03 GMT
server
AmazonS3
etag
"32c6cc8f35238dd7b822aad7abb0f9df"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
POKb2K8VD1BJVMBXnXIvpaepopRi09G0Blia0ezbxvHtyvHc7Vv-KA==
styles.1698b966feeb02ce.css
direct.fxproru.info/
328 KB
43 KB
Stylesheet
General
Full URL
https://direct.fxproru.info/styles.1698b966feeb02ce.css
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad218c6ad5a147bdddc9a2f1eed94be69e7730770782748ce769078ce385add5

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48242
etag
W/"1dadf537c304ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JM8%2Finl6X3pYoqNpLb3Ln%2BlGWTIGnf66uDK6xvR1NKWucEYF6A1S97KPfG3iLyOSnSwczUu2l1Dxq8zI%2FZQd53IoYV5SGqy4GNUuQMcGyQ247EqtJEw1NyjiJX%2BN5kgJvW05Ehjp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8ab1607e89299306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:19 GMT
loader.css
direct.fxproru.info/assets/
167 B
0
Stylesheet
General
Full URL
https://direct.fxproru.info/assets/loader.css
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb825676e33b26781104f1fb8668b04770508042f7f575035e9e2df08a71359f

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48242
etag
W/"1dadf537d6680a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qo7BKN9m7K%2FTCHZE08ktFFcZ6wlhLKEW9jGjqdqf1lfjrVMpZtOFFLfp6dXZY8MCn98nRNWU4QNI5wI9RpkD93eMTd2I85QXd9wWgre1KdONdGffGBHreoDBpqwR4oy04%2FYE%2Fbff"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8ab1607e89279306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:19 GMT
dr-flags-svg-16.css
direct.fxproru.info/assets/fonts/dr-round-flags/
18 KB
0
Stylesheet
General
Full URL
https://direct.fxproru.info/assets/fonts/dr-round-flags/dr-flags-svg-16.css
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d11accac8a751fc9c4d19ed4924bc1cfae974b5d3e391293201915a8f7a0e33

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48242
etag
W/"1dadf537d66c9cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2WZ5lEDifCVRDKwTjXTV%2Fq7v6I9dEAjUeg6fpwW6bwsu0havA%2BkTTDLbTWidOw5eHS0PaQ3TiP9YWkMNhwX3Rs5Kua9ZpMW%2BxjXmsEYzt%2BseaPLT0K3WKci7QlNvRTNIYzQrBMZM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8ab1607e89289306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:19 GMT
styles.1698b966feeb02ce.css
direct.fxproru.info/
328 KB
0
Stylesheet
General
Full URL
https://direct.fxproru.info/styles.1698b966feeb02ce.css
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad218c6ad5a147bdddc9a2f1eed94be69e7730770782748ce769078ce385add5

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48242
etag
W/"1dadf537c304ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JM8%2Finl6X3pYoqNpLb3Ln%2BlGWTIGnf66uDK6xvR1NKWucEYF6A1S97KPfG3iLyOSnSwczUu2l1Dxq8zI%2FZQd53IoYV5SGqy4GNUuQMcGyQ247EqtJEw1NyjiJX%2BN5kgJvW05Ehjp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8ab1607e89299306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:19 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fa1bcfc4c7b22d04a93647150c9b64afa5813027baed278a022ec42cce4fd24

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
459 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2b004d6146b951cbaa7594a640c3dea5b01b616ae1e8f9b07148f7a0443cb4d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
933ef6c20ea9708698b6509c788d142527fef69c5906cf315f3a793a92a525ee

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5335a7a9d4bddfe029bf848560af60b2212cb5392c82c7a88fd6cfbc47c16f9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b82d33bf005d48262adf7d04cf9d81e5ff8b789c4b6276386635e31fe21a516

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
en
direct.fxproru.info/api/localization/
262 KB
75 KB
XHR
General
Full URL
https://direct.fxproru.info/api/localization/en
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8947ea2f21284b82e12a64bb92b68a7622edb456ed8bdceffb30b390b16675f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Pragma
no-cache
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ziPgWQ7OR%2FUsu15ppm5sx5LVajl7CVFmjkizEYrgk8SyN6r9MaYApO1IWUyVbEKpdqqhZm5%2BpjM6rjqh%2Fhe6dkKBVWSszKr1ev0INB%2BjPOy%2B6oJFFTKqSYLmrPMu1%2F%2FOkGNjf52a"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cf-ray
8ab16080f9e39306-CPH
alt-svc
h3=":443"; ma=86400
tag.js
mc.yandex.ru/metrika/
202 KB
71 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
184ff4719d5c387812c3b3d9ba9522c3cf597085ba2092079142903e994dc304
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 24 Jul 2024 12:44:58 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66a0f74a-1166d"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71277
expires
Tue, 30 Jul 2024 01:54:21 GMT
js
www.googletagmanager.com/gtag/
343 KB
110 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JT1ZR36N0N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGF6FQL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f3fb72c3314587075638c4b37a170d7407a93fe1d66f1e37e4ee963d5841a75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
112335
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jul 2024 00:54:21 GMT
js
www.googletagmanager.com/gtag/
351 KB
113 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-68RKQ2EPR2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGF6FQL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c120bdb1caaa62afcd79f91e26cae9ca567c23eef0f1aeaaede7ea1797670951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
115070
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jul 2024 00:54:21 GMT
destination
www.googletagmanager.com/gtag/
267 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-1007393989&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGF6FQL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3fc59618557b50f4de1a2eebfd965974bd1fd54fe175c5e90e6dd08c1b82f3f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93677
x-xss-protection
0
last-modified
Tue, 30 Jul 2024 00:16:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Jul 2024 00:54:21 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGF6FQL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:15::213:7e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2024 05:33:09 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=67402
accept-ranges
bytes
content-length
14597
bat.js
bat.bing.com/
49 KB
14 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGF6FQL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 30 Jul 2024 00:54:21 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 15079E3F53924BF9AA2E73ABB81255C2 Ref B: CPH30EDGE0811 Ref C: 2024-07-30T00:54:21Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGF6FQL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220049-FRA
ytag.js
s.yimg.jp/images/listing/tool/cv/
33 KB
11 KB
Script
General
Full URL
https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGF6FQL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.249.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
7c77bb7556fd4aea9f53afe3706f757576d6ffb99665d04b5da722ca349d69e9

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 30 Jul 2024 00:53:42 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2024 05:46:25 GMT
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
40
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-z-chihaya
r=1
x-ntap-sg-trace-id
da620c439f046f81
cache-control
public, max-age=600
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
10757
analytics-browser-gtm-wrapper-3.7.7.js.br
cdn.amplitude.com/libs/
24 KB
9 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/analytics-browser-gtm-wrapper-3.7.7.js.br
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGF6FQL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
215dceb9394451f5428655fc07a6266644e311ee3ab4a5f34aa65d06205d81a1

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 13:57:29 GMT
content-encoding
br
via
1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront)
x-amz-version-id
6RP1FR4XzZiqyE1Ymax3FKPaumo4mmA4
x-amz-cf-pop
FRA60-P6
age
11012213
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8939
last-modified
Fri, 22 Mar 2024 23:55:50 GMT
server
AmazonS3
etag
"8f96d9a2c246078abccf35c1a18b3f3f"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6s7vHrbeYbY3FKmPJWeVAUHcUYBcfVIBPhrw_9e8ORySx133JcpfOw==
qevents.js
a.quora.com/
41 KB
15 KB
Script
General
Full URL
https://a.quora.com/qevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGF6FQL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
x-amz-version-id
jrgqQn59BHyNBJEhUqaibHl1Lk06.AzO
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
M04HPBTPY5GDBBF5
age
7613807
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Tl+NCrT4/ROq8BOB/jXEFbjekr+B/799PB4hsh4cPaz8GcT19YQzaMe+k+f+IJxKpv7tKCeNqoQ=
last-modified
Thu, 28 Mar 2024 17:33:19 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:87b5ecaafd0e88097cbbb1bbb7695fe9
etag
W/"87b5ecaafd0e88097cbbb1bbb7695fe9"
vary
Accept-Encoding
content-type
text/plain
cache-control
public, max-age=14400
cf-ray
8ab16081791944f2-TXL
expires
Tue, 30 Jul 2024 04:54:21 GMT
fbevents.js
connect.facebook.net/en_US/
224 KB
60 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 30 Jul 2024 00:54:21 GMT
document-policy
force-load-at-top
x-fb-server-load
21
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1368, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
RI0V2Vg1jTURPxXSdQzEfonZGFguv/tIMZ9iQE41qRznw218OBjACt5+TcotTrznTHq4jXSDxuqvEI5eolf6+g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
lt.js
d.line-scdn.net/n/line_tag/public/release/v1/
32 KB
10 KB
Script
General
Full URL
https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.20.65.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-65-72.deploy.static.akamaitechnologies.com
Software
VOS /
Resource Hash
d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
aLHCm1toaevjRzyK9ZlkfyErvpEL9I2
strict-transport-security
max-age=15768000
content-encoding
gzip
date
Tue, 30 Jul 2024 00:54:21 GMT
x-amz-request-id
tx0000006918b62e065fa5b-00651a6066-13dd9984-jp2
content-length
9865
x-amz-expiration
expiry-date="Sat, 02 Dec 2023 00:00:00 GMT", rule-id="bucket_lifecycle"
last-modified
Mon, 02 Oct 2023 06:16:39 GMT
server
VOS
etag
"02e4691c0dcc2f7ecef2712fb0f24921"
vary
Accept-Encoding
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=1968928
accept-ranges
bytes
expires
Wed, 21 Aug 2024 19:49:49 GMT
code.js
top-fwz1.mail.ru/js/
46 KB
19 KB
Script
General
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
dfbf000d76574d9707b2aa750760dad91d275dbc61e2d2c1df2ae4c8d8a6ec16
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Tue, 16 Jul 2024 20:47:12 GMT
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag
W/"6696dc50-b755"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Tue, 30 Jul 2024 01:54:21 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1711882/
71 KB
22 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/unip/1711882/tfa.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8b0869eb75f990fa93b5f34ddd756f3875c24b3c4a67fd8a7f3de8887712ad3

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
xWfxOPR4lw4Sf2cXISlst4CPj4TRfECR
content-encoding
gzip
via
1.1 varnish
date
Tue, 30 Jul 2024 00:54:21 GMT
x-amz-request-id
AC842ED2PAFKM7DX
age
81
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
21945
x-amz-id-2
zNKeSL7bygfZLTPeyd9QacD/gjAkU/4QTalWH7nWNQDNAxeOI+BpgezMg8ILF/68coijgfK55m0=
x-served-by
cache-fra-eddf8230075-FRA
last-modified
Sun, 28 Jul 2024 12:26:13 GMT
server
AmazonS3
x-timer
S1722300862.700913,VS0,VE1
etag
"9eae268b33ad00d620e513ab322b0861"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
86
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
pixel
q.quora.com/_/ad/b786967c9ab7425089a4e46c36e671d5/
43 B
420 B
Image
General
Full URL
https://q.quora.com/_/ad/b786967c9ab7425089a4e46c36e671d5/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fdirect.fxproru.info%2F
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.13.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-13-156.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 00:54:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Server
nginx
Connection
keep-alive
Content-Length
43
X-Q-Stat
,7b6da6688716f2afbf16f6944f2a3584,10.0.0.68,28550,193.32.248.225,,31043969988,1,1722300862.144,0.002,,.,0,0,0.000,0.004,-,0,0,203,93,46,10,34729,,,,,,-,
Content-Type
image/gif
analytics-browser-gtm-2.5.2-min.js.gz
cdn.amplitude.com/libs/
65 KB
18 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/analytics-browser-gtm-2.5.2-min.js.gz
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/analytics-browser-gtm-wrapper-3.7.7.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c328f92e807e5029a5b9dedf9e7ea21af51c8fb381a47474827bb3bf3306aadc

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Apr 2024 10:21:23 GMT
content-encoding
gzip
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-version-id
uS1xmOT5A_6ehs7_u39.iJx0i82O5jbK
x-amz-cf-pop
FRA60-P6
age
8692379
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17861
last-modified
Tue, 27 Feb 2024 19:37:01 GMT
server
AmazonS3
etag
"c35f967cf7d730a1bd082d33f3b58ed7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
-tjaNxTkAj7PrMRm-soWEoiqVFAGX6AYY-MkT8vWjw04YyfMfXzIzg==
topics_api
psb.taboola.com/
65 B
284 B
Fetch
General
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 30 Jul 2024 00:54:21 GMT
via
1.1 varnish
server
Varnish
observe-browsing-topics
?1
x-timer
S1722300862.802343,VS0,VE0
x-cache
HIT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=2592000
accept-ranges
bytes
content-length
65
retry-after
0
x-served-by
cache-fra-eddf8230133-FRA
json
trc.taboola.com/1711882/trc/3/
3 KB
2 KB
Script
General
Full URL
https://trc.taboola.com/1711882/trc/3/json?tim=1722300861731&data=%7B%22id%22%3A740%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1722300861726%2C%22cv%22%3A%2220240728-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdirect.fxproru.info%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dadquantum-fxpro-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1722300861731%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fdirect.fxproru.info%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1711882/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7449f3bb240b8ed45dd222de2d0acdad14d113fd878b78fa29444a865277621f

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-vcl-time-ms
16
date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.0625
x-fastly-to-nlb-rtt
7340
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230075-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1722300862.755136,VS0,VE16
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
configuration
direct.fxproru.info/api/
559 B
805 B
XHR
General
Full URL
https://direct.fxproru.info/api/configuration
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbe6336776eaebd457b75e529e97c25c4dac3de1ddd509be6761dd18734ec307
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Pragma
no-cache
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tM4%2FTYn9YotbItzX3Ue5wMnQs%2BAAZ8SAtouEZkkA741F%2FFk6uiHjtwGHEj1XsaYKLWibXh197iB5KFYLRBKnrboNJNFI4%2BsxLW12vFoZsU1NV6kVFWZALaEwPdB%2Bx6Ep%2FVAh5AHS"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
8ab160822a379306-CPH
alt-svc
h3=":443"; ma=86400
5754.b9d89153249e0300.js
direct.fxproru.info/
16 KB
5 KB
Script
General
Full URL
https://direct.fxproru.info/5754.b9d89153249e0300.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/runtime.150229de214cd238.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42f6207bccf071ce065941c5de8228c596dbbcc4c7ea54069e802d9ced6095e

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46439
etag
W/"1dadf537c3512ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ysAQcsirnj1Clq7IqVqxhlrMZM9RfeHoD%2FP2Vz5KhlqYVHmqpNUtH3R3lOD2QRTQq0QpVTEtOvbh2BuELl427OXTAp37SbqXnTM9ntz6Urx1Ad5mP0A1XPpDcBJyV5Dn9T1V%2FcJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
8ab160824a3d9306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 12:00:22 GMT
6703.b80de46ec9a55d1c.js
direct.fxproru.info/
284 KB
74 KB
Script
General
Full URL
https://direct.fxproru.info/6703.b80de46ec9a55d1c.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/runtime.150229de214cd238.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cdfbd3709091250209bd3b170554df34567ee9bb239434141650a3d8892e0bd

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46448
etag
W/"1dadf537c313cc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3C11Af9PrX9V%2BgKe5M7VT8MUjZSSSfuwYetzrDFm5E4LOKeT%2FLovr%2F4EbYimiPbuJtjdpg9FhAAl0lXCuvcWNEWSui%2BIl%2BSTUmCcbY4BRSyezIW%2BhKnOBdGPKUAINasUuz92uepa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
8ab160824a3e9306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 12:00:13 GMT
1579.7688750f14f42323.js
direct.fxproru.info/
26 KB
10 KB
Script
General
Full URL
https://direct.fxproru.info/1579.7688750f14f42323.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/runtime.150229de214cd238.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea3b02a02615e53e47434d0e4880a6dd03db9b958e0efa31023a4d2350900765

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46438
etag
W/"1dadf537c353b62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQk1dXs4HIdc9Jd08%2FxBpj16%2Bavjq3bnz2n3taEr7vryRI97OFPDtVAgdgPRFtH%2FdrbJMPECiUagMhw49xf02DWC25rW4woEdgte7Y36f1CDzCYZkNwStYZ374OKOzWM1cLVfPmh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
8ab160824a3f9306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 12:00:23 GMT
1028.657ffd5cb2dbf94f.js
direct.fxproru.info/
65 KB
34 KB
Script
General
Full URL
https://direct.fxproru.info/1028.657ffd5cb2dbf94f.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/runtime.150229de214cd238.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b186a33e9b65b45d3a0475df37846964799d5d51922e25907684ce13ce2e8105

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46438
etag
W/"1dadf537c3456bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J1ybP0VegIwvR34H1sctyGzyYDvqVvFVeVR%2Bg%2Bs1OVPXUdrx0uPrKX2ffITBU7lMWnNfiOyPkQBqio5GxS2ZIUNVebYGh8lYyO3RjcMwDK22Rf1fUqi8Pp0c7NSyWpjqOX14JuMl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
8ab160824a409306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 12:00:23 GMT
3707.cb41490b1bced47f.js
direct.fxproru.info/
22 KB
7 KB
Script
General
Full URL
https://direct.fxproru.info/3707.cb41490b1bced47f.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/runtime.150229de214cd238.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8db8feec10c56013d070dd3cc3830f32a9a06de4faf47301c73b486dfe611b11

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46448
etag
W/"1dadf537c350b45"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5D12YWtc5JPPJxUjFWkSNUE7XoBwFL66dBq3LJvrtZ%2FXnZe6j43v36NKqSgdfUTA8cd4gqJJbfwU7ss3suZ7uAfBs8qjggSX4dP8MB6PRJD3IVyy1SsxAYPCIWYh3WrAjlCAwgHX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
8ab160824a419306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 12:00:13 GMT
common.e54aeed8c93aa9c3.js
direct.fxproru.info/
45 KB
12 KB
Script
General
Full URL
https://direct.fxproru.info/common.e54aeed8c93aa9c3.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/runtime.150229de214cd238.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b631f956d70180e6cd9e0e0fb9dfca333480a77c70127403a78e624db596a30

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 12:42:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
42889
etag
W/"1dae1b4bf42857d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DG%2Fsw4GeNXS%2BrZvDBlkoBrNbN6W84h1rMHtGZfEJZeamIzYEILChJuZItkhiAtzx7oypM6zDYekTbd6EefGz6Q1ohrKULtg5NQ4r%2BUnD8wvDiowRSPAcjSjjyAJXJ4iX8FymZ42t"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
8ab160824a429306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 12:59:32 GMT
2149.136b81f4e0b55224.js
direct.fxproru.info/
47 KB
10 KB
Script
General
Full URL
https://direct.fxproru.info/2149.136b81f4e0b55224.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/runtime.150229de214cd238.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3554a612cc19b5d294d6689615d0c88bc22f6a181296dffe5f3e606582cb5c5c

Request headers

Referer
https://direct.fxproru.info/
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46438
etag
W/"1dadf537c35ee0c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jTlzngL5aOzX5KxzljmOtM0wXomgXDvQNBZhGDTJ2WWnQByg6XVKaj0r05wsbBpekWgaQpny7NFsXrtFKs6O%2BDfgYPCIaqA8wKnhtMKZfwhg20wlkbG1YSTSShtfrdUT4211g5ti"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
8ab160824a439306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 12:00:23 GMT
attribution_trigger
px.ads.linkedin.com/
2 B
814 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=4697674&time=1722300861813&url=https%3A%2F%2Fdirect.fxproru.info%2F
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*
Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9CF34175068346FC86BD39DED6E38DFF Ref B: CPH30EDGE0620 Ref C: 2024-07-30T00:54:21Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-ltx1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYebGsS05yA7q4SD+OVww==
x-fs-uuid
00061e6c6b12d39c80eeae120fe395c3
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4697674&time=1722300861813&url=https%3A%2F%2Fdirect.fxproru.info%2F
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4697674&time=1722300861813&url=https%3A%2F%2Fdirect.fxproru.info%2F&e_ipv6=AQI0VmR0gLk_iQAAAZEBIY95J30PI6rFvCiOq2sVhWf1WsPsFiYpLVsaIaop_eN8NMlN13gC
0
267 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4697674&time=1722300861813&url=https%3A%2F%2Fdirect.fxproru.info%2F&e_ipv6=AQI0VmR0gLk_iQAAAZEBIY95J30PI6rFvCiOq2sVhWf1WsPsFiYpLVsaIaop_eN8NMlN13gC
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: BD66687CFF284258874579F55355F2AC Ref B: CPH30EDGE0316 Ref C: 2024-07-30T00:54:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYebGsdVPZMTT/Y1WOJYA==

Redirect headers

date
Tue, 30 Jul 2024 00:54:21 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: BB0E5677EF3B4B5183A990F4B62FBFD7 Ref B: CPH30EDGE0822 Ref C: 2024-07-30T00:54:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4697674&time=1722300861813&url=https%3A%2F%2Fdirect.fxproru.info%2F&e_ipv6=AQI0VmR0gLk_iQAAAZEBIY95J30PI6rFvCiOq2sVhWf1WsPsFiYpLVsaIaop_eN8NMlN13gC
x-li-proto
http/2
content-length
0
x-li-uuid
AAYebGsYWR2dH1kWfrCRxQ==
859987967463648
connect.facebook.net/signals/config/
69 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/859987967463648?v=2.9.162&r=stable&domain=direct.fxproru.info&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d260a0280b324c589c4185457228a47aaa4da0b59ea9941375487d7de69ff31
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 30 Jul 2024 00:54:22 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'report-sample';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
x-fb-server-load
21
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=62, mss=1368, tbw=64219, tp=-1, tpl=-1, uplat=125, ullat=0
pragma
public
x-fb-debug
aPRP/9T4Tnf/c14M2LLvg9xyh8dtBY+9qBDRJduvOqsr/pKel/CqOxR+9T9qZesUa7r/jPHUM5jZW0eLgJWvXQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
t.co/1/i/
43 B
376 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=5d7ff77b-e970-4a35-828a-f900ca7fa1e4&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=791e63dd-1594-4395-a39d-29ac0f8cddda&tw_document_href=https%3A%2F%2Fdirect.fxproru.info%2F&tw_iframe_status=0&txn_id=o6xzs&type=javascript&version=2.3.30
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time
110
date
Tue, 30 Jul 2024 00:54:21 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
ab0b42c060b90a51
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
a4025e8b786a7d60dd9263c37a4f37e88820049bfde55a74dd87dbdb25489bec
content-length
43
adsct
analytics.twitter.com/1/i/
43 B
727 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=5d7ff77b-e970-4a35-828a-f900ca7fa1e4&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=791e63dd-1594-4395-a39d-29ac0f8cddda&tw_document_href=https%3A%2F%2Fdirect.fxproru.info%2F&tw_iframe_status=0&txn_id=o6xzs&type=javascript&version=2.3.30
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time
103
date
Tue, 30 Jul 2024 00:54:21 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
d86c8885063c7d8d
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
9c09703027641e9b496bd6f5812a13a883de4ab379c87185f58d055052e26fee
content-length
43
tag.gif
tr.line.me/
43 B
425 B
Image
General
Full URL
https://tr.line.me/tag.gif?b_id=fe49e77b-ccf8-48ea-ae93-590b96ccc36e&b_u=https%3A%2F%2Fdirect.fxproru.info%2F&b_d=direct.fxproru.info&b_p=%2F&b_t=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&c_t=lap&t_id=7dbe96eb-2199-410b-a2b4-0fa4307c2f3f&s_id=ee6c40b4-758fc25c&x4=100&e=pv&v=3.4.1&_t=1722300861902
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 00:54:22 GMT
Cache-Control
private, no-store, no-cache, must-revalidate
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
resolve
client-api-global.fxpro.technology/api/v1/ip/ Frame
0
0
Preflight
General
Full URL
https://client-api-global.fxpro.technology/api/v1/ip/resolve
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
analytics-id,ui-version,x-facebook-browser-id,x-facebook-click-id,x-request-platform
Access-Control-Request-Method
GET
Origin
https://direct.fxproru.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ab160839b8e58e4-TXL
date
Tue, 30 Jul 2024 00:54:22 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
x-powered-by
Express
x-request-id
8774d489-e5f7-4130-88ad-61f363efcbcd
resolve
client-api-global.fxpro.technology/api/v1/ip/
38 B
480 B
XHR
General
Full URL
https://client-api-global.fxpro.technology/api/v1/ip/resolve
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3558ff60d5411abf588df176f0b56fb352a4450587a9393ac60012ba453e9c7d

Request headers

analytics-id
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
x-request-platform
web
Accept
application/json, text/plain, */*
Referer
https://direct.fxproru.info/
x-facebook-click-id
ui-version
6.5.3.0
x-facebook-browser-id

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
cf-cache-status
DYNAMIC
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
content-length
38
x-request-id
5db3d6b4-25b2-4fc9-9f71-4e0eeeffc9e2
server
cloudflare
etag
W/"26-h9cVv4sgCyYz/loTWqOije2KPcA"
x-request-platform
web
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age
1728000
access-control-allow-credentials
true
allow-origin
*
cf-ray
8ab160846cfa58e4-TXL
access-control-allow-headers
*
5441998.js
bat.bing.com/p/action/
334 B
406 B
Script
General
Full URL
https://bat.bing.com/p/action/5441998.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Tue, 30 Jul 2024 00:54:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6A0470EA45DB42C09AA3D4BFB8110382 Ref B: CPH30EDGE0811 Ref C: 2024-07-30T00:54:21Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=1800
sync-loader.js
privacy-cs.mail.ru/static/
143 KB
37 KB
Script
General
Full URL
https://privacy-cs.mail.ru/static/sync-loader.js
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
b36942f73c0dc83452af737dc5c92e650b10395f71fc1931b828ff6af79cf6e9

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 00:54:22 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Tue, 30 Jul 2024 01:04:22 GMT
dyn-goal-config.js
top-fwz1.mail.ru/js/
3 KB
2 KB
Script
General
Full URL
https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3528370
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Tue, 30 Jul 2024 01:04:21 GMT
counter
top-fwz1.mail.ru/
43 B
1 KB
Image
General
Full URL
https://top-fwz1.mail.ru/counter?_=0.979520575706982;id=3528370;u=https%3A//direct.fxproru.info/;title=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=5bcefc18f250744f;ver=60.6.0;tz=-120%2FEurope%2FBerlin;st=1722300861196;ct=961/964/964//629;rt=630/238/0/0/0/630/645/645/645/756/699/756/864/868;gl=u;ni=10//4g/50/0/;lvid=1722300861955%3A1722300861967%3A1%3Aad7d32a8b09721a43f416cfb6dacad2a;opts=dl%2Cjst-gtag%2Ccnhp%3Dh2%2Ccs%3D19122-46933-19422;visible=true;js=13
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
settings
client-api-global.fxpro.technology/api/v1/registration/ Frame
0
0
Preflight
General
Full URL
https://client-api-global.fxpro.technology/api/v1/registration/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
analytics-id,ui-version,x-facebook-browser-id,x-facebook-click-id,x-request-platform
Access-Control-Request-Method
GET
Origin
https://direct.fxproru.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ab160839b9058e4-TXL
date
Tue, 30 Jul 2024 00:54:22 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
x-powered-by
Express
x-request-id
2e76c901-6b86-463e-8c20-fab1889df93c
rum
direct.fxproru.info/cdn-cgi/
0
72 B
XHR
General
Full URL
https://direct.fxproru.info/cdn-cgi/rum?
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
x-content-type-options
nosniff
server
cloudflare
cf-ray
8ab160838aa29306-CPH
x-frame-options
DENY
settings
client-api-global.fxpro.technology/api/v1/registration/
58 KB
5 KB
XHR
General
Full URL
https://client-api-global.fxpro.technology/api/v1/registration/settings
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b20c6bc50189fb5aa2f06a2761d6cb299170494986ccb1b2d7b8a35b6ed837e3

Request headers

analytics-id
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
x-request-platform
web
Accept
application/json, text/plain, */*
Referer
https://direct.fxproru.info/
x-facebook-click-id
ui-version
6.5.3.0
x-facebook-browser-id

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-request-id
b8fe4924-7994-4ec6-a08f-fc66d1160b9e
server
cloudflare
etag
W/"e86e-dJ43C/H5+m7xECgJ8OCJe6971zg"
x-request-platform
web
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age
1728000
access-control-allow-credentials
true
allow-origin
*
cf-ray
8ab160848d2858e4-TXL
access-control-allow-headers
*
/
api.amplitude.com/
7 B
228 B
XHR
General
Full URL
https://api.amplitude.com/
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.166.106.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-106-30.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
strict-transport-security
max-age=15768000
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
access-control-allow-origin
*
trace-id
Root=1-66a839be-0f7b6f4775282a7235a55f88
content-length
7
login_back.svg
direct.fxproru.info/assets/images/
9 KB
5 KB
Image
General
Full URL
https://direct.fxproru.info/assets/images/login_back.svg
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f3bdffe8aa4db8daf3a2ab41e1c1eef24157fc81e011999579dd0a0176de175

Request headers

Referer
https://direct.fxproru.info/en/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46439
etag
W/"1dadf537d66a563"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NbgpNRZCY4NknPzII01SpeIikLhsI3OInUnkM3G7dNfVoJmbabtq7Uga7grpE%2BSWKY7MDCQWpDpmiDCfQVhtD5UiOrDkwG%2BFGgqGUq6JasM94G7fkgp512GAzXRJD13%2F1uzo55X6"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8ab16083eac29306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 12:00:23 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de3eb864a0d112dfd7e6892094a615dc91e7479e0a53ae1eef8a04e1d72a6608

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
941 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4dae34d50d9d65f699522c54d0f04b7463ab4301accb7717b76a1f6a77763f7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5727176c5ef425d3d8084892c4b00f87452f41b834b2bb172194dab1bfa95eb

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66729be16dda070de5be8f89ffaa52c2d9dd5aa08feca01aabfb76c3104a22a7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3cdeb52ff9afb646ead8fae263d04e7f1d08d4fc53ee80f8398b18219524e81

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
822bdb574a5ef7f470e1bb216bdb53179997b364dfb8d723a66a9690f95cf270

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fdd0d3297c68892cf7e0591fb4d1f57814d5d609f98e857fe971f7444df2f51

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f80ca48df2ee0bb71b280553cee0ec481f15d6d356cc80b37d04cdfaa24a08fc

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
active.svg
direct.fxproru.info/assets/images/lang/
438 B
786 B
Image
General
Full URL
https://direct.fxproru.info/assets/images/lang/active.svg
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
748a3c09681b679653918456d552b162c336e7364412350c296f8a1a99335e76

Request headers

Referer
https://direct.fxproru.info/en/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46439
etag
W/"1dadf537d6681b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iE9irTOzyaF05xBXjvtIpGVPW1fFq5WkPOZpWSHXXqIxXTOsU0AZx5W%2FX%2BUIYcCOSBotqEINGN4E6RhoslzbUjeFBJJCivXx%2F9QQjrFgZLh0EUIXDJReo8gLRjPcsWLCsVTuHg0i"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8ab16083fac49306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 12:00:23 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b1b24210f9843a201d9540249e2baa3536833e32bafbb88eaa315c94be01d61

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
946 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5b6044ea866d7755b3c15838c9fafdad408edb80bd62a0490d35b48358f2ccc

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1017 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c534241fd5daba7636dff2a0cfe440cdb77608e3962f093f9006fc12958774e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
909 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d8741de6935540db2469299929358908931f55229fbd9692ba0f9bfb6b420b4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1410fdee93266f8b4ae08c837aefcca8da6475a18e16cbf6b92f574909d25c9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc55361fbae2f295613d92605b45c2ce779288433fed4d5806c75bd626afa851

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
946 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1da739198751c3378122f807600f4d9343d4a98f07ce4164e9465c19d816e9b9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
62 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
579ada5c8d73fb345a79e1aca9e6b8e3ce980e5956ac0eb4c9c910c408494663

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a1fe9f9dbf5dc45e0816217022a00f7a7533145a72ff5bf21266b2bfd35e18e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
410a5034445f937ad3e287aacfcd60e278baaab4d0a710fcddc624dd14eba3e1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
37 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f66428ca044ef846741904662b0b129c3f69bc12ba3386540940a27a4d25fe5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
488897020ab4ab1362e166f7ecd52a78fea7abccfdd90be855c597286dc8415c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90c994b8301c3903f0064b98b28f9851aeb3936d6685f57990fe5326ddfdc901

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
954 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7cff97d2f9e508a9ef85d9e0d6fb0dd7a08b373805e7be50b64300de08ccc12

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
Roboto-Regular.woff
direct.fxproru.info/assets/fonts/
92 KB
0
Font
General
Full URL
https://direct.fxproru.info/assets/fonts/Roboto-Regular.woff
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/styles.1698b966feeb02ce.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
420751ad85d0a0acf987c22ac94c07d81038fcf3ecd2784593ff562051ff49d1

Request headers

Referer
https://direct.fxproru.info/styles.1698b966feeb02ce.css
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48242
etag
W/"1dadf537d67ee58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N5fjBUnu1Azj5M%2FMo54vGUrLHP9rdcp%2BktLEy53i8Lhjwz%2FOgXzGSeKoM%2BOGbNNmZpUGmgJrMGlQ4DnPdyukfFIdK5lolgcdsCNG8TqR5Soch1C9J9XDtzXVN3WHfx8W%2F474pZeR"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=86400
cf-ray
8ab1607e69159306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:19 GMT
Roboto-Medium.woff
direct.fxproru.info/assets/fonts/
92 KB
0
Font
General
Full URL
https://direct.fxproru.info/assets/fonts/Roboto-Medium.woff
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/styles.1698b966feeb02ce.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c785c007fcf17fb2ba80bfa7677f11ed8a25762158068cd9bf42f576440ab72c

Request headers

Referer
https://direct.fxproru.info/styles.1698b966feeb02ce.css
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48243
etag
W/"1dadf537d67f09c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KeW0yUlUVgzt1hAp49AGS0m75zRjYljivg815LLimZuF8YSXHBa5PvKs6Oa7Vhs8U8V9a4MU7xPqhKDZqYIATE4mkLV0ulKIN3ELZ3J7hXR9zfGnQfBT7VMtiGUuk1B7568OC1Mp"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=86400
cf-ray
8ab1607e69169306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:18 GMT
dr-symbols.2b116fe541376a20.woff2
direct.fxproru.info/
17 KB
17 KB
Font
General
Full URL
https://direct.fxproru.info/dr-symbols.2b116fe541376a20.woff2?si3qkn
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/styles.1698b966feeb02ce.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
923881f4f87751ad4a2df46accfc879852733bea2b77c30f7137b81dddacac44

Request headers

Referer
https://direct.fxproru.info/styles.1698b966feeb02ce.css
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46439
alt-svc
h3=":443"; ma=86400
content-length
17184
last-modified
Fri, 26 Jul 2024 12:01:02 GMT
server
cloudflare
etag
"1dadf537c351020"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P40p%2F0rYQjZbr2E24EvHc12mdOhc2kUW0fUNk8iqO5LGegqfGZgz84lgdTMDSH6xKuD%2F4532fpps%2B3Fb47bi%2FaiWBOibT5XPcz46ZZviduoo3TGCh4OiCmNaAFLhCRHc4gh16W2j"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8ab160843ae89306-CPH
expires
Tue, 30 Jul 2024 12:00:23 GMT
pixel
q.quora.com/_/ad/b786967c9ab7425089a4e46c36e671d5/
43 B
423 B
Image
General
Full URL
https://q.quora.com/_/ad/b786967c9ab7425089a4e46c36e671d5/pixel?j=1&u=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&tag=ViewContent&ts=1722300861996&i=gtm
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.13.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-13-156.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 30 Jul 2024 00:54:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Server
nginx
Connection
keep-alive
Content-Length
43
X-Q-Stat
,8f7c73014f7f69aecbe7df1c0f75aa20,10.0.0.68,23266,193.32.248.225,,268168982081,1,1722300862.272,0.002,,.,0,0,0.000,0.004,-,0,0,203,248,124,10,34729,,,,,,-,
Content-Type
image/gif
header-logo.svg
direct.fxproru.info/assets/images/
2 KB
1 KB
Image
General
Full URL
https://direct.fxproru.info/assets/images/header-logo.svg
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae07291117c1b3f8214a8f0c6838175533ef0b16e346063546c80061fee45a39

Request headers

Referer
https://direct.fxproru.info/en/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46439
etag
W/"1dadf537d6687e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LbHYcGMmfJ5THaYItoZ0VJxv8BQX83i%2BbF3eTrPcXSWXzm2u6Lh7WTFXaZYOHghQu0Y%2Fsm%2B%2BDa5iYDDUe0yUHMoAVlirNpuG99ZczLfTJmHcDRqY7J%2FfKWU7qIhzPDNYdVidESWc"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8ab160842adf9306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 12:00:23 GMT
truncated
/
17 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4bf0cdae83dc1c1b29afe3581119493aa03f29b340926071c05aa97ca9a3501

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
sponsor-logo.svg
direct.fxproru.info/assets/images/
5 KB
3 KB
Image
General
Full URL
https://direct.fxproru.info/assets/images/sponsor-logo.svg
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaf768114ad48c6bbc123e9fb6c73b0db4e7388029ff026e6e57d430a54d7f5

Request headers

Referer
https://direct.fxproru.info/en/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
46439
etag
W/"1dadf537d669324"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=trNNyA4daHfzXB%2BQTJs9Z4jQ%2F6to%2B4FL%2F2syhWJtNWi9i7j6LUh4RWynGm9dxiXyTzAJhbCSzunULP56Dp5tCOgohc92XmCdFn005m1eFebYYme8rtla9K092saKCRdOOSrWtAvO"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8ab160843ae19306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 12:00:23 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10445.FaMZ05PgxXed_gfIiaOfHclXPP-SJblnA3GKx_vVl6GgU1JD13s3L2jLTw3wOS62.o65qVQDFQdMzxalpD0q8ShVDcMY%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10445.1JC-Wv2SweUmr-rb1ZSTQYkZ34AReTj7GT2WHnFmrOmjRdV9D3iXqtLiS2sKyp0MyzaPcHs_ol9JdurWfRfIWLJWZvb11ywrGHRTIpenXWwQjNeGW_ZKfS0DCnAUhsmCGz4IesKe0T...
43 B
492 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10445.1JC-Wv2SweUmr-rb1ZSTQYkZ34AReTj7GT2WHnFmrOmjRdV9D3iXqtLiS2sKyp0MyzaPcHs_ol9JdurWfRfIWLJWZvb11ywrGHRTIpenXWwQjNeGW_ZKfS0DCnAUhsmCGz4IesKe0TonlrFaF7KfiXkI0jGP8z9gMHQCHkz-Nbzvjuq_KAYSpltozsXPb73jY8KDLjfdh3cr_62VdAinP2BXej8Mp0StzwE4VFxoq0o%2C.kxOqTUZhzo03Z7dqjdpxCpcZbYA%2C
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jul 2024 00:54:22 GMT
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10445.1JC-Wv2SweUmr-rb1ZSTQYkZ34AReTj7GT2WHnFmrOmjRdV9D3iXqtLiS2sKyp0MyzaPcHs_ol9JdurWfRfIWLJWZvb11ywrGHRTIpenXWwQjNeGW_ZKfS0DCnAUhsmCGz4IesKe0TonlrFaF7KfiXkI0jGP8z9gMHQCHkz-Nbzvjuq_KAYSpltozsXPb73jY8KDLjfdh3cr_62VdAinP2BXej8Mp0StzwE4VFxoq0o%2C.kxOqTUZhzo03Z7dqjdpxCpcZbYA%2C
date
Tue, 30 Jul 2024 00:54:22 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
0
bat.bing.com/action/
0
288 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5441998&tm=gtm002&Ver=2&mid=c6793199-f3f5-4be8-8970-4985c277023b&sid=426440804e0e11ef8c2335273a0170fe&vid=42644c604e0e11efbd4a7bd01357ac67&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&p=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&r=&lt=597&evt=pageLoad&sv=1&cdb=AQAQ&rn=300736
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Jul 2024 00:54:22 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DE591B1B39C24B96B4F37D58EBF4CE55 Ref B: CPH30EDGE0811 Ref C: 2024-07-30T00:54:22Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=859987967463648&ev=PageView&dl=https%3A%2F%2Fdirect.fxproru.info&rl=&if=false&ts=1722300862238&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4125&fbp=fb.1.1722300862224.626440729360778413&pm=1&hrl=e11fbe&ler=empty&cdl=API_unavailable&it=1722300861883&coo=false&cs_cc=1&cas=7394939207288255%2C25283898601253986%2C25320325514248754%2C7185703248222413%2C7774521605959433%2C6457989617549130%2C8446977442010079%2C5413083915478011%2C8285495061525500%2C5024061757706657%2C4719503181478197%2C4835209653169878%2C4641956055866566&rqm=GET
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1368, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 30 Jul 2024 00:54:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
4 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=859987967463648&ev=PageView&dl=https%3A%2F%2Fdirect.fxproru.info&rl=&if=false&ts=1722300862238&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4125&fbp=fb.1.1722300862224.626440729360778413&pm=1&hrl=e11fbe&ler=empty&cdl=API_unavailable&it=1722300861883&coo=false&cs_cc=1&cas=7394939207288255%2C25283898601253986%2C25320325514248754%2C7185703248222413%2C7774521605959433%2C6457989617549130%2C8446977442010079%2C5413083915478011%2C8285495061525500%2C5024061757706657%2C4719503181478197%2C4835209653169878%2C4641956055866566&rqm=FGET
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9bdbced46833f8cf","source_keys":["1","2"]},{"key_piece":"0xfdf0449436855c37","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["24:1974512322619837","24:818163698284687","7830:1974512322619837","7830:818163698284687","10853:1974512322619837","10853:818163698284687","41:1974512322619837","41:818163698284687","8046:1974512322619837","8046:818163698284687"]},"debug_reporting":true,"debug_key":"1"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 30 Jul 2024 00:54:22 GMT
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397225877682900578", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1368, tbw=3148, tp=-1, tpl=-1, uplat=169, ullat=0
pragma
no-cache
x-fb-debug
asWoq0r0vXrJ6E+S9flJKGRq15Z65JnMOIzseastmqaR/K7fgST3p1BtqPZu8rweQicE9ukzC6dgKny6CrnubQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397225877682900578"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
32 B
Image
General
Full URL
https://www.facebook.com/tr/?id=859987967463648&ev=ViewContent&dl=https%3A%2F%2Fdirect.fxproru.info&rl=&if=false&ts=1722300862240&sw=1600&sh=1200&v=2.9.162&r=stable&ec=1&o=4125&fbp=fb.1.1722300862224.626440729360778413&pm=1&hrl=60aa84&ler=empty&cdl=API_unavailable&it=1722300861883&coo=false&cs_cc=1&cas=7756117707752419%2C7251816968235905%2C7343427132420610%2C6696135610483507%2C6457911567592039%2C7933476696683876%2C9467536729986833%2C25122153517428675%2C6425410207505584%2C6500524133333375%2C6590675060963903%2C25545056885109592%2C8991835180888277%2C9203157786392726%2C6457989617549130%2C8446977442010079%2C8285495061525500%2C3939067519550445%2C5024061757706657%2C5615091048507478%2C4719503181478197%2C4641956055866566&rqm=GET
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1368, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 30 Jul 2024 00:54:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
1 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=859987967463648&ev=ViewContent&dl=https%3A%2F%2Fdirect.fxproru.info&rl=&if=false&ts=1722300862240&sw=1600&sh=1200&v=2.9.162&r=stable&ec=1&o=4125&fbp=fb.1.1722300862224.626440729360778413&pm=1&hrl=60aa84&ler=empty&cdl=API_unavailable&it=1722300861883&coo=false&cs_cc=1&cas=7756117707752419%2C7251816968235905%2C7343427132420610%2C6696135610483507%2C6457911567592039%2C7933476696683876%2C9467536729986833%2C25122153517428675%2C6425410207505584%2C6500524133333375%2C6590675060963903%2C25545056885109592%2C8991835180888277%2C9203157786392726%2C6457989617549130%2C8446977442010079%2C8285495061525500%2C3939067519550445%2C5024061757706657%2C5615091048507478%2C4719503181478197%2C4641956055866566&rqm=FGET
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xdd8ca65e5bf13d2a","source_keys":["1","2"]},{"key_piece":"0x24d644c6adc82b72","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["14:1750738651631523","7834:1750738651631523","564:1750738651631523","10196:1750738651631523","10853:1750738651631523","31:1750738651631523","8053:1750738651631523","617:1750738651631523"]},"debug_reporting":true,"debug_key":"1"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 30 Jul 2024 00:54:22 GMT
x-fb-server-load
34
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397225876904716032", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1368, tbw=6927, tp=-1, tpl=-1, uplat=177, ullat=0
pragma
no-cache
x-fb-debug
AHIY2QlIHDKSjOOTlqVq4dj9f2n99vtxwt4UcVCWnsLe8LPUUOOMb2hOhP9k693WPaBkQ3d19HePE/PKrQkj3A==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397225876904716032"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
advert.gif
mc.yandex.com/metrika/
43 B
587 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jul 2024 00:54:22 GMT
last-modified
Wed, 24 Jul 2024 12:44:58 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66a0f74a-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 30 Jul 2024 01:54:22 GMT
/
websdk.appsflyer.com/
51 KB
14 KB
Script
General
Full URL
https://websdk.appsflyer.com/?st=banners,pba&
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce6d7f008824d9f6af00150bf70a49369a24381165b5808efa74e68518e6d58d

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:42:47 GMT
content-encoding
br
via
1.1 4d156fc02c81ad97b906c107779265e2.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jun 2023 06:58:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
695
x-amz-server-side-encryption
AES256
etag
W/"ad6e8ace01357e7c84957fc6fc296d42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
XGMZyWn77h7mrrMWp7JqUsIFHN7VJSlWms5UjQkFS7HNUbBWdqVyog==
fxpro-constants.json
direct-web.azureedge.net/configs/
475 B
950 B
XHR
General
Full URL
https://direct-web.azureedge.net/configs/fxpro-constants.json
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
41d1591f8eedf853e64bcc755759c711ce5cc5873d3f9261690417b25351cd98

Request headers

Accept
application/json, text/plain, */*
Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 30 Jul 2024 00:54:23 GMT
last-modified
Wed, 24 Jul 2024 14:32:31 GMT
etag
0x8DCABED73C85A91
x-azure-ref
20240730T005422Z-168f9bd7d66ch5vz4ss1p13e440000000gc000000000033s
x-cache
CONFIG_NOCACHE
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
00139bc2-d01e-009a-701b-e2f0f2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
no-cache
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
475
web-domains
direct.fxproru.info/api/
776 B
709 B
XHR
General
Full URL
https://direct.fxproru.info/api/web-domains
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de15add50606f0cbc4683f55828d5284379063e62dde0ae3aab636e835b247c4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Pragma
no-cache
analytics-id
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
x-request-platform
web
Accept
application/json, text/plain, */*
Cache-Control
no-cache
x-facebook-click-id
Referer
https://direct.fxproru.info/en/login
ui-version
6.5.3.0
x-facebook-browser-id
fb.1.1722300862224.626440729360778413

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k8DC7wLIJhjfs7E%2F%2BcTh5fpBtss50tO8kkrroyB2bkVL9ZKGajTPxelSIY0I6hrRu5pcJ1%2B6%2FJJ4%2Ftvew5D8h6XOGx34AwLINY91FNfrrxhF6d31BQYXT%2BrwKrwqs7tMfXyDOXxC"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
8ab160856b559306-CPH
alt-svc
h3=":443"; ma=86400
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1007393989/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007393989/?random=1722300861746&cv=11&fst=1722300861746&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9165315690z8833746439za201zb833746439&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&hn=www.googleadservices.com&frm=0&tiba=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&npa=0&pscdl=noapi&auid=1549021099.1722300862&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1007393989&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef42f4f8406f3dd23b4a04b97cba5e5e17db60c165f7104c4df0669de7f76863
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1442
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
streaming.bi.owox.com/ga4/abdc5a7ed2c611ed944a42010a4ec602/g/
0
120 B
XHR
General
Full URL
https://streaming.bi.owox.com/ga4/abdc5a7ed2c611ed944a42010a4ec602/g/collect?v=2&tid=G-68RKQ2EPR2&gtm=45je47t0v9108157342z8833746439za200zb833746439&_p=1722300861194&gcs=G111&gcd=13t3t3t2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1256879733.1722300862&ecid=1257354424&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-BE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sst.rnd=920046445.1722300862&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13t3t3t2t5&sst.tft=1722300861194&sst.ude=0&_s=1&uid=&sid=1722300861&sct=1&seg=0&dl=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dt=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&en=page_view&_fv=1&_nsi=1&_ss=2&up.client_id_ga4=.&up.user_id_ga4=&up.sigma_exps=(not%20set)&tfd=1426&richsstsse
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.228.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.228.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/gif
access-control-allow-origin
https://direct.fxproru.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JT1ZR36N0N&gtm=45je47t0v883513432z8833746439za200zb833746439&_p=1722300861194&_gaz=1&gcs=G111&gcd=13t3tPt2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1256879733.1722300862&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&uid=&sid=1722300861&sct=1&seg=0&dl=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dt=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&en=page_view&_fv=1&_ss=2&up.client_id_ga4=.&up.user_id_ga4=&up.sigma_exps=(not%20set)&tfd=1444
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://direct.fxproru.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
257 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JT1ZR36N0N&cid=1256879733.1722300862&gtm=45je47t0v883513432z8833746439za200zb833746439&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPt2t5&npa=0&frm=0&tag_exp=95250752
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JT1ZR36N0N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://direct.fxproru.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JT1ZR36N0N&cid=1256879733.1722300862&gtm=45je47t0v883513432z8833746439za200zb833746439&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPt2t5&npa=0&frm=0&tag_exp=95250752&tag_exp=95250752&z=117868022
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=95250753&rnd=920046445.1722300862&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dma_cps=syphamo&dma=1&npa=0&gtm=45He47t0n8...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=95250753&rnd=920046445.1722300862&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dma_cps=syphamo&dma=1&npa=0&g...
42 B
66 B
Ping
General
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=95250753&rnd=920046445.1722300862&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dma_cps=syphamo&dma=1&npa=0&gtm=45He47t0n81WGF6FQLv833746439za200&auid=1549021099.1722300862
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&tag_exp=95250753&rnd=920046445.1722300862&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dma_cps=syphamo&dma=1&npa=0&gtm=45He47t0n81WGF6FQLv833746439za200&auid=1549021099.1722300862
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
streaming.bi.owox.com/ga4/abdc5a7ed2c611ed944a42010a4ec602/g/
0
120 B
XHR
General
Full URL
https://streaming.bi.owox.com/ga4/abdc5a7ed2c611ed944a42010a4ec602/g/collect?v=2&tid=G-68RKQ2EPR2&gtm=45je47t0v9108157342za200zb833746439&_p=1722300861194&gcs=G111&gcd=13t3t3t2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1256879733.1722300862&ecid=1257354424&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-BE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&sst.rnd=920046445.1722300862&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13t3t3t2t5&sst.tft=1722300861194&sst.sp=1&sst.em_event=1&sst.ude=0&_s=2&uid=&sid=1722300861&sct=1&seg=0&dl=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dt=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&en=scroll&epn.percent_scrolled=90&_et=25&tfd=1506&richsstsse
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.228.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.228.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/gif
access-control-allow-origin
https://direct.fxproru.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
streaming.bi.owox.com/ga4/abdc5a7ed2c611ed944a42010a4ec602/g/
0
321 B
XHR
General
Full URL
https://streaming.bi.owox.com/ga4/abdc5a7ed2c611ed944a42010a4ec602/g/collect?v=2&tid=G-68RKQ2EPR2&gtm=45je47t0v9108157342z8833746439za200zb833746439&_p=1722300861194&gcs=G111&gcd=13t3t3t2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1256879733.1722300862&ecid=1257354424&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-BE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sst.rnd=920046445.1722300862&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13t3t3t2t5&sst.tft=1722300861194&sst.ude=0&_s=3&uid=&sid=1722300861&sct=1&seg=0&dl=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dt=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&en=user_data_event&ep.cid_ga4=1256879733.1722300862.&_et=33&up.client_id_ga4=1256879733.1722300862.&tfd=1512&richsstsse
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.228.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.228.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/gif
access-control-allow-origin
https://direct.fxproru.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JT1ZR36N0N&gtm=45je47t0v883513432za200zb833746439&_p=1722300861194&gcs=G111&gcd=13t3tPt2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1256879733.1722300862&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&uid=&sid=1722300861&sct=1&seg=0&dl=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dt=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&en=scroll&epn.percent_scrolled=90&_et=17&tfd=1519
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://direct.fxproru.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JT1ZR36N0N&gtm=45je47t0v883513432z8833746439za200zb833746439&_p=1722300861194&gcs=G111&gcd=13t3tPt2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1256879733.1722300862&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=3&uid=&sid=1722300861&sct=1&seg=0&dl=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dt=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&en=user_data_event&ep.cid_ga4=1256879733.1722300862.&_et=42&up.client_id_ga4=1256879733.1722300862.&tfd=1525
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://direct.fxproru.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 180C
0
0
Document
General
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://direct.fxproru.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1046
content-type
text/html
date
Tue, 30 Jul 2024 00:54:22 GMT
etag
"66a0f74a-416"
expires
Tue, 30 Jul 2024 01:54:22 GMT
last-modified
Wed, 24 Jul 2024 12:44:58 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
onelink
wa.onelink.me/v1/
13 B
367 B
XHR
General
Full URL
https://wa.onelink.me/v1/onelink
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-24.fra56.r.cloudfront.net
Software
/
Resource Hash
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
via
1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://direct.fxproru.info
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
13
x-amz-cf-id
joWYHcUqawl2RHjHzOhPBgGxqaUbq6cP84X1NniUtl5jKf0ww9GNyA==
/
privacy-cs.mail.ru/fp/
0
0
Fetch
General
Full URL
https://privacy-cs.mail.ru/fp/?id=gStEwSwIDXyMsd8frzvmY
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 30 Jul 2024 00:54:22 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://direct.fxproru.info
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Tue, 30 Jul 2024 02:54:22 GMT
/
privacy-cs.mail.ru/fp/ Frame
0
0
Preflight
General
Full URL
https://privacy-cs.mail.ru/fp/?id=gStEwSwIDXyMsd8frzvmY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://direct.fxproru.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Method
POST
Access-Control-Allow-Origin
https://direct.fxproru.info
Access-Control-Max-Age
1728000
Cache-Control
max-age=7200
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Tue, 30 Jul 2024 00:54:22 GMT
Expires
Tue, 30 Jul 2024 02:54:22 GMT
Server
nginx
1
mc.yandex.com/watch/3923710/
Redirect Chain
  • https://mc.yandex.com/watch/3923710?wmode=7&page-url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%...
  • https://mc.yandex.com/watch/3923710/1?wmode=7&page-url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Ae...
476 B
865 B
Fetch
General
Full URL
https://mc.yandex.com/watch/3923710/1?wmode=7&page-url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A773456280227%3Ahid%3A1050882117%3Az%3A120%3Ai%3A20240730025422%3Aet%3A1722300862%3Ac%3A1%3Arn%3A416125814%3Arqn%3A1%3Au%3A1722300862179427629%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A320%3Awv%3A2%3Ads%3A24%2C35%2C110%2C3%2C1%2C0%2C%2C32%2C0%2C%2C%2C%2C597%3Aco%3A0%3Acpf%3A1%3Ans%3A1722300860991%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722300863%3At%3AFxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ed34b355141760d440265ece7be4a22cbcfce9ea9686ebe780f5a2c06bc81caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 30-Jul-2024 00:54:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://direct.fxproru.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
476
x-xss-protection
1; mode=block
expires
Tue, 30-Jul-2024 00:54:22 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 30-Jul-2024 00:54:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/3923710/1?wmode=7&page-url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A773456280227%3Ahid%3A1050882117%3Az%3A120%3Ai%3A20240730025422%3Aet%3A1722300862%3Ac%3A1%3Arn%3A416125814%3Arqn%3A1%3Au%3A1722300862179427629%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A320%3Awv%3A2%3Ads%3A24%2C35%2C110%2C3%2C1%2C0%2C%2C32%2C0%2C%2C%2C%2C597%3Aco%3A0%3Acpf%3A1%3Ans%3A1722300860991%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722300863%3At%3AFxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
access-control-allow-origin
https://direct.fxproru.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 30-Jul-2024 00:54:22 GMT
/
api.amplitude.com/
7 B
227 B
XHR
General
Full URL
https://api.amplitude.com/
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.166.106.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-106-30.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
strict-transport-security
max-age=15768000
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
access-control-allow-origin
*
trace-id
Root=1-66a839be-7e10f3ad771d5c1d66f2fa91
content-length
7
/
px.ads.linkedin.com/wa/
0
199 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E6DD4FB4DEA24DE289B18A3C0537C370 Ref B: CPH30EDGE0822 Ref C: 2024-07-30T00:54:22Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://direct.fxproru.info
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYebGsh104gJLb+6qgk1Q==
events
wa.appsflyer.com/
76 B
536 B
XHR
General
Full URL
https://wa.appsflyer.com/events?site-id=9dc4fcdb-34e7-4139-90b7-fe103001358f
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-30.fra56.r.cloudfront.net
Software
/
Resource Hash
9622853897047979b1b22dc0ae588dfddd9469c8232258a907b77b12a5d7fae0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 30 Jul 2024 00:54:22 GMT
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://direct.fxproru.info
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
76
x-amz-cf-id
U1PyCXY4PSU-Llrv6vI43kPDR_XZHGc8zubEOGppzEshEd8SDQrWgQ==
/
www.google.com/pagead/1p-user-list/1007393989/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1007393989/?random=1722300861746&cv=11&fst=1722297600000&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9165315690z8833746439za201zb833746439&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&hn=www.googleadservices.com&frm=0&tiba=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&npa=0&pscdl=noapi&auid=1549021099.1722300862&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLKxaK20yukQ5m5HW9TTYbrS46GeypoQ&random=827995968&rmt_tld=0&ipr=y
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1007393989/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1007393989/?random=1722300861746&cv=11&fst=1722297600000&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9165315690z8833746439za201zb833746439&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&hn=www.googleadservices.com&frm=0&tiba=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&npa=0&pscdl=noapi&auid=1549021099.1722300862&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLKxaK20yukQ5m5HW9TTYbrS46GeypoQ&random=827995968&rmt_tld=1&ipr=y
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/en/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracker
top-fwz1.mail.ru/
43 B
1 KB
Image
General
Full URL
https://top-fwz1.mail.ru/tracker?_=0.26841437184142247;id=3528370;u=https%3A//direct.fxproru.info/en/login;title=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=5bcefc18f250744f;ver=60.6.0;tz=-120%2FEurope%2FBerlin;st=1722300861196;nt=0/0/1722300860991/////1/2/25/25/61/25/61/171/173/179/205/596/597/2021/2021/2024;ct=961/964/964/977/629;rt=630/238/0/0/0/630/645/645/645/756/699/756/864/868;gl=u;ni=10//4g/50/0/;lvid=1722300861955%3A1722300863023%3A2%3Aad7d32a8b09721a43f416cfb6dacad2a;opts=dl%2Cjst-gtag-ym%2Ccnhp%3Dh2%2Ccs%3D19122-46933-19422;fpid=gStEwSwIDXyMsd8frzvmY;visible=true;js=13;e=RT/load;et=1722300863022
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:23 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
collect
streaming.bi.owox.com/ga4/abdc5a7ed2c611ed944a42010a4ec602/g/
0
120 B
XHR
General
Full URL
https://streaming.bi.owox.com/ga4/abdc5a7ed2c611ed944a42010a4ec602/g/collect?v=2&tid=G-68RKQ2EPR2&gtm=45je47t0v9108157342z8833746439za200zb833746439&_p=1722300861194&gcs=G111&gcd=13t3t3t2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&ul=&cid=1256879733.1722300862&ecid=1257354424&sr=1600x1200&_fplc=0&ir=1&ur=DE-BE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sst.rnd=920046445.1722300862&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13t3t3t2t5&sst.tft=1722300861194&sst.ude=0&_s=4&uid=&sid=1722300861&sct=1&seg=0&dl=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dt=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&en=params&ep.eventCategory=params&ep.sigma_exps=(not%20set)&ep.Ipcountry=DE&_et=2&up.client_id_ga4=.&tfd=2226&richsstsse
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.228.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.228.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/gif
access-control-allow-origin
https://direct.fxproru.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
streaming.bi.owox.com/ga4/abdc5a7ed2c611ed944a42010a4ec602/g/
0
120 B
XHR
General
Full URL
https://streaming.bi.owox.com/ga4/abdc5a7ed2c611ed944a42010a4ec602/g/collect?v=2&tid=G-68RKQ2EPR2&gtm=45je47t0v9108157342za200zb833746439&_p=1722300861194&gcs=G111&gcd=13t3t3t2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1256879733.1722300862&ecid=1257354424&ul=de-de&sr=1600x1200&_fplc=0&ir=1&ur=DE-BE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&sst.rnd=920046445.1722300862&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13t3t3t2t5&sst.tft=1722300861194&sst.sp=1&sst.em_event=1&sst.ude=0&_s=5&uid=&dl=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dr=https%3A%2F%2Fdirect.fxproru.info%2F&sid=1722300861&sct=1&seg=1&dt=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&en=page_view&_et=703&tfd=2234&richsstsse
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.228.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.228.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:22 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/gif
access-control-allow-origin
https://direct.fxproru.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JT1ZR36N0N&gtm=45je47t0v883513432z8833746439za200zb833746439&_p=1722300861194&gcs=G111&gcd=13t3tPt2t5&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&ul=&cid=1256879733.1722300862&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=4&uid=&sid=1722300861&sct=1&seg=0&dl=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&dt=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&en=params&ep.eventCategory=params&ep.sigma_exps=(not%20set)&ep.Ipcountry=DE&_et=1&up.client_id_ga4=.&tfd=2261
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://direct.fxproru.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
onelink
wa.onelink.me/v1/
51 B
513 B
XHR
General
Full URL
https://wa.onelink.me/v1/onelink?af_id=a34f5d41-aead-4084-9ed3-30f1b21fc440-p
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-24.fra56.r.cloudfront.net
Software
/
Resource Hash
c724574d34d8920c48139ed4d11f9643d72eca32f5c98c56b490d9aa77145157

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:23 GMT
via
1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://direct.fxproru.info
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
51
x-amz-cf-id
W4gO6lOwq0Y5x49U6RWSR7GXfy8ZN4PrCFuNl09nKnyTEpZ_FAypSg==
rum
direct.fxproru.info/cdn-cgi/
0
72 B
XHR
General
Full URL
https://direct.fxproru.info/cdn-cgi/rum?
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://direct.fxproru.info/en/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 30 Jul 2024 00:54:23 GMT
x-content-type-options
nosniff
server
cloudflare
cf-ray
8ab1608b7d689306-CPH
x-frame-options
DENY
/
www.googleadservices.com/pagead/conversion/1007393989/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/1007393989/?random=1722300863304&cv=11&fst=1722300863304&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9165315690z8833746439za201zb833746439&gcs=G111&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&label=KG17COySg-UDEMW5ruAD&hn=www.googleadservices.com&frm=0&tiba=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1549021099.1722300862&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1007393989&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
9169e13bd1e5a1822e8e94bc5a56720482683f4f193861258b632a82a4ce59e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1707
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon-icon.ico
direct.fxproru.info/assets/
15 KB
2 KB
Other
General
Full URL
https://direct.fxproru.info/assets/favicon-icon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868df006ef0d1177c1d997e3b57291f6d87ac87ba8a424f696e304d9b0827fb8

Request headers

Referer
https://direct.fxproru.info/en/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 13:22:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29191
etag
W/"1dae1ba68d7cbee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o4%2F1HSfvYSV8YzBAsA%2FR39aB%2FX25QbDUYuq2fbrOU3cleoPc0%2BlNXuQ%2F04SkOnGEhxg1tyvyADq4mwiEqdHvZVSD%2FqtriloO4853TtHsWCTM05SF45M9%2BCbD30Gil2re7Hr2PWCe"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
public, max-age=86400
cf-ray
8ab1608bcd849306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 16:47:52 GMT
unip
trc-events.taboola.com/1711882/log/3/
0
250 B
XHR
General
Full URL
https://trc-events.taboola.com/1711882/log/3/unip?en=pre_d_eng_tb&tos=1583&scd=0&ssd=2&est=1722300861729&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1722300863313&vi=1722300861726&ri=3ab7030780bafc90d0b5bc0bb5459fb8&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&it=JS_PIXEL
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://direct.fxproru.info/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://direct.fxproru.info
pragma
no-cache
date
Tue, 30 Jul 2024 00:54:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Roboto-Bold.woff
direct.fxproru.info/assets/fonts/
92 KB
0
Font
General
Full URL
https://direct.fxproru.info/assets/fonts/Roboto-Bold.woff
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/styles.1698b966feeb02ce.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa6c7d91c94e5a9dccde99f67d8ed20b5c8bce599ac2479c812c77d8c2fd99a

Request headers

Referer
https://direct.fxproru.info/styles.1698b966feeb02ce.css
Origin
https://direct.fxproru.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:54:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 12:01:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
48243
etag
W/"1dadf537d67ef58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jue4CpBcGdLlVBxWujaCvzHs14SBo3SboQmFQ5%2BeLiVk%2B3OffXmk7gIoG5d2p%2B5hZLM%2BFyrIJbeiqwU4r0jWNoUeRNuQpouqQ0t1bqXGtJBcWvsLuX6dHZucrENnqXtlRxPnu7AL"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=86400
cf-ray
8ab1607e69179306-CPH
alt-svc
h3=":443"; ma=86400
expires
Tue, 30 Jul 2024 11:30:18 GMT
unip
trc-events.taboola.com/1711882/log/3/ Frame
0
0
Preflight
General
Full URL
https://trc-events.taboola.com/1711882/log/3/unip?en=pre_d_eng_tb&tos=1583&scd=0&ssd=2&est=1722300861729&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1722300863313&vi=1722300861726&ri=3ab7030780bafc90d0b5bc0bb5459fb8&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://direct.fxproru.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://direct.fxproru.info
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 30 Jul 2024 00:54:23 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
/
www.google.de/pagead/1p-conversion/1007393989/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007393989/?random=1321243897&cv=11&fst=1722300863304&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9165315690z8833746439za201zb833746439&g...
  • https://www.google.com/pagead/1p-conversion/1007393989/?random=1321243897&cv=11&fst=1722300863304&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9165315690z8833746439za201zb833746439&gcs=G111&gcd=13t3tPt2t...
  • https://www.google.de/pagead/1p-conversion/1007393989/?random=1321243897&cv=11&fst=1722300863304&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9165315690z8833746439za201zb833746439&gcs=G111&gcd=13t3tPt2t5...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/1007393989/?random=1321243897&cv=11&fst=1722300863304&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9165315690z8833746439za201zb833746439&gcs=G111&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&label=KG17COySg-UDEMW5ruAD&hn=www.googleadservices.com&frm=0&tiba=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&value=0&npa=0&pscdl=noapi&auid=1549021099.1722300862&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&data=ads_data_redaction%3Dfalse&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKPFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIisOk2cbNhwMVVo6DBx1oAxuJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2RpcmVjdC5meHByb3J1LmluZm8v&is_vtc=1&cid=CAQSKQDaQooLnfDr0MGgGzU7EJ5aXSTEZizlG43-DG2xPPmNfPmX3vMZUhm3&eitems=ChEI8PuctQYQ_ICHgauMz4DbARIdAG__P4bnyWHzc7c99e5UyuWauwhFoQOeQrphj2M&random=973420180&ipr=y
Protocol
H3
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:23 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:23 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1007393989/?random=1321243897&cv=11&fst=1722300863304&bg=ffffff&guid=ON&async=1&gtm=45be47t0v9165315690z8833746439za201zb833746439&gcs=G111&gcd=13t3tPt2t5&dma_cps=syphamo&dma=1&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&label=KG17COySg-UDEMW5ruAD&hn=www.googleadservices.com&frm=0&tiba=FxPro%20Direct%20-%20Top-Notch%20Account%20Management%20Tool&value=0&npa=0&pscdl=noapi&auid=1549021099.1722300862&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&capi=1&data=ads_data_redaction%3Dfalse&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCKPFsQJKLGV2ZW50LXNvdXJjZSwgdHJpZ2dlciwgbm90LW5hdmlnYXRpb24tc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIisOk2cbNhwMVVo6DBx1oAxuJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL2RpcmVjdC5meHByb3J1LmluZm8v&is_vtc=1&cid=CAQSKQDaQooLnfDr0MGgGzU7EJ5aXSTEZizlG43-DG2xPPmNfPmX3vMZUhm3&eitems=ChEI8PuctQYQ_ICHgauMz4DbARIdAG__P4bnyWHzc7c99e5UyuWauwhFoQOeQrphj2M&random=973420180&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
context.js
yandex.ru/ads/system/
0
0
Fetch
General
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
etag
"8465bc6b270d8ceabe6c13bb94e0cd0f-1074529"
x-yandex-req-id
1722300864277091-17886916080645187937-balancer-l7leveler-kubr-yp-vla-63-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
timing-allow-origin
*
expires
Tue, 30 Jul 2024 01:54:24 GMT
/
privacy-cs.mail.ru/fp/
0
0
Fetch
General
Full URL
https://privacy-cs.mail.ru/fp/?id=gStEwSwIDXyMsd8frzvmY
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 30 Jul 2024 00:54:24 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://direct.fxproru.info
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Tue, 30 Jul 2024 02:54:24 GMT
3923710
mc.yandex.com/webvisor/
43 B
0
Fetch
General
Full URL
https://mc.yandex.com/webvisor/3923710?wv-part=1&wv-type=7&wmode=0&wv-hit=1050882117&page-url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&rn=729608060&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1722300866%3Aw%3A1600x1200%3Av%3A1400%3Az%3A120%3Ai%3A20240730025425%3Au%3A1722300862179427629%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Ast%3A1722300866&t=gdpr(14)ti(1)
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:26 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 30-Jul-2024 00:54:26 GMT
content-type
image/gif
access-control-allow-origin
https://direct.fxproru.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 30-Jul-2024 00:54:26 GMT
3923710
mc.yandex.com/webvisor/
43 B
0
Fetch
General
Full URL
https://mc.yandex.com/webvisor/3923710?wv-part=1&wv-type=7&wmode=0&wv-hit=1050882117&page-url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&rn=24362296&browser-info=we%3A1%3Aet%3A1722300866%3Aw%3A1600x1200%3Av%3A1400%3Az%3A120%3Ai%3A20240730025426%3Au%3A1722300862179427629%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Ast%3A1722300866&t=gdpr(14)ti(1)
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://direct.fxproru.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 00:54:26 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 30-Jul-2024 00:54:26 GMT
content-type
image/gif
access-control-allow-origin
https://direct.fxproru.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 30-Jul-2024 00:54:26 GMT
unip
trc-events.taboola.com/1711882/log/3/ Frame
0
0
Preflight
General
Full URL
https://trc-events.taboola.com/1711882/log/3/unip?en=pre_d_eng_tb&tos=4584&scd=0&ssd=2&est=1722300861729&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1722300866314&vi=1722300861726&ri=3ab7030780bafc90d0b5bc0bb5459fb8&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://direct.fxproru.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://direct.fxproru.info
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Tue, 30 Jul 2024 00:54:26 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1711882/log/3/
0
249 B
XHR
General
Full URL
https://trc-events.taboola.com/1711882/log/3/unip?en=pre_d_eng_tb&tos=4584&scd=0&ssd=2&est=1722300861729&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1722300866314&vi=1722300861726&ri=3ab7030780bafc90d0b5bc0bb5459fb8&ref=null&cv=20240728-4-RELEASE&item-url=https%3A%2F%2Fdirect.fxproru.info%2Fen%2Flogin&it=JS_PIXEL
Requested by
Host: direct.fxproru.info
URL: https://direct.fxproru.info/polyfills.e68d4c527ef903dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://direct.fxproru.info/
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://direct.fxproru.info
pragma
no-cache
date
Tue, 30 Jul 2024 00:54:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

260 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| version function| parseJwt function| getCookie object| dataLayer object| amplitude object| ConvrsChat string| ConvrsChat_Styles object| webpackChunkdirect_web function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched function| __zone_symbol__queueMicrotask object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __cfBeacon object| __zone_symbol__visibilitychangetrue object| __zone_symbol__prerenderingchangetrue object| __zone_symbol__pageshowtrue object| __zone_symbol__keydowntrue object| __zone_symbol__clicktrue object| __zone_symbol__pagehidetrue object| __zone_symbol__loadtrue object| __zone_symbol__loadfalse object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| ym string| _linkedin_data_partner_id function| twq function| qp string| qpGtm function| fbq function| _fbq object| _ltq function| _lt object| _tmr object| _tfa function| gtag object| amplitudeGTM function| _amplitude function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM object| __zone_symbol__storagefalse object| __zone_symbol__resizefalse object| __zone_symbol__scrollfalse object| __zone_symbol__messagefalse object| __zone_symbol__pagehidefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| lintrk boolean| _already_called_lintrk function| onYouTubeIframeAPIReady object| regeneratorRuntime object| twttr object| analyticsConnectorInstances object| __zone_symbol__onlinefalse object| __zone_symbol__offlinefalse function| UET function| UET_init function| UET_push object| _ltc object| __zone_symbol__pageshowfalse object| __zone_symbol__blurfalse object| __zone_symbol__focusfalse object| qevents object| ueto_9b1bf27db0 object| uetq object| __zone_symbol__orientationchangefalse object| Ya object| __zone_symbol__testfalse object| __zone_symbol__webkitvisibilitychangetrue object| __zone_symbol__messagetrue object| __zone_symbol__blurtrue object| __zone_symbol__focustrue object| __zone_symbol__submittrue object| yaCounter3923710 string| AppsFlyerSdkObject function| AF number| rb_sync_refresh_time object| rb_sync object| GooglebQhCsO object| __zone_symbol__beforeunloadfalse object| gaGlobal function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse function| setCookie object| AF_cleanupMethods object| AF_SDK object| ORIBILI object| __zone_symbol__ORIBI_historyChangedfalse object| yjDataLayer object| ytagapi function| ytag object| __zone_symbol__mouseleavetrue object| __zone_symbol__resizetrue object| __zone_symbol__orientationchangetrue object| __zone_symbol__scrolltrue object| __zone_symbol__mousemovetrue object| __zone_symbol__mousedowntrue object| __zone_symbol__mouseuptrue object| __zone_symbol__touchmovetrue object| __zone_symbol__touchdowntrue object| __zone_symbol__selecttrue object| __zone_symbol__keyuptrue function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

54 Cookies

Domain/Path Name / Value
.fxproru.info/ Name: _cfuvid
Value: 31OykS67by4Lyyit4hi.fi5LfDQ0tfjFDnR0_J8ZRpc-1722300861146-0.0.1.1-604800000
.yandex.ru/ Name: i
Value: CSfUChZmyktgwhKn6BMOm/p981pyop70C6HkrFuxaHwBaUArCbsxxRjUpEAq57xKXvd1zy0SBAp/wNyrbzCKjHqPfPY=
.yandex.ru/ Name: yandexuid
Value: 6973206641722300861
.yandex.ru/ Name: yashr
Value: 8490528471722300861
.fxproru.info/ Name: AMP_298d4265ec
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIxNzNkOGRmYi1lZjdjLTQzNDYtYjIxOS0wNTM2NWU1MGY1YzYlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzIyMzAwODYxODk3JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJwYWdlQ291bnRlciUyMiUzQTAlN0Q=
.direct.fxproru.info/ Name: __lt__cid
Value: fe49e77b-ccf8-48ea-ae93-590b96ccc36e
.direct.fxproru.info/ Name: __lt__sid
Value: ee6c40b4-758fc25c
.fxproru.info/ Name: tmr_lvid
Value: ad7d32a8b09721a43f416cfb6dacad2a
.fxproru.info/ Name: tmr_lvidTS
Value: 1722300861955
.fxproru.info/ Name: amplitude_id_298d4265ec947fa5f7e9b728b25a51bbfxproru.info
Value: eyJkZXZpY2VJZCI6IjU3ZDMyZjg2LThmOGItNGE5My1iMjkyLTg0MzE4YTdhOTUzNlIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTcyMjMwMDg2MTk0NCwibGFzdEV2ZW50VGltZSI6MTcyMjMwMDg2MjAxMCwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MSwic2VxdWVuY2VOdW1iZXIiOjJ9
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172230086207473511
.twitter.com/ Name: guest_id_ads
Value: v1%3A172230086207473511
.twitter.com/ Name: personalization_id
Value: "v1_o+/iW+fUEj2+FS+ydX3rCQ=="
.twitter.com/ Name: guest_id
Value: v1%3A172230086207473511
.fxproru.info/ Name: _ym_uid
Value: 1722300862179427629
.fxproru.info/ Name: _ym_d
Value: 1722300862
.fxproru.info/ Name: _uetsid
Value: 426440804e0e11ef8c2335273a0170fe
.fxproru.info/ Name: _uetvid
Value: 42644c604e0e11efbd4a7bd01357ac67
.t.co/ Name: muc_ads
Value: e583d536-5eba-4780-a3cc-57bf4183113c
.fxproru.info/ Name: _fbp
Value: fb.1.1722300862224.626440729360778413
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 628899794fake
.bing.com/ Name: MUID
Value: 14D44D369862694D3FCC59FA990968E6
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 441910421fake
.fxproru.info/ Name: _gcl_au
Value: 1.1.1549021099.1722300862
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.com/ Name: i
Value: ZqfxZUSX7UhKaqL/t6io1qa1U+RIXUA+bT/aGFvrf0dx3lGcBtqTSS/vhtKOGQ93CUHPl5eOZdvT+KNRXfH0I6dN+8k=
.yandex.com/ Name: yandexuid
Value: 2540301221722300862
.yandex.com/ Name: yashr
Value: 4546842471722300862
.fxproru.info/ Name: _ga
Value: GA1.1.1256879733.1722300862
.linkedin.com/ Name: bcookie
Value: "v=2&57b43e6f-2ca2-435a-81f4-776bf12d4015"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjIzMDA4NjI7MjswMjFLHAwCGP1e3xi8+27xPvUPJ/s9FHoLy3UgmUb935173Q==
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3301:u=1:x=1:i=1722300862:t=1722387262:v=2:sig=AQF-B2e_CCBiNYo2W4wG2OZBKmk-hFyA"
direct.fxproru.info/ Name: clientId
Value: 1256879733.1722300862
direct.fxproru.info/ Name: domain_sid
Value: gStEwSwIDXyMsd8frzvmY%3A1722300862529
.fxproru.info/ Name: _ym_isad
Value: 2
streaming.bi.owox.com/ Name: ouid
Value: 1649961399_1426823820
mc.yandex.com/ Name: yabs-sid
Value: 2356284381722300862
.yandex.com/ Name: yuidss
Value: 2540301221722300862
.yandex.com/ Name: ymex
Value: 1753836862.yrts.1722300862
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.line.me/ Name: _ldbrbid
Value: tr__k1y/XGaoOb4dSwVw81AOAg==
.doubleclick.net/ Name: IDE
Value: AHWqTUnvwnbGjCd-oSTybXiD97vzVyOL_HQzdwS2At7D0b6WcQXDd1ECaCVAfoCp
.fxproru.info/ Name: _yjsu_yjad
Value: 1722300862.e268197f-ffb2-4ef3-ae9d-c209cd250a2f
.yandex.com/ Name: bh
Value: KgI/MGC+86C1Bg==
.appsflyer.com/ Name: af_id
Value: a34f5d41-aead-4084-9ed3-30f1b21fc440-p
top-fwz1.mail.ru/ Name: PVID
Value: 34rzqb17_EoQ000021031K2Q:::0-0-0-bc2927d-0-bc2927f:CAASEEVp0xe5MCa2-KeJxRhYYIUaYKEmSM3kUOPe5LtlgL-gEXWtHiQTC91OjiLvGE3bF4QVqISkDiUMfdlVW6E_k1N6jhVwVSCMxxsp3RyHbras1imsU1J_SIezYhc3hxH3Kpq3qZU-s93JID2a3nsTGFwBjg
.mail.ru/ Name: VID
Value: 34rzqb17_EoQ000021031K2Q:::0-0-0-bc2927d-0-bc2927f:CAASEEVp0xe5MCa2-KeJxRhYYIUaYKEmSM3kUOPe5LtlgL-gEXWtHiQTC91OjiLvGE3bF4QVqISkDiUMfdlVW6E_k1N6jhVwVSCMxxsp3RyHbras1imsU1J_SIezYhc3hxH3Kpq3qZU-s93JID2a3nsTGFwBjg
.fxproru.info/ Name: _ga_68RKQ2EPR2
Value: GS1.1.1722300861.1.1.1722300863.0.0.1257354424
.fxproru.info/ Name: _ga_JT1ZR36N0N
Value: GS1.1.1722300861.1.1.1722300863.58.0.0
.fxproru.info/ Name: afUserId
Value: a34f5d41-aead-4084-9ed3-30f1b21fc440-p
.onelink.me/ Name: af_id
Value: a34f5d41-aead-4084-9ed3-30f1b21fc440-p
.fxproru.info/ Name: AF_SYNC
Value: 1722300863322
.fxproru.info/ Name: _ym_visorc
Value: w
direct.fxproru.info/ Name: tmr_detect
Value: 0%7C1722300864798

3 Console Messages

Source Level URL
Text
javascript info URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4)
Message:
Failed to create WebGPU Context Provider
other warning URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4)
Message:
Failed to parse video contentType: video/ogg; codecs=theora

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
analytics.twitter.com
api.amplitude.com
bat.bing.com
cdn.amplitude.com
cdn.taboola.com
client-api-global.fxpro.technology
connect.facebook.net
d.line-scdn.net
direct-web.azureedge.net
direct.fxproru.info
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
privacy-cs.mail.ru
psb.taboola.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
region1.analytics.google.com
s.yimg.jp
snap.licdn.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
streaming.bi.owox.com
t.co
top-fwz1.mail.ru
tr.line.me
trc-events.taboola.com
trc.taboola.com
wa.appsflyer.com
wa.onelink.me
webchat.conv.rs
websdk.appsflyer.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
yandex.ru
104.18.34.208
104.244.42.3
13.107.42.14
141.226.228.48
142.250.185.130
142.250.185.68
142.250.186.35
146.75.120.157
147.92.191.92
151.101.1.44
151.101.65.44
162.159.153.247
172.217.18.2
172.67.213.65
18.173.205.24
18.245.60.3
18.245.86.69
18.66.112.30
183.79.249.124
2.20.65.72
2001:4860:4802:32::36
2600:9000:275b:3800:c:edf1:c740:93a1
2606:4700::6810:4f49
2620:1ec:21::14
2620:1ec:bdf::60
2620:1ec:c11::237
2a00:1148:1000:101:8:3:0:17
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9b
2a02:26f0:480:15::213:7e63
2a02:6b8::1:119
2a02:6b8:a::a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
35.166.106.30
35.186.228.179
52.54.13.156
93.184.221.165
95.163.52.67
0c534241fd5daba7636dff2a0cfe440cdb77608e3962f093f9006fc12958774e
0d8741de6935540db2469299929358908931f55229fbd9692ba0f9bfb6b420b4
0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b
184ff4719d5c387812c3b3d9ba9522c3cf597085ba2092079142903e994dc304
1d11accac8a751fc9c4d19ed4924bc1cfae974b5d3e391293201915a8f7a0e33
1da739198751c3378122f807600f4d9343d4a98f07ce4164e9465c19d816e9b9
1e5b1e68849346484e4af51329d7a4836a2bbf0c032c576a0d9e8fa288e8d471
1f3fb72c3314587075638c4b37a170d7407a93fe1d66f1e37e4ee963d5841a75
215dceb9394451f5428655fc07a6266644e311ee3ab4a5f34aa65d06205d81a1
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
3554a612cc19b5d294d6689615d0c88bc22f6a181296dffe5f3e606582cb5c5c
3558ff60d5411abf588df176f0b56fb352a4450587a9393ac60012ba453e9c7d
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
3fc59618557b50f4de1a2eebfd965974bd1fd54fe175c5e90e6dd08c1b82f3f6
410a5034445f937ad3e287aacfcd60e278baaab4d0a710fcddc624dd14eba3e1
41d1591f8eedf853e64bcc755759c711ce5cc5873d3f9261690417b25351cd98
420751ad85d0a0acf987c22ac94c07d81038fcf3ecd2784593ff562051ff49d1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
488897020ab4ab1362e166f7ecd52a78fea7abccfdd90be855c597286dc8415c
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
579ada5c8d73fb345a79e1aca9e6b8e3ce980e5956ac0eb4c9c910c408494663
5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db
5cdfbd3709091250209bd3b170554df34567ee9bb239434141650a3d8892e0bd
66729be16dda070de5be8f89ffaa52c2d9dd5aa08feca01aabfb76c3104a22a7
6a1fe9f9dbf5dc45e0816217022a00f7a7533145a72ff5bf21266b2bfd35e18e
7318ed29c98f6e112a7a183876a89e9178069833f5464001944c4a7b6c0d0068
7449f3bb240b8ed45dd222de2d0acdad14d113fd878b78fa29444a865277621f
748a3c09681b679653918456d552b162c336e7364412350c296f8a1a99335e76
76164e0dabc6073d1780d57493ddfee1afd962aa96b926032f1e9a1369f5b172
7b0c70252c8a27d527aa76bf1de10625208e278111710de0b1c9c59169971ca2
7b1b24210f9843a201d9540249e2baa3536833e32bafbb88eaa315c94be01d61
7b631f956d70180e6cd9e0e0fb9dfca333480a77c70127403a78e624db596a30
7c77bb7556fd4aea9f53afe3706f757576d6ffb99665d04b5da722ca349d69e9
7f66428ca044ef846741904662b0b129c3f69bc12ba3386540940a27a4d25fe5
7fa1bcfc4c7b22d04a93647150c9b64afa5813027baed278a022ec42cce4fd24
822bdb574a5ef7f470e1bb216bdb53179997b364dfb8d723a66a9690f95cf270
868df006ef0d1177c1d997e3b57291f6d87ac87ba8a424f696e304d9b0827fb8
88231a627b72fc8219da5d3991a96690e135c75dd9af98b82b7a6a9eff3eff8e
89d6914c51bbca575bcc98df7b2af3fe0113fa59a56c1b4001d16025ce52b47f
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8d260a0280b324c589c4185457228a47aaa4da0b59ea9941375487d7de69ff31
8db8feec10c56013d070dd3cc3830f32a9a06de4faf47301c73b486dfe611b11
8e3ca7f00dc4f375fd02c1c22581d71002282b5feac20073d211025c30611d87
90c994b8301c3903f0064b98b28f9851aeb3936d6685f57990fe5326ddfdc901
9169e13bd1e5a1822e8e94bc5a56720482683f4f193861258b632a82a4ce59e7
923881f4f87751ad4a2df46accfc879852733bea2b77c30f7137b81dddacac44
933ef6c20ea9708698b6509c788d142527fef69c5906cf315f3a793a92a525ee
9622853897047979b1b22dc0ae588dfddd9469c8232258a907b77b12a5d7fae0
99623b979b052a645774f9d6a0989b158038df7e3211b797e3b3a1d556b6c3d2
9aaf768114ad48c6bbc123e9fb6c73b0db4e7388029ff026e6e57d430a54d7f5
9b82d33bf005d48262adf7d04cf9d81e5ff8b789c4b6276386635e31fe21a516
9f3bdffe8aa4db8daf3a2ab41e1c1eef24157fc81e011999579dd0a0176de175
9fdd0d3297c68892cf7e0591fb4d1f57814d5d609f98e857fe971f7444df2f51
a1410fdee93266f8b4ae08c837aefcca8da6475a18e16cbf6b92f574909d25c9
a5727176c5ef425d3d8084892c4b00f87452f41b834b2bb172194dab1bfa95eb
a7cff97d2f9e508a9ef85d9e0d6fb0dd7a08b373805e7be50b64300de08ccc12
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad218c6ad5a147bdddc9a2f1eed94be69e7730770782748ce769078ce385add5
ae07291117c1b3f8214a8f0c6838175533ef0b16e346063546c80061fee45a39
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b186a33e9b65b45d3a0475df37846964799d5d51922e25907684ce13ce2e8105
b20c6bc50189fb5aa2f06a2761d6cb299170494986ccb1b2d7b8a35b6ed837e3
b36942f73c0dc83452af737dc5c92e650b10395f71fc1931b828ff6af79cf6e9
b4bf0cdae83dc1c1b29afe3581119493aa03f29b340926071c05aa97ca9a3501
b54e0083c23bf302a0923f870be1d51a0efa8a5e8167f61403509735148bb698
bb825676e33b26781104f1fb8668b04770508042f7f575035e9e2df08a71359f
bc55361fbae2f295613d92605b45c2ce779288433fed4d5806c75bd626afa851
c120bdb1caaa62afcd79f91e26cae9ca567c23eef0f1aeaaede7ea1797670951
c1a7d933c745edc61f6ba1c22a2a57a718937dcef5ce38a0b28e297ac6fa1374
c328f92e807e5029a5b9dedf9e7ea21af51c8fb381a47474827bb3bf3306aadc
c4dae34d50d9d65f699522c54d0f04b7463ab4301accb7717b76a1f6a77763f7
c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a
c724574d34d8920c48139ed4d11f9643d72eca32f5c98c56b490d9aa77145157
c785c007fcf17fb2ba80bfa7677f11ed8a25762158068cd9bf42f576440ab72c
cbe6336776eaebd457b75e529e97c25c4dac3de1ddd509be6761dd18734ec307
ce6d7f008824d9f6af00150bf70a49369a24381165b5808efa74e68518e6d58d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2b004d6146b951cbaa7594a640c3dea5b01b616ae1e8f9b07148f7a0443cb4d
d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1
d5335a7a9d4bddfe029bf848560af60b2212cb5392c82c7a88fd6cfbc47c16f9
d5b6044ea866d7755b3c15838c9fafdad408edb80bd62a0490d35b48358f2ccc
d8b0869eb75f990fa93b5f34ddd756f3875c24b3c4a67fd8a7f3de8887712ad3
de15add50606f0cbc4683f55828d5284379063e62dde0ae3aab636e835b247c4
de3eb864a0d112dfd7e6892094a615dc91e7479e0a53ae1eef8a04e1d72a6608
dfa6c7d91c94e5a9dccde99f67d8ed20b5c8bce599ac2479c812c77d8c2fd99a
dfbf000d76574d9707b2aa750760dad91d275dbc61e2d2c1df2ae4c8d8a6ec16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cdeb52ff9afb646ead8fae263d04e7f1d08d4fc53ee80f8398b18219524e81
e42f6207bccf071ce065941c5de8228c596dbbcc4c7ea54069e802d9ced6095e
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
ea3b02a02615e53e47434d0e4880a6dd03db9b958e0efa31023a4d2350900765
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ed34b355141760d440265ece7be4a22cbcfce9ea9686ebe780f5a2c06bc81caa
edd5487f216469726314ae2b829b221d70e2a02674477e3c8f69a0d5f0b1ea49
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef42f4f8406f3dd23b4a04b97cba5e5e17db60c165f7104c4df0669de7f76863
f0b2ca64698de85f67c7c837812ab4c90188804ab56cfc9e25765fb46a15f72b
f52f34104477fb2419e964be4029c734a5a7b4f960bbc3c7953eac1dfa1179f0
f80ca48df2ee0bb71b280553cee0ec481f15d6d356cc80b37d04cdfaa24a08fc
f8947ea2f21284b82e12a64bb92b68a7622edb456ed8bdceffb30b390b16675f