urlscan.io logo urlscan.io
SecurityTrails logo

uckpvnjhbibeapbmcg.redirectme.net Open in urlscan Pro
23.95.216.118  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kckp1biaxnswgmjaxosatiejhc2u2ncbpcybhig.stevensandgoldwyn.com/
Effective URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Submission: On September 12 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 11 domains to perform 37 HTTP transactions. The main IP is 23.95.216.118, located in Buffalo, United States and belongs to AS-COLOCROSSING - ColoCrossing, US. The main domain is uckpvnjhbibeapbmcg.redirectme.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 5th 2019. Valid for: 3 months.
This is the only time uckpvnjhbibeapbmcg.redirectme.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 205.237.207.24 10607 (ETHERN)
3 23.95.216.118 36352 (AS-COLOCR...)
21 85.17.78.70 60781 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 4 2a02:6b8::1:119 13238 (YANDEX)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
37 8
1    205.237.207.24 (United States)

ASN10607 (ETHERN - Global Communications INTERNETworking Corp., US)
PTR: cid24.inetvpn.ethernext.com
kckp1biaxnswgmjaxosatiejhc2u2ncbpcybhig.stevensandgoldwyn.com
3    23.95.216.118 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING - ColoCrossing, US)
PTR: 23-95-216-118-host.colocrossing.com
uckpvnjhbibeapbmcg.redirectme.net
21    85.17.78.70 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
my.myfxchoice.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
4    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
3    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
2    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
Domain Requested by
21 my.myfxchoice.com uckpvnjhbibeapbmcg.redirectme.net
my.myfxchoice.com
4 mc.yandex.ru 1 redirects uckpvnjhbibeapbmcg.redirectme.net
4 fonts.gstatic.com my.myfxchoice.com
uckpvnjhbibeapbmcg.redirectme.net
3 www.google-analytics.com 1 redirects uckpvnjhbibeapbmcg.redirectme.net
3 uckpvnjhbibeapbmcg.redirectme.net uckpvnjhbibeapbmcg.redirectme.net
2 www.google.de uckpvnjhbibeapbmcg.redirectme.net
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
1 cdnjs.cloudflare.com my.myfxchoice.com
1 fonts.googleapis.com uckpvnjhbibeapbmcg.redirectme.net
1 kckp1biaxnswgmjaxosatiejhc2u2ncbpcybhig.stevensandgoldwyn.com 1 redirects
37 11

This site contains links to these domains. Also see Links.

Domain
my.myfxchoice.com
Subject Issuer Validity Valid
uckpvnjhbibeapbmcg.redirectme.net
cPanel, Inc. Certification Authority		 2019-09-05 -
2019-12-04		 3 months crt.sh
*.myfxchoice.com
RapidSSL RSA CA 2018		 2019-05-17 -
2021-07-15		 2 years crt.sh
*.googleapis.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
bs.yandex.ru
Yandex CA		 2018-10-03 -
2019-10-03		 a year crt.sh
www.google.de
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Frame ID: 45A959E9631E230E85A0645FD5E0DDF8
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://kckp1biaxnswgmjaxosatiejhc2u2ncbpcybhig.stevensandgoldwyn.com/ HTTP 301
    https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/?bJ5IExlYXJuIG1vcmUKSGVscF Page URL
  2. https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

37
Requests

100 %
HTTPS

73 %
IPv6

11
Domains

11
Subdomains

8
IPs

5
Countries

743 kB
Transfer

1490 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kckp1biaxnswgmjaxosatiejhc2u2ncbpcybhig.stevensandgoldwyn.com/ HTTP 301
    https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/?bJ5IExlYXJuIG1vcmUKSGVscF Page URL
  2. https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://kckp1biaxnswgmjaxosatiejhc2u2ncbpcybhig.stevensandgoldwyn.com/ HTTP 301
  • https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/?bJ5IExlYXJuIG1vcmUKSGVscF
Request Chain 31
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1578263839&t=pageview&_s=1&dl=https%3A%2F%2Fuckpvnjhbibeapbmcg.redirectme.net%2FZSBhIGJhc2U2N%2FNvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm%2Findex9ed2.php&ul=en-us&de=UTF-8&dt=FXChoice%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=469866606&gjid=1846730071&cid=798365414.1568287369&tid=UA-25395911-3&_gid=2117854731.1568287369&_r=1&z=539356406 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25395911-3&cid=798365414.1568287369&jid=469866606&_gid=2117854731.1568287369&gjid=1846730071&_v=j79&z=539356406 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25395911-3&cid=798365414.1568287369&jid=469866606&_v=j79&z=539356406 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25395911-3&cid=798365414.1568287369&jid=469866606&_v=j79&z=539356406&slf_rd=1&random=986543883
Request Chain 33
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-25395911-12&cid=798365414.1568287369&jid=1539325779&gjid=400834628&_gid=2117854731.1568287369&_u=IGDAgEAB~&z=699419339 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25395911-12&cid=798365414.1568287369&jid=1539325779&_v=j79&z=699419339 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25395911-12&cid=798365414.1568287369&jid=1539325779&_v=j79&z=699419339&slf_rd=1&random=929521156
Request Chain 34
  • https://mc.yandex.ru/watch/36608970?wmode=7&page-ref=https%3A%2F%2Fuckpvnjhbibeapbmcg.redirectme.net%2FZSBhIGJhc2U2N%2F%3FbJ5IExlYXJuIG1vcmUKSGVscF&page-url=https%3A%2F%2Fuckpvnjhbibeapbmcg.redirectme.net%2FZSBhIGJhc2U2N%2FNvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm%2Findex9ed2.php&charset=utf-8&ut=noindex&browser-info=ti%3A10%3Ans%3A1568287368381%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190912132249%3Aet%3A1568287369%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A985912723%3Ahid%3A241069603%3Ads%3A0%2C0%2C183%2C2%2C0%2C0%2C0%2C309%2C8%2C%2C%2C%2C499%3Afp%3A502%3Awn%3A59460%3Ahl%3A2%3Agdpr%3A14%3Av%3A1705%3Ast%3A1568287369%3Au%3A1568287369305181824%3At%3AFXChoice%20-%20Login HTTP 302
  • https://mc.yandex.ru/watch/36608970/1?wmode=7&page-ref=https%3A%2F%2Fuckpvnjhbibeapbmcg.redirectme.net%2FZSBhIGJhc2U2N%2F%3FbJ5IExlYXJuIG1vcmUKSGVscF&page-url=https%3A%2F%2Fuckpvnjhbibeapbmcg.redirectme.net%2FZSBhIGJhc2U2N%2FNvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm%2Findex9ed2.php&charset=utf-8&ut=noindex&browser-info=ti%3A10%3Ans%3A1568287368381%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190912132249%3Aet%3A1568287369%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A985912723%3Ahid%3A241069603%3Ads%3A0%2C0%2C183%2C2%2C0%2C0%2C0%2C309%2C8%2C%2C%2C%2C499%3Afp%3A502%3Awn%3A59460%3Ahl%3A2%3Agdpr%3A14%3Av%3A1705%3Ast%3A1568287369%3Au%3A1568287369305181824%3At%3AFXChoice%20-%20Login

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/
Redirect Chain
  • http://kckp1biaxnswgmjaxosatiejhc2u2ncbpcybhig.stevensandgoldwyn.com/
  • https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/?bJ5IExlYXJuIG1vcmUKSGVscF
346 B
588 B 		Document
General
Check archive.org
Download Go to
Full URL
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/?bJ5IExlYXJuIG1vcmUKSGVscF
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.95.216.118 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS
23-95-216-118-host.colocrossing.com
Software
Apache /
Resource Hash

Request headers

Host
uckpvnjhbibeapbmcg.redirectme.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
Server
Apache
Last-Modified
Fri, 06 Sep 2019 08:53:26 GMT
Accept-Ranges
bytes
Content-Length
346
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Thu, 12 Sep 2019 11:22:47 GMT
Server
Apache
Location
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/?bJ5IExlYXJuIG1vcmUKSGVscF
Content-Length
290
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
Primary Request index9ed2.php
uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.95.216.118 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS
23-95-216-118-host.colocrossing.com
Software
Apache /
Resource Hash
fa07a36dd49b2e2c0c1103084752c2743ae199a972d673922629ffda423cd1ac

Request headers

Host
uckpvnjhbibeapbmcg.redirectme.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/?bJ5IExlYXJuIG1vcmUKSGVscF
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/?bJ5IExlYXJuIG1vcmUKSGVscF

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
Server
Apache
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
serve
my.myfxchoice.com/min/ 		274 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/min/serve?g=5a4b1884238e616004084d1e6346157f&lm=1567687603
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
73db98ee6bbaa5e5629342a14b37643623e287c6a95b4812efa3bcdd29384ca5
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
48290
X-XSS-Protection
1; mode=block
Pragma
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
X-Frame-Options
DENY
ETag
"pub1567687603;gz"
Strict-Transport-Security
max-age=63072000
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Expires
Fri, 11 Sep 2020 11:22:48 GMT
serve
my.myfxchoice.com/min/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/min/serve?g=78ca272f23b9451a15319ab66d6296ba&lm=1567687603
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
de0e6b31e80adba09adb4e41e5fc85768cd66f9099b8c55e53f03900e41728f3
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
500
X-XSS-Protection
1; mode=block
Pragma
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
X-Frame-Options
DENY
ETag
"pub1567687603;gz"
Strict-Transport-Security
max-age=63072000
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Expires
Fri, 11 Sep 2020 11:22:48 GMT
serve
my.myfxchoice.com/min/ 		537 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/min/serve?g=892db5ded19f6ad94879bd9ce2ee30a7&lm=1567687603
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b9de4e2ef69fa232b8ed404a0deb143a54d055922a63945537f2cbbc2d982353
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
144528
X-XSS-Protection
1; mode=block
Pragma
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
X-Frame-Options
DENY
ETag
"pub1567687603;gz"
Strict-Transport-Security
max-age=63072000
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Expires
Fri, 11 Sep 2020 11:22:48 GMT
setUtm
my.myfxchoice.com/site/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.myfxchoice.com/site/setUtm?utmCampaign=&utmMedium=&utmSource=&utmTerm=&referrer=
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate
Transfer-Encoding
chunked
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Screenshot%20at%20Jun%2020%2008-22-10.png
uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/images/service/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/images/service/Screenshot%20at%20Jun%2020%2008-22-10.png
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.95.216.118 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS
23-95-216-118-host.colocrossing.com
Software
Apache /
Resource Hash
9744e33cde377592441e2f4a862bc323ee8956b564084aaa6005461b0aa98c11

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
Last-Modified
Thu, 20 Jun 2019 18:22:12 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3420
serve
my.myfxchoice.com/min/ 		989 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/min/serve?g=ca4d31c77914c35de550c9d1243b764b&lm=1560505472
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
62531b798fc57837ecc7679f2b69e46ecdb1f7c44308b4a632c8dd0a8429f0c5
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
467
X-XSS-Protection
1; mode=block
Pragma
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
X-Frame-Options
DENY
ETag
"pub1567687603;gz"
Strict-Transport-Security
max-age=63072000
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Expires
Fri, 11 Sep 2020 11:22:48 GMT
css
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,400,300,500,600,700&subset=latin,latin-ext
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7b858694c6a896a87dcda6e642646e0cebd5e6d72388d94ab55065f775782057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 12 Sep 2019 11:22:48 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 12 Sep 2019 11:22:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Thu, 12 Sep 2019 11:22:48 GMT
jquery-ui.min.css
my.myfxchoice.com/assets/d439616d/css/jquery/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/assets/d439616d/css/jquery/jquery-ui.min.css
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
739e4711c6cb76ddd2a53726e85f84a724ffa1e7b589941c8e7a4b8bdf46e28f
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-14a3"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
5283
X-XSS-Protection
1; mode=block
bootstrap.min.css
my.myfxchoice.com/assets/d439616d/css/bootstrap/ 		120 KB
120 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/assets/d439616d/css/bootstrap/bootstrap.min.css
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-1deac"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
122540
X-XSS-Protection
1; mode=block
font-awesome.min.css
my.myfxchoice.com/assets/d439616d/css/fontawesome/ 		26 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/assets/d439616d/css/fontawesome/font-awesome.min.css
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-6857"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
26711
X-XSS-Protection
1; mode=block
summernote.css
my.myfxchoice.com/assets/d439616d/css/summernote/ 		10 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/assets/d439616d/css/summernote/summernote.css
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
9feed35ecf44b5912910d57cb9879b938c4e6034268a96e1cfb9c97e97c878bc
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-28b9"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
10425
X-XSS-Protection
1; mode=block
codemirror.css
my.myfxchoice.com/assets/d439616d/css/codemirror/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/assets/d439616d/css/codemirror/codemirror.css
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
1b709f3cfb8f70860ec42be18ca6105a9c55a8e3399895ef6d4dd861e0f7c2dc
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-1b9b"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
7067
X-XSS-Protection
1; mode=block
nv.d3.css
my.myfxchoice.com/assets/d439616d/css/nvd3/ 		13 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/assets/d439616d/css/nvd3/nv.d3.css
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
58560281aba7fda9584551e1e1e56d4e17bd422fef476bb3b67583dc70a84601
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-3222"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
12834
X-XSS-Protection
1; mode=block
jquery.mCustomScrollbar.css
my.myfxchoice.com/assets/d439616d/css/mcustomscrollbar/ 		52 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/assets/d439616d/css/mcustomscrollbar/jquery.mCustomScrollbar.css
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
2dbfdadb0e0a5ccf5d4bb99c7a2962e6e631639e6412171b2d284ef6ea9a2a3e
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-d1d9"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
53721
X-XSS-Protection
1; mode=block
fullcalendar.css
my.myfxchoice.com/assets/d439616d/css/fullcalendar/ 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/assets/d439616d/css/fullcalendar/fullcalendar.css
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
d82c363fc5cacf0a23ce373c4369aeef40e8faaa2fb2ce88ae490315d8827103
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-2753"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
10067
X-XSS-Protection
1; mode=block
blueimp-gallery.min.css
my.myfxchoice.com/assets/d439616d/css/blueimp/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/assets/d439616d/css/blueimp/blueimp-gallery.min.css
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
1252f700ebde1b2aa8ba1ada02d484587a73d0b89459d375967ee856cef5f552
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-1b68"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
7016
X-XSS-Protection
1; mode=block
rickshaw.css
my.myfxchoice.com/assets/d439616d/css/rickshaw/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/assets/d439616d/css/rickshaw/rickshaw.css
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
4cfa5710e8c5da213b5d5eb15e9476868837130d90e42223f2031c41134e6ce2
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-1c4d"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
7245
X-XSS-Protection
1; mode=block
dropzone.css
my.myfxchoice.com/assets/d439616d/css/dropzone/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/assets/d439616d/css/dropzone/dropzone.css
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
c58e1453c2bb2ae0466d5333ff4562f135b255eb0810cd98cd4a128f70b3b46d
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-2b64"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
11108
X-XSS-Protection
1; mode=block
introjs.min.css
my.myfxchoice.com/assets/d439616d/css/introjs/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/assets/d439616d/css/introjs/introjs.min.css
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
1af62c54cd896143357a99f0adfc69ec71f9865490f1d082d7ce8ce8823b0634
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-1899"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
6297
X-XSS-Protection
1; mode=block
animate.min.css
my.myfxchoice.com/assets/d439616d/css/animate/ 		52 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/assets/d439616d/css/animate/animate.min.css
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
be6bba3f410e9cb6fe1d04d249e775a5a15da7de7979365ea2bbae6c17e28db4
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-d0bd"
X-Frame-Options
DENY
Content-Type
text/css
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
53437
X-XSS-Protection
1; mode=block
bg.png
my.myfxchoice.com/assets/d439616d/img/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.myfxchoice.com/assets/d439616d/img/bg.png
Requested by
Host: my.myfxchoice.com
URL: https://my.myfxchoice.com/min/serve?g=892db5ded19f6ad94879bd9ce2ee30a7&lm=1567687603
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
8cb22ad4875ecdeb164569d4c6c1684a0359047eadb7013c783986be07b0203b
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://my.myfxchoice.com/min/serve?g=5a4b1884238e616004084d1e6346157f&lm=1567687603
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-9851"
X-Frame-Options
DENY
Content-Type
image/png
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
38993
X-XSS-Protection
1; mode=block
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: my.myfxchoice.com
URL: https://my.myfxchoice.com/min/serve?g=892db5ded19f6ad94879bd9ce2ee30a7&lm=1567687603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,400,300,500,600,700&subset=latin,latin-ext
Origin
https://uckpvnjhbibeapbmcg.redirectme.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 21:41:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
740484
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9132
x-xss-protection
0
expires
Wed, 02 Sep 2020 21:41:24 GMT
jquery.mousewheel.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js?_=1568287368806
Requested by
Host: my.myfxchoice.com
URL: https://my.myfxchoice.com/min/serve?g=892db5ded19f6ad94879bd9ce2ee30a7&lm=1567687603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 12 Sep 2019 11:22:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
12921311
status
200
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:58 GMT
server
cloudflare
etag
W/"5afd497a-ad9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
515181774bb9cbb8-VIE
expires
Tue, 01 Sep 2020 11:22:48 GMT
logo-6.png
my.myfxchoice.com/images/logo/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.myfxchoice.com/images/logo/logo-6.png
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
1b5a42c1bcf26119bbf046708ce216435a5c5cc5e744cb3d513026b63d1c376a
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://my.myfxchoice.com/min/serve?g=5a4b1884238e616004084d1e6346157f&lm=1567687603
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 11 Jun 2019 06:37:44 GMT
Server
nginx
ETag
"5cff4c38-1a62"
X-Frame-Options
DENY
Content-Type
image/png
Connection
keep-alive
Content-Security-Policy
default-src https: 'unsafe-eval' 'self' data: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'
Strict-Transport-Security
max-age=63072000
Accept-Ranges
bytes
Content-Length
6754
X-XSS-Protection
1; mode=block
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,400,300,500,600,700&subset=latin,latin-ext
Origin
https://uckpvnjhbibeapbmcg.redirectme.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 12:30:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
1119163
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9080
x-xss-protection
0
expires
Sat, 29 Aug 2020 12:30:05 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,400,300,500,600,700&subset=latin,latin-ext
Origin
https://uckpvnjhbibeapbmcg.redirectme.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 27 Aug 2019 22:46:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:37 GMT
server
sffe
age
1341351
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9016
x-xss-protection
0
expires
Wed, 26 Aug 2020 22:46:57 GMT
fontawesome-webfont.woff2
my.myfxchoice.com/assets/d439616d/css/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.myfxchoice.com/assets/d439616d/css/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.17.78.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Sec-Fetch-Mode
cors
Referer
https://my.myfxchoice.com/assets/d439616d/css/fontawesome/font-awesome.min.css
Origin
https://uckpvnjhbibeapbmcg.redirectme.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
Last-Modified
Thu, 05 Sep 2019 12:46:43 GMT
Server
nginx
ETag
"5d7103b3-fbd0"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64464
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,400,300,500,600,700&subset=latin,latin-ext
Origin
https://uckpvnjhbibeapbmcg.redirectme.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 22 Aug 2019 16:03:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
1797551
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9180
x-xss-protection
0
expires
Fri, 21 Aug 2020 16:03:37 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2355
date
Thu, 12 Sep 2019 10:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Thu, 12 Sep 2019 12:43:33 GMT
watch.js
mc.yandex.ru/metrika/ 		133 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5242c393e1ca7eea7a4dcbb220680e9e03d85e2f98e778d5999d3eda067e7853
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:48 GMT
Content-Encoding
br
Last-Modified
Tue, 10 Sep 2019 11:49:48 GMT
Server
nginx/1.14.2
ETag
"5d778ddc-9c12"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
39954
Expires
Thu, 12 Sep 2019 12:22:48 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1578263839&t=pageview&_s=1&dl=https%3A%2F%2Fuckpvnjhbibeapbmcg.redirectme.net%2FZSBhIGJhc2U2N%2FNvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25395911-3&cid=798365414.1568287369&jid=469866606&_gid=2117854731.1568287369&gjid=1846730071&_v=j79&z=539356406
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25395911-3&cid=798365414.1568287369&jid=469866606&_v=j79&z=539356406
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25395911-3&cid=798365414.1568287369&jid=469866606&_v=j79&z=539356406&slf_rd=1&random=986543883
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25395911-3&cid=798365414.1568287369&jid=469866606&_v=j79&z=539356406&slf_rd=1&random=986543883
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Sep 2019 11:22:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Sep 2019 11:22:48 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25395911-3&cid=798365414.1568287369&jid=469866606&_v=j79&z=539356406&slf_rd=1&random=986543883
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=1578263839&t=pageview&_s=1&dl=https%3A%2F%2Fuckpvnjhbibeapbmcg.redirectme.net%2FZSBhIGJhc2U2N%2FNvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm%2Findex9ed2.php&ul=en-us&de=UTF-8&dt=FXChoice%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgEAB~&jid=1539325779&gjid=400834628&cid=798365414.1568287369&tid=UA-25395911-12&_gid=2117854731.1568287369&z=626399315
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 00:26:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1853772
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-25395911-12&cid=798365414.1568287369&jid=1539325779&gjid=400834628&_gid=2117854731.1568287369&_u=IGDAgEAB~&z=699419339
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25395911-12&cid=798365414.1568287369&jid=1539325779&_v=j79&z=699419339
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25395911-12&cid=798365414.1568287369&jid=1539325779&_v=j79&z=699419339&slf_rd=1&random=929521156
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25395911-12&cid=798365414.1568287369&jid=1539325779&_v=j79&z=699419339&slf_rd=1&random=929521156
Requested by
Host: uckpvnjhbibeapbmcg.redirectme.net
URL: https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Sep 2019 11:22:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Sep 2019 11:22:48 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25395911-12&cid=798365414.1568287369&jid=1539325779&_v=j79&z=699419339&slf_rd=1&random=929521156
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.ru/watch/36608970/
Redirect Chain
  • https://mc.yandex.ru/watch/36608970?wmode=7&page-ref=https%3A%2F%2Fuckpvnjhbibeapbmcg.redirectme.net%2FZSBhIGJhc2U2N%2F%3FbJ5IExlYXJuIG1vcmUKSGVscF&page-url=https%3A%2F%2Fuckpvnjhbibeapbmcg.redirec...
  • https://mc.yandex.ru/watch/36608970/1?wmode=7&page-ref=https%3A%2F%2Fuckpvnjhbibeapbmcg.redirectme.net%2FZSBhIGJhc2U2N%2F%3FbJ5IExlYXJuIG1vcmUKSGVscF&page-url=https%3A%2F%2Fuckpvnjhbibeapbmcg.redir...
155 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/36608970/1?wmode=7&page-ref=https%3A%2F%2Fuckpvnjhbibeapbmcg.redirectme.net%2FZSBhIGJhc2U2N%2F%3FbJ5IExlYXJuIG1vcmUKSGVscF&page-url=https%3A%2F%2Fuckpvnjhbibeapbmcg.redirectme.net%2FZSBhIGJhc2U2N%2FNvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm%2Findex9ed2.php&charset=utf-8&ut=noindex&browser-info=ti%3A10%3Ans%3A1568287368381%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190912132249%3Aet%3A1568287369%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A985912723%3Ahid%3A241069603%3Ads%3A0%2C0%2C183%2C2%2C0%2C0%2C0%2C309%2C8%2C%2C%2C%2C499%3Afp%3A502%3Awn%3A59460%3Ahl%3A2%3Agdpr%3A14%3Av%3A1705%3Ast%3A1568287369%3Au%3A1568287369305181824%3At%3AFXChoice%20-%20Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e1775cab7bf42455cf5b7795b8a7f81957654283986d9c64c0a4b0e3a80802f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 11:22:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 12-Sep-2019 11:22:49 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://uckpvnjhbibeapbmcg.redirectme.net
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
155
X-XSS-Protection
1; mode=block
Expires
Thu, 12-Sep-2019 11:22:49 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 12 Sep 2019 11:22:49 GMT
Last-Modified
Thu, 12-Sep-2019 11:22:49 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://uckpvnjhbibeapbmcg.redirectme.net
Strict-Transport-Security
max-age=31536000
Location
/watch/36608970/1?wmode=7&page-ref=https%3A%2F%2Fuckpvnjhbibeapbmcg.redirectme.net%2FZSBhIGJhc2U2N%2F%3FbJ5IExlYXJuIG1vcmUKSGVscF&page-url=https%3A%2F%2Fuckpvnjhbibeapbmcg.redirectme.net%2FZSBhIGJhc2U2N%2FNvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm%2Findex9ed2.php&charset=utf-8&ut=noindex&browser-info=ti%3A10%3Ans%3A1568287368381%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190912132249%3Aet%3A1568287369%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A985912723%3Ahid%3A241069603%3Ads%3A0%2C0%2C183%2C2%2C0%2C0%2C0%2C309%2C8%2C%2C%2C%2C499%3Afp%3A502%3Awn%3A59460%3Ahl%3A2%3Agdpr%3A14%3Av%3A1705%3Ast%3A1568287369%3Au%3A1568287369305181824%3At%3AFXChoice%20-%20Login
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 12-Sep-2019 11:22:49 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://uckpvnjhbibeapbmcg.redirectme.net/ZSBhIGJhc2U2N/NvZGUgYW5kIGRlY29kZSBhIGJhc2U2NCBzdHJpbmclbm/index9ed2.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 12 Sep 2019 11:22:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.14.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Thu, 12 Sep 2019 12:22:49 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| page_actions function| page_mode_boxed function| page_content_onresize function| panel_fullscreen function| panel_collapse function| panel_refresh function| panel_remove function| x_navigation_onresize function| x_navigation_minimize function| x_navigation function| playAudio function| pageLoadingFrame object| wskCheckbox boolean| debug function| selector function| getUrlVars function| Statistic function| block_submit function| $ function| jQuery function| noty boolean| mCustomScrollbar function| Spinner string| lhnAccountN number| lhnWindowN number| lhnDepartmentN string| lhnTheme boolean| lhnHPKnowledgeBase string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter36608970

6 Cookies

Domain/Path Name / Value
.uckpvnjhbibeapbmcg.redirectme.net/ Name: _ym_d
Value: 1568287369
.uckpvnjhbibeapbmcg.redirectme.net/ Name: _ym_uid
Value: 1568287369305181824
.uckpvnjhbibeapbmcg.redirectme.net/ Name: _gat_all
Value: 1
.uckpvnjhbibeapbmcg.redirectme.net/ Name: _ga
Value: GA1.3.798365414.1568287369
.uckpvnjhbibeapbmcg.redirectme.net/ Name: _gid
Value: GA1.3.2117854731.1568287369
.uckpvnjhbibeapbmcg.redirectme.net/ Name: _gat
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
kckp1biaxnswgmjaxosatiejhc2u2ncbpcybhig.stevensandgoldwyn.com
mc.yandex.ru
my.myfxchoice.com
stats.g.doubleclick.net
uckpvnjhbibeapbmcg.redirectme.net
www.google-analytics.com
www.google.com
www.google.de
205.237.207.24
23.95.216.118
2606:4700::6813:c397
2a00:1450:4001:809::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:825::2003
2a00:1450:4001:825::200e
2a00:1450:400c:c0c::9c
2a02:6b8::1:119
85.17.78.70
1252f700ebde1b2aa8ba1ada02d484587a73d0b89459d375967ee856cef5f552
1af62c54cd896143357a99f0adfc69ec71f9865490f1d082d7ce8ce8823b0634
1b5a42c1bcf26119bbf046708ce216435a5c5cc5e744cb3d513026b63d1c376a
1b709f3cfb8f70860ec42be18ca6105a9c55a8e3399895ef6d4dd861e0f7c2dc
1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe
2dbfdadb0e0a5ccf5d4bb99c7a2962e6e631639e6412171b2d284ef6ea9a2a3e
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
4cfa5710e8c5da213b5d5eb15e9476868837130d90e42223f2031c41134e6ce2
5242c393e1ca7eea7a4dcbb220680e9e03d85e2f98e778d5999d3eda067e7853
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
58560281aba7fda9584551e1e1e56d4e17bd422fef476bb3b67583dc70a84601
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
62531b798fc57837ecc7679f2b69e46ecdb1f7c44308b4a632c8dd0a8429f0c5
739e4711c6cb76ddd2a53726e85f84a724ffa1e7b589941c8e7a4b8bdf46e28f
73db98ee6bbaa5e5629342a14b37643623e287c6a95b4812efa3bcdd29384ca5
7b858694c6a896a87dcda6e642646e0cebd5e6d72388d94ab55065f775782057
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cb22ad4875ecdeb164569d4c6c1684a0359047eadb7013c783986be07b0203b
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9744e33cde377592441e2f4a862bc323ee8956b564084aaa6005461b0aa98c11
9feed35ecf44b5912910d57cb9879b938c4e6034268a96e1cfb9c97e97c878bc
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b9de4e2ef69fa232b8ed404a0deb143a54d055922a63945537f2cbbc2d982353
be6bba3f410e9cb6fe1d04d249e775a5a15da7de7979365ea2bbae6c17e28db4
c58e1453c2bb2ae0466d5333ff4562f135b255eb0810cd98cd4a128f70b3b46d
d82c363fc5cacf0a23ce373c4369aeef40e8faaa2fb2ce88ae490315d8827103
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
de0e6b31e80adba09adb4e41e5fc85768cd66f9099b8c55e53f03900e41728f3
e1775cab7bf42455cf5b7795b8a7f81957654283986d9c64c0a4b0e3a80802f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa07a36dd49b2e2c0c1103084752c2743ae199a972d673922629ffda423cd1ac