urlscan.io logo urlscan.io
SecurityTrails logo

account.nordfxvn.com Open in urlscan Pro
51.79.255.157  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://account.nordfxvn.com/
Effective URL: https://account.nordfxvn.com/account/
Submission: On July 29 via automatic, source certstream-suspicious — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 8 countries across 26 domains to perform 96 HTTP transactions. The main IP is 51.79.255.157, located in Singapore, Singapore and belongs to OVH, FR. The main domain is account.nordfxvn.com.
TLS certificate: Issued by E6 on July 29th 2024. Valid for: 3 months.
This is the only time account.nordfxvn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 51.79.255.157 16276 (OVH)
40 54.37.74.78 16276 (OVH)
2 2404:6800:400... 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 162.159.153.247 13335 (CLOUDFLAR...)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2600:9000:21b... 16509 (AMAZON-02)
1 52.70.216.90 14618 (AMAZON-AES)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
12 15 2406:da18:22e... 16509 (AMAZON-02)
2 2620:1ec:bdf::59 8075 (MICROSOFT...)
1 2 35.213.12.39 15169 (GOOGLE)
2 2 74.125.130.157 15169 (GOOGLE)
1 2 172.64.151.101 13335 (CLOUDFLAR...)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 107.178.254.65 15169 (GOOGLE)
1 69.173.158.64 26667 (RUBICONPR...)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
1 38.133.127.95 22075 (AS-OUTBRAIN)
1 207.65.33.82 62713 (AS-PUBMATIC)
1 2 18.143.106.89 16509 (AMAZON-02)
1 141.226.229.48 200478 (TABOOLA-AS)
1 2 35.71.178.8 16509 (AMAZON-02)
1 2 103.43.90.19 29990 (ASN-APPNEX)
1 13.251.135.176 16509 (AMAZON-02)
1 2406:da18:22e... 16509 (AMAZON-02)
1 8 2a02:6b8::1:119 13238 (YANDEX)
2 20.114.190.119 8075 (MICROSOFT...)
2 2a13:1ec0::1037 201589 (EDGEAMLLC)
1 2 52.231.230.148 8075 (MICROSOFT...)
1 158.160.17.225 200350 (YANDEXCLOUD)
96 33
8    51.79.255.157 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: vps-0a1ae536.vps.ovh.ca
account.nordfxvn.com
40    54.37.74.78 (France)

ASN16276 (OVH, FR)
PTR: vps-ca6b35e5.vps.ovh.net
nordfx.com
2    2404:6800:4003:c01::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f00c:19:face:b00c:0:3 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    162.159.153.247 (None, )

ASN13335 (CLOUDFLARENET, US)
a.quora.com
4    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    2600:9000:21b4:2c00:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
1    52.70.216.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-216-90.compute-1.amazonaws.com
q.quora.com
1    2404:6800:4003:c1c::8a (Singapore, Singapore)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2404:6800:4003:c02::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2404:6800:4003:c1c::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.google.com.sg
2    2a03:2880:f10c:83:face:b00c:0:25de (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
15    2406:da18:22e:4f04:e21e:1154:af83:c087 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
d.adroll.com
2    2620:1ec:bdf::59 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    74.125.130.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net
cm.g.doubleclick.net
2    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    38.133.127.95 (Sacramento, United States)

ASN22075 (AS-OUTBRAIN, US)
sync.outbrain.com
1    207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    18.143.106.89 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
2    103.43.90.19 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
1    13.251.135.176 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-135-176.ap-southeast-1.compute.amazonaws.com
ipv4.d.adroll.com
1    2406:da18:22e:4f08:7d42:74ac:ad41:a07a (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
x.adroll.com
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
2    20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
x.clarity.ms
2    2a13:1ec0::1037 (Armenia)

ASN201589 (EDGEAMLLC, AM)
code.jivosite.com
2    52.231.230.148 (Busan, Korea, Republic Of)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    158.160.17.225 (Moscow, Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
node-ya-9.jivosite.com
Apex Domain
Subdomains		 Transfer
40 nordfx.com
nordfx.com
206 KB
19 adroll.com
s.adroll.com — Cisco Umbrella Rank: 5194
d.adroll.com — Cisco Umbrella Rank: 2660
ipv4.d.adroll.com — Cisco Umbrella Rank: 15429
x.adroll.com — Cisco Umbrella Rank: 8113
48 KB
8 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2503
77 KB
8 nordfxvn.com
account.nordfxvn.com
86 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
x.clarity.ms — Cisco Umbrella Rank: 8333
c.clarity.ms — Cisco Umbrella Rank: 1838
28 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
c.bing.com — Cisco Umbrella Rank: 341
17 KB
3 jivosite.com
code.jivosite.com — Cisco Umbrella Rank: 42186
node-ya-9.jivosite.com — Cisco Umbrella Rank: 243926
8 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
cm.g.doubleclick.net — Cisco Umbrella Rank: 363
2 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 383
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 632
984 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 612
559 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 864
519 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 689
833 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1102
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 499
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 quora.com
a.quora.com — Cisco Umbrella Rank: 10322
q.quora.com — Cisco Umbrella Rank: 7176
15 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
72 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
182 KB
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 2197
366 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1373
586 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1277
360 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 555
1 KB
1 pippio.com
pippio.com — Cisco Umbrella Rank: 1285
573 B
1 google.com.sg
www.google.com.sg — Cisco Umbrella Rank: 11401
409 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 238
96 26
Domain Requested by
40 nordfx.com account.nordfxvn.com
nordfx.com
15 d.adroll.com 12 redirects s.adroll.com
account.nordfxvn.com
8 mc.yandex.ru 1 redirects account.nordfxvn.com
mc.yandex.ru
8 account.nordfxvn.com 1 redirects account.nordfxvn.com
nordfx.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
account.nordfxvn.com
2 c.clarity.ms 1 redirects
2 code.jivosite.com account.nordfxvn.com
code.jivosite.com
2 x.clarity.ms www.clarity.ms
2 ib.adnxs.com 1 redirects account.nordfxvn.com
2 eb2.3lift.com 1 redirects account.nordfxvn.com
2 ups.analytics.yahoo.com 1 redirects account.nordfxvn.com
2 us-u.openx.net 1 redirects account.nordfxvn.com
2 idsync.rlcdn.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects account.nordfxvn.com
2 cm.g.doubleclick.net 2 redirects
2 x.bidswitch.net 1 redirects account.nordfxvn.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 www.facebook.com account.nordfxvn.com
2 s.adroll.com account.nordfxvn.com
s.adroll.com
2 connect.facebook.net account.nordfxvn.com
connect.facebook.net
2 www.googletagmanager.com account.nordfxvn.com
www.googletagmanager.com
1 node-ya-9.jivosite.com code.jivosite.com
1 c.bing.com 1 redirects
1 x.adroll.com account.nordfxvn.com
1 ipv4.d.adroll.com account.nordfxvn.com
1 sync.taboola.com account.nordfxvn.com
1 image2.pubmatic.com account.nordfxvn.com
1 sync.outbrain.com account.nordfxvn.com
1 pixel.rubiconproject.com account.nordfxvn.com
1 pippio.com account.nordfxvn.com
1 www.google.com.sg account.nordfxvn.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 q.quora.com account.nordfxvn.com
1 a.quora.com www.googletagmanager.com
96 35
Subject Issuer Validity Valid
nordfxvn.com
E6		 2024-07-29 -
2024-10-27		 3 months crt.sh
*.nordfx.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-29 -
2024-12-28		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-07 -
2024-08-05		 3 months crt.sh
quora.com
R11		 2024-07-09 -
2024-10-07		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2024-05-03 -
2025-06-01		 a year crt.sh
*.quora.com
R11		 2024-07-09 -
2024-10-07		 3 months crt.sh
*.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.google.com.sg
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
d.adroll.com
Amazon RSA 2048 M03		 2023-10-09 -
2024-11-07		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.adroll.com
Amazon RSA 2048 M02		 2023-11-27 -
2024-12-23		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2024-04-05 -
2025-05-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://account.nordfxvn.com/account/
Frame ID: B2768FDDA63F9F1DA333EAD18C1CD72A
Requests: 95 HTTP requests in this frame

Frame: https://mc.yandex.ru/metrika/metrika_match.html
Frame ID: EC6CD37353D573C3C12DF6DD313AF425
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nord FX - Trader's Cabinet

Page URL History Show full URLs

  1. https://account.nordfxvn.com/ HTTP 302
    https://account.nordfxvn.com/account/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

96
Requests

83 %
HTTPS

38 %
IPv6

26
Domains

35
Subdomains

33
IPs

8
Countries

734 kB
Transfer

1979 kB
Size

70
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://account.nordfxvn.com/ HTTP 302
    https://account.nordfxvn.com/account/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://d.adroll.com/cm/b/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
Request Chain 61
  • https://d.adroll.com/cm/g/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=om42dVJJTLyvqVHt3CcjPw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=om42dVJJTLyvqVHt3CcjPw&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in
Request Chain 62
  • https://d.adroll.com/cm/index/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&expiration=1753800345 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&expiration=1753800345&C=1
Request Chain 63
  • https://d.adroll.com/cm/l/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=a26e367552494cbcafa951eddc27233f HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogYTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2YQABoNCJrWnrUGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=db247fa5fea7db88c01959e180fa77a97c76951b7242895985a9ac89f6f3d1af791426b5417dce21&_=2
Request Chain 64
  • https://d.adroll.com/cm/n/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&expires=365
Request Chain 65
  • https://d.adroll.com/cm/o/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=a26e367552494cbcafa951eddc27233f&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a26e367552494cbcafa951eddc27233f&gdpr=0&gdpr_consent=
Request Chain 66
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 67
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 68
  • https://d.adroll.com/cm/r/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Request Chain 69
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
Request Chain 70
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Request Chain 71
  • https://d.adroll.com/cm/x/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
Request Chain 81
  • https://mc.yandex.ru/watch/33133148?wmode=7&page-url=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh8yx1j1tt750xrz4rj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-SG%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A457084341776%3Ahid%3A982359088%3Az%3A480%3Ai%3A20240729224547%3Aet%3A1722264348%3Ac%3A1%3Arn%3A635389215%3Arqn%3A1%3Au%3A1722264348466513957%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3048%3Awv%3A2%3Ads%3A0%2C0%2C702%2C3%2C1072%2C1071%2C1%2C1802%2C8%2C%2C%2C%2C3581%3Aco%3A0%3Acpf%3A1%3Ans%3A1722264342425%3Agi%3AR0ExLjEuMTExMzAxMzIuMTcyMjI2NDM0Ng%3D%3D%3Arqnl%3A1%3Ast%3A1722264348%3At%3ANord%20FX%20-%20Trader%27s%20Cabinet&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21038596)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/33133148/1?wmode=7&page-url=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh8yx1j1tt750xrz4rj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-SG%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A457084341776%3Ahid%3A982359088%3Az%3A480%3Ai%3A20240729224547%3Aet%3A1722264348%3Ac%3A1%3Arn%3A635389215%3Arqn%3A1%3Au%3A1722264348466513957%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3048%3Awv%3A2%3Ads%3A0%2C0%2C702%2C3%2C1072%2C1071%2C1%2C1802%2C8%2C%2C%2C%2C3581%3Aco%3A0%3Acpf%3A1%3Ans%3A1722264342425%3Agi%3AR0ExLjEuMTExMzAxMzIuMTcyMjI2NDM0Ng%3D%3D%3Arqnl%3A1%3Ast%3A1722264348%3At%3ANord%20FX%20-%20Trader%27s%20Cabinet&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038596%29ti%281%29
Request Chain 83
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F1D2F7FB5F5840188C7CE73D02D3CFAF&RedC=c.clarity.ms&MXFR=27B8795C1D9F6B6210A36D97199F65E2 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F1D2F7FB5F5840188C7CE73D02D3CFAF&MUID=2C77E01A1664698339C8F4D11765683A

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
account.nordfxvn.com/account/
Redirect Chain
  • https://account.nordfxvn.com/
  • https://account.nordfxvn.com/account/
22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.nordfxvn.com/account/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.79.255.157 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-0a1ae536.vps.ovh.ca
Software
nginx /
Resource Hash
1e4551a3f8fbbf2a3062c0e854c502d5adf50122c15b1c579379cf2623355367
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=15768000
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jul 2024 14:45:44 GMT
Keep-Alive
timeout=30
Server
nginx
Strict-Transport-Security
max-age=15768000
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
expires
Thu, 19 Nov 1981 08:52:00 GMT
nfxgt1
0,1283
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-turbo-charged-by
LiteSpeed

Redirect headers

Connection
keep-alive
Content-Length
39
Content-Type
text/html; charset=utf-8
Date
Mon, 29 Jul 2024 14:45:43 GMT
Keep-Alive
timeout=30
Server
nginx
Strict-Transport-Security
max-age=15768000
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
expires
Thu, 19 Nov 1981 08:52:00 GMT
last-modified
Aug 26 2022 08:28:47
location
/account/
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-turbo-charged-by
LiteSpeed
slick.css
nordfx.com/stpl/default/js/slickslider/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nordfx.com/stpl/default/js/slickslider/slick.css?ver=1
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:44 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
483
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
slick-theme.css
nordfx.com/stpl/default/js/slickslider/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nordfx.com/stpl/default/js/slickslider/slick-theme.css?ver=1
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:44 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
763
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
banners.css
nordfx.com/stpl/default/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nordfx.com/stpl/default/css/banners.css?ver=0.2
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
57f43bd8644fb95de2c82d932a7820624d5324f7f134ff199c9ba7f8dabff300
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:44 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2430
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.min.css
nordfx.com/stpl/default/css/ 		140 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nordfx.com/stpl/default/css/styles.min.css?ver=24
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
d536bfd7d475af1ad6cb92975f872ace0ba9fd17b335e4566a02b2ba32e2b93a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:44 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
25229
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.css
nordfx.com/tpl/default/english/css/ 		45 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nordfx.com/tpl/default/english/css/styles.css?0934
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
ecaaaf79173977d2d9e7474ad9b72aeb0a01d230903dab301894a4a008abc1af
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
45
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
DENY
content-type
text/css
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
cab_external_styles.css
account.nordfxvn.com/css/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.nordfxvn.com/css/cab_external_styles.css?888_4
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.79.255.157 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-0a1ae536.vps.ovh.ca
Software
nginx /
Resource Hash
1d87f6fedcb6211536fca445d92a8099f48c53afaaa41d11492110eda3da7d34
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/account/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 14:45:44 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=15768000
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Connection
keep-alive
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Content-Length
6415
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 05 Oct 2023 08:35:19 GMT
Server
nginx
etag
"88c0-651e7547-350f599ab14e840c;br"
vary
Accept-Encoding
x-frame-options
DENY
Content-Type
text/css
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
Keep-Alive
timeout=30
expires
Thu, 31 Dec 2037 23:55:55 GMT
menu.png
nordfx.com/stpl/default/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/stpl/default/images/menu.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
72e4f46fd80c44cb5fb8fcae82abd37f7737f79f9395c29a88c01d512043b2fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 21 Mar 2016 18:09:16 GMT
server
nginx
etag
W/"b64-56f038cc-cc47d58395054d7f;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
close.png
nordfx.com/stpl/default/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/stpl/default/images/close.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
99521b7420af9814cbb7896ca5255ff5b31b6319927c7d2c3b5b3436fb3189c4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 21 Mar 2016 18:09:04 GMT
server
nginx
etag
W/"b7f-56f038c0-d180033f8f5f5c51;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
nordfx.com/stpl/default/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/stpl/default/images/logo.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
f8b7781f7aea9bd2b9db6c42c8677d199a06ea1ebdacae99e336be35a279fbac
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 21 Mar 2016 18:09:15 GMT
server
nginx
etag
W/"1252-56f038cb-66b0257f07f32bd;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-xs.png
nordfx.com/stpl/default/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/stpl/default/images/logo-xs.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
e0cdf527ba088dd26ef06200fc5bf23bae04d30d1896e147251467594e1c8d84
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 21 Mar 2016 18:09:14 GMT
server
nginx
etag
W/"f8f-56f038ca-54973da8c24139b6;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
info_icon.png
nordfx.com/stpl/default/images/ 		646 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/stpl/default/images/info_icon.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
90df60b59930b514c3a164445e40934e6e8a4fb8b903ef03500c082268223348
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
646
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 21 Mar 2016 18:09:10 GMT
server
nginx
etag
"286-56f038c6-aab57337819788c6;;;"
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
user.png
nordfx.com/stpl/default/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/stpl/default/images/user.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
732892518bdb107f2e08595d9af1192870680652ec668d44db1bd645b6e11d48
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 21 Mar 2016 18:09:27 GMT
server
nginx
etag
W/"b78-56f038d7-c15f29c75a4551f;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
en.png
nordfx.com/data/languages/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/en.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
d6e1ab0eb7766fac366f26c9d0b52566cbc34071de2fe3cb9b6db9d056884a45
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 20 Mar 2016 07:42:37 GMT
server
nginx
etag
W/"e09-56ee546d-ac0dc50e08fce21e;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
cn.png
nordfx.com/data/languages/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/cn.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
839ff54e99f41cb146023af56f7c25c5104c6586ed47d1b46265075c04bb4cb9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 20 Mar 2016 07:42:36 GMT
server
nginx
etag
W/"cbf-56ee546c-e0697c2afab05647;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
id.png
nordfx.com/data/languages/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/id.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
2cfd76102832408620ecc34d34811d0dcb73a15cd1293398f4fae98b9a28059b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 20 Mar 2016 07:42:37 GMT
server
nginx
etag
W/"c39-56ee546d-bdc32e8ce407b114;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
es.png
nordfx.com/data/languages/ 		3 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/es.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
ee07ae3e0a48ec7bbf039fa7f303920ae8813aaade292433b901b2ea9c00820e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 20 Mar 2016 07:42:37 GMT
server
nginx
etag
W/"cd7-56ee546d-7a887b7522a9becc;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
pt.png
nordfx.com/data/languages/ 		3 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/pt.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
94baf0c35e13eafc105863e18743a8b3102c17de0f9f24a2ee219f2f22c84537
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 20 Mar 2016 07:42:37 GMT
server
nginx
etag
W/"d4c-56ee546d-cbf8601ab4d61c5e;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
ae.png
nordfx.com/data/languages/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/ae.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
81eccf18910e648fb37cb8ebf9940b2341bbdc21a5810e2ced06f6fc623483cb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 20 Mar 2016 07:42:36 GMT
server
nginx
etag
W/"c88-56ee546c-e792ff4745f0393;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
hi.png
nordfx.com/data/languages/ 		18 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/hi.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
6d44d1e3bb66dc88a612292a0417271c6743ff42310b9a1f5d434b79e50ec145
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 20 Mar 2016 16:56:44 GMT
server
nginx
etag
W/"4781-56eed64c-9ade76bf4ef0fffd;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
ir.png
nordfx.com/data/languages/ 		3 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/ir.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
3799543745ee73233f78a42a6b8b9966066d2632c81e40f303d96f6b82484a2b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 20 Mar 2016 07:42:37 GMT
server
nginx
etag
W/"cfa-56ee546d-765042b5937d5c90;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
th.png
nordfx.com/data/languages/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/th.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
88924ffd9b2f268f97bc5dd51d7e0b2d9d4bb3f632604000bc0ac62040735cb4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 20 Mar 2016 07:42:38 GMT
server
nginx
etag
W/"be2-56ee546e-9365ff998d554dfe;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
bn.png
nordfx.com/data/languages/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/bn.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
76d098d41081f12682084093309fc8a4cb757acdd9af761a637c13952c5acc1b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 20 Mar 2016 07:42:36 GMT
server
nginx
etag
W/"ca0-56ee546c-2d2e72b71a6350e4;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
lk.png
nordfx.com/data/languages/ 		18 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/lk.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
3753fc065bbce9b422f37b65c1ec6f20b4db208d8a3a0f3fbda5735658f1a51b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Sep 2017 14:26:49 GMT
server
nginx
etag
W/"46f8-59b69d29-41070a84b318db2b;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
vn.png
nordfx.com/data/languages/ 		16 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/vn.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
115268c0df6b57d5817f6b596572675d18097acd43cceb42d3479f97b33ae903
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Sep 2017 14:26:49 GMT
server
nginx
etag
W/"3ef9-59b69d29-4bfda9bfe6a710c4;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
jp.png
nordfx.com/data/languages/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/jp.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
270c1027dd9e2b1727e4fa18a913f013da7224e0b6459bfafbc9fc39edf890c4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Jul 2022 09:55:18 GMT
server
nginx
etag
W/"52d-62c55c06-1ac336e26f6d4ea9;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
ua.png
nordfx.com/data/languages/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/ua.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
a28a0317d85541f0f07f277090a9e8a8d1e75f6c344f49979b71d7d7caf45326
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 07 Nov 2022 19:20:38 GMT
server
nginx
etag
W/"487-63695a86-da40007d3d4d68bc;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
ms.png
nordfx.com/data/languages/ 		458 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/ms.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
f885bdcfae86b4e71a2deb60091a0966c7216d7d8ebd8261bb7ec31d12b061ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
458
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Jul 2022 09:55:18 GMT
server
nginx
etag
"1ca-62c55c06-d81c2691c0bd2b04;;;"
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ssl_logo.png
nordfx.com/stpl/default/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/stpl/default/images/ssl_logo.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
919004c790553eefab3ddd3b52e3dfc9a43a7e49f98d16db0e1c773ec67517ea
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 21 Mar 2016 18:09:25 GMT
server
nginx
etag
W/"c99-56f038d5-9f90e52dff81bfd1;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
wac_visa.png
nordfx.com/images/ 		3 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/images/wac_visa.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
0d655638a513940ff7407036c91200cb5527e48b5b6562c9858bdcd6d4337625
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Jul 2022 09:55:32 GMT
server
nginx
etag
W/"de9-62c55c14-b8ea8527cd7c784;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
wac_mastercard.png
nordfx.com/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/images/wac_mastercard.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
67b7da47be30306af8f5d16ba1dc0b6e92421c0b004835e582dd63744d9124d4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Jul 2022 09:55:32 GMT
server
nginx
etag
W/"16a4-62c55c14-aaa640b2ca0130f0;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-2.1.4.min.js
nordfx.com/stpl/default/js/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordfx.com/stpl/default/js/jquery-2.1.4.min.js
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
28793
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 21 Mar 2016 18:09:31 GMT
server
nginx
etag
"14979-56f038db-cfb43ad1e7595499;br"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.js
nordfx.com/stpl/default/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordfx.com/stpl/default/js/bootstrap.min.js
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
e26c92de4345912718899204b05274e473cd9e91be64813aba60b3dff9922b53
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
9512
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 21 Mar 2016 18:09:30 GMT
server
nginx
etag
"90c0-56f038da-96f5044ed03f2a62;br"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.min.js
nordfx.com/stpl/default/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordfx.com/stpl/default/js/scripts.min.js?0144
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
77ded9191f3c58beaa88c74e7834fbbd487c1455a83d7da179d999839fc0a64a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1379
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 27 Aug 2023 21:01:01 GMT
server
nginx
etag
"13df-64ebb98d-eaf659b24559d71a;br"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
slick.js
nordfx.com/stpl/default/js/slickslider/ 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nordfx.com/stpl/default/js/slickslider/slick.js?ver=1
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
0aaa4cf927b0e3631cffbe62f6786810aa65348483cd950e49f634a0881b16b4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
14819
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 17 Aug 2023 03:18:25 GMT
server
nginx
etag
"15b7b-64dd9181-72038dd0f1a71e4d;br"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap-select.min.js
account.nordfxvn.com/js/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.nordfxvn.com/js/bootstrap-select.min.js?888
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.79.255.157 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-0a1ae536.vps.ovh.ca
Software
nginx /
Resource Hash
45a28d456d046739559f7f0ba1edf7af21f2c85cfb5e077d73b423b91ce0036b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/account/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 14:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=15768000
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Connection
keep-alive
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Content-Length
8517
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 13 Apr 2016 20:38:06 GMT
Server
nginx
etag
"78f5-570eae2e-98cf3bad10a3a159;br"
vary
Accept-Encoding
x-frame-options
DENY
Content-Type
application/x-javascript
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
Keep-Alive
timeout=30
expires
Thu, 31 Dec 2037 23:55:55 GMT
cab_external_scripts.js
account.nordfxvn.com/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.nordfxvn.com/js/cab_external_scripts.js?11
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.79.255.157 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-0a1ae536.vps.ovh.ca
Software
nginx /
Resource Hash
e1b3f3a461a4978e727f27478c60cf21ebd4e8b4a08b21cdda347199c24466f4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/account/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 14:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=15768000
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Connection
keep-alive
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Content-Length
524
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 03 Nov 2020 23:37:22 GMT
Server
nginx
etag
"527-5fa1e9b2-ef12aa3f9f1e2ba8;br"
vary
Accept-Encoding
x-frame-options
DENY
Content-Type
application/x-javascript
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
Keep-Alive
timeout=30
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		245 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NF5PZF
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d4ec9163deae77937c825228f16086ceb95d33e4b272d423b3447e7a2562a98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83601
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jul 2024 14:45:45 GMT
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 29 Jul 2024 14:45:45 GMT
document-policy
force-load-at-top
x-fb-server-load
33
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=12, mss=1297, tbw=2800, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
DgiJfdRwbbJ0cVNpIaihX5B/2NZjSR76TsBEqLOg2JmwLIx/RQYbaObvqOu+f7YAsAaiPXrJkouE8F6SyTRvVA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
hi.png
nordfx.com/data/languages/ 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/hi.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
6d44d1e3bb66dc88a612292a0417271c6743ff42310b9a1f5d434b79e50ec145
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 20 Mar 2016 16:56:44 GMT
server
nginx
etag
W/"4781-56eed64c-9ade76bf4ef0fffd;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
vn.png
nordfx.com/data/languages/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/data/languages/vn.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
115268c0df6b57d5817f6b596572675d18097acd43cceb42d3479f97b33ae903
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Sep 2017 14:26:49 GMT
server
nginx
etag
W/"3ef9-59b69d29-4bfda9bfe6a710c4;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
reg_icon.png
account.nordfxvn.com/images_new/naf/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.nordfxvn.com/images_new/naf/reg_icon.png
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/css/cab_external_styles.css?888_4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.79.255.157 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-0a1ae536.vps.ovh.ca
Software
nginx /
Resource Hash
9862857b69e4a03033acc8937fcd7fe06a320367709f672353b264ee2dac4ace
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/css/cab_external_styles.css?888_4
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=15768000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Content-Encoding
gzip
x-permitted-cross-domain-policies
none
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 13 Apr 2016 20:38:06 GMT
Server
nginx
etag
W/"1205-570eae2e-8375b89c3bb72299;;;"
Vary
Accept-Encoding
x-frame-options
DENY
Content-Type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
Keep-Alive
timeout=30
expires
Thu, 31 Dec 2037 23:55:55 GMT
social_icons.png
nordfx.com/stpl/default/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/stpl/default/images/social_icons.png
Requested by
Host: nordfx.com
URL: https://nordfx.com/stpl/default/css/styles.min.css?ver=24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
30cb381fa20871a1a763128ba00ebc0b188ad3f49b8abbe09bb5b712ec2ca8f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nordfx.com/stpl/default/css/styles.min.css?ver=24
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 21 Mar 2016 18:09:25 GMT
server
nginx
etag
W/"f88-56f038d5-826afe7b343bb4e;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
telegram.png
nordfx.com/stpl/default/images/socials/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/stpl/default/images/socials/telegram.png
Requested by
Host: nordfx.com
URL: https://nordfx.com/stpl/default/css/styles.min.css?ver=24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
9612550642eafe49cbd13fce7c308e23c686b1c2052b6505f06e9aad72c8c9af
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nordfx.com/stpl/default/css/styles.min.css?ver=24
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 15 Aug 2017 13:17:51 GMT
server
nginx
etag
W/"626-5992f47f-300a0f783ba118d5;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
tiktok.png
nordfx.com/stpl/default/images/socials/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nordfx.com/stpl/default/images/socials/tiktok.png
Requested by
Host: nordfx.com
URL: https://nordfx.com/stpl/default/css/styles.min.css?ver=24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
8eb742911d1ae21a3b851e471c2cf0e5f85ed4cb06394cc5cdee101ec8ca170c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nordfx.com/stpl/default/css/styles.min.css?ver=24
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 17 Aug 2023 03:18:25 GMT
server
nginx
etag
W/"832-64dd9181-b9cbafcdfe658b80;;;"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
expires
Thu, 31 Dec 2037 23:55:55 GMT
407805987940783
connect.facebook.net/signals/config/ 		53 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/407805987940783?v=2.9.162&r=stable&domain=account.nordfxvn.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
56c4df6a1d3ad829be21160c712912fad94f0b6640c50d327e7b95fb64c9768d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 29 Jul 2024 14:45:45 GMT
document-policy
force-load-at-top
x-fb-server-load
29
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=37, mss=1297, tbw=64226, tp=-1, tpl=-1, uplat=256, ullat=0
pragma
public
x-fb-debug
VIyqiwY2s7FKqDHv7qi0BGC98CuvMRQDQ3B6qoMnTNp//IxqL5iamHfq3aCy2F4KREogYRaAByb97c3fQqtj0w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		290 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R6PLYM1PML&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF5PZF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a0d7d41deaf9e167101c251680fdaf177baa2105acc51a57de1a5d71867cab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101716
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jul 2024 14:45:45 GMT
qevents.js
a.quora.com/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.quora.com/qevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF5PZF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.153.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
x-amz-version-id
jrgqQn59BHyNBJEhUqaibHl1Lk06.AzO
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
M04HPBTPY5GDBBF5
age
6903259
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Tl+NCrT4/ROq8BOB/jXEFbjekr+B/799PB4hsh4cPaz8GcT19YQzaMe+k+f+IJxKpv7tKCeNqoQ=
last-modified
Thu, 28 Mar 2024 17:33:19 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:87b5ecaafd0e88097cbbb1bbb7695fe9
etag
W/"87b5ecaafd0e88097cbbb1bbb7695fe9"
vary
Accept-Encoding
content-type
text/plain
cache-control
public, max-age=14400
cf-ray
8aade500cbad81b3-SIN
expires
Mon, 29 Jul 2024 18:45:45 GMT
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF5PZF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 29 Jul 2024 14:45:45 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A84A2C2028C54447AB9544A4779FC5A6 Ref B: SIN30EDGE0314 Ref C: 2024-07-29T14:45:45Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
roundtrip.js
s.adroll.com/j/RWL6YYFSSFF6DHIMKGV3ZG/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/RWL6YYFSSFF6DHIMKGV3ZG/roundtrip.js
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:2c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec5b548db448c0e58a77fce3b2b61ced845a8fcdb83be4597bf185048884e7e8

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id
GJLVreYJO8NyGtlzf3xthLL_5yS.O2Ts
Content-Encoding
gzip
Via
1.1 a372f2a2c858a55a472ec9d3d1c6b816.cloudfront.net (CloudFront)
Date
Mon, 29 Jul 2024 14:33:09 GMT
Age
885
X-Amz-Cf-Pop
SIN52-C2
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 26 Jul 2024 11:39:00 GMT
Server
AmazonS3
Etag
W/"5a8948879f77cd3d72c4a84d158e3776"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
H2nQMtYIZdzY1BfhOttceFkYCRhffEovJmQt3cpJpmvjvxBRhlsHwA==
pixel
q.quora.com/_/ad/346ecfbaecf540cdb694bd0f2276727a/ 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/346ecfbaecf540cdb694bd0f2276727a/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.216.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-216-90.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 14:45:46 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Server
nginx
Connection
keep-alive
Content-Length
43
X-Q-Stat
,22de4617a3f6829f478cb7b8e537a6c8,10.0.0.221,11656,209.58.162.239,,396156438806,1,1722264346.550,0.002,,.,0,0,0.000,0.000,-,0,0,203,188,94,10,26847,,,,,,-,
Content-Type
image/gif
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R6PLYM1PML&gtm=45je47o0v9118566156z86703032za200zb6703032&_p=1722264345406&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=11130132.1722264346&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722264345&sct=1&seg=0&dl=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&dt=Nord%20FX%20-%20Trader%27s%20Cabinet&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3351
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6PLYM1PML&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.nordfxvn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R6PLYM1PML&cid=11130132.1722264346&gtm=45je47o0v9118566156z86703032za200zb6703032&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6PLYM1PML&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.nordfxvn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R6PLYM1PML&cid=11130132.1722264346&gtm=45je47o0v9118566156z86703032za200zb6703032&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=938440299
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
187119008.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/187119008.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f354d09b7885951d299359c36772d29fab45e867cf21cea7c1599c02f971a0ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Mon, 29 Jul 2024 14:45:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 169B44C3191041CCBA04E91321D0B767 Ref B: SIN30EDGE0314 Ref C: 2024-07-29T14:45:45Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=407805987940783&ev=PageView&dl=https%3A%2F%2Faccount.nordfxvn.com&rl=&if=false&ts=1722264345876&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1722264345874.47452140572696355&pm=1&hrl=d4fc90&ler=empty&cdl=API_unavailable&it=1722264345554&coo=false&cs_cc=1&rqm=GET
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1297, tbw=2804, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 29 Jul 2024 14:45:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=407805987940783&ev=PageView&dl=https%3A%2F%2Faccount.nordfxvn.com&rl=&if=false&ts=1722264345876&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1722264345874.47452140572696355&pm=1&hrl=d4fc90&ler=empty&cdl=API_unavailable&it=1722264345554&coo=false&cs_cc=1&rqm=FGET
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:83:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Mon, 29 Jul 2024 14:45:46 GMT
document-policy
force-load-at-top
x-fb-server-load
28
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397069037491788177", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=12, mss=1297, tbw=3122, tp=-1, tpl=-1, uplat=235, ullat=0
pragma
no-cache
x-fb-debug
X0bGN2787rwaUflzTNjSQdVACYWvCGvkavPTYOqqADIL0uaEfiKZhRgy9kVtXOJYXU8KmV612t1IzwhxLNhF1A==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397069037491788177"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
RWL6YYFSSFF6DHIMKGV3ZG
d.adroll.com/consent/check/ 		584 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/RWL6YYFSSFF6DHIMKGV3ZG?pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&_s=14b90a372f0b11ed17978bfe12baba65&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/RWL6YYFSSFF6DHIMKGV3ZG/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:22e:4f04:e21e:1154:af83:c087 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
01bcb6d2bbb9f55b9d4b69437acfefd9377b742a613a4cf8afd79f5c25bb424c

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
application/javascript
pragma
no-cache
date
Mon, 29 Jul 2024 14:45:45 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
584
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
187119008
www.clarity.ms/tag/uet/ 		816 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/187119008
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/187119008.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c83944e76ae4db1d0e529cacc7b57abad21cf7c8a7a8936377855630d6b9b476

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
-1
date
Mon, 29 Jul 2024 14:45:46 GMT
x-azure-ref
20240729T144545Z-16dbb9f4c992cjqbfq894kk72s00000008t00000000094c8
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
816
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
sendrolling.js
s.adroll.com/j/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/RWL6YYFSSFF6DHIMKGV3ZG/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:2c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Amz-Version-Id
kaomAQKNRR_7Pb.3Bms_Xue6LaAItEu.
Content-Encoding
gzip
Via
1.1 a372f2a2c858a55a472ec9d3d1c6b816.cloudfront.net (CloudFront)
Date
Mon, 29 Jul 2024 14:44:13 GMT
Age
93
X-Amz-Cf-Pop
SIN52-C2
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 21 Jun 2023 16:22:01 GMT
Server
AmazonS3
Etag
W/"4a64112c69b3c4b3f104f38d9547a094"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
jrWqRXMIavSrFLBqI48tNe90f4opy5YfYOOjRdUQbW1IUzgMKgu_Sg==
UN5ZV2YT5ZFGRMHGXBUGUT
d.adroll.com/segment/RWL6YYFSSFF6DHIMKGV3ZG/ 		42 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/segment/RWL6YYFSSFF6DHIMKGV3ZG/UN5ZV2YT5ZFGRMHGXBUGUT?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&cookie=&adroll_s_ref=&keyw=&p0=1307&adroll_external_data=&adroll_version=2.0
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/RWL6YYFSSFF6DHIMKGV3ZG/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:22e:4f04:e21e:1154:af83:c087 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:45 GMT
x-attribution-url
https%3A%2F%2Fx.adroll.com%2Fattribution%2Ftrigger%3Ffpc%3D448108debd68a20e61a6e84b0652851e%26advertisable_eid%3DRWL6YYFSSFF6DHIMKGV3ZG%26conversion_type%3DPageView%26conversion_value%3D0.0%26pv%3D40609348261.352585%26arrfrr%3Dhttps%253A%252F%252Faccount.nordfxvn.com%252Faccount%252F
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type
p
content-length
42
pragma
no-cache
x-conversion-value
0.0
server
nginx/1.22.1
x-rule
*
x-segment-eid
C3MXAOGU6VCKNIU5HVJUNS
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
https://account.nordfxvn.com
access-control-expose-headers
X-Advertisable-Eid, X-Attribution-Url, X-Segment-Eid, X-Segment-Display-Name, X-Segment-Name, X-Conversion-Currency, X-Conversion-Value, X-Rule, X-Rule-Type, X-Organization-Eid, X-Pixel-Eid
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-request-methods
GET
x-pixel-eid
UN5ZV2YT5ZFGRMHGXBUGUT
x-organization-eid
5VHLAQYPOFETTDPCLH7SLE
access-control-allow-headers
Content-Type, *
x-advertisable-eid
RWL6YYFSSFF6DHIMKGV3ZG
x-conversion-currency
x-segment-name
*
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 14:45:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
Date
Mon, 29 Jul 2024 14:45:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=om42dVJJTLyvqVHt3CcjPw
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=om42dVJJTLyvqVHt3CcjPw&google_tc=
  • https://d.adroll.com/cm/g/in
42 B
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Server
2406:da18:22e:4f04:e21e:1154:af83:c087 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:46 GMT
server
nginx/1.22.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://d.adroll.com/cm/g/in
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHI...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&expiration=1753800345
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&expiration=1753800345&C=1
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&expiration=1753800345&C=1
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aiThBr3WAkYRZLZznI5%2BlE4ltZxHDzYvR%2Fi%2BO%2B6bF7V5UMKxvxQptDxWK7Ay1ph7prM7TdwL9fRsG1dzR6VBAuSt%2FnpkUQrXJ5H9tuO5Ngcz3oN6iguzX%2B0QnuTAjw0BV9mVGAgddykP%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8aade5032c665fdb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HCqlJN1brGyiiJjA0i%2FC%2Ffy8J80z8NtagUxq9IuVivCrF9CRYmGahktsTsFIoH2TB19BLFK%2BCHJeUfmQqZ6mlk65HfIo5EOXheGHwSiCPQt3IfIBZN1HY0y5yHBMdtENaAZlg6aEsgc%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=105&external_user_id=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&expiration=1753800345&C=1
cache-control
no-cache
cf-ray
8aade502ebd35fdb-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
sync
pippio.com/api/
Redirect Chain
  • https://d.adroll.com/cm/l/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG
  • https://idsync.rlcdn.com/377928.gif?partner_uid=a26e367552494cbcafa951eddc27233f
  • https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogYTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2YQABoNCJrWnrUGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=db247fa5fea7db88c01959e180fa77a97c76951b7242895985a9ac89f6f3d1af791426b5417dce21&_=2
42 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=5324&it=1&iv=db247fa5fea7db88c01959e180fa77a97c76951b7242895985a9ac89f6f3d1af791426b5417dce21&_=2
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:47 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 29 Jul 2024 14:45:46 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pippio.com/api/sync?pid=5324&it=1&iv=db247fa5fea7db88c01959e180fa77a97c76951b7242895985a9ac89f6f3d1af791426b5417dce21&_=2
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&expires=365
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&expires=365
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&expires=365
pragma
no-cache
date
Mon, 29 Jul 2024 14:45:45 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=a26e367552494cbcafa951eddc27233f&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a26e367552494cbcafa951eddc27233f&gdpr=0&gdpr_consent=
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a26e367552494cbcafa951eddc27233f&gdpr=0&gdpr_consent=
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a26e367552494cbcafa951eddc27233f&gdpr=0&gdpr_consent=
date
Mon, 29 Jul 2024 14:45:46 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6...
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&gdpr=0&gdpr_consent=&us_privacy=1---
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
HTTP/1.1
Server
38.133.127.95 Sacramento, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:46 GMT
cache-control
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-traceid
0409fbce33ade2c1b18c41a9d5fe6c29
content-length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&gdpr=0&gdpr_consent=&us_privacy=1---
pragma
no-cache
date
Mon, 29 Jul 2024 14:45:45 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
137
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...
42 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 29 Jul 2024 14:45:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma
no-cache
date
Mon, 29 Jul 2024 14:45:45 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
212
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Server
18.143.106.89 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.121 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.121
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
date
Mon, 29 Jul 2024 14:45:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.121
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6D...
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
2743

Redirect headers

location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
pragma
no-cache
date
Mon, 29 Jul 2024 14:45:45 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSF...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
37 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 29 Jul 2024 14:45:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=4714&xuid=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
date
Mon, 29 Jul 2024 14:45:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&advertisable=RWL6YYFSSFF6DHIMKGV3ZG
  • https://ib.adnxs.com/setuid?entity=172&code=YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:46 GMT
an-x-request-uuid
b6a91697-7bf5-4e57-a27a-2865646eb0c5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
209.58.162.239; 209.58.162.239; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:46 GMT
an-x-request-uuid
68239eb0-b6f2-481b-b5db-3551e33ec3b7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
cache-control
no-store, no-cache, private
x-proxy-origin
209.58.162.239; 209.58.162.239; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
UN5ZV2YT5ZFGRMHGXBUGUT
ipv4.d.adroll.com/seg4/RWL6YYFSSFF6DHIMKGV3ZG/ 		42 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipv4.d.adroll.com/seg4/RWL6YYFSSFF6DHIMKGV3ZG/UN5ZV2YT5ZFGRMHGXBUGUT?adroll_fpc=448108debd68a20e61a6e84b0652851e-1722264345927&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&cookie=&adroll_s_ref=&keyw=&p0=1307&adroll_external_data=&adroll_version=2.0
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.135.176 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-135-176.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:46 GMT
x-segment-display-name
Visitors to Unsegmented Pages
x-rule-type
p
content-length
42
pragma
no-cache
x-conversion-value
0.0
server
nginx/1.22.1
x-rule
*
x-segment-eid
C3MXAOGU6VCKNIU5HVJUNS
content-type
image/gif
access-control-allow-origin
access-control-expose-headers
X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-request-methods
GET
x-pixel-eid
UN5ZV2YT5ZFGRMHGXBUGUT
x-segment-name
*
access-control-allow-headers
*
x-advertisable-eid
RWL6YYFSSFF6DHIMKGV3ZG
x-conversion-currency
trigger
x.adroll.com/attribution/ 		2 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.adroll.com/attribution/trigger?fpc=448108debd68a20e61a6e84b0652851e&advertisable_eid=RWL6YYFSSFF6DHIMKGV3ZG&conversion_type=PageView&conversion_value=0.0&pv=40609348261.352585&arrfrr=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:da18:22e:4f08:7d42:74ac:ad41:a07a Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:46 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"8860696828328553369","filters":{"source_type":["event"]}},{"trigger_data":"0","priority":"0","deduplication_key":"8860696828328553369","filters":{"source_type":["navigation"]}}],"debug_key":"17852066260155002763","debug_reporting":true,"filters":{"0":["RWL6YYFSSFF6DHIMKGV3ZG"]},"aggregatable_trigger_data":[{"key_piece":"0x000000000000000076f192824cb8676d","source_keys":["1"]}],"aggregatable_values":{"1":8192},"aggregatable_deduplication_keys":[{"deduplication_key":"16863767425907490917"}]}
content-length
2
content-type
text/plain; charset=utf-8
iseu.php
account.nordfxvn.com/api/ 		1 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://account.nordfxvn.com/api/iseu.php
Requested by
Host: nordfx.com
URL: https://nordfx.com/stpl/default/js/jquery-2.1.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.79.255.157 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-0a1ae536.vps.ovh.ca
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://account.nordfxvn.com/account/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 14:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=15768000
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Connection
keep-alive
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Content-Length
5
referrer-policy
strict-origin-when-cross-origin
Server
nginx
vary
Accept-Encoding
x-frame-options
DENY
Content-Type
text/html; charset=UTF-8
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
Keep-Alive
timeout=30
nfx_red_ajaxion.gif
account.nordfxvn.com/images_new/ 		51 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.nordfxvn.com/images_new/nfx_red_ajaxion.gif
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.79.255.157 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-0a1ae536.vps.ovh.ca
Software
nginx /
Resource Hash
05ddad2f587fab9d4f1b917d1695e361e24e9517d07d1047502149ce3d127483
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/account/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 14:45:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=15768000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Content-Encoding
gzip
x-permitted-cross-domain-policies
none
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 02 Mar 2017 17:41:14 GMT
Server
nginx
etag
W/"ccba-58b8593a-929093351bf74117;;;"
Vary
Accept-Encoding
x-frame-options
DENY
Content-Type
image/gif
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
Keep-Alive
timeout=30
expires
Thu, 31 Dec 2037 23:55:55 GMT
tag.js
mc.yandex.ru/metrika/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
02176bdd06db7030c6ffbe7150aaf37050935a56d619e9f450fd7d11f2c83bdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 24 Jul 2024 12:44:58 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66a0f74a-127fd"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
75773
expires
Mon, 29 Jul 2024 15:45:47 GMT
0
bat.bing.com/action/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=187119008&tm=gtm002&Ver=2&mid=d8767972-97ec-4ad4-9a1f-9cbacd80e523&sid=3d0b7d604db911ef9cf0df30340552d1&vid=3d0bca204db911efb7dd7de4e6de6cf2&vids=1&msclkid=N&pi=918639831&lg=en-SG&sw=1600&sh=1200&sc=24&tl=Nord%20FX%20-%20Trader%27s%20Cabinet&kw=Nord%20FX,Trader%27s%20Cabinet&p=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&r=&lt=3589&evt=pageLoad&sv=1&cdb=AQAQ&rn=756416
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 Jul 2024 14:45:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 81A707FB0DCF4FDA8D672AB83608F633 Ref B: SIN30EDGE0314 Ref C: 2024-07-29T14:45:46Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.41/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.41/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/187119008
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:46 GMT
content-encoding
br
last-modified
Fri, 26 Jul 2024 23:49:00 GMT
etag
W/"0x8DCADCD85F8E42A"
vary
Accept-Encoding
x-azure-ref
20240729T144546Z-16dbb9f4c992cjqbfq894kk72s00000008t00000000094cn
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
cb6c71dd-201e-0051-0338-e0b357000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
x.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://account.nordfxvn.com
Date
Mon, 29 Jul 2024 14:45:47 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
advert.gif
mc.yandex.ru/metrika/ 		43 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/account/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Jul 2024 14:45:48 GMT
last-modified
Wed, 24 Jul 2024 12:44:58 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66a0f74a-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 29 Jul 2024 15:45:48 GMT
1
mc.yandex.ru/watch/33133148/
Redirect Chain
  • https://mc.yandex.ru/watch/33133148?wmode=7&page-url=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh8yx1j1tt750xrz4rj%3Afu%3A0%3Aen...
  • https://mc.yandex.ru/watch/33133148/1?wmode=7&page-url=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh8yx1j1tt750xrz4rj%3Afu%3A0%3A...
483 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/33133148/1?wmode=7&page-url=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh8yx1j1tt750xrz4rj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-SG%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A457084341776%3Ahid%3A982359088%3Az%3A480%3Ai%3A20240729224547%3Aet%3A1722264348%3Ac%3A1%3Arn%3A635389215%3Arqn%3A1%3Au%3A1722264348466513957%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3048%3Awv%3A2%3Ads%3A0%2C0%2C702%2C3%2C1072%2C1071%2C1%2C1802%2C8%2C%2C%2C%2C3581%3Aco%3A0%3Acpf%3A1%3Ans%3A1722264342425%3Agi%3AR0ExLjEuMTExMzAxMzIuMTcyMjI2NDM0Ng%3D%3D%3Arqnl%3A1%3Ast%3A1722264348%3At%3ANord%20FX%20-%20Trader%27s%20Cabinet&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038596%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
c98d561d7776c6313f9f653d942cee615065d8477ac1775e5621427e0548ac1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 29 Jul 2024 14:45:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 29-Jul-2024 14:45:48 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://account.nordfxvn.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
483
x-xss-protection
1; mode=block
expires
Mon, 29-Jul-2024 14:45:48 GMT

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 29 Jul 2024 14:45:48 GMT
last-modified
Mon, 29-Jul-2024 14:45:48 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/33133148/1?wmode=7&page-url=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh8yx1j1tt750xrz4rj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-SG%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A457084341776%3Ahid%3A982359088%3Az%3A480%3Ai%3A20240729224547%3Aet%3A1722264348%3Ac%3A1%3Arn%3A635389215%3Arqn%3A1%3Au%3A1722264348466513957%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3048%3Awv%3A2%3Ads%3A0%2C0%2C702%2C3%2C1072%2C1071%2C1%2C1802%2C8%2C%2C%2C%2C3581%3Aco%3A0%3Acpf%3A1%3Ans%3A1722264342425%3Agi%3AR0ExLjEuMTExMzAxMzIuMTcyMjI2NDM0Ng%3D%3D%3Arqnl%3A1%3Ast%3A1722264348%3At%3ANord%20FX%20-%20Trader%27s%20Cabinet&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038596%29ti%281%29
access-control-allow-origin
https://account.nordfxvn.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 29-Jul-2024 14:45:48 GMT
dh9ol4uZfb
code.jivosite.com/script/geo-widget/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/geo-widget/dh9ol4uZfb
Requested by
Host: account.nordfxvn.com
URL: https://account.nordfxvn.com/js/cab_external_scripts.js?11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
e3e1ce2caa9719342d06260776f2c73bae89bb156d133f47bbfebddb4a5f4ebf

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:48 GMT
content-encoding
br
via
1.1 sharxy
x-cached-since
2024-07-29T14:26:13+00:00
x-geo-shard
ya
content-length
6056
x-node
fr5-up-gc15
last-modified
Tue, 09 Jul 2024 12:45:54 GMT
server
nginx
etag
"668d3102-17a8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
expires
Sat, 27 Jul 2024 21:14:30 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F1D2F7FB5F5840188C7CE73D02D3CFAF&RedC=c.clarity.ms&MXFR=27B8795C1D9F6B6210A36D97199F65E2
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F1D2F7FB5F5840188C7CE73D02D3CFAF&MUID=2C77E01A1664698339C8F4D11765683A
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F1D2F7FB5F5840188C7CE73D02D3CFAF&MUID=2C77E01A1664698339C8F4D11765683A
Protocol
H2
Server
52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:47 GMT
last-modified
Tue, 25 Jun 2024 17:30:33 GMT
server
Microsoft-IIS/10.0
etag
"3190236225c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:47 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B747CD55601B4B2FA1058157BCFB5554 Ref B: SIN30EDGE0314 Ref C: 2024-07-29T14:45:48Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F1D2F7FB5F5840188C7CE73D02D3CFAF&MUID=2C77E01A1664698339C8F4D11765683A
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.ico
nordfx.com/stpl/default/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nordfx.com/stpl/default/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
4b011effc7c350f9d659defb2cba2ea9e08acd65dceddfdc6553acbb5dd00705
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1150
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 29 Mar 2016 17:20:24 GMT
server
nginx
etag
"47e-56fab958-67ef18e3a980969d;;;"
x-frame-options
DENY
content-type
image/x-icon
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
metrika_match.html
mc.yandex.ru/metrika/ Frame EC6C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://account.nordfxvn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1046
content-type
text/html
date
Mon, 29 Jul 2024 14:45:48 GMT
etag
"66a0f74a-416"
expires
Mon, 29 Jul 2024 15:45:48 GMT
last-modified
Wed, 24 Jul 2024 12:44:58 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
favicon.ico
nordfx.com/stpl/default/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://nordfx.com/stpl/default/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.37.74.78 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-ca6b35e5.vps.ovh.net
Software
nginx /
Resource Hash
4b011effc7c350f9d659defb2cba2ea9e08acd65dceddfdc6553acbb5dd00705
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:48 GMT
content-security-policy
frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1150
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 29 Mar 2016 17:20:24 GMT
server
nginx
etag
"47e-56fab958-67ef18e3a980969d;;;"
x-frame-options
DENY
content-type
image/x-icon
cache-control
max-age=315360000
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(), speaker-selection=(self), conversion-measurement=(self), focus-without-user-activation=(self), hid=(self), idle-detection=(self), interest-cohort=(self), serial=(self), sync-script=(self), trust-token-redemption=(self), window-placement=(self), vertical-scroll=(self)
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
dh9ol4uZfb
code.jivosite.com/script/widget/config/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/widget/config/dh9ol4uZfb
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/script/geo-widget/dh9ol4uZfb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
8d436c4e74a5c798d5feb16cb1130e77d118f9b650b30a196bf145b03bae626c

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 14:45:49 GMT
content-encoding
gzip
via
1.1 sharxy
server
nginx
vary
Accept-Encoding
x-cached-since
2024-07-29T13:11:12+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
x-geo-shard
ya
content-length
1475
x-node
fr5-up-gc15
expires
Mon, 29 Jul 2024 15:11:12 GMT
collect
x.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://account.nordfxvn.com
Date
Mon, 29 Jul 2024 14:45:49 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
dh9ol4uZfb
node-ya-9.jivosite.com/widget/status/455715/ 		200 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node-ya-9.jivosite.com/widget/status/455715/dh9ol4uZfb?rnd=0.21143355687361676
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/script/geo-widget/dh9ol4uZfb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.160.17.225 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
foxy/3.2 /
Resource Hash
7697f5d4f022da876b3f43057e0d0df01af32edaa06161af6e99d0b2cbbd3cc5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
frame-ancestors 'none';
date
Mon, 29 Jul 2024 14:45:50 GMT
server
foxy/3.2
x-botmode
no
x-geoip
SG;;Singapore (Outram)
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://account.nordfxvn.com
access-control-expose-headers
X-Geoip, X-Botmode
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-max-age
1728000
content-length
200
bundle_en_US.js
code.jivosite.com/js/ 		0
0
33133148
mc.yandex.ru/webvisor/ 		0
0
33133148
mc.yandex.ru/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/33133148?wv-part=1&wv-type=7&wmode=0&wv-hit=982359088&page-url=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&rn=574601757&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1722264351%3Aw%3A1600x1200%3Av%3A1400%3Az%3A480%3Ai%3A20240729224550%3Au%3A1722264348466513957%3Avf%3A6eeti2leh8yx1j1tt750xrz4rj%3Ast%3A1722264351&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:51 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 29-Jul-2024 14:45:51 GMT
content-type
image/gif
access-control-allow-origin
https://account.nordfxvn.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 29-Jul-2024 14:45:51 GMT
33133148
mc.yandex.ru/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/33133148?wv-part=1&wv-type=7&wmode=0&wv-hit=982359088&page-url=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&rn=142085248&browser-info=we%3A1%3Aet%3A1722264351%3Aw%3A1600x1200%3Av%3A1400%3Az%3A480%3Ai%3A20240729224551%3Au%3A1722264348466513957%3Avf%3A6eeti2leh8yx1j1tt750xrz4rj%3Ast%3A1722264351&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:51 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 29-Jul-2024 14:45:51 GMT
content-type
image/gif
access-control-allow-origin
https://account.nordfxvn.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 29-Jul-2024 14:45:51 GMT
33133148
mc.yandex.ru/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/33133148?wv-part=2&wv-type=7&wmode=0&wv-hit=982359088&page-url=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&rn=914171287&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1722264353%3Aw%3A1600x1200%3Av%3A1400%3Az%3A480%3Ai%3A20240729224552%3Au%3A1722264348466513957%3Avf%3A6eeti2leh8yx1j1tt750xrz4rj%3Ast%3A1722264353&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.nordfxvn.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 14:45:52 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 29-Jul-2024 14:45:52 GMT
content-type
image/gif
access-control-allow-origin
https://account.nordfxvn.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 29-Jul-2024 14:45:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
code.jivosite.com
URL
https://code.jivosite.com/js/bundle_en_US.js?rand=1720619608
Domain
mc.yandex.ru
URL
https://mc.yandex.ru/webvisor/33133148?wv-part=1&wv-type=7&wmode=0&wv-hit=982359088&page-url=https%3A%2F%2Faccount.nordfxvn.com%2Faccount%2F&rn=574601757&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1722264351%3Aw%3A1600x1200%3Av%3A1400%3Az%3A480%3Ai%3A20240729224550%3Au%3A1722264348466513957%3Avf%3A6eeti2leh8yx1j1tt750xrz4rj%3Ast%3A1722264351&t=gdpr(14)ti(1)

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| fbq function| _fbq function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| qp string| qpGtm string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| $ function| jQuery function| show function| CloseOthers function| onYouTubeIframeAPIReady object| gaGlobal function| __adroll__ string| adroll_sid object| __adroll_consent_data object| __adroll boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors object| qevents function| UET function| UET_init function| UET_push object| ueto_336f052751 object| uetq object| adroll_exp_list string| __adroll_url_category boolean| __adroll_consent string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called object| __adroll_pxl_assistant_track function| __adroll_idem0 string| adroll_seg_eid string| adroll_rule_type function| noscript_check function| fde_init_loginization function| ym function| clarity object| clarityuetq object| Ya object| yaCounter33133148 function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| jivo_config

70 Cookies

Domain/Path Name / Value
.account.nordfxvn.com/ Name: nordfx_lang_c
Value: en
.account.nordfxvn.com/ Name: PHP7SESSID
Value: jbk6imjkrr52qbea28540ek5kn
.account.nordfxvn.com/ Name: NFX_SESSION5
Value: tttvrj185s4bicknsvggnv67t6
.account.nordfxvn.com/ Name: verification_window
Value: 1
.nordfxvn.com/ Name: _ga_R6PLYM1PML
Value: GS1.1.1722264345.1.0.1722264345.60.0.0
.nordfxvn.com/ Name: _ga
Value: GA1.1.11130132.1722264346
.nordfxvn.com/ Name: _fbp
Value: fb.1.1722264345874.47452140572696355
.d.adroll.com/ Name: receive-cookie-deprecation
Value: 1
.adroll.com/ Name: receive-cookie-deprecation
Value: 1
.account.nordfxvn.com/ Name: __adroll_fpc
Value: 448108debd68a20e61a6e84b0652851e-1722264345927
.account.nordfxvn.com/ Name: __ar_v4
Value: %7CRWL6YYFSSFF6DHIMKGV3ZG%3A20240728%3A1%7CUN5ZV2YT5ZFGRMHGXBUGUT%3A20240728%3A1
.nordfxvn.com/ Name: _uetsid
Value: 3d0b7d604db911ef9cf0df30340552d1
.nordfxvn.com/ Name: _uetvid
Value: 3d0bca204db911efb7dd7de4e6de6cf2
.adnxs.com/ Name: XANDR_PANID
Value: quR2im4cHHqKapcl7uemkY77BMGged1hPl31c9eZWqUdeTFCcvem5TohOnk0vN_MXUjxXzwDgyJ-fYg_zEcRdlIRmGCewPbeYp-GuLCIBFg.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 1381813937238105353
.taboola.com/ Name: t_gid
Value: 21c57e7a-f73c-46c0-9b88-07faad4a60bd-tuctda1309a
.taboola.com/ Name: t_pt_gid
Value: 21c57e7a-f73c-46c0-9b88-07faad4a60bd-tuctda1309a
.openx.net/ Name: i
Value: 93068175-d39f-49b8-9fdf-9f5178d832d3|1722264346
.3lift.com/ Name: tluidp
Value: 2747255220118644810987
.3lift.com/ Name: tluid
Value: 2747255220118644810987
x.adroll.com/ Name: ar_debug
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBBqrp2YCEM9pnK1HGl15mimHDI8IFgwFEgEBAQH8qGaxZq9E8HgB_eMAAA&S=AQAAAm5ao2S4D5UdYxa9loMcVB8
.pubmatic.com/ Name: KRTBCOOKIE_10
Value: 22808-YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&KRTB&22883-YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&KRTB&23504-YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y&KRTB&23615-YTI2ZTM2NzU1MjQ5NGNiY2FmYTk1MWVkZGMyNzIzM2Y
.pubmatic.com/ Name: PugT
Value: 1722264344
.analytics.yahoo.com/ Name: IDSYNC
Value: 1770~2jtq
.adnxs.com/ Name: anj
Value: dTM7k!M4/rD>6NRF']wIg2GTwh2+Qf!]tbPl@/@8$-^=$U_hsvZguIP^I@3q[4j04X[.UvC^9-wBEiyF`a:ZfAIbvDHq%l.F=k^yYvo)Mt@yvw3If)y3KL9D3I?.GVnF-F
.doubleclick.net/ Name: IDE
Value: AHWqTUkfVRpJvriFEh10b9guRc-3XjvEg-5xINsC1V8BjiJog44QdHow8S5_t4BA-K4
.casalemedia.com/ Name: CMID
Value: ZqerGosFVmMAABM-AKejKQAA
.casalemedia.com/ Name: CMPS
Value: 5019
.casalemedia.com/ Name: CMPRO
Value: 5019
.bing.com/ Name: MUID
Value: 2C77E01A1664698339C8F4D11765683A
.bat.bing.com/ Name: MR
Value: 0
.d.adroll.com/ Name: __adroll
Value: a26e367552494cbcafa951eddc27233f-g_1722264346-a_1722264345
.adroll.com/ Name: __adroll_shared
Value: a26e367552494cbcafa951eddc27233f-g_1722264346-a_1722264345
.rubiconproject.com/ Name: audit_p
Value: 1|y/COmoaMolUV0lp8eiD9V1J0rbtngO8gjI2dKYmed0WJl7/YsOb2JVlZUqQHjd0i1BqWfqOV6BGM1KxoLazIt7kxm0k08nop+R4DB+iLIkEJdt26juuvt+8r0bEVVEfeTkFf6//ba3XDm4+8/vu4TzbRYRanIPrxQcop0xgPg9KSNFGJ9lYZUg5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ==
.rubiconproject.com/ Name: khaos
Value: LZ73Q2JD-I-78HQ
.rubiconproject.com/ Name: khaos_p
Value: LZ73Q2JD-I-78HQ
.rubiconproject.com/ Name: audit
Value: 1|y/COmoaMolUV0lp8eiD9V1J0rbtngO8gjI2dKYmed0WJl7/YsOb2JVlZUqQHjd0i1BqWfqOV6BGM1KxoLazIt7kxm0k08nop+R4DB+iLIkEJdt26juuvt+8r0bEVVEfeTkFf6//ba3XDm4+8/vu4TzbRYRanIPrxQcop0xgPg9KSNFGJ9lYZUg5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ==
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.rlcdn.com/ Name: rlas3
Value: i3r/JvuTpbf0l2d8s6xUNDY/yBnzoRk0f/av1lyrrhE=
www.clarity.ms/ Name: CLID
Value: 2c3732de38434f00905f65d520088cdd.20240729.20250729
.bidswitch.net/ Name: tuuid
Value: 08339c3b-d76f-45a7-935a-be9e2fd231c6
.bidswitch.net/ Name: c
Value: 1722264346
.bidswitch.net/ Name: tuuid_lu
Value: 1722264346
.nordfxvn.com/ Name: _clck
Value: ul92aa%7C2%7Cfnv%7C0%7C1671
.rlcdn.com/ Name: pxrc
Value: CJrWnrUGEgUI6AcQABIFCOhHEAA=
.pippio.com/ Name: did
Value: qoNUs9GwyAxAWHc-
.pippio.com/ Name: didts
Value: 1722264347
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.nordfxvn.com/ Name: _clsk
Value: 14sgv08%7C1722264347430%7C1%7C1%7Cx.clarity.ms%2Fcollect
.yandex.ru/ Name: i
Value: DCQR3MtuoGczmXbVqQuXvrkg9pHnazSz0Fh9eaxA4Y806GKaLeO8/qKflSs3svM0pEwnOqjVWaaELhfMzJhdZdrNW1Y=
.yandex.ru/ Name: yandexuid
Value: 7158718621722264347
.yandex.ru/ Name: yashr
Value: 808086061722264347
.nordfxvn.com/ Name: _ym_uid
Value: 1722264348466513957
.nordfxvn.com/ Name: _ym_d
Value: 1722264348
.nordfxvn.com/ Name: _ym_isad
Value: 2
mc.yandex.ru/ Name: yabs-sid
Value: 1723352681722264348
.yandex.ru/ Name: yuidss
Value: 7158718621722264347
.yandex.ru/ Name: ymex
Value: 2037624348.yrts.1722264348
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
.yandex.ru/ Name: bh
Value: KgI/MGCc1p61Bg==
.nordfxvn.com/ Name: _ym_visorc
Value: w
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2C77E01A1664698339C8F4D11765683A
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2C77E01A1664698339C8F4D11765683A
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

15 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'conversion-measurement'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'focus-without-user-activation'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'sync-script'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'trust-token-redemption'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'window-placement'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vertical-scroll'.
recommendation verbose URL: https://account.nordfxvn.com/account/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self', media-src 'self' https://code.jivosite.com https://www.mte-media.com, object-src 'self'
Strict-Transport-Security max-age=15768000
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
account.nordfxvn.com
analytics.google.com
bat.bing.com
c.bing.com
c.clarity.ms
cm.g.doubleclick.net
code.jivosite.com
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
ipv4.d.adroll.com
mc.yandex.ru
node-ya-9.jivosite.com
nordfx.com
pippio.com
pixel.rubiconproject.com
q.quora.com
s.adroll.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.clarity.ms
www.facebook.com
www.google.com.sg
www.googletagmanager.com
x.adroll.com
x.bidswitch.net
x.clarity.ms
code.jivosite.com
mc.yandex.ru
103.43.90.19
107.178.254.65
13.251.135.176
141.226.229.48
158.160.17.225
162.159.153.247
172.64.151.101
18.143.106.89
20.114.190.119
207.65.33.82
2404:6800:4003:c01::61
2404:6800:4003:c02::9b
2404:6800:4003:c1c::5e
2404:6800:4003:c1c::8a
2406:da18:22e:4f04:e21e:1154:af83:c087
2406:da18:22e:4f08:7d42:74ac:ad41:a07a
2600:9000:21b4:2c00:6:9280:1080:93a1
2620:1ec:bdf::59
2620:1ec:c11::237
2a02:6b8::1:119
2a03:2880:f00c:19:face:b00c:0:3
2a03:2880:f10c:83:face:b00c:0:25de
2a13:1ec0::1037
34.98.64.218
35.213.12.39
35.244.154.8
35.71.178.8
38.133.127.95
51.79.255.157
52.231.230.148
52.70.216.90
54.37.74.78
69.173.158.64
74.125.130.157
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01bcb6d2bbb9f55b9d4b69437acfefd9377b742a613a4cf8afd79f5c25bb424c
02176bdd06db7030c6ffbe7150aaf37050935a56d619e9f450fd7d11f2c83bdc
05ddad2f587fab9d4f1b917d1695e361e24e9517d07d1047502149ce3d127483
0aaa4cf927b0e3631cffbe62f6786810aa65348483cd950e49f634a0881b16b4
0d655638a513940ff7407036c91200cb5527e48b5b6562c9858bdcd6d4337625
115268c0df6b57d5817f6b596572675d18097acd43cceb42d3479f97b33ae903
1d87f6fedcb6211536fca445d92a8099f48c53afaaa41d11492110eda3da7d34
1e4551a3f8fbbf2a3062c0e854c502d5adf50122c15b1c579379cf2623355367
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035
270c1027dd9e2b1727e4fa18a913f013da7224e0b6459bfafbc9fc39edf890c4
2cfd76102832408620ecc34d34811d0dcb73a15cd1293398f4fae98b9a28059b
30cb381fa20871a1a763128ba00ebc0b188ad3f49b8abbe09bb5b712ec2ca8f6
3753fc065bbce9b422f37b65c1ec6f20b4db208d8a3a0f3fbda5735658f1a51b
3799543745ee73233f78a42a6b8b9966066d2632c81e40f303d96f6b82484a2b
45a28d456d046739559f7f0ba1edf7af21f2c85cfb5e077d73b423b91ce0036b
4b011effc7c350f9d659defb2cba2ea9e08acd65dceddfdc6553acbb5dd00705
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56c4df6a1d3ad829be21160c712912fad94f0b6640c50d327e7b95fb64c9768d
57f43bd8644fb95de2c82d932a7820624d5324f7f134ff199c9ba7f8dabff300
5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
67b7da47be30306af8f5d16ba1dc0b6e92421c0b004835e582dd63744d9124d4
6d44d1e3bb66dc88a612292a0417271c6743ff42310b9a1f5d434b79e50ec145
72e4f46fd80c44cb5fb8fcae82abd37f7737f79f9395c29a88c01d512043b2fd
732892518bdb107f2e08595d9af1192870680652ec668d44db1bd645b6e11d48
7697f5d4f022da876b3f43057e0d0df01af32edaa06161af6e99d0b2cbbd3cc5
76d098d41081f12682084093309fc8a4cb757acdd9af761a637c13952c5acc1b
77ded9191f3c58beaa88c74e7834fbbd487c1455a83d7da179d999839fc0a64a
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
81eccf18910e648fb37cb8ebf9940b2341bbdc21a5810e2ced06f6fc623483cb
839ff54e99f41cb146023af56f7c25c5104c6586ed47d1b46265075c04bb4cb9
88924ffd9b2f268f97bc5dd51d7e0b2d9d4bb3f632604000bc0ac62040735cb4
8a0d7d41deaf9e167101c251680fdaf177baa2105acc51a57de1a5d71867cab8
8d436c4e74a5c798d5feb16cb1130e77d118f9b650b30a196bf145b03bae626c
8d4ec9163deae77937c825228f16086ceb95d33e4b272d423b3447e7a2562a98
8eb742911d1ae21a3b851e471c2cf0e5f85ed4cb06394cc5cdee101ec8ca170c
90df60b59930b514c3a164445e40934e6e8a4fb8b903ef03500c082268223348
919004c790553eefab3ddd3b52e3dfc9a43a7e49f98d16db0e1c773ec67517ea
94baf0c35e13eafc105863e18743a8b3102c17de0f9f24a2ee219f2f22c84537
9612550642eafe49cbd13fce7c308e23c686b1c2052b6505f06e9aad72c8c9af
9862857b69e4a03033acc8937fcd7fe06a320367709f672353b264ee2dac4ace
99521b7420af9814cbb7896ca5255ff5b31b6319927c7d2c3b5b3436fb3189c4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a28a0317d85541f0f07f277090a9e8a8d1e75f6c344f49979b71d7d7caf45326
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c83944e76ae4db1d0e529cacc7b57abad21cf7c8a7a8936377855630d6b9b476
c98d561d7776c6313f9f653d942cee615065d8477ac1775e5621427e0548ac1d
d536bfd7d475af1ad6cb92975f872ace0ba9fd17b335e4566a02b2ba32e2b93a
d6e1ab0eb7766fac366f26c9d0b52566cbc34071de2fe3cb9b6db9d056884a45
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e0cdf527ba088dd26ef06200fc5bf23bae04d30d1896e147251467594e1c8d84
e1b3f3a461a4978e727f27478c60cf21ebd4e8b4a08b21cdda347199c24466f4
e26c92de4345912718899204b05274e473cd9e91be64813aba60b3dff9922b53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e1ce2caa9719342d06260776f2c73bae89bb156d133f47bbfebddb4a5f4ebf
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ec5b548db448c0e58a77fce3b2b61ced845a8fcdb83be4597bf185048884e7e8
ecaaaf79173977d2d9e7474ad9b72aeb0a01d230903dab301894a4a008abc1af
ee07ae3e0a48ec7bbf039fa7f303920ae8813aaade292433b901b2ea9c00820e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f354d09b7885951d299359c36772d29fab45e867cf21cea7c1599c02f971a0ca
f885bdcfae86b4e71a2deb60091a0966c7216d7d8ebd8261bb7ec31d12b061ab
f8b7781f7aea9bd2b9db6c42c8677d199a06ea1ebdacae99e336be35a279fbac