r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3543
Expires: Mon, 06 Feb 2023 17:59:52 GMT
Date: Mon, 06 Feb 2023 17:00:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15502
Expires: Mon, 06 Feb 2023 21:19:11 GMT
Date: Mon, 06 Feb 2023 17:00:49 GMT
Connection: keep-alive
register.fxtm.com/gold-1/
3.126.202.50301 Moved Permanently 0 B URL HTTP/1.1 register.fxtm.com/gold-1/
IP 3.126.202.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gold-1/ HTTP/1.1
Host: register.fxtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
date: Mon, 06 Feb 2023 17:00:49 GMT
content-length: 0
location: https://register.fxtm.com/gold-1/
x-proxy-backend: page-server
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11196
Expires: Mon, 06 Feb 2023 20:07:25 GMT
Date: Mon, 06 Feb 2023 17:00:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 16:34:05 GMT
content-type: application/json
age: 1604
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YNsw5Oz+s4dWuWyk9pCZy+6djHR590e7iQYrxEzqW5s6YTWP0DkMgnLrlT7LvwSjtieavA3jR7Y=
x-amz-request-id: FYKN8JTQQAEER3SD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 16:54:49 GMT
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
age: 360
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 17:00:49 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e987b0c5fed6b0dc637df23ae064c56c
17fea37bd044bdd9c7e8fcb02f3e911d3d2eeb4f
a1ba173bbde533c4a56af0b480fe9486193ab683498218b171f50d91e952fa83
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1BA173BBDE533C4A56AF0B480FE9486193AB683498218B171F50D91E952FA83"
Last-Modified: Sun, 05 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13833
Expires: Mon, 06 Feb 2023 20:51:22 GMT
Date: Mon, 06 Feb 2023 17:00:49 GMT
Connection: keep-alive
register.fxtm.com/gold-1/
3.126.202.50200 OK 18 kB URL HTTP/1.1 register.fxtm.com/gold-1/
IP 3.126.202.50:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (24710)
Hash f02015ce59a4c018d1b67de641be5be2
148bf5f58948684fdba63915acb2210bd587c7d7
188a8ddf21c7ee5273212947d4884ce96bc11dcf148dd013704e041bb2bf31a7
GET /gold-1/ HTTP/1.1
Host: register.fxtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
date: Mon, 06 Feb 2023 17:00:49 GMT
content-type: text/html; charset=utf-8
content-length: 17588
set-cookie: ubvs=05b3027d-3a1a-48b9-b9da-8dd7a9dfd9f7; Max-Age=15552000; Path=/; SameSite=Lax
ubvt=v2%7C05b3027d-3a1a-48b9-b9da-8dd7a9dfd9f7%7C038ac3a4-f557-41ac-b9b2-7fe8c6e1d529%3Aa%3Asingle; Max-Age=259200; Domain=fxtm.com; Path=/; SameSite=Lax
ubpv=a%2C038ac3a4-f557-41ac-b9b2-7fe8c6e1d529; Max-Age=15897600; Path=/gold-1/; SameSite=Lax
content-location: https://register.fxtm.com/gold-1/
etag: "a:05b3027d3a1a48b9b9da8dd7a9dfd9f7"
link: <https://register.fxtm.com/gold-1/>; rel="canonical"
x-unbounce-pageid: 038ac3a4-f557-41ac-b9b2-7fe8c6e1d529
x-unbounce-variant: a
x-unbounce-visitorid: 05b3027d-3a1a-48b9-b9da-8dd7a9dfd9f7
content-encoding: gzip
x-proxy-backend: page-server
builder-assets.unbounce.com/published-css/main-7b78720.z.css
54.230.111.53200 OK 2.9 kB URL HTTP/2 builder-assets.unbounce.com/published-css/main-7b78720.z.css
IP 54.230.111.53:0
File type ASCII text, with very long lines (15017)
Hash 3d27e56a34e34b278ab5e182cbc3b587
b871dae022b6537150e18df2bbf266caaa013fdc
3646920461d3a5dd11dfb46a1d063bee0eaad079e9d3e9341942f24f3688401f
GET /published-css/main-7b78720.z.css HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 2902
date: Sat, 21 Jan 2023 01:22:01 GMT
last-modified: Wed, 23 Nov 2022 23:24:30 GMT
etag: "3d27e56a34e34b278ab5e182cbc3b587"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gSkdOMVH5fp7xBUf-B34RYP9gf7a0C8TQflyCK6BB3nhs4VNLA4BOA==
age: 1438729
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
142.250.74.138200 OK 25 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (820)
Hash cc24419c482370498f3c227ac73d666b
37fc103ace873f47102e0ca88eb4735bc6806750
152fa070788f0cf29dc062f03860897c39c7ffa13e6eee2dc3e5dc131ecbc7aa
GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 24715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 12:12:10 GMT
expires: Sat, 03 Feb 2024 12:12:10 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 276520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-WNLJ72F
142.250.74.78200 OK 44 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-WNLJ72F
IP 142.250.74.78:0
File type ASCII text, with very long lines (1759)
Hash fdad100f9feb9cd456738e2182eb3c7d
1c30045719f95bc3902bb4220875860b979deec1
e6b3c0dfd040b8696ac6aaa86bba768a75fec2b54337605d942ac60a7dd14f0d
GET /optimize.js?id=OPT-WNLJ72F HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 17:00:50 GMT
expires: Mon, 06 Feb 2023 17:00:50 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44216
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 16:51:19 GMT
age: 571
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13800
Expires: Mon, 06 Feb 2023 20:50:50 GMT
Date: Mon, 06 Feb 2023 17:00:50 GMT
Connection: keep-alive
push.services.mozilla.com/
54.149.149.164101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.149.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ETFORg6I6GUgUx/6JI0DDQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MSadmhcmbInMr9iqNSuefiez7tE=
my.forextime.com/widget.php?type=new&company=global
104.18.231.99200 OK 3.8 kB URL HTTP/2 my.forextime.com/widget.php?type=new&company=global
IP 104.18.231.99:0
File type HTML document, ASCII text, with very long lines (10817)
Hash d4cda41677b91b07cf2353078cb3e9fa
f248b10f5a1b61e17b48230425e78be43e7328f9
baf21afb010af42ed81b4998a66d4f7f9cf2c3344c0c5cc9bf288fb1e0e8e8e4
GET /widget.php?type=new&company=global HTTP/1.1
Host: my.forextime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:51 GMT
content-type: application/javascript
content-length: 3804
cache-control: no-cache
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 795571c2af9d0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
register.fxtm.com/track?referer=
3.126.202.50404 Not Found 47 B URL HTTP/1.1 register.fxtm.com/track?referer=
IP 3.126.202.50:0
File type ASCII text, with no line terminators
Hash f9ae9006943e3a67b95ca4c6c733b6d4
9f9e7a7e2602d29e4df8c38df6277ab37fb1b079
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457
GET /track?referer= HTTP/1.1
Host: register.fxtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/gold-1/
Cookie: ubvs=05b3027d-3a1a-48b9-b9da-8dd7a9dfd9f7; ubvt=v2%7C05b3027d-3a1a-48b9-b9da-8dd7a9dfd9f7%7C038ac3a4-f557-41ac-b9b2-7fe8c6e1d529%3Aa%3Asingle
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
date: Mon, 06 Feb 2023 17:00:51 GMT
content-type: text/plain; charset=utf-8
content-length: 47
x-proxy-backend: page-server
builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js
54.230.111.53200 OK 34 kB URL HTTP/2 builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js
IP 54.230.111.53:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0bf2d86152e7e3622dcf4ab19253e64e
9a015eef382e2480a2c3b73d544c09be863e61f5
b3c5554c340fffc058eed76a88380e202f5ff8389753a180860498f76ab70643
GET /published-js/main.bundle-5dc4c52.z.js HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 33506
date: Tue, 17 Jan 2023 04:58:48 GMT
last-modified: Wed, 23 Nov 2022 23:24:26 GMT
etag: "0bf2d86152e7e3622dcf4ab19253e64e"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: pKHv9xoCp.Oeede.gA0bUZ9Qn6jRS9cc
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FjDkeBnXXT99H6UJvPwAsMpdnmGu7MEO4LFBb_d-LFMIMNrAWFLj6g==
age: 1771324
X-Firefox-Spdy: h2
d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
54.230.111.16200 OK 1.9 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
IP 54.230.111.16:0
Hash fde4d3457a50df6eb5c2e00c8f2ae5b3
e5cf16a28cc4234d5eaa77b2b0dd53f3522aa135
268ae6468593e886241a5aad414e64f7775e7ac13311ab55e9d35e34a24129ba
GET /ub.js?1673990108 HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1865
date: Tue, 17 Jan 2023 21:41:41 GMT
last-modified: Tue, 17 Jan 2023 21:14:25 GMT
etag: "fde4d3457a50df6eb5c2e00c8f2ae5b3"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kHEuj-FnRSJb4sm0qjaq8PYeWCbcZpoEwJCotM0yHNCfz0etlogVeA==
age: 1711151
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/d7a10890-banner-gold.png
54.230.245.21200 OK 185 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/d7a10890-banner-gold.png
IP 54.230.245.21:0
File type PNG image data, 1920 x 613, 8-bit colormap, non-interlaced\012- data
Size 185 kB (184801 bytes)
Hash 57ab158d5f8730568d0f8c788ef333ff
f0f0affc72ec068e19803e4165986c4edeff025c
b65e67e22d34f4a3ad216f39628f19353e672f2a2e535e1b0a536e1dcf931772
GET /register.fxtm.com/gold-1/d7a10890-banner-gold.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 184801
date: Tue, 24 Jan 2023 14:52:54 GMT
last-modified: Tue, 24 Jan 2023 14:52:31 GMT
etag: "57ab158d5f8730568d0f8c788ef333ff"
cache-control: max-age=31557600
x-amz-version-id: kLVrifNFj.l4Lj0y4aVYHCHGZOLQptCI
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1oES7UegFy1AU8IozQc8L725x8qFOch9dHRs4c-yvSbPuxDcCm8ExQ==
age: 1130878
X-Firefox-Spdy: h2
d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
54.230.111.16200 OK 30 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
IP 54.230.111.16:0
File type ASCII text, with very long lines (64903)
Hash 73de733c308b8b5e44d2a6242dc4bd99
2f43a0cd155124d65ab5ce3574abc5f82b45fcf9
cf4ff4a67675a54e9a9469d967c77fba778ccf839a98119d246012447eb44ea3
GET /sp-2.14.0.js HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 30399
date: Sun, 11 Dec 2022 09:08:36 GMT
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
etag: "73de733c308b8b5e44d2a6242dc4bd99"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G4Yi5Y8rjIFlVTjohwHeAR_ddO2i6nJzotT_mGYxyrYgz52xdTUXbg==
age: 4953136
X-Firefox-Spdy: h2
my.forextime.com/en/identity/registration/assets/fonts/sourcesanspro-regular.woff2
104.18.231.99200 OK 27 kB URL HTTP/2 my.forextime.com/en/identity/registration/assets/fonts/sourcesanspro-regular.woff2
IP 104.18.231.99:0
File type Web Open Font Format (Version 2), TrueType, length 27248, version 1.0\012- data
Hash 87a782df623610acdf66fe51b185c95c
57d45105e98c4fb6ae5a3935741f086c7fae7cee
52862c2d13e4544f4ea4eb963543c017ac6cb91a6ee0627caec4a39c45657f73
GET /en/identity/registration/assets/fonts/sourcesanspro-regular.woff2 HTTP/1.1
Host: my.forextime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.forextime.com/en/identity/registration/?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:51 GMT
content-type: font/woff2
content-length: 27248
last-modified: Tue, 24 Jan 2023 09:17:31 GMT
etag: "63cfa22b-6a70"
my-country: NO
accept-ranges: bytes
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 795571c489620b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jssdkcdns.mparticle.com/js/v2/us1-7e64e961d63ef3498e1ff29e51ea3b54/mparticle.js
151.101.194.133200 OK 130 kB URL HTTP/2 jssdkcdns.mparticle.com/js/v2/us1-7e64e961d63ef3498e1ff29e51ea3b54/mparticle.js
IP 151.101.194.133:0
File type ASCII text, with very long lines (63954)
Size 130 kB (129565 bytes)
Hash d7b34cb71b7a320a8d9bbb6b7aea0df3
8b574729303044f1461b0bda20eaff793dfc5198
797d8955f29d51b19b96745b8fdfa5c17be793e4644b08e9e4aca6eb361331c1
GET /js/v2/us1-7e64e961d63ef3498e1ff29e51ea3b54/mparticle.js HTTP/1.1
Host: jssdkcdns.mparticle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: Kestrel
cache-control: public, max-age=3600
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-origin-name: fastlyshield--shield_ssl_cache_iad_kiad7000041_IAD
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:51 GMT
age: 1
x-served-by: cache-iad-kiad7000041-IAD, cache-bma1633-BMA
x-cache: HIT, MISS
x-cache-hits: 3, 0
x-timer: S1675702851.237844,VS0,VE125
vary: Accept, Accept-Encoding
content-length: 129565
X-Firefox-Spdy: h2
my.forextime.com/en/identity/registration/assets/fonts/sourcesanspro-light.woff2
104.18.231.99200 OK 27 kB URL HTTP/2 my.forextime.com/en/identity/registration/assets/fonts/sourcesanspro-light.woff2
IP 104.18.231.99:0
File type Web Open Font Format (Version 2), TrueType, length 26696, version 2.1376\012- data
Hash 2ca324fcf6a77175abba819aa3ea0e52
4fcf073c7336084fc9d4a0a670b594d39f3a4ff9
b94dccc42998f30ff9c7cad416b18180445f2d694cca94f1f942ebfb26772204
GET /en/identity/registration/assets/fonts/sourcesanspro-light.woff2 HTTP/1.1
Host: my.forextime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.forextime.com/en/identity/registration/?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:51 GMT
content-type: font/woff2
content-length: 26696
last-modified: Tue, 24 Jan 2023 09:17:31 GMT
etag: "63cfa22b-6848"
my-country: NO
accept-ranges: bytes
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 795571c4895f0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/28709cbc-facebook_1019019000000000000000.png
54.230.245.21200 OK 1.3 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/28709cbc-facebook_1019019000000000000000.png
IP 54.230.245.21:0
File type PNG image data, 63 x 63, 8-bit colormap, non-interlaced\012- data
Hash aad7bc5836ca5e74b430a04fff4950af
c4cddbfdad32e304cb7fefaf3bca284b5e72f3d0
8d878a91cb9bd80e161cec823d142539ac8acfd94dac7559252fa8817c4ec99e
GET /register.fxtm.com/gold-1/28709cbc-facebook_1019019000000000000000.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1310
date: Thu, 27 Oct 2022 06:29:49 GMT
last-modified: Fri, 16 Sep 2022 13:07:50 GMT
etag: "aad7bc5836ca5e74b430a04fff4950af"
cache-control: max-age=31557600
x-amz-version-id: 4hkSY9PCBvyvzGaz5uJFcHoHANxQyiXP
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3-vBPoHKCyFzlieT9BUyaaykoutwg0wTahwyJdZdwSR15zhgymrsMw==
age: 8850663
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/cfeadbb1-twitter_1019019000000000000000.png
54.230.245.21200 OK 1.4 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/cfeadbb1-twitter_1019019000000000000000.png
IP 54.230.245.21:0
File type PNG image data, 63 x 63, 8-bit colormap, non-interlaced\012- data
Hash 6f99338d237ff0787401a300620cf9e0
5b09f4b8c37f33d699dbc95d109ec7a305aa5560
2261149ea8c2b1a9b17f9c1bdca9373f6b9ee85a9ccb2cf29da9fab8e2845b34
GET /register.fxtm.com/gold-1/cfeadbb1-twitter_1019019000000000000000.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1434
date: Thu, 10 Nov 2022 04:03:41 GMT
last-modified: Fri, 16 Sep 2022 13:07:50 GMT
etag: "6f99338d237ff0787401a300620cf9e0"
cache-control: max-age=31557600
x-amz-version-id: yWL45o79p6xOH0NfotlCHXK1NzhKsrBq
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wAcPflgFyl03Nqw2jwo0IvQsW9XVYoXiSJHauuaHcAkDSrtRu5bzfQ==
age: 7649831
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/4b26f41f-icons-3x_101601n000000000000000.png
54.230.245.21200 OK 980 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/4b26f41f-icons-3x_101601n000000000000000.png
IP 54.230.245.21:0
File type PNG image data, 124 x 174, 4-bit colormap, non-interlaced\012- data
Hash bed28d8f816da625b9614661ad73fd65
00bfe52d332e4606b8475b1f81f27f616b5ea3df
9a5523d8a27b31427b4ae12007bbe591af985bd8d3eacb5a3d905bbaa1723943
GET /register.fxtm.com/gold-1/4b26f41f-icons-3x_101601n000000000000000.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 980
date: Sun, 18 Sep 2022 07:18:46 GMT
last-modified: Fri, 16 Sep 2022 13:07:50 GMT
etag: "bed28d8f816da625b9614661ad73fd65"
cache-control: max-age=31557600
x-amz-version-id: b5QzgLo5RAGpjEMhCSI2ql4bYRtw1Nus
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -N8iIPXXzzWPaZm5UGqQne06EJd2V2MZcYDRh5IlCmgnMihHwUQO7Q==
age: 12217326
X-Firefox-Spdy: h2
www.forextime.com/icons/favicon-32x32.png
104.18.231.99404 Not Found 208 kB URL HTTP/2 www.forextime.com/icons/favicon-32x32.png
IP 104.18.231.99:0
Size 208 kB (207875 bytes)
Hash 6712fe3cb0c40669aeeb29b87a459280
1c5c087456d3c849c392bb83baf8e91ebcf2af31
8c696ae827c6208de9e295da4cb67333105636d139e32e83fa90e103c19c407d
GET /icons/favicon-32x32.png HTTP/1.1
Host: www.forextime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Mon, 06 Feb 2023 17:00:51 GMT
content-type: text/html
vary: Accept-Encoding
cf-cache-status: HIT
expires: Mon, 06 Feb 2023 18:00:51 GMT
cache-control: public, max-age=3600
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 795571c418f60b31-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/cabb5bbe-become-a-better-trader_102001w000000000000000.png
54.230.245.21200 OK 978 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/cabb5bbe-become-a-better-trader_102001w000000000000000.png
IP 54.230.245.21:0
File type PNG image data, 215 x 201, 4-bit colormap, non-interlaced\012- data
Hash 97e348ab97dc58de39310c7fb30abf6a
a883a578074a59b158f8994997bec1c7e5538361
bf8156c313fc13259fcb76f3a0bbace48fc6647797964e2fb0d8bc4820033709
GET /register.fxtm.com/gold-1/cabb5bbe-become-a-better-trader_102001w000000000000000.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 978
date: Fri, 28 Oct 2022 01:43:04 GMT
last-modified: Fri, 16 Sep 2022 13:07:50 GMT
etag: "97e348ab97dc58de39310c7fb30abf6a"
cache-control: max-age=31557600
x-amz-version-id: GNtJ5eyCNhf1V9tObOdDkuRv2J9Cyoi2
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bOu42vvV6b4mDESP3EXAlvr6EZsWryefdKNOqapYHGCRinHWpUp2Ng==
age: 8781468
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/82470cde-instagram_1019019000000000000000.png
54.230.245.21200 OK 5.1 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/82470cde-instagram_1019019000000000000000.png
IP 54.230.245.21:0
File type PNG image data, 63 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash e863af6521e0e19c10f8f726d1b6841d
286432de1c2f836c8b22658f790c0d5b950d7543
d002599722ac76197f7d2d428cf6cb3e2c9386d22ac1cfcc82c2d7ade5af8dbb
GET /register.fxtm.com/gold-1/82470cde-instagram_1019019000000000000000.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 5138
date: Wed, 09 Nov 2022 01:59:40 GMT
last-modified: Fri, 16 Sep 2022 13:07:50 GMT
etag: "e863af6521e0e19c10f8f726d1b6841d"
cache-control: max-age=31557600
x-amz-version-id: _HV4Wo4Jbx.ry6i6DP.jVCj1YfVqgVO2
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IyJq_v0T_xtUU2ipfy1tuGBPegXIJ42nyCGJ-vM9MHO8sXnej-JvTw==
age: 7743672
X-Firefox-Spdy: h2
my.forextime.com/en/identity/registration/assets/css/loader.css
104.18.231.99200 OK 122 kB URL HTTP/2 my.forextime.com/en/identity/registration/assets/css/loader.css
IP 104.18.231.99:0
Size 122 kB (122352 bytes)
Hash 98815eed6ac2e2892d5a607a47f67d52
c041e7cfcec0dfefab319702f6d4f234a95cdd00
38e43db503458ac110ccfb2d3acdeac7a40b3b4a959b1cbddce59c705fad4643
GET /en/identity/registration/assets/css/loader.css HTTP/1.1
Host: my.forextime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.forextime.com/en/identity/registration/?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:51 GMT
content-type: text/css
last-modified: Tue, 24 Jan 2023 09:17:31 GMT
etag: W/"63cfa22b-2f5"
my-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 795571c4896c0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/e5fc8b40-icons-3x_101v01p000000000000000.png
54.230.245.21200 OK 2.8 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/e5fc8b40-icons-3x_101v01p000000000000000.png
IP 54.230.245.21:0
File type PNG image data, 199 x 181, 8-bit colormap, non-interlaced\012- data
Hash 7afc7c5227f3327e6dc2bb352eb8199f
a04742b99e37dc0d8166823c71e5c43e004d8a04
4b46999d004e6163e00ddbdfd9b9af1ecec3ee8db25b5fd2549170edb70eb018
GET /register.fxtm.com/gold-1/e5fc8b40-icons-3x_101v01p000000000000000.png HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2781
date: Sat, 05 Nov 2022 08:11:33 GMT
last-modified: Fri, 16 Sep 2022 13:07:50 GMT
etag: "7afc7c5227f3327e6dc2bb352eb8199f"
cache-control: max-age=31557600
x-amz-version-id: OPeOZIlPxWI1.5BWZ9n1_pxEhiGjCjFd
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AzdjT1G892R5x6t5XhAyuOMawdXySnQa5zC0X9VCdLU0leesaZHhDQ==
age: 8066959
X-Firefox-Spdy: h2
fonts.ub-assets.com/css?family=Source+Sans+Pro:600,300,regular
54.230.111.19200 OK 670 B URL HTTP/2 fonts.ub-assets.com/css?family=Source+Sans+Pro:600,300,regular
IP 54.230.111.19:0
Hash aae59880abeac1a7f52ed564b6d7be35
93732167b6db87addc3f88504ea1c7eddb911626
e087e48c5b8a68c18bd7932ef2b5690d61939dbbebbd791d4094fa64a749b660
GET /css?family=Source+Sans+Pro:600,300,regular HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 670
date: Mon, 06 Feb 2023 17:00:51 GMT
x-amzn-requestid: 153ae469-14a3-4acf-8870-f32a53ab8504
x-xss-protection: 0
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-amz-apigw-id: f7TKlFk8oAMFWhA=
cache-control: private, max-age=86400
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-63e13243-6241d043795b26ef66d54509
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qU5i7PkzwZ-1nfuzkTol5U2XWc9kaNLDkhqy8opp8j1M9ZH_ErGZYQ==
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/98114653-grey-map.svg
54.230.245.21200 OK 20 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/98114653-grey-map.svg
IP 54.230.245.21:0
Hash 161f19208ac885c0a653a52169a57325
9d3a2184a592a40b3abd3d74778d1621cbd49963
48f43ab4ae4bff9e6a9173660b73c48e01f2a0e47e43423679dcf8de91632142
GET /register.fxtm.com/gold-1/98114653-grey-map.svg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 02 Sep 2022 08:49:45 GMT
last-modified: Wed, 31 Aug 2022 07:35:33 GMT
etag: W/"90334e87879828f27aa771aed611fc0d"
cache-control: max-age=31557600
x-amz-version-id: 2.W_KXSq2ivueJYz_v3wT0R7wo3a7y3O
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jLlLGaYgnzzbsUatOourfSWQhM22lEEkhlNQIc8VG9H6kcKwwhRuGg==
age: 13594267
X-Firefox-Spdy: h2
fonts.ub-assets.com/fonts/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
54.230.111.19200 OK 13 kB URL HTTP/2 fonts.ub-assets.com/fonts/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 54.230.111.19:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /fonts/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://fonts.ub-assets.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 13052
date: Fri, 09 Dec 2022 06:39:54 GMT
x-amzn-requestid: 3b7d4b37-f5d0-413f-85b6-dbb6e912678f
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-xss-protection: 0
access-control-allow-origin: *
x-amzn-remapped-content-length: 13052
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: c3a5OEIpIAMFt9g=
cache-control: public, max-age=31536000
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-6392d83a-3f619cfe06be2f864546b34a
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7CKQKGkHZj-1ZrtvG5YUg06RkV1_fALno-a3Rd3slk3U6u34b-cpNQ==
age: 5134857
X-Firefox-Spdy: h2
fonts.ub-assets.com/fonts/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
54.230.111.19200 OK 13 kB URL HTTP/2 fonts.ub-assets.com/fonts/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
IP 54.230.111.19:0
File type Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Hash 1c772d9d0531b187db80bcfc199c1786
c0c04fb334190e10dffed0dcc5c817c2a6041a15
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
GET /fonts/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://fonts.ub-assets.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 12956
date: Sun, 11 Dec 2022 03:08:07 GMT
x-amzn-requestid: ca290298-6fce-43d1-93c3-fef51a3bd535
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-xss-protection: 0
access-control-allow-origin: *
x-amzn-remapped-content-length: 12956
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: c9hvuGAvoAMF8Mg=
cache-control: public, max-age=31536000
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-63954997-5ccd1a443684817f2c9ff8ae
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ASkfjnLQccaYL23AseoXR6hhed0yUtK96uNtEHcBk5MVKwk8sgL8cg==
age: 4974764
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-768686761
142.250.74.40200 OK 69 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-768686761
IP 142.250.74.40:0
File type ASCII text, with very long lines (9819)
Hash 006b60106f9bd626c20cd85880290ba3
bc12b75936cbca313b54add669c15a8a397a54e7
1ea56e6db8025828c485032be8b92f217ce90af51992680fd2cb3d45111d2fe9
GET /gtag/js?id=AW-768686761 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 17:00:51 GMT
expires: Mon, 06 Feb 2023 17:00:51 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-8LDLLTEV0V
142.250.74.40200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-8LDLLTEV0V
IP 142.250.74.40:0
File type ASCII text, with very long lines (21849)
Hash 0c4d9567ce32d677c247b972f516978e
7188ebd252c7b95b2daae4e6a9d908a0f8bb3a45
f2cbc5ac7cb957fff4ef9787f3f6d6208429c31d667a17b92d7779975cc94b91
GET /gtag/js?id=G-8LDLLTEV0V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 17:00:51 GMT
expires: Mon, 06 Feb 2023 17:00:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77575
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.ub-assets.com/fonts/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
54.230.111.19200 OK 13 kB URL HTTP/2 fonts.ub-assets.com/fonts/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 54.230.111.19:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /fonts/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.ub-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://fonts.ub-assets.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 13036
date: Thu, 24 Nov 2022 08:27:50 GMT
x-amzn-requestid: 67f38248-5b3e-42e2-9bed-5b6e6ecdac2e
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-xss-protection: 0
access-control-allow-origin: *
x-amzn-remapped-content-length: 13036
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amz-apigw-id: cGOpBG0-IAMFblQ=
cache-control: public, max-age=31536000
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-637f2b06-6ea340235b7374631136ccdb
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LfwU_eIElzAGJj8ORs7NjHQxPrOB_0toj_-rNZxaHX3hANODfD1s0w==
age: 6424381
X-Firefox-Spdy: h2
events.ub-analytics.com/i?stm=1675702897073&e=pv&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&page=FXTM%20%7C%20Trade%20Gold&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=5cce54b1-60a6-4955-aabf-a4916c00bb42&dtm=1675702897071&vp=1280x939&ds=1268x4297&vid=1&sid=4ab61d2a-8053-43b5-aa71-8f5e9d7b2ee5&duid=e4c1d92c-791e-44e4-b71e-3656d5f28367&uid=05b3027d-3a1a-48b9-b9da-8dd7a9dfd9f7&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMDM4YWMzYTQtZjU1Ny00MWFjLWI5YjItN2ZlOGM2ZTFkNTI5IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
34.238.109.20200 OK 43 B URL HTTP/2 events.ub-analytics.com/i?stm=1675702897073&e=pv&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&page=FXTM%20%7C%20Trade%20Gold&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=5cce54b1-60a6-4955-aabf-a4916c00bb42&dtm=1675702897071&vp=1280x939&ds=1268x4297&vid=1&sid=4ab61d2a-8053-43b5-aa71-8f5e9d7b2ee5&duid=e4c1d92c-791e-44e4-b71e-3656d5f28367&uid=05b3027d-3a1a-48b9-b9da-8dd7a9dfd9f7&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMDM4YWMzYTQtZjU1Ny00MWFjLWI5YjItN2ZlOGM2ZTFkNTI5IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
IP 34.238.109.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /i?stm=1675702897073&e=pv&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&page=FXTM%20%7C%20Trade%20Gold&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=5cce54b1-60a6-4955-aabf-a4916c00bb42&dtm=1675702897071&vp=1280x939&ds=1268x4297&vid=1&sid=4ab61d2a-8053-43b5-aa71-8f5e9d7b2ee5&duid=e4c1d92c-791e-44e4-b71e-3656d5f28367&uid=05b3027d-3a1a-48b9-b9da-8dd7a9dfd9f7&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMDM4YWMzYTQtZjU1Ny00MWFjLWI5YjItN2ZlOGM2ZTFkNTI5IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19 HTTP/1.1
Host: events.ub-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:51 GMT
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
server: akka-http/10.0.9
X-Firefox-Spdy: h2
cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
54.230.245.120200 OK 19 kB URL HTTP/2 cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
IP 54.230.245.120:0
File type ASCII text, with very long lines (60877)
Hash e7ee6bc7f428f90fb1b1ed0e94b9f835
12a8cedc4a363af306b438111de73bc4d8b399d7
4bdadec687b990a491b8a797c8fbfbea6e30b2a28bda402760262bbfc982a3af
GET /libs/amplitude-7.2.1-min.gz.js HTTP/1.1
Host: cdn.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 19222
date: Wed, 31 Aug 2022 05:08:18 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Tue, 22 Sep 2020 19:51:25 GMT
etag: "e7ee6bc7f428f90fb1b1ed0e94b9f835"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7KoOGipb5UPsCCfHkM4G837tJsoT5khV58fWtcnvC64AR6g3EFfH5g==
age: 13780354
X-Firefox-Spdy: h2
platform.twitter.com/oct.js
93.184.220.66301 Moved Permanently 0 B URL HTTP/1.1 platform.twitter.com/oct.js
IP 93.184.220.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /oct.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Date: Mon, 06 Feb 2023 17:00:51 GMT
Location: https://static.ads-twitter.com/oct.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70B)
Server-Timing: x-cache;desc= ,x-tw-cdn;desc=VZ
x-tw-cdn: VZ
Content-Length: 0
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 06 Feb 2023 15:45:20 GMT
expires: Mon, 06 Feb 2023 17:45:20 GMT
cache-control: public, max-age=7200
age: 4531
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4041
Expires: Mon, 06 Feb 2023 18:08:12 GMT
Date: Mon, 06 Feb 2023 17:00:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4041
Expires: Mon, 06 Feb 2023 18:08:12 GMT
Date: Mon, 06 Feb 2023 17:00:51 GMT
Connection: keep-alive
identity.mparticle.com/v1/identify
151.101.2.133204 No Content 0 B URL HTTP/2 identity.mparticle.com/v1/identify
IP 151.101.2.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/identify HTTP/1.1
Host: identity.mparticle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-mp-key
Referer: https://register.fxtm.com/
Origin: https://register.fxtm.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Kestrel
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:51 GMT
via: 1.1 varnish
age: 2035
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 336
x-timer: S1675702852.876839,VS0,VE0
strict-transport-security: max-age=900
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 262283a921f231669fd41486228a6e9a
4b96dcb2cd03f53280d2ecf5ccb249b0b32e6e97
13b8cc87c28e0113401d88f89971eb966afde870a3e4be2602ff34942e81862d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 67797
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dbe304b5138a360ff07a9842bcf6a7f
00572f7667e322c9ef34bc35b7998c1c172dd34c
d63c58d6c96e23c61b92272de8c2aab01f4cf85f3420cc434c05447d355b1c77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9108
x-amzn-requestid: a3bffa19-86ce-4a59-b826-551deddb3e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fostZG2xIAMF0wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9c188-18acd7311c6190c9486e86ac;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 01:34:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oTDUyAr6LGDkH6Q8QCyx0Rc-wCE-fh5sEfjFm5jheeApNuv7VLh4Ow==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:45:42 GMT
age: 69309
etag: "00572f7667e322c9ef34bc35b7998c1c172dd34c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FRZf4nkQyttwihy5BBbuHzT9lYQvBPqcOTdT5esu46vqMTvXAi5aQw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:57:24 GMT
age: 68607
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 69042
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/3cb2ed38-quotation-mark-close.svg
54.230.245.21200 OK 9.2 kB URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/3cb2ed38-quotation-mark-close.svg
IP 54.230.245.21:0
Hash 55d9cb189fbe7828cd1b85be4b313799
5be40c78d888b216e4c25f684a70c81f43cb6ea9
ad08809776d269c87faeba2a70ed65a72950a464d38ba5b94a67eeab14354cec
GET /register.fxtm.com/gold-1/3cb2ed38-quotation-mark-close.svg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 27 Oct 2022 06:29:49 GMT
last-modified: Fri, 16 Sep 2022 13:07:50 GMT
etag: W/"34d7e436457b0d5e51713747afbccd4f"
cache-control: max-age=31557600
x-amz-version-id: 5JHvcfaH5m6QhQcG1Junvdh6z_GCzKsp
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mTgt8WpI-uAithd5yjU_fDjwx2JCS68C_jOaPErrexskk-IfwP5r4Q==
age: 8850663
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6107217bc206ebf204dfcf832cffc04
4f370e81106ef09ce9294eaa074ff6922197ded0
2cc25b8ddf56ceb274bd147d4e54f3fc386a97f984aa3a7bcc19f083fe68b94f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3943
x-amzn-requestid: 918fd8d6-0118-4548-9380-e3078577a876
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzWBtEdKoAMFwnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de03a4-6d8ffde860d89fbc513a20f9;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:05:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZRVPNp0hKlSBXYjgbVfF8MGqNMHCKF2T4fAqflvZz8z-Uy9bKR9HhA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 07:09:53 GMT
age: 35458
etag: "4f370e81106ef09ce9294eaa074ff6922197ded0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/768686761/?random=1675702897595&cv=11&fst=1675702897595&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold&auid=268766424.1675702898&data=event%3Dgtag.config&rfmt=3&fmt=4
216.58.207.194200 OK 890 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/768686761/?random=1675702897595&cv=11&fst=1675702897595&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold&auid=268766424.1675702898&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 216.58.207.194:0
File type ASCII text, with very long lines (1875), with no line terminators
Hash 14176d4e06a5e9e3141e7a6b13861576
d0e8a883a430a41b21bdbd50c661dd5a2678d53e
edd73859f7b352fc31fdd7055c67c41d8a813489d4b0479d1727fcceb50c0935
GET /pagead/viewthroughconversion/768686761/?random=1675702897595&cv=11&fst=1675702897595&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold&auid=268766424.1675702898&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 17:00:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 890
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 06-Feb-2023 17:15:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 262283a921f231669fd41486228a6e9a
4b96dcb2cd03f53280d2ecf5ccb249b0b32e6e97
13b8cc87c28e0113401d88f89971eb966afde870a3e4be2602ff34942e81862d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.ads-twitter.com/oct.js
151.101.244.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/oct.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /oct.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://register.fxtm.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:51 GMT
x-served-by: cache-iad-kiad7000092-IAD, cache-hel1410021-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
ob.cheqzone.com/clicktrue_invocation.js?id=11463
54.230.111.58200 OK 32 kB URL HTTP/2 ob.cheqzone.com/clicktrue_invocation.js?id=11463
IP 54.230.111.58:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 34324a5ec7345151657efc3c850fe2f8
7ab2aa537265ade4d3215264931e67446af2337d
32314fdc58a464d1a13bddd1665181e1a826ec76d480c90b0a4f29f7ff7be9d2
GET /clicktrue_invocation.js?id=11463 HTTP/1.1
Host: ob.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 31876
content-encoding: gzip
etag: "1570d-KpPBg68XdWZ8G+p6SoMdcdAxMZo"
server: Caddy
cache-control: max-age=43200
date: Mon, 06 Feb 2023 07:59:24 GMT
expires: Mon, 06 Feb 2023 19:59:24 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _5MpmpwTXDv1BgSg2coq2G-Bs2Dh6VEJD5UOkZ-1YiVNNQH4xnPEnQ==
age: 32488
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a1b0adb1c8292e353e84a56a163dddf0
e72fe20524a0cc1d6077eeef4445bd24cae46a60
d82c206adfc4b455e24ae565256cca03e48944af39dbbef0c704ddfc1cce501a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.forextime.com/api/js/api/registration/check
104.18.231.99200 OK 0 B URL HTTP/2 my.forextime.com/api/js/api/registration/check
IP 104.18.231.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/js/api/registration/check HTTP/1.1
Host: my.forextime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 13
Origin: https://my.forextime.com
Connection: keep-alive
Referer: https://my.forextime.com/en/identity/registration/?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true
Cookie: isUnbounceDomain=true; isAllowedDomain=false; company=uk; currentWWWUrl=https://register.fxtm.com/; language=en; origin=https://register.fxtm.com; topUrl=https://register.fxtm.com/; redirect=; redirect_auth=; redirect_login=; country=NO
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:52 GMT
content-type: application/json
content-length: 0
set-cookie: SESSe3e38161f9885fcea8b5789dd86182fa=-ZOU7ezMH9oW9vRVy5re24-CmkngD6f6REVMasA0n38; expires=Wed, 01-Mar-2023 20:34:12 GMT; Max-Age=2000000; path=/; domain=.myapi.forextime.com; HttpOnly
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 795571c90e650b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.65.140200 OK 14 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.65.140:0
Hash 549d1e99be65bda6916cba9c1ec067e0
dfc1a69f243a564d7540642cb7c82622a2ca8cec
ce17c69843b9cac3220052c34b571276d43760907f39d4eddc750e72774814b4
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7356
X-Firefox-Spdy: h2
9234067.fls.doubleclick.net/activityi;src=9234067;type=brows0;cat=allpa0;ord=9968966988298;gtm=45He3210;auiddc=268766424.1675702898;u10=undefined;u3=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;u11=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;~oref=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F?
142.250.74.70200 OK 257 B URL HTTP/2 9234067.fls.doubleclick.net/activityi;src=9234067;type=brows0;cat=allpa0;ord=9968966988298;gtm=45He3210;auiddc=268766424.1675702898;u10=undefined;u3=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;u11=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;~oref=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (567), with no line terminators
Hash f026ffa5b5b54a81ed5b13d56cd0611a
25de60899e3ab9c6d64878b95e68ef1ce347cf88
3ad511fab9bd44ce9341b36a539b9bf234dc0374fe023f61ce30edc65acd0938
GET /activityi;src=9234067;type=brows0;cat=allpa0;ord=9968966988298;gtm=45He3210;auiddc=268766424.1675702898;u10=undefined;u3=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;u11=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;~oref=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F? HTTP/1.1
Host: 9234067.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 17:00:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 257
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 06-Feb-2023 17:15:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a1b0adb1c8292e353e84a56a163dddf0
e72fe20524a0cc1d6077eeef4445bd24cae46a60
d82c206adfc4b455e24ae565256cca03e48944af39dbbef0c704ddfc1cce501a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 8a44e89445df884dde4141d6b4f87335
272928bf5f0ada723ef8e87ae6b6ea04e236098f
8082592ff1324d4062bfd958346cdefa4198d219a02b66c1d89389fc479cc7b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5587
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:52 GMT
Last-Modified: Mon, 06 Feb 2023 15:27:45 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
globessl.ocsp.sectigo.com/
104.18.32.68200 OK 471 B URL HTTP/1.1 globessl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 5175580b2ceed4ed69d8c06a3bc4cea7
b8d5e93bcfe3315998a303e9c44c34388b7d982a
9157edbfdd88b43829e2f6d5ca832c45397e6810d2b5a73470c28a5ec565349b
POST / HTTP/1.1
Host: globessl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 17:00:52 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 22:18:43 GMT
Expires: Fri, 10 Feb 2023 22:18:42 GMT
Etag: "b8d5e93bcfe3315998a303e9c44c34388b7d982a"
Cache-Control: max-age=364069,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795571c35b83b503-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4cb6b258-f4c9-4a04-aae5-133447c4318d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=197f63f0-4d1a-467c-8b95-064133d9bc42&tw_document_href=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tw_iframe_status=0&txn_id=oadtt&type=javascript&version=2.3.29
104.244.42.197200 OK 43 B URL HTTP/2 t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4cb6b258-f4c9-4a04-aae5-133447c4318d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=197f63f0-4d1a-467c-8b95-064133d9bc42&tw_document_href=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tw_iframe_status=0&txn_id=oadtt&type=javascript&version=2.3.29
IP 104.244.42.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4cb6b258-f4c9-4a04-aae5-133447c4318d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=197f63f0-4d1a-467c-8b95-064133d9bc42&tw_document_href=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tw_iframe_status=0&txn_id=oadtt&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:51 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=4841dcbc-bda6-4515-8d3c-22cbe548fa55; Max-Age=63072000; Expires=Wed, 05 Feb 2025 17:00:52 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: dc1e2b736cb91cb7
strict-transport-security: max-age=0
x-response-time: 107
x-connection-hash: 62afdc53f3a9f2e8003219f325c21cc9b25f30fd250af3dda7aa6727d64bebe7
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=9234067;type=brows0;cat=allpa0;ord=9968966988298;gtm=45He3210;auiddc=268766424.1675702898;u10=undefined;u3=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;u11=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;~oref=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F
142.250.74.66200 OK 256 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9234067;type=brows0;cat=allpa0;ord=9968966988298;gtm=45He3210;auiddc=268766424.1675702898;u10=undefined;u3=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;u11=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;~oref=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (566), with no line terminators
Hash 1564e68a0a9cfd2c4e2864380e25aa90
5762675e3d85834475059123585ea0f793c5f0a9
f1a627915f14f903e765e7e640404bbee0ab3b30150430923f27a53ff4680afa
GET /ddm/fls/i/src=9234067;type=brows0;cat=allpa0;ord=9968966988298;gtm=45He3210;auiddc=268766424.1675702898;u10=undefined;u3=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;u11=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;~oref=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9234067.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 17:00:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 45214010f2ef8a835d723fcd5b485977
346507b6da40928a8c600ef9c52fd6a7e0875344
4b4e5c2038d6fe241aedc738e0bd22052078bf365b6dade88cae752d0f06fa54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDMB9S3C77U15JGRJPGG&lib=ttq
23.36.79.17200 OK 1.3 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDMB9S3C77U15JGRJPGG&lib=ttq
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2727)
Hash e26069a993f22cef0ec3cffd025441df
84af75e0d2e08cbf5c0be3b5d22b86e3debea3c3
3198bf5c3a360ed59a7642578aa8daa6c0cf7fb349e60d6f1231006ef1f3e12f
GET /i18n/pixel/events.js?sdkid=CDMB9S3C77U15JGRJPGG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202302061700524E9732CBFA3101AA6BA8
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6089b3b0dd86ad372d352bdf5a6acd83f54e4cd382e75e0ea79b489c8c924d72426f00464300af3a67e1bae6fd1f77e1c29c5923db5fef55fb35fc50fbaa018a14bfc4fd145c3ea1658aef80e4c8d0b79950556a0aab70bb8718071112f53588d9
content-encoding: gzip
content-length: 1339
x-origin-response-time: 28,23.221.225.150
x-akamai-request-id: e96a82.1fb3f7c8
expires: Mon, 06 Feb 2023 17:00:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 06 Feb 2023 17:00:52 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2LNDsON30FIZpGRU5TvNuM9RkGL; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-221-225-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=130, origin; dur=28, inner; dur=3
x-parent-response-time: 158,23.36.79.13
X-Firefox-Spdy: h2
sdk.fra-01.braze.eu/api/v3/data/
151.101.193.208200 OK 70 kB URL HTTP/2 sdk.fra-01.braze.eu/api/v3/data/
IP 151.101.193.208:0
File type ASCII text, with very long lines (21891)
Hash 340480277a26c519c56b592070e2690c
4a1e3b7d1cd541a24b13d53cec492d9622ec6e3d
44be740f742365b08f515b4e28070315c13ca64ad33cb252c2908a62125b81a9
OPTIONS /api/v3/data/ HTTP/1.1
Host: sdk.fra-01.braze.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Referer: https://register.fxtm.com/
Origin: https://register.fxtm.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:51 GMT
via: 1.1 varnish
x-served-by: cache-bma1631-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702852.878022,VS0,VE19
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2e90fb4abc4adea51d5da8fca3895c90
9ea128cefd8a4e91bc93a306cdafdcf5c0b99a40
6de37bd6d8e446c4e3b2d739ad311f23c403bb59c6adbfade793b274da3b5f28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=9234067;type=brows0;cat=allpa0;ord=9968966988298;gtm=45He3210;auiddc=268766424.1675702898;u10=undefined;u3=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;u11=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;~oref=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F
142.250.74.162302 Found 0 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9234067;type=brows0;cat=allpa0;ord=9968966988298;gtm=45He3210;auiddc=268766424.1675702898;u10=undefined;u3=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;u11=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;~oref=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/i/src=9234067;type=brows0;cat=allpa0;ord=9968966988298;gtm=45He3210;auiddc=268766424.1675702898;u10=undefined;u3=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;u11=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;~oref=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 17:00:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://9234067.fls.doubleclick.net/ddm/fls/r/src=9234067;type=brows0;cat=allpa0;ord=9968966988298;gtm=45He3210;auiddc=268766424.1675702898;u10=undefined;u3=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;u11=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F;~oref=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
globessl.ocsp.sectigo.com/
104.18.32.68200 OK 471 B URL HTTP/1.1 globessl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 5175580b2ceed4ed69d8c06a3bc4cea7
b8d5e93bcfe3315998a303e9c44c34388b7d982a
9157edbfdd88b43829e2f6d5ca832c45397e6810d2b5a73470c28a5ec565349b
POST / HTTP/1.1
Host: globessl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 17:00:52 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 22:18:43 GMT
Expires: Fri, 10 Feb 2023 22:18:42 GMT
Etag: "b8d5e93bcfe3315998a303e9c44c34388b7d982a"
Cache-Control: max-age=364069,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795571c478b00b51-OSL
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
23.36.79.17200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 85bd96a56a6a7f09e3e7dadc7980152e
37590c595abeb315046a293a9e53632ae2128ac4
c27be18eef006f48310fb2b0c456d6bcb1f3b0298dcb6e580724923323cb48a7
GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Cookie: _ttp=2LNDsON30FIZpGRU5TvNuM9RkGL
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825D19F86481431D6BBCCFF
x-tt-trace-host: 012b38305f60bfa8a9f04bdd846fde846b507e69fff233d9a114d447ebe9f93c0f827e6bc0806bd5a24cf0439744099e1e4bba0637571d8edb56c6009f69fe5018b8e38bd5b93708ee64c377fa97874d18ceefbea8a477a7fa2bec40c3b56c69b1
content-encoding: gzip
content-length: 30917
date: Mon, 06 Feb 2023 17:00:52 GMT
x-cache: TCP_MEM_HIT from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 1fb3fd91
X-Firefox-Spdy: h2
my.forextime.com/api/sites/default/files/translations/mobile-reg/en-uk.json
104.18.231.99200 OK 5.4 kB URL HTTP/2 my.forextime.com/api/sites/default/files/translations/mobile-reg/en-uk.json
IP 104.18.231.99:0
File type JSON data\012- , ASCII text, with very long lines (18024), with no line terminators
Hash 89d81f10e76d66aaedc2415a13de3ec4
58f174b6595117da616495990240e4371c9d46a9
9aa09db35aa498e2a85634413851d814f4a48790ff42e979250ae6cf71e9b316
GET /api/sites/default/files/translations/mobile-reg/en-uk.json HTTP/1.1
Host: my.forextime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.forextime.com/en/identity/registration/?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true
Cookie: isUnbounceDomain=true; isAllowedDomain=false; company=uk; currentWWWUrl=https://register.fxtm.com/; language=en; origin=https://register.fxtm.com; topUrl=https://register.fxtm.com/; redirect=; redirect_auth=; redirect_login=; country=NO
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:52 GMT
content-type: application/json
last-modified: Mon, 06 Feb 2023 09:42:19 GMT
etag: W/"3ba4-5f404d8dfdace"
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 795571c90e640b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410021-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.9 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (17769), with no line terminators
Hash 939f95ffc91ae8a9eacb6998ec5a635f
e122fe07195821f6abf871cc65f315c6b9e27f4a
49462b3c223095ac3fc223f11a29e4bceed96feba62e167d444e9a082626fc17
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "b07048fb19f7c325242e254218118e14:1675339769.124179"
Last-Modified: Thu, 02 Feb 2023 09:48:30 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Mon, 06 Feb 2023 17:20:52 GMT
Date: Mon, 06 Feb 2023 17:00:52 GMT
Content-Length: 5911
Connection: keep-alive
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=67100
date: Mon, 06 Feb 2023 17:00:52 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/768686761/?random=1675702897595&cv=11&fst=1675702800000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4035782405&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/768686761/?random=1675702897595&cv=11&fst=1675702800000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4035782405&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/768686761/?random=1675702897595&cv=11&fst=1675702800000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4035782405&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 17:00:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1497822/tfa.js
151.101.193.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1497822/tfa.js
IP 151.101.193.44:0
File type ASCII text, with very long lines (59752)
Hash 9b502cef27beaaa3b31dadb76e2f1db1
1f87bf27a359e828bb330697620dbb6758a177ef
de16d298f7f3311011c433f3ed52bc6321fb9175a9c41c769ee92103f3f86088
GET /libtrc/unip/1497822/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2OzgXrnnWiVMMlYLEOCCz1Zgeeb2yvQLHaYQPeAN9qP5of1RbNOoMBpBcJGDQLhkCJxXS26u1mY=
x-amz-request-id: N5PRMTA88CBYMFPF
x-amz-replication-status: PENDING
last-modified: Sun, 05 Feb 2023 11:41:49 GMT
etag: "4c52297ffe3e6fc018497cf43e5da684"
x-amz-version-id: qldaLNgBO6ofA69GKd1zUg1rtQpcAwb2
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
via: 1.1 varnish
age: 145
x-served-by: cache-bma1661-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675702853.702779,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 17
content-length: 18375
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash abf337cd139a61824e048de119322772
48d1641d81da1839ad87e8aefcdf63114fb1803e
4f5af0984b4a364f7545146bb9f42968625879e026122735f23b0602d0658235
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2473
Cache-Control: max-age=89612
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:52 GMT
Etag: "63dfe3a7-1d7"
Expires: Tue, 07 Feb 2023 17:54:24 GMT
Last-Modified: Sun, 05 Feb 2023 17:13:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
obs.cheqzone.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136debc035e84f8f9f9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f10896b2417071a10acf9f29f671cd3808f067e3c1dfb7d7150d5398967c106635670c65a095761055bc4bf394877be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c7c15200f59f58e2e362f07f5a940708aaefc2e95e359734c7fabf0a2929d24bdcfc248b5038e523964c8f488f0b46882d6f033d3774e92f3d6335a43a0382cecc5567ab890bf299155a01badd3479e1bd6ce60d62427c2cc35d2648cc0aaa6deacbc4738fc2cb7b8e63b0226b6c11defa65ea117540bd54148c081c39097b2c520cf2ed78ea58f68ae243b74ca382a9ed4c90e679ea87fa815ec964e807ca271021314c076f14dd9c48f71b38034d137e1cf849b34dc0d153baf0e470124052d93f934e1178496dc7ee5d025f9900dd489eef26ba4b6a7072631c8a71e54d5f7516353babdb165b8279cea5cf3fd2db478cd2d8707914d83ba36d51b39e5a89563383f620b230c4268e2e9f13a895cc01936057689c20e838a041ebdfd86eeae66d0ecfafd80ffaaf64b4d34f24098bf3a6cdc24175aa6111d0d1ba029c87f0bdef98526d334c52f99aa32ccbe0a9c7c0f23280b7b0de39f99a1610210c7663ed395dad1fa9441198cf2fd2b84c51816c4c0507830eb9bd94a33e376c10ee345b06edf4b849671aded6bbdc59ad8995b70b6a34223f02af9deebf248cb7e3e4054c82b161d&cri=BK77Fkn12h&ts=495&cb=1675702898429
35.172.245.152200 OK 43 B URL HTTP/2 obs.cheqzone.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136debc035e84f8f9f9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f10896b2417071a10acf9f29f671cd3808f067e3c1dfb7d7150d5398967c106635670c65a095761055bc4bf394877be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c7c15200f59f58e2e362f07f5a940708aaefc2e95e359734c7fabf0a2929d24bdcfc248b5038e523964c8f488f0b46882d6f033d3774e92f3d6335a43a0382cecc5567ab890bf299155a01badd3479e1bd6ce60d62427c2cc35d2648cc0aaa6deacbc4738fc2cb7b8e63b0226b6c11defa65ea117540bd54148c081c39097b2c520cf2ed78ea58f68ae243b74ca382a9ed4c90e679ea87fa815ec964e807ca271021314c076f14dd9c48f71b38034d137e1cf849b34dc0d153baf0e470124052d93f934e1178496dc7ee5d025f9900dd489eef26ba4b6a7072631c8a71e54d5f7516353babdb165b8279cea5cf3fd2db478cd2d8707914d83ba36d51b39e5a89563383f620b230c4268e2e9f13a895cc01936057689c20e838a041ebdfd86eeae66d0ecfafd80ffaaf64b4d34f24098bf3a6cdc24175aa6111d0d1ba029c87f0bdef98526d334c52f99aa32ccbe0a9c7c0f23280b7b0de39f99a1610210c7663ed395dad1fa9441198cf2fd2b84c51816c4c0507830eb9bd94a33e376c10ee345b06edf4b849671aded6bbdc59ad8995b70b6a34223f02af9deebf248cb7e3e4054c82b161d&cri=BK77Fkn12h&ts=495&cb=1675702898429
IP 35.172.245.152:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00136debc035e84f8f9f9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f10896b2417071a10acf9f29f671cd3808f067e3c1dfb7d7150d5398967c106635670c65a095761055bc4bf394877be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c7c15200f59f58e2e362f07f5a940708aaefc2e95e359734c7fabf0a2929d24bdcfc248b5038e523964c8f488f0b46882d6f033d3774e92f3d6335a43a0382cecc5567ab890bf299155a01badd3479e1bd6ce60d62427c2cc35d2648cc0aaa6deacbc4738fc2cb7b8e63b0226b6c11defa65ea117540bd54148c081c39097b2c520cf2ed78ea58f68ae243b74ca382a9ed4c90e679ea87fa815ec964e807ca271021314c076f14dd9c48f71b38034d137e1cf849b34dc0d153baf0e470124052d93f934e1178496dc7ee5d025f9900dd489eef26ba4b6a7072631c8a71e54d5f7516353babdb165b8279cea5cf3fd2db478cd2d8707914d83ba36d51b39e5a89563383f620b230c4268e2e9f13a895cc01936057689c20e838a041ebdfd86eeae66d0ecfafd80ffaaf64b4d34f24098bf3a6cdc24175aa6111d0d1ba029c87f0bdef98526d334c52f99aa32ccbe0a9c7c0f23280b7b0de39f99a1610210c7663ed395dad1fa9441198cf2fd2b84c51816c4c0507830eb9bd94a33e376c10ee345b06edf4b849671aded6bbdc59ad8995b70b6a34223f02af9deebf248cb7e3e4054c82b161d&cri=BK77Fkn12h&ts=495&cb=1675702898429 HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Cookie: cg_uuid=ea361b36556db2f562ccce898d1421b7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Mon, 06 Feb 2023 17:00:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MX7217M0KX&cid=1063402108.1675702898>m=45je3210&aip=1&z=960599632
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MX7217M0KX&cid=1063402108.1675702898>m=45je3210&aip=1&z=960599632
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MX7217M0KX&cid=1063402108.1675702898>m=45je3210&aip=1&z=960599632 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 17:00:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/768686761/?random=1675702897595&cv=11&fst=1675702800000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4035782405&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/768686761/?random=1675702897595&cv=11&fst=1675702800000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4035782405&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/768686761/?random=1675702897595&cv=11&fst=1675702800000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4035782405&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 17:00:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e0b43675c5842b7d427eee81d069e9ba
1aa21aff50174f33670770936aa4395bfdcae37f
5623d69f75f1c436fffa3407f115cecdb992a4d8d71f5ee230b3602afbd29a3a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 5085f796134312667ef2d378c587b3a8
d0c0fba4c0cad8b4b04471e9402db85d52fa7cf4
29b4720636764a6463e09cfd8936de5d01d5fde80c8bdc67d922483d9fe9be05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6364
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:52 GMT
Last-Modified: Mon, 06 Feb 2023 15:14:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
www.google.com/pagead/1p-conversion/768686761/?random=1675702898417&cv=11&fst=1675702898417&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=qsYRCOb76-ECEKn1xO4C&hn=www.google.com&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold>m_ee=1&auid=268766424.1675702898&ec_mode=c&data=event%3Dconversion&em=tv.1&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/768686761/?random=1675702898417&cv=11&fst=1675702898417&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=qsYRCOb76-ECEKn1xO4C&hn=www.google.com&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold>m_ee=1&auid=268766424.1675702898&ec_mode=c&data=event%3Dconversion&em=tv.1&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/768686761/?random=1675702898417&cv=11&fst=1675702898417&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=qsYRCOb76-ECEKn1xO4C&hn=www.google.com&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold>m_ee=1&auid=268766424.1675702898&ec_mode=c&data=event%3Dconversion&em=tv.1&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 17:00:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/768686761/?random=1675702898417&cv=11&fst=1675702898417&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=qsYRCOb76-ECEKn1xO4C&hn=www.google.com&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold>m_ee=1&auid=268766424.1675702898&ec_mode=c&data=event%3Dconversion&em=tv.1&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash bc77056604f8cf4894524063292f3555
0e314e506bef6d3bc7398ce36142c34f1e82844b
6a9b3ea887e7dccb59193f082e71d09d9fd6523ef62843f56d3ced4193ffaadb
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 6d95714651d7c5501d0276420093c654
etag: "f6da3a45f2357fba7bef82bf11963fa2"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 06 Feb 2023 17:04:46 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: vHcFZgT4z0iUUkBjKS81VQ==
x-fb-debug: fsWybdETITDDiBos3Ies+coliWyOU8j7nEcElJKYozIkJnT3e1Vzk+kV2HbPRKXDhm14StYQXZ3ZjesagZwO7w==
content-length: 1686
x-fb-trip-id: 1904183273
date: Mon, 06 Feb 2023 17:00:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37460880-2&cid=1063402108.1675702898&jid=713764162&gjid=104463272&_gid=429373428.1675702898&_u=aGHAiEABRAAAAEAEK~&z=999587307
64.233.161.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37460880-2&cid=1063402108.1675702898&jid=713764162&gjid=104463272&_gid=429373428.1675702898&_u=aGHAiEABRAAAAEAEK~&z=999587307
IP 64.233.161.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37460880-2&cid=1063402108.1675702898&jid=713764162&gjid=104463272&_gid=429373428.1675702898&_u=aGHAiEABRAAAAEAEK~&z=999587307 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://register.fxtm.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Feb 2023 17:00:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37460880-11&cid=1063402108.1675702898&jid=973542450&gjid=1060160354&_gid=429373428.1675702898&_u=aGDAiEABBAAAAEAEK~&z=1798751620
64.233.161.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37460880-11&cid=1063402108.1675702898&jid=973542450&gjid=1060160354&_gid=429373428.1675702898&_u=aGDAiEABBAAAAEAEK~&z=1798751620
IP 64.233.161.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37460880-11&cid=1063402108.1675702898&jid=973542450&gjid=1060160354&_gid=429373428.1675702898&_u=aGDAiEABBAAAAEAEK~&z=1798751620 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://register.fxtm.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Feb 2023 17:00:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 5085f796134312667ef2d378c587b3a8
d0c0fba4c0cad8b4b04471e9402db85d52fa7cf4
29b4720636764a6463e09cfd8936de5d01d5fde80c8bdc67d922483d9fe9be05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6364
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:52 GMT
Last-Modified: Mon, 06 Feb 2023 15:14:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
analytics.tiktok.com/api/v2/pixel
23.36.79.17200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 774
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Cookie: _ttp=2LNDsON30FIZpGRU5TvNuM9RkGL
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230206170052650EBFECAB77AB51BF84
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b5df3a5438eafe4b3cda372ea79b6ca08efe440cbf5d72a0676de5b785b5e75009794a85f707cbc39e301a91a891c2c9e4d230b5710e3b9badc6f15a88e242826a598da14fc7da019ba385d91ef65d3c44
x-origin-response-time: 65,23.218.220.155
x-akamai-request-id: 41bad627.1fb3fdd2
expires: Mon, 06 Feb 2023 17:00:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 06 Feb 2023 17:00:52 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-218-220-155.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=206, origin; dur=65, inner; dur=19
x-parent-response-time: 267,23.36.79.13
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion.js
142.250.74.66200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (2772)
Hash 671f762c05b34ce8c33acb0f5cc14533
c3ddbfedc40bfb4b1cb4957aee8c287b4f8a2ccb
b21debe44bbe7a05d91851626ce5db58232d817aa2974f826d387da6e4b75618
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9234067.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 06 Feb 2023 17:00:52 GMT
expires: Mon, 06 Feb 2023 17:00:52 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6388606791587927312
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16813
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1675702897989&id=t2_by64jl2d&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=8a1ca65b-af7a-4c63-9d8d-866efbcdaaf6&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
151.101.1.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1675702897989&id=t2_by64jl2d&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=8a1ca65b-af7a-4c63-9d8d-866efbcdaaf6&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
IP 151.101.1.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1675702897989&id=t2_by64jl2d&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=8a1ca65b-af7a-4c63-9d8d-866efbcdaaf6&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: zRtR1bQD/Rkcia5lGpN0Zscp8kEFfTPKiBh02RH0WkgznzzB9EqGMNahh7Xl/7odJW3+JliUd+uTaR1GXw9yAA==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1904183273
date: Mon, 06 Feb 2023 17:00:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
jssdks.mparticle.com/v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding
151.101.194.133202 Accepted 0 B URL HTTP/2 jssdks.mparticle.com/v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding
IP 151.101.194.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding HTTP/1.1
Host: jssdks.mparticle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 220
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
server: Kestrel
access-control-allow-origin: *
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702853.802093,VS0,VE19
content-length: 0
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-MX7217M0KX&cid=1063402108.1675702898>m=45je3210&aip=1
64.233.161.156204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-MX7217M0KX&cid=1063402108.1675702898>m=45je3210&aip=1
IP 64.233.161.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-MX7217M0KX&cid=1063402108.1675702898>m=45je3210&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://register.fxtm.com
date: Mon, 06 Feb 2023 17:00:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jssdks.mparticle.com/v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding
151.101.194.133202 Accepted 0 B URL HTTP/2 jssdks.mparticle.com/v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding
IP 151.101.194.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding HTTP/1.1
Host: jssdks.mparticle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 144
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
server: Kestrel
access-control-allow-origin: *
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702853.801984,VS0,VE20
content-length: 0
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/768686761/?random=1675702898417&cv=11&fst=1675702898417&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=qsYRCOb76-ECEKn1xO4C&hn=www.google.com&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold>m_ee=1&auid=268766424.1675702898&ec_mode=c&data=event%3Dconversion&em=tv.1&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.163200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/768686761/?random=1675702898417&cv=11&fst=1675702898417&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=qsYRCOb76-ECEKn1xO4C&hn=www.google.com&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold>m_ee=1&auid=268766424.1675702898&ec_mode=c&data=event%3Dconversion&em=tv.1&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.163:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/768686761/?random=1675702898417&cv=11&fst=1675702898417&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=qsYRCOb76-ECEKn1xO4C&hn=www.google.com&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold>m_ee=1&auid=268766424.1675702898&ec_mode=c&data=event%3Dconversion&em=tv.1&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://register.fxtm.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 17:00:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Fcookiesync.mparticle.com%2Fv1%2Fsync%3Fesid%3D59458%26MPID%3D-8253451713581005034%26ID%3D%24UID%26Key%3Dus1-7e64e961d63ef3498e1ff29e51ea3b54%26env%3D2
185.89.210.20307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fcookiesync.mparticle.com%2Fv1%2Fsync%3Fesid%3D59458%26MPID%3D-8253451713581005034%26ID%3D%24UID%26Key%3Dus1-7e64e961d63ef3498e1ff29e51ea3b54%26env%3D2
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fcookiesync.mparticle.com%2Fv1%2Fsync%3Fesid%3D59458%26MPID%3D-8253451713581005034%26ID%3D%24UID%26Key%3Dus1-7e64e961d63ef3498e1ff29e51ea3b54%26env%3D2 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 17:00:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcookiesync.mparticle.com%252Fv1%252Fsync%253Fesid%253D59458%2526MPID%253D-8253451713581005034%2526ID%253D%2524UID%2526Key%253Dus1-7e64e961d63ef3498e1ff29e51ea3b54%2526env%253D2
AN-X-Request-Uuid: 3741c634-bf33-4e63-9444-e096e4d60a15
Set-Cookie: uuid2=6438559621727042209; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 17:00:52 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
www.google.com/pagead/1p-user-list/768686761/?random=1675702898406&cv=11&fst=1675702800000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1026842378&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/768686761/?random=1675702898406&cv=11&fst=1675702800000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1026842378&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/768686761/?random=1675702898406&cv=11&fst=1675702800000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tiba=FXTM%20%7C%20Trade%20Gold&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1026842378&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 17:00:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jssdks.mparticle.com/v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding
151.101.194.133202 Accepted 0 B URL HTTP/2 jssdks.mparticle.com/v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding
IP 151.101.194.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding HTTP/1.1
Host: jssdks.mparticle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 363
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
server: Kestrel
access-control-allow-origin: *
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702853.844450,VS0,VE19
content-length: 0
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/11017218552/?random=1675702898652&cv=9&fst=1675702898652&num=1&npa=1&label=JPoLCL23hYEYEPjTtYUp&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9234067.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9234067%3Btype%3Dbrows0%3Bcat%3Dallpa0%3Bord%3D9968966988298%3Bgtm%3D45He3210%3Bauiddc%3D268766424.1675702898%3Bu10%3Dundefined%3Bu3%3Dhttps%253A%252F%252Fregister.fxtm.com%252Fgold-1%252F%3Bu11%3Dhttps%253A%252F%252Fregister.fxtm.com%252Fgold-1%252F%3B~oref%3Dhttps%253A%252F%252Fregister.fxtm.com%252Fgold-1%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
142.250.74.66200 OK 1.2 kB URL HTTP/2 www.googleadservices.com/pagead/conversion/11017218552/?random=1675702898652&cv=9&fst=1675702898652&num=1&npa=1&label=JPoLCL23hYEYEPjTtYUp&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9234067.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9234067%3Btype%3Dbrows0%3Bcat%3Dallpa0%3Bord%3D9968966988298%3Bgtm%3D45He3210%3Bauiddc%3D268766424.1675702898%3Bu10%3Dundefined%3Bu3%3Dhttps%253A%252F%252Fregister.fxtm.com%252Fgold-1%252F%3Bu11%3Dhttps%253A%252F%252Fregister.fxtm.com%252Fgold-1%252F%3B~oref%3Dhttps%253A%252F%252Fregister.fxtm.com%252Fgold-1%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2120), with no line terminators
Hash 4857cdf2dea8444eb9196d0526389145
b6d91735a1e339dbb4ab6fd2b2fb823e3d028fd6
4247916f6be7e1cd9511db0bc715ba4a8703457d3856cb44b32a95cfd56f9209
GET /pagead/conversion/11017218552/?random=1675702898652&cv=9&fst=1675702898652&num=1&npa=1&label=JPoLCL23hYEYEPjTtYUp&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9234067.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9234067%3Btype%3Dbrows0%3Bcat%3Dallpa0%3Bord%3D9968966988298%3Bgtm%3D45He3210%3Bauiddc%3D268766424.1675702898%3Bu10%3Dundefined%3Bu3%3Dhttps%253A%252F%252Fregister.fxtm.com%252Fgold-1%252F%3Bu11%3Dhttps%253A%252F%252Fregister.fxtm.com%252Fgold-1%252F%3B~oref%3Dhttps%253A%252F%252Fregister.fxtm.com%252Fgold-1%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9234067.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 17:00:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1172
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=a299a592ad8ec10a95b6667faa0a275c
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=a299a592ad8ec10a95b6667faa0a275c
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash 638d5b5e229792d48243bbd317a52fd6
265aadaa8cb702dab87f11cefe9eb0c4cdcd3618
6941698871e4035fd7605960b86178a3b69af9b23cab66e4dacfd79351f39744
GET /en_US/sdk.js?hash=a299a592ad8ec10a95b6667faa0a275c HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 81b5bd0284177636f2d7b0e39bd64dd6
etag: "054a3e1c8c7384506b132fc432316741"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 06 Feb 2024 14:04:56 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Y41bXiKXktSCQ7vTF6Uv1g==
x-fb-debug: n7EHUv1n+StewPiUbZBD+7e11eD43wmsYCcO4v2Axcum5MoyCj2KIMRCtjxjpto+et77Y0tTG8Y4gQ4RtB8cjg==
priority: u=3,i
content-length: 86990
x-fb-trip-id: 1904183273
date: Mon, 06 Feb 2023 17:00:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
jssdks.mparticle.com/v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding
151.101.194.133202 Accepted 0 B URL HTTP/2 jssdks.mparticle.com/v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding
IP 151.101.194.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding HTTP/1.1
Host: jssdks.mparticle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 219
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
server: Kestrel
access-control-allow-origin: *
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702853.863115,VS0,VE20
content-length: 0
X-Firefox-Spdy: h2
jssdks.mparticle.com/v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding
151.101.194.133202 Accepted 0 B URL HTTP/2 jssdks.mparticle.com/v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding
IP 151.101.194.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding HTTP/1.1
Host: jssdks.mparticle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 364
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
server: Kestrel
access-control-allow-origin: *
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702853.886454,VS0,VE19
content-length: 0
X-Firefox-Spdy: h2
jssdks.mparticle.com/v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding
151.101.194.133202 Accepted 0 B URL HTTP/2 jssdks.mparticle.com/v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding
IP 151.101.194.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding HTTP/1.1
Host: jssdks.mparticle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 394
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
server: Kestrel
access-control-allow-origin: *
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702853.854171,VS0,VE55
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash abf337cd139a61824e048de119322772
48d1641d81da1839ad87e8aefcdf63114fb1803e
4f5af0984b4a364f7545146bb9f42968625879e026122735f23b0602d0658235
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2473
Cache-Control: max-age=89612
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:52 GMT
Etag: "63dfe3a7-1d7"
Expires: Tue, 07 Feb 2023 17:54:24 GMT
Last-Modified: Sun, 05 Feb 2023 17:13:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4cb6b258-f4c9-4a04-aae5-133447c4318d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=197f63f0-4d1a-467c-8b95-064133d9bc42&tw_document_href=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tw_iframe_status=0&txn_id=oadtt&type=javascript&version=2.3.29
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4cb6b258-f4c9-4a04-aae5-133447c4318d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=197f63f0-4d1a-467c-8b95-064133d9bc42&tw_document_href=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tw_iframe_status=0&txn_id=oadtt&type=javascript&version=2.3.29
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4cb6b258-f4c9-4a04-aae5-133447c4318d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=197f63f0-4d1a-467c-8b95-064133d9bc42&tw_document_href=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tw_iframe_status=0&txn_id=oadtt&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:52 GMT
perf: 7626143928
server: tsa_o
set-cookie: guest_id_marketing=v1%3A167570285286369835; Max-Age=63072000; Expires=Wed, 05 Feb 2025 17:00:52 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
guest_id_ads=v1%3A167570285286369835; Max-Age=63072000; Expires=Wed, 05 Feb 2025 17:00:52 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
personalization_id="v1_ooAoUCHElmbcCBWvRmNXIg=="; Max-Age=63072000; Expires=Wed, 05 Feb 2025 17:00:52 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
guest_id=v1%3A167570285286369835; Max-Age=63072000; Expires=Wed, 05 Feb 2025 17:00:52 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 5999424d125de7b2
strict-transport-security: max-age=631138519
x-response-time: 114
x-connection-hash: a85e20cbaf3640f744b6266ee507e006c39638e9ba57e8f16dcc9e9d808e3081
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash eacdb128cb4c4270c389816f33b2bb15
97bdbd4416cf816e822421ea576175b7aeb2f7cf
436d88e47be153d724949abb1aeea7ec7f3880f703fc5c67c516f9fd7b51bb71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 17:00:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcookiesync.mparticle.com%252Fv1%252Fsync%253Fesid%253D59458%2526MPID%253D-8253451713581005034%2526ID%253D%2524UID%2526Key%253Dus1-7e64e961d63ef3498e1ff29e51ea3b54%2526env%253D2
185.89.210.20302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcookiesync.mparticle.com%252Fv1%252Fsync%253Fesid%253D59458%2526MPID%253D-8253451713581005034%2526ID%253D%2524UID%2526Key%253Dus1-7e64e961d63ef3498e1ff29e51ea3b54%2526env%253D2
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcookiesync.mparticle.com%252Fv1%252Fsync%253Fesid%253D59458%2526MPID%253D-8253451713581005034%2526ID%253D%2524UID%2526Key%253Dus1-7e64e961d63ef3498e1ff29e51ea3b54%2526env%253D2 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://register.fxtm.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 17:00:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://cookiesync.mparticle.com/v1/sync?esid=59458&MPID=-8253451713581005034&ID=0&Key=us1-7e64e961d63ef3498e1ff29e51ea3b54&env=2
AN-X-Request-Uuid: 52d71281-2025-4a85-aaab-57b31d400db4
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
jssdks.mparticle.com/v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding
151.101.194.133202 Accepted 0 B URL HTTP/2 jssdks.mparticle.com/v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding
IP 151.101.194.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/Forwarding HTTP/1.1
Host: jssdks.mparticle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 363
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
server: Kestrel
access-control-allow-origin: *
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702853.893201,VS0,VE59
content-length: 0
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-MX7217M0KX>m=45je3210&_p=488929989&_gaz=1&cid=1063402108.1675702898&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675702897&sct=1&seg=0&dl=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&dt=FXTM%20%7C%20Trade%20Gold&en=page_view&_fv=1&_ss=2&ep.document_referrer=&ep.gtm_debug_mode=false&ep.timestamp=2023-02-06T17%3A01%3A37.745%2B00%3A00&ep.gtm_version=72&ep.domain_region=global
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-MX7217M0KX>m=45je3210&_p=488929989&_gaz=1&cid=1063402108.1675702898&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675702897&sct=1&seg=0&dl=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&dt=FXTM%20%7C%20Trade%20Gold&en=page_view&_fv=1&_ss=2&ep.document_referrer=&ep.gtm_debug_mode=false&ep.timestamp=2023-02-06T17%3A01%3A37.745%2B00%3A00&ep.gtm_version=72&ep.domain_region=global
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-MX7217M0KX>m=45je3210&_p=488929989&_gaz=1&cid=1063402108.1675702898&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675702897&sct=1&seg=0&dl=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&dt=FXTM%20%7C%20Trade%20Gold&en=page_view&_fv=1&_ss=2&ep.document_referrer=&ep.gtm_debug_mode=false&ep.timestamp=2023-02-06T17%3A01%3A37.745%2B00%3A00&ep.gtm_version=72&ep.domain_region=global HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://register.fxtm.com
date: Mon, 06 Feb 2023 17:00:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=4&eci=1&event_id=e9b7911c-255c-4ccc-ab59-ec9cab65462a&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=197f63f0-4d1a-467c-8b95-064133d9bc42&tw_document_href=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw97l&type=javascript&version=2.3.29
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=4&eci=1&event_id=e9b7911c-255c-4ccc-ab59-ec9cab65462a&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=197f63f0-4d1a-467c-8b95-064133d9bc42&tw_document_href=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw97l&type=javascript&version=2.3.29
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=4&eci=1&event_id=e9b7911c-255c-4ccc-ab59-ec9cab65462a&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=197f63f0-4d1a-467c-8b95-064133d9bc42&tw_document_href=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw97l&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:52 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_ZPThFcL2HFi9+tFjttLcoA=="; Max-Age=63072000; Expires=Wed, 05 Feb 2025 17:00:52 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 00d05e6c4b9d205f
strict-transport-security: max-age=631138519
x-response-time: 113
x-connection-hash: a85e20cbaf3640f744b6266ee507e006c39638e9ba57e8f16dcc9e9d808e3081
X-Firefox-Spdy: h2
ocsp.comodoca.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 7f6500984d576d60f2c14d6862600aa0
4c3a313c83c7c24d93096ddb2ab82137b26af1a7
76c2179b7329622efaeb7fd6af7442d5e6a5e5df8e6108359560aa9fee13b700
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 17:00:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 15:38:22 GMT
Expires: Sat, 11 Feb 2023 15:38:21 GMT
Etag: "4c3a313c83c7c24d93096ddb2ab82137b26af1a7"
Cache-Control: max-age=602447,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1628
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795571cfbf180b55-OSL
px.ads.linkedin.com/collect?v=2&fmt=js&pid=4439274&time=1675702898515&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=4439274&time=1675702898515&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=4439274&time=1675702898515&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4439274%26time%3D1675702898515%26url%3Dhttps%253A%252F%252Fregister.fxtm.com%252Fgold-1%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJdY-kn2Yph4wAAAYYnrF2eL0cwdlOFAZmEyDR1N3crmJ_zbtsQvzL1KTjZduMEwUNysjbAjdFX1A; Max-Age=2592000; Expires=Wed, 08 Mar 2023 17:00:53 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLP2PU-J4r7YQAAAYYnrF2e8OlT6uyibos_Vq0EtX80OYEzqhDrFshGfLV59ZtbvdHAWzgt6D1xFlrkSi26GA; Max-Age=2592000; Expires=Wed, 08 Mar 2023 17:00:53 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&0e4ee02b-14a6-49c0-8927-9da9b84252df"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 06-Feb-2024 17:00:53 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2426:u=1:x=1:i=1675702853:t=1675789253:v=2:sig=AQFbg1nsjpZrPxiuwvJVK2i6AYoh5FoD"; Expires=Tue, 07 Feb 2023 17:00:53 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAX0CvlNl6pdsjfv/JLY1g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 0DDFB752C6614353A199B1473F459912 Ref B: OSL30EDGE0110 Ref C: 2023-02-06T17:00:52Z
date: Mon, 06 Feb 2023 17:00:52 GMT
content-length: 0
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=undefined
70.42.32.159200 OK 35 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=undefined
IP 70.42.32.159:0
File type ASCII text, with no line terminators
Hash 75c843c7b717e7b722777907475c67a3
983d1c9a05b315288039b9d4694ce3b402259240
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
GET /cachedClickId?marketerId=undefined HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 17:00:53 GMT
Content-Type: application/javascript
Content-Length: 35
X-TraceId: 84e7321c4312c234200694e872cf5604
tr.outbrain.com/unifiedPixel?marketerId=006325f74137452b8eaa8aec2f8576314a&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&g=1&optOut=false&bust=08770557455171412&referrer=
70.42.32.159200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=006325f74137452b8eaa8aec2f8576314a&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&g=1&optOut=false&bust=08770557455171412&referrer=
IP 70.42.32.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=006325f74137452b8eaa8aec2f8576314a&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&g=1&optOut=false&bust=08770557455171412&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 17:00:53 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 7c45733c08d58c7bb0ebb3d7c7a18192
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4439274%26time%3D1675702898515%26url%3Dhttps%253A%252F%252Fregister.fxtm.com%252Fgold-1%252F%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4439274%26time%3D1675702898515%26url%3Dhttps%253A%252F%252Fregister.fxtm.com%252Fgold-1%252F%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4439274%26time%3D1675702898515%26url%3Dhttps%253A%252F%252Fregister.fxtm.com%252Fgold-1%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://register.fxtm.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4439274&time=1675702898515&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&028854e9-af94-47c8-8a82-0eb3e6a5befe"; Domain=.linkedin.com; Expires=Tue, 06-Feb-2024 17:00:53 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202302061700536930b4a2-b298-44b7-8877-4116cdb14228AQHOoANRhubHs6ycAi9s2KnZguLCgiKc"; Domain=.www.linkedin.com; Expires=Tue, 06-Feb-2024 17:00:53 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzU3MDI4NTM7MjswMjHAou+Ii4jPZhddSGnbLUknoBs/qP79mCu5mQcBjFwDwA==; Domain=.linkedin.com; Expires=Sat, 05 Aug 2023 17:00:53 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2426:u=1:x=1:i=1675702853:t=1675789253:v=2:sig=AQFbg1nsjpZrPxiuwvJVK2i6AYoh5FoD"; Expires=Tue, 07 Feb 2023 17:00:53 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy-report-only: default-src 'none'; base-uri 'self'; form-action 'self'; connect-src 'self' blob: wss: *.licdn.com *.linkedin.com; img-src 'self' blob: data: *.licdn.com *.linkedin.com; font-src data: *; frame-src 'self' blob: lnkd-communities: voyager: *.licdn.com *.linkedin.com; child-src 'self' blob:; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' *.licdn.com *.linkedin.com; media-src 'self' blob: data: *.licdn.com *.linkedin.com; manifest-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' *.licdn.com *.linkedin.com
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAX0CvlQkkr5kp9xo7KTvQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 3AA8669E1A85421784B8B401D436AF54 Ref B: OSL30EDGE0110 Ref C: 2023-02-06T17:00:53Z
date: Mon, 06 Feb 2023 17:00:52 GMT
content-length: 0
X-Firefox-Spdy: h2
cookiesync.mparticle.com/v1/sync?esid=59458&MPID=-8253451713581005034&ID=0&Key=us1-7e64e961d63ef3498e1ff29e51ea3b54&env=2
151.101.130.133204 No Content 0 B URL HTTP/2 cookiesync.mparticle.com/v1/sync?esid=59458&MPID=-8253451713581005034&ID=0&Key=us1-7e64e961d63ef3498e1ff29e51ea3b54&env=2
IP 151.101.130.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/sync?esid=59458&MPID=-8253451713581005034&ID=0&Key=us1-7e64e961d63ef3498e1ff29e51ea3b54&env=2 HTTP/1.1
Host: cookiesync.mparticle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://register.fxtm.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Kestrel
x-origin-name: 6pOFtq5qpnIJ0Pt8WbH5c2--F_us1_origin
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:53 GMT
via: 1.1 varnish
x-served-by: cache-bma1675-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702853.033713,VS0,VE367
X-Firefox-Spdy: h2
api2.amplitude.com/
44.237.181.29200 OK 7 B IP 44.237.181.29:0
File type ASCII text, with no line terminators
Hash 260ca9dd8a4577fc00b7bd5810298076
53a5687cb26dc41f2ab4033e97e13adefd3740d6
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
POST / HTTP/1.1
Host: api2.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 1383
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:53 GMT
content-type: text/html;charset=utf-8
content-length: 7
access-control-allow-origin: *
access-control-allow-methods: GET, POST
trace-id: Root=1-63e13245-38432d5a3d4c1cb5498e66c0
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=4439274&time=1675702898515&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=4439274&time=1675702898515&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=4439274&time=1675702898515&url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://register.fxtm.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&db2ac59f-b98d-44c4-8922-af544afcfa69"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 06-Feb-2024 17:00:53 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2453:u=1:x=1:i=1675702853:t=1675789253:v=2:sig=AQH1gamiMPDg_S1Sw1VibxJX67Ab7fya"; Expires=Tue, 07 Feb 2023 17:00:53 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAX0CvlTagQG1tZ9JrGb3w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 2EA8C87CEC4348B581BB04B54D064170 Ref B: OSL30EDGE0110 Ref C: 2023-02-06T17:00:53Z
date: Mon, 06 Feb 2023 17:00:53 GMT
content-length: 0
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=549567273353642&ev=CHEQ&dl=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&rl=&if=false&ts=1675702899350&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675702899350.1485878673&it=1675702898688&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=549567273353642&ev=CHEQ&dl=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&rl=&if=false&ts=1675702899350&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675702899350.1485878673&it=1675702898688&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=549567273353642&ev=CHEQ&dl=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&rl=&if=false&ts=1675702899350&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675702899350.1485878673&it=1675702898688&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 06 Feb 2023 17:00:53 GMT
X-Firefox-Spdy: h2
api2.amplitude.com/
44.237.181.29200 OK 7 B IP 44.237.181.29:0
File type ASCII text, with no line terminators
Hash 260ca9dd8a4577fc00b7bd5810298076
53a5687cb26dc41f2ab4033e97e13adefd3740d6
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
POST / HTTP/1.1
Host: api2.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 1124
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:53 GMT
content-type: text/html;charset=utf-8
content-length: 7
access-control-allow-origin: *
access-control-allow-methods: GET, POST
trace-id: Root=1-63e13245-010125955d72705e38497689
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
globessl.ocsp.sectigo.com/
104.18.32.68200 OK 471 B URL HTTP/1.1 globessl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 5175580b2ceed4ed69d8c06a3bc4cea7
b8d5e93bcfe3315998a303e9c44c34388b7d982a
9157edbfdd88b43829e2f6d5ca832c45397e6810d2b5a73470c28a5ec565349b
POST / HTTP/1.1
Host: globessl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 17:00:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 22:18:43 GMT
Expires: Fri, 10 Feb 2023 22:18:42 GMT
Etag: "b8d5e93bcfe3315998a303e9c44c34388b7d982a"
Cache-Control: max-age=364068,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795571bc9cc0fac4-OSL
obs.cheqzone.com/mon
35.172.245.152200 OK 0 B IP 35.172.245.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1503
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Cookie: cg_uuid=ea361b36556db2f562ccce898d1421b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://register.fxtm.com
content-type: application/json
date: Mon, 06 Feb 2023 17:00:53 GMT
content-length: 0
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/549567273353642?v=2.9.95&r=stable
31.13.72.12200 OK 110 kB URL HTTP/2 connect.facebook.net/signals/config/549567273353642?v=2.9.95&r=stable
IP 31.13.72.12:0
File type ASCII text, with very long lines (64471)
Size 110 kB (110279 bytes)
Hash db149438caf7f51db75f4483ced29287
408cf6206b2ef1bda57d167f983faa2a74f1fb64
905a0bfab4c1b527664c72ff4fd0b672e0de9c4f5fb5941ed0138ea4de1c7944
GET /signals/config/549567273353642?v=2.9.95&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 611W94XXiLuR8+SHpqIq9ToWHW2yvenSGs7WsbXEd6EfvNR2cuAqKTQIJV0Q0IzcTKcoDQQ5XMiyHdkffbhF9g==
x-fb-trip-id: 1904183273
date: Mon, 06 Feb 2023 17:00:53 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
trc-events.taboola.com/1497822/log/3/unip?en=pre_d_eng_tb&tos=1562&scd=0&ssd=1&est=1675702898565&ver=36&isls=true&src=i&invt=1500&msa=3309&rv=1&tim=1675702900128&vi=1675702898562&ri=44e3d721156e35ef03a59a47d243eac5&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1497822/log/3/unip?en=pre_d_eng_tb&tos=1562&scd=0&ssd=1&est=1675702898565&ver=36&isls=true&src=i&invt=1500&msa=3309&rv=1&tim=1675702900128&vi=1675702898562&ri=44e3d721156e35ef03a59a47d243eac5&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1497822/log/3/unip?en=pre_d_eng_tb&tos=1562&scd=0&ssd=1&est=1675702898565&ver=36&isls=true&src=i&invt=1500&msa=3309&rv=1&tim=1675702900128&vi=1675702898562&ri=44e3d721156e35ef03a59a47d243eac5&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 06 Feb 2023 17:00:54 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://register.fxtm.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
cdn.shareaholic.net/assets/pub/shareaholic.js
151.139.128.10200 OK 4.3 kB URL HTTP/2 cdn.shareaholic.net/assets/pub/shareaholic.js
IP 151.139.128.10:0
File type ASCII text, with very long lines (10540), with no line terminators
Hash e33511561808ca812c76b301b406d103
94e974603a6d772f66614045d19f0e3e18ccae6e
a61f812802a68805c57d74929ca078ac0ce1e6cec9685d5280a9f3d02d27050e
GET /assets/pub/shareaholic.js HTTP/1.1
Host: cdn.shareaholic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:55 GMT
content-encoding: gzip
content-length: 4285
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 19 Dec 2022 20:20:18 GMT
accept-ranges: bytes
server: nginx
x-amz-id-2: eqRoj7HtU5fIvOeBL4yckGJKQ0wPVNmM+YAogC+KBsxLnjc/57mhG85LjvlusEvZFL1Nt9g6gKA=
x-amz-request-id: THAYRRM45PG4C2SY
etag: "e33511561808ca812c76b301b406d103"
cache-control: max-age=1200, public
access-control-allow-origin: *
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
x-hw: 1675702855.cds214.sk1.hn,1675702855.cds201.sk1.c
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 12 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39395), with no line terminators
Hash 4f378a725368a42971cd69e29f75db89
2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e
6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 44935372618E47098C20317D2369E757 Ref B: OSL30EDGE0116 Ref C: 2023-02-06T17:00:55Z
date: Mon, 06 Feb 2023 17:00:55 GMT
X-Firefox-Spdy: h2
obs.cheqzone.com/mon
35.172.245.152200 OK 0 B IP 35.172.245.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1527
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Cookie: cg_uuid=ea361b36556db2f562ccce898d1421b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://register.fxtm.com
content-type: application/json
date: Mon, 06 Feb 2023 17:00:55 GMT
content-length: 0
X-Firefox-Spdy: h2
obs.cheqzone.com/mon
35.172.245.152200 OK 0 B IP 35.172.245.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1522
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Cookie: cg_uuid=ea361b36556db2f562ccce898d1421b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://register.fxtm.com
content-type: application/json
date: Mon, 06 Feb 2023 17:00:55 GMT
content-length: 0
X-Firefox-Spdy: h2
m9m6e2w5.stackpathcdn.com/v2/bec87dbf/main.js
151.139.128.10200 OK 42 kB URL HTTP/2 m9m6e2w5.stackpathcdn.com/v2/bec87dbf/main.js
IP 151.139.128.10:0
File type C source, ASCII text, with very long lines (65536), with no line terminators
Hash bfbe20460e43896d158d4b21e5c02ca8
12ec31148e52a5a0861d63e98344f45bba7523dc
bc9563b66fafb04f290b402270af0cf8ac5349619ccdf556103024652198f87a
GET /v2/bec87dbf/main.js HTTP/1.1
Host: m9m6e2w5.stackpathcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:55 GMT
content-encoding: gzip
content-length: 41854
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 19 Dec 2022 20:19:59 GMT
accept-ranges: bytes
server: nginx
x-amz-id-2: UfjmZKB7E9YUrY0vXGV2Q4QFmkUFf7Rkudm6LThhwpl7+eRxcirLt8dDB2kADGk4IpJE000Z+08=
x-amz-request-id: PAKD9GVGPTREG1NW
etag: "bfbe20460e43896d158d4b21e5c02ca8"
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
x-hw: 1675702855.cds065.sk1.hn,1675702855.cds230.sk1.c
X-Firefox-Spdy: h2
i5rwkk4h.micpn.com/p/cp/-1/track.gif?t=1675702901516&mi_u=anon-1675702901514-7122713003&mi_cid=9101&page_title=FXTM%20%7C%20Trade%20Gold&event_type=pageview&cdate=1675702901514&ck=false&anon=true
143.204.55.15200 OK 42 B URL HTTP/2 i5rwkk4h.micpn.com/p/cp/-1/track.gif?t=1675702901516&mi_u=anon-1675702901514-7122713003&mi_cid=9101&page_title=FXTM%20%7C%20Trade%20Gold&event_type=pageview&cdate=1675702901514&ck=false&anon=true
IP 143.204.55.15:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /p/cp/-1/track.gif?t=1675702901516&mi_u=anon-1675702901514-7122713003&mi_cid=9101&page_title=FXTM%20%7C%20Trade%20Gold&event_type=pageview&cdate=1675702901514&ck=false&anon=true HTTP/1.1
Host: i5rwkk4h.micpn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
x-uuid: 1ed2aeb4-77e9-40d1-84db-1598439f0d76
pragma: no-cache
access-control-expose-headers: X-Error
access-control-allow-origin: https://app.movableink.com
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
set-cookie: _mibhv=anon-1675702901514-7122713003_9101; Expires=Tue, 06 Feb 2024 17:00:55 GMT; Path=/; HttpOnly; Secure; SameSite=None;
_midat=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Path=/; HttpOnly; Secure; SameSite=None;
date: Mon, 06 Feb 2023 17:00:55 GMT
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8P5dyK3U-xz4I2FiPcgPD_2OWwrQN359dyC7q9B9mOKFmHh5P_T1Sg==
X-Firefox-Spdy: h2
bat.bing.com/p/action/5152714.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5152714.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5152714.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 96FF5ED205474A3B9872F0B388941E9A Ref B: OSL30EDGE0116 Ref C: 2023-02-06T17:00:55Z
date: Mon, 06 Feb 2023 17:00:55 GMT
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/up/pixie.js
151.101.65.108200 OK 3.3 kB URL HTTP/1.1 acdn.adnxs.com/dmp/up/pixie.js
IP 151.101.65.108:0
File type ASCII text, with very long lines (9139), with no line terminators
Hash 75b9af81e30e45403e6856566e888545
d013e9a47331447f32c2bdf6f35b286e711788f0
dd26e2e55783f6174ceea7c7a3b10e5af1c7fca56fc2543956a38b848f32a151
GET /dmp/up/pixie.js HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3340
Server: nginx/1.18.0 (Ubuntu)
Content-Type: application/javascript
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
ETag: W/"60b79de0-23b3"
Expires: Mon, 31 Oct 2022 05:58:51 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 06 Feb 2023 17:00:55 GMT
Age: 53372
X-Served-By: cache-lga21930-LGA, cache-bma1679-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 13, 11344
X-Timer: S1675702856.974351,VS0,VE0
Vary: Accept-Encoding
bat.bing.com/action/0?ti=5152714&tm=gtm002&Ver=2&mid=0ee13ce2-35d4-4f6b-8115-908877f52edf&sid=ed72ca80a63f11edadf26f6193e35425&vid=ed72c780a63f11edb14f21707e79c642&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=FXTM%20%7C%20Trade%20Gold&p=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&r=<=4365&evt=pageLoad&sv=1&rn=766501
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5152714&tm=gtm002&Ver=2&mid=0ee13ce2-35d4-4f6b-8115-908877f52edf&sid=ed72ca80a63f11edadf26f6193e35425&vid=ed72c780a63f11edb14f21707e79c642&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=FXTM%20%7C%20Trade%20Gold&p=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&r=<=4365&evt=pageLoad&sv=1&rn=766501
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5152714&tm=gtm002&Ver=2&mid=0ee13ce2-35d4-4f6b-8115-908877f52edf&sid=ed72ca80a63f11edadf26f6193e35425&vid=ed72c780a63f11edb14f21707e79c642&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=FXTM%20%7C%20Trade%20Gold&p=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&r=<=4365&evt=pageLoad&sv=1&rn=766501 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=067B12B590786A5B1B2E0005918D6B1B; domain=.bing.com; expires=Sat, 02-Mar-2024 17:00:55 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DDACF33FB5B34E40AD00FB1477FF729D Ref B: OSL30EDGE0116 Ref C: 2023-02-06T17:00:55Z
date: Mon, 06 Feb 2023 17:00:55 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bd4ef00f43711da7b421f10ac66f2b4c
8eb6319e5eb4df06fbdef5a2f4338ca23dc2ee1d
e2d0a9a8c6464bfcedc73fb8db93ff76190f7789d5b19f943faecfc8ebcdc63d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2D0A9A8C6464BFCEDC73FB8DB93FF76190F7789D5B19F943FAECFC8EBCDC63D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11543
Expires: Mon, 06 Feb 2023 20:13:19 GMT
Date: Mon, 06 Feb 2023 17:00:56 GMT
Connection: keep-alive
s.yimg.com/wi/ytc.js
87.248.119.251200 OK 6.0 kB IP 87.248.119.251:0
ASN #203220 Yahoo! UK Services Limited
Hash 85391bfbe0eedab3790684c20d31304d
062865d2a71a4f3fc8257395dceb6d6e086db0e4
ec542fe46c47c27de66b5c63613347222f7dd9cd1b9083b55ac36b7a1df34a6a
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QPAta5Kh9iTURzBsh+gSMEB83vr325GzZuJmyJ8sSMmv7w6+R34HzLBBpWEXSC0kTgqowE7KQVk=
x-amz-request-id: W9S8K0G8ZKCY5HK1
date: Mon, 06 Feb 2023 17:00:51 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 6
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.shareaholic.net/config/7bb553f715a185b64e387629db153b8a.json
184.73.100.94200 OK 831 B URL HTTP/2 www.shareaholic.net/config/7bb553f715a185b64e387629db153b8a.json
IP 184.73.100.94:0
File type JSON data\012- , ASCII text, with very long lines (2287), with no line terminators
Hash e94f2b40db6152553cc9f5726cfb48db
608b296295f32b083c228cf6f46e1036fce9a329
5e10e1b4a74db23863ddb0a359b37987c510a4611b7fc3850339a205552def9e
GET /config/7bb553f715a185b64e387629db153b8a.json HTTP/1.1
Host: www.shareaholic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 07:20:24 GMT
etag: W/"98f36442d7b084f203822a30b3660b6f"
vary: Accept-Encoding
content-encoding: gzip
content-type: application/json
cache-control: max-age=3, public, must-revalidate
x-varnish: 717855397 708363777
via: 1.1 varnish (Varnish/6.0)
access-control-allow-methods: GET, HEAD
access-control-allow-headers: *
access-control-allow-origin: *
access-control-expose-headers: Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
access-control-max-age: 2000
x-client-geo-latlong: 59.945200,10.755900
x-client-geo-country: NO,Norway
x-client-geo-city:
x-client-geo-region:
x-client-geo-metrocode:
x-client-geo-zip:
accept-ranges: bytes
content-length: 831
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10133581.json
87.248.119.251200 OK 2 B URL HTTP/2 s.yimg.com/wi/config/10133581.json
IP 87.248.119.251:0
ASN #203220 Yahoo! UK Services Limited
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /wi/config/10133581.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 6E6MPG0YQ1PNSWM7
x-amz-id-2: m7gE0pXa3P0Dgim6WRKauoHW3sK1SrqfGdeGU9dvQlYFYB2ZSP6VMo2Is7Vm0zZdz+D1tK+RDMg=
content-type: application/json
date: Mon, 06 Feb 2023 16:58:43 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 133
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10097064.json
87.248.119.251200 OK 46 B URL HTTP/2 s.yimg.com/wi/config/10097064.json
IP 87.248.119.251:0
ASN #203220 Yahoo! UK Services Limited
File type JSON data\012- , ASCII text, with no line terminators
Hash 2818f7c1d0a6c6df2bab1d3d6344fd8a
a33691eb219b8913737e56120be7e29101ff63e1
81a55d12e0229dbfaad3014d29723654a7f35079d81b89757ed29859f980c9a3
GET /wi/config/10097064.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: esrlpFDk+uM9+8qx3wqjhrNjHgSXgUBMDyz+u49w9yvE3nmQw0Oz6P00kyk8WOCTDPv2W6FHxpc=
x-amz-request-id: 6E6W08GHB8Q6KV3E
date: Mon, 06 Feb 2023 16:58:45 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 25 May 2022 20:57:37 GMT
x-amz-expiration: expiry-date="Fri, 30 Jun 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "2818f7c1d0a6c6df2bab1d3d6344fd8a"
x-amz-server-side-encryption: AES256
x-amz-version-id: KQKpbIpBo_BF8DsjNEnFDLJ8ZF_P6J47
accept-ranges: bytes
content-type: application/json
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
age: 132
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&b=FXTM%20%7C%20Trade%20Gold&.yp=10097064&f=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&b=FXTM%20%7C%20Trade%20Gold&.yp=10097064&f=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&b=FXTM%20%7C%20Trade%20Gold&.yp=10097064&f=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:56 GMT
expires: Mon, 06 Feb 2023 17:00:56 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBEgy4WMCEPArEkABTjcPUo7N3X4qy_IFEgEBAQGD4mPrYwAAAAAA_eMAAA&S=AQAAAtaB9Jbgbc3f4AncxPc0zSU; Expires=Tue, 6 Feb 2024 23:00:56 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2006%20Feb%202023%2017%3A01%3A42%20GMT&n=0&b=FXTM%20%7C%20Trade%20Gold&.yp=10133581&f=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2006%20Feb%202023%2017%3A01%3A42%20GMT&n=0&b=FXTM%20%7C%20Trade%20Gold&.yp=10133581&f=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Mon%2C%2006%20Feb%202023%2017%3A01%3A42%20GMT&n=0&b=FXTM%20%7C%20Trade%20Gold&.yp=10133581&f=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:56 GMT
expires: Mon, 06 Feb 2023 17:00:56 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBEgy4WMCEP58ZMhiC3s4hNseMZ0GJY4FEgEBAQGD4mPrYwAAAAAA_eMAAA&S=AQAAAoLN-j9WwTjx_xoacHzEM3w; Expires=Tue, 6 Feb 2024 23:00:56 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6de766652d01cb18476e13cc1c4d42ff
32bb035dbf8e044b0cb75991d1073ee5e8c98a9e
b2721556e10c06807c3fec797ffdf73fffa432f1dc4e63edd3c19fb78b111397
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2721556E10C06807C3FEC797FFDF73FFFA432F1DC4E63EDD3C19FB78B111397"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=642
Expires: Mon, 06 Feb 2023 17:11:38 GMT
Date: Mon, 06 Feb 2023 17:00:56 GMT
Connection: keep-alive
partner.shareaholic.com/partners.js?location=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&canonical=http%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&id_sync=be8e11f7-7ea7-4f02-8515-239bcf06c894&pvs=1&site=7bb553f715a185b64e387629db153b8a
107.20.140.231200 OK 0 B URL HTTP/2 partner.shareaholic.com/partners.js?location=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&canonical=http%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&id_sync=be8e11f7-7ea7-4f02-8515-239bcf06c894&pvs=1&site=7bb553f715a185b64e387629db153b8a
IP 107.20.140.231:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partners.js?location=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&canonical=http%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F&id_sync=be8e11f7-7ea7-4f02-8515-239bcf06c894&pvs=1&site=7bb553f715a185b64e387629db153b8a HTTP/1.1
Host: partner.shareaholic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:56 GMT
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding, User-Agent
content-length: 0
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash a72ed27609ac76fd42b175e2a65800ff
5069341c6b521f7402de1fa38079a44d4c1fdd22
8dd86ad089be75f03682dd479189843060dd178d9876b73e0957250277d0bb74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162218
Date: Mon, 06 Feb 2023 17:00:56 GMT
Etag: "63e0fb54-1d7"
Expires: Wed, 08 Feb 2023 14:04:34 GMT
Last-Modified: Mon, 06 Feb 2023 13:06:28 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eTMHhCm_tR-YnLqvuOmPVXQnj3tpyXLXCm9wtGIqJvZ_SfOWifzN8w==
Age: 3486
my.forextime.com/en/identity/registration/assets/fonts/sourceSansPro.css
104.18.231.99200 OK 279 B URL HTTP/2 my.forextime.com/en/identity/registration/assets/fonts/sourceSansPro.css
IP 104.18.231.99:0
Hash d043f4b8a9a38cc5969f6aff07f2cfe3
050c09b24080c7255c525ed93afed87dfbce695a
8e4e6e81841081b5677ea9707f48462fc38c1d1cfcadaa4e4a1d9a72dc4be244
GET /en/identity/registration/assets/fonts/sourceSansPro.css HTTP/1.1
Host: my.forextime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.forextime.com/en/identity/registration/?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:51 GMT
content-type: text/css
last-modified: Tue, 24 Jan 2023 09:17:31 GMT
etag: W/"63cfa22b-311"
my-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 795571c489720b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trc-events.taboola.com/1497822/log/3/unip?en=pre_d_eng_tb&tos=4563&scd=0&ssd=1&est=1675702898565&ver=36&isls=true&src=i&invt=3000&msa=3309&rv=1&tim=1675702903130&vi=1675702898562&ri=44e3d721156e35ef03a59a47d243eac5&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1497822/log/3/unip?en=pre_d_eng_tb&tos=4563&scd=0&ssd=1&est=1675702898565&ver=36&isls=true&src=i&invt=3000&msa=3309&rv=1&tim=1675702903130&vi=1675702898562&ri=44e3d721156e35ef03a59a47d243eac5&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1497822/log/3/unip?en=pre_d_eng_tb&tos=4563&scd=0&ssd=1&est=1675702898565&ver=36&isls=true&src=i&invt=3000&msa=3309&rv=1&tim=1675702903130&vi=1675702898562&ri=44e3d721156e35ef03a59a47d243eac5&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 06 Feb 2023 17:00:57 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://register.fxtm.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
obs.cheqzone.com/mon
35.172.245.152200 OK 0 B IP 35.172.245.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1522
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Cookie: cg_uuid=ea361b36556db2f562ccce898d1421b7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://register.fxtm.com
content-type: application/json
date: Mon, 06 Feb 2023 17:00:57 GMT
content-length: 0
X-Firefox-Spdy: h2
my.forextime.com/en/identity/registration/assets/config.json?r=oajg6k
104.18.231.99200 OK 0 B URL HTTP/2 my.forextime.com/en/identity/registration/assets/config.json?r=oajg6k
IP 104.18.231.99:0
GET /en/identity/registration/assets/config.json?r=oajg6k HTTP/1.1
Host: my.forextime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.forextime.com/en/identity/registration/?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:51 GMT
content-type: application/json
last-modified: Tue, 31 Jan 2023 15:13:50 GMT
etag: W/"63d9302e-1bed"
my-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 795571c63ba80b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jssdks.mparticle.com/v3/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/events
151.101.194.133202 Accepted 0 B URL HTTP/2 jssdks.mparticle.com/v3/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/events
IP 151.101.194.133:0
POST /v3/JS/us1-7e64e961d63ef3498e1ff29e51ea3b54/events HTTP/1.1
Host: jssdks.mparticle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/plain;charset=UTF-8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://register.fxtm.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://register.fxtm.com
Content-Length: 2132
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
content-type: application/json
server: Kestrel
access-control-allow-origin: *
content-encoding: gzip
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:57 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702857.276454,VS0,VE19
vary: Accept-Encoding
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/2ff3635e-quotation-mark.svg
54.230.245.21200 OK 0 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/2ff3635e-quotation-mark.svg
IP 54.230.245.21:0
GET /register.fxtm.com/gold-1/2ff3635e-quotation-mark.svg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Sat, 24 Sep 2022 04:08:59 GMT
last-modified: Fri, 16 Sep 2022 13:07:50 GMT
etag: W/"3d459879cef48975e8fbc88fcadb03c8"
cache-control: max-age=31557600
x-amz-version-id: NyTTD9BYkMo5lhmnW_PwsUWiuFQ6dpfr
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eqESY6Wdd2yubgw-c9j5vFmAV6imz5-NfxksKrgQKedYQOrH8QAL-w==
age: 11710313
X-Firefox-Spdy: h2
sdk.fra-01.braze.eu/api/v3/content_cards/sync
151.101.193.208200 OK 0 B URL HTTP/2 sdk.fra-01.braze.eu/api/v3/content_cards/sync
IP 151.101.193.208:0
OPTIONS /api/v3/content_cards/sync HTTP/1.1
Host: sdk.fra-01.braze.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Referer: https://register.fxtm.com/
Origin: https://register.fxtm.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1631-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702853.642299,VS0,VE82
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
trc.taboola.com/1497822/trc/3/json?tim=1675702898568&data=%7B%22id%22%3A513%2C%22ii%22%3A%22%2Fgold-1%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675702898562%2C%22cv%22%3A%2220230205-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dexinitylimited-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675702898568%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.193.44200 OK 0 B URL HTTP/2 trc.taboola.com/1497822/trc/3/json?tim=1675702898568&data=%7B%22id%22%3A513%2C%22ii%22%3A%22%2Fgold-1%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675702898562%2C%22cv%22%3A%2220230205-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dexinitylimited-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675702898568%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.193.44:0
GET /1497822/trc/3/json?tim=1675702898568&data=%7B%22id%22%3A513%2C%22ii%22%3A%22%2Fgold-1%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675702898562%2C%22cv%22%3A%2220230205-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dexinitylimited-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675702898568%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fregister.fxtm.com%2Fgold-1%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702853.815876,VS0,VE110
vary: Accept-Encoding
x-vcl-time-ms: 110
X-Firefox-Spdy: h2
my.forextime.com/en/identity/registration?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true
104.18.231.99301 Moved Permanently 0 B URL HTTP/2 my.forextime.com/en/identity/registration?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true
IP 104.18.231.99:0
GET /en/identity/registration?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true HTTP/1.1
Host: my.forextime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Mon, 06 Feb 2023 17:00:51 GMT
content-type: text/html
location: https://my.forextime.com/en/identity/registration/?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true
my-country: NO
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 795571c3b8a20b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/b3153b37-fxtm-logo-gives-you-more.svg
54.230.245.21200 OK 0 B URL HTTP/2 d9hhrg4mnvzow.cloudfront.net/register.fxtm.com/gold-1/b3153b37-fxtm-logo-gives-you-more.svg
IP 54.230.245.21:0
GET /register.fxtm.com/gold-1/b3153b37-fxtm-logo-gives-you-more.svg HTTP/1.1
Host: d9hhrg4mnvzow.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 20 Sep 2022 03:08:21 GMT
last-modified: Fri, 16 Sep 2022 13:07:50 GMT
etag: W/"21096ad9de50324cc862d3433f6878bb"
cache-control: max-age=31557600
x-amz-version-id: d9nvBTKuxPe55gmWWIA8xFFD8r535opm
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y-2wJy2hRrbmvpq9kKMI00meWphJSuBo6Qcf3-00v0fa2z09_mzelQ==
age: 12059551
X-Firefox-Spdy: h2
sdk.fra-01.braze.eu/api/v3/content_cards/sync
151.101.193.208201 Created 0 B URL HTTP/2 sdk.fra-01.braze.eu/api/v3/content_cards/sync
IP 151.101.193.208:0
POST /api/v3/content_cards/sync HTTP/1.1
Host: sdk.fra-01.braze.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
X-Requested-With: XMLHttpRequest
X-Braze-Api-Key: 6fd4f390-31e4-4ddb-b049-e6a615bc5049
X-Braze-DataRequest: true
X-Braze-ContentCardsRequest: true
Content-Length: 475
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
etag: W/"43d52e35db6eb50bdfe5310ae8d0549e"
cache-control: max-age=0, private, must-revalidate
x-request-id: b1c22e65-dde2-41c6-8686-ec96925b57f0
x-runtime: 0.032288
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1631-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702853.760844,VS0,VE53
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/4439274/domain/register.fxtm.com/token
54.230.111.112200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/4439274/domain/register.fxtm.com/token
IP 54.230.111.112:0
GET /partner/4439274/domain/register.fxtm.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Mon, 06 Feb 2023 16:42:39 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7OBhqmhcq54JpOMAJ6lDiejFpUIKv3bjCad2hjlAqZepklQ3mfssdw==
age: 1093
X-Firefox-Spdy: h2
my.forextime.com/en/identity/registration/?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true
104.18.231.99200 OK 0 B URL HTTP/2 my.forextime.com/en/identity/registration/?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true
IP 104.18.231.99:0
GET /en/identity/registration/?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true HTTP/1.1
Host: my.forextime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://register.fxtm.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:51 GMT
content-type: text/html
last-modified: Tue, 24 Jan 2023 09:17:31 GMT
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 795571c429180b31-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
identity.mparticle.com/v1/identify
151.101.2.133200 OK 0 B URL HTTP/2 identity.mparticle.com/v1/identify
IP 151.101.2.133:0
POST /v1/identify HTTP/1.1
Host: identity.mparticle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-mp-key: us1-7e64e961d63ef3498e1ff29e51ea3b54
Content-Length: 320
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
server: Kestrel
access-control-allow-origin: *
content-encoding: gzip
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1680-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702852.901031,VS0,VE106
vary: Accept-Encoding
strict-transport-security: max-age=900
X-Firefox-Spdy: h2
my.forextime.com/en/identity/registration/assets/fxLight.j0vpcszk8pvqtfc8omh59.css
104.18.231.99200 OK 0 B URL HTTP/2 my.forextime.com/en/identity/registration/assets/fxLight.j0vpcszk8pvqtfc8omh59.css
IP 104.18.231.99:0
GET /en/identity/registration/assets/fxLight.j0vpcszk8pvqtfc8omh59.css HTTP/1.1
Host: my.forextime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://my.forextime.com/en/identity/registration/?theme=&sbt=&abt=&lbt=&sw=&cs=&dlt=&product=&origin=https%3A%2F%2Fregister.fxtm.com¤t_url=https://register.fxtm.com/&company=global&version=40708&type=new&new-gtm=&disable_web_analytic=true
Cookie: isUnbounceDomain=true; isAllowedDomain=false; company=uk; currentWWWUrl=https://register.fxtm.com/; language=en; origin=https://register.fxtm.com; topUrl=https://register.fxtm.com/; redirect=; redirect_auth=; redirect_login=; country=NO
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:52 GMT
content-type: text/css
last-modified: Tue, 24 Jan 2023 09:17:31 GMT
etag: W/"63cfa22b-12561"
my-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 795571c90e630b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i5rwkk4h.micpn.com/p/js/1.js
143.204.55.15200 OK 0 B URL HTTP/2 i5rwkk4h.micpn.com/p/js/1.js
IP 143.204.55.15:0
GET /p/js/1.js HTTP/1.1
Host: i5rwkk4h.micpn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
x-uuid: 93c35f00-c7f8-4f2a-ad1a-72e5ed4e8aa5
cache-control: no-cache max-age=0
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
p3p: policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
timing-allow-origin: https://register.fxtm.com
date: Mon, 06 Feb 2023 16:55:47 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iKAGWh-z9qP5ouJRdflI5NjQ-chhgXzfUAJE3STzBXSkfxpB38JC0w==
age: 308
X-Firefox-Spdy: h2
use.fontawesome.com/7f85a56ba4.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/7f85a56ba4.css
IP 172.64.133.15:0
GET /7f85a56ba4.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 17:00:51 GMT
content-type: text/css
x-amz-id-2: Zsfkg1LG0dsTpAconQXPl6g4jbtswHSNTo/BYLIoDURwur1V1m8id2p1l1X55EdCMC0FXbnDGAY=
x-amz-request-id: T5W1NXHY5YT1ZBNQ
last-modified: Wed, 30 Jun 2021 21:14:33 GMT
etag: W/"8360eb270b919a1fb4776bc448d9ed14"
cache-control: max-age=1800
cf-cache-status: HIT
age: 6896
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYy4SIYFDnyjozbbtvpZIzrALor0ZMSGceGEZehqx6YGootmhAPMNFL1bZkmUqpxDdFGGowKAYJNxTtFhTDHZKbn%2FBh0te7TtYGQX0BwqrfiXjhH%2FsQpZzabpYARrEwPbDJtOWAK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795571c70b9b72f4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sdk.fra-01.braze.eu/api/v3/data/
151.101.193.208201 Created 0 B URL HTTP/2 sdk.fra-01.braze.eu/api/v3/data/
IP 151.101.193.208:0
POST /api/v3/data/ HTTP/1.1
Host: sdk.fra-01.braze.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
X-Requested-With: XMLHttpRequest
X-Braze-Api-Key: 6fd4f390-31e4-4ddb-b049-e6a615bc5049
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
Content-Length: 597
Origin: https://register.fxtm.com
Connection: keep-alive
Referer: https://register.fxtm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
etag: W/"3df14e083b186ca86267d3e5077b03e0"
cache-control: max-age=0, private, must-revalidate
x-request-id: 63d8c94a-b7d9-43e9-b74d-1c2482e1e7c1
x-runtime: 0.079278
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Feb 2023 17:00:52 GMT
via: 1.1 varnish
x-served-by: cache-bma1631-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675702852.912888,VS0,VE100
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2