my.exness.com/cnf/config-accounts.js?v=2.21.0
200 OK 153 kB URL GET HTTP/2 my.exness.com/cnf/config-accounts.js?v=2.21.0
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectmy.exness.com
Fingerprint24:5A:47:29:3D:03:7F:09:E8:9F:13:EF:7A:C6:F0:8B:0B:B2:75:53
ValidityMon, 29 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (47505), with no line terminators
Size 153 kB (153209 bytes)
Hash f34315c27c271e66fb948500b417b16b
71af1b01ff2d77577a2994855d913b4326a1a121
89c6c0050f9807cb66d4593aa459a54409cd80efada749b89aa6d2cbc45622da
GET /cnf/config-accounts.js?v=2.21.0 HTTP/1.1
Host: my.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Cookie: nlbi_2124469=UTyvQ6Gm+hhBOHgyLGzAYQAAAAAWcImNLERvVS2LJf6H4onb; visid_incap_2124469=6kLAH9rwSEelhqO55hY171LBD2UAAAAAQUIPAAAAAADx+RNWyKnSrop/9lZqm/0d; incap_ses_633_2124469=zbKjF7ua3CEy1IUH4t7ICFLBD2UAAAAADBXNoUnIF9B9VsTqXIWbQw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
etag: W/"650da34b-6fc7a"
last-modified: Fri, 22 Sep 2023 14:23:07 GMT
content-type: application/javascript
content-length: 153209
content-encoding: gzip
cache-control: max-age=60, public
expires: Sun, 24 Sep 2023 04:56:47 GMT
date: Sun, 24 Sep 2023 04:55:47 GMT
x-cdn: Imperva
x-iinfo: 4-11417123-11416817 2VNN RT(1695531346593 759) q(0 0 0 -1) r(1 1)
X-Firefox-Spdy: h2
my.exness.com/accounts/widget/index.js
200 OK 2.4 kB URL GET HTTP/2 my.exness.com/accounts/widget/index.js
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectmy.exness.com
Fingerprint24:5A:47:29:3D:03:7F:09:E8:9F:13:EF:7A:C6:F0:8B:0B:B2:75:53
ValidityMon, 29 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (6360), with no line terminators
Hash c6bac990d7b7e16cd57d0d6320c91d61
f4e28ea7ed0fc4cf7315850e0393f2b04a90ab2a
87d8e755ccaaeeb0a625776ef4dc78d3f90276b5ee92cff02a26096a2c1b6e2a
GET /accounts/widget/index.js HTTP/1.1
Host: my.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Cookie: nlbi_2124469=UTyvQ6Gm+hhBOHgyLGzAYQAAAAAWcImNLERvVS2LJf6H4onb; visid_incap_2124469=6kLAH9rwSEelhqO55hY171LBD2UAAAAAQUIPAAAAAADx+RNWyKnSrop/9lZqm/0d; incap_ses_633_2124469=zbKjF7ua3CEy1IUH4t7ICFLBD2UAAAAADBXNoUnIF9B9VsTqXIWbQw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
etag: W/"650d8fa7-18d8"
last-modified: Fri, 22 Sep 2023 12:59:19 GMT
content-type: application/javascript
content-length: 2398
content-encoding: gzip
cache-control: max-age=60, public
expires: Sun, 24 Sep 2023 04:56:47 GMT
date: Sun, 24 Sep 2023 04:55:47 GMT
x-cdn: Imperva
x-iinfo: 4-11417123-11417182 2VNN RT(1695531346593 770) q(0 0 0 -1) r(0 1)
X-Firefox-Spdy: h2
my.exness.com/accounts/static/css/main.1824e9d5.css
200 OK 8.6 kB URL GET HTTP/2 my.exness.com/accounts/static/css/main.1824e9d5.css
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectmy.exness.com
Fingerprint24:5A:47:29:3D:03:7F:09:E8:9F:13:EF:7A:C6:F0:8B:0B:B2:75:53
ValidityMon, 29 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (42703), with no line terminators
Hash 37e824967988998758abc54b579d616e
073e4e66f243be9745f14f5ffade636aee4ac15d
e4eaff2f16492e75183aa49490496d44b16dda4b466988683ca81f4b5c9cd0f9
GET /accounts/static/css/main.1824e9d5.css HTTP/1.1
Host: my.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Cookie: nlbi_2124469=UTyvQ6Gm+hhBOHgyLGzAYQAAAAAWcImNLERvVS2LJf6H4onb; visid_incap_2124469=6kLAH9rwSEelhqO55hY171LBD2UAAAAAQUIPAAAAAADx+RNWyKnSrop/9lZqm/0d; incap_ses_633_2124469=zbKjF7ua3CEy1IUH4t7ICFLBD2UAAAAADBXNoUnIF9B9VsTqXIWbQw==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
etag: W/"650d8fa7-a6cf"
last-modified: Fri, 22 Sep 2023 12:59:19 GMT
content-type: text/css
content-length: 8615
content-encoding: gzip
cache-control: max-age=60, public
expires: Sun, 24 Sep 2023 04:56:47 GMT
date: Sun, 24 Sep 2023 04:55:47 GMT
x-cdn: Imperva
x-iinfo: 4-11417123-11417184 2VNN RT(1695531346593 771) q(0 0 0 -1) r(0 1)
X-Firefox-Spdy: h2
my.exness.com/accounts/scripts/8ngmg6pri9z1.js
200 OK 1.0 kB URL GET HTTP/2 my.exness.com/accounts/scripts/8ngmg6pri9z1.js
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectmy.exness.com
Fingerprint24:5A:47:29:3D:03:7F:09:E8:9F:13:EF:7A:C6:F0:8B:0B:B2:75:53
ValidityMon, 29 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (2394), with no line terminators
Hash 2188a00cdbdfb508f592cbb3f036b23c
60f4ba385310b54f582cea7d386385ff626a46eb
a96d2964516dccbdaf4a4d99caaa87a02782b6ac173d63768e7c2fe2778db70a
GET /accounts/scripts/8ngmg6pri9z1.js HTTP/1.1
Host: my.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Cookie: nlbi_2124469=UTyvQ6Gm+hhBOHgyLGzAYQAAAAAWcImNLERvVS2LJf6H4onb; visid_incap_2124469=6kLAH9rwSEelhqO55hY171LBD2UAAAAAQUIPAAAAAADx+RNWyKnSrop/9lZqm/0d; incap_ses_633_2124469=zbKjF7ua3CEy1IUH4t7ICFLBD2UAAAAADBXNoUnIF9B9VsTqXIWbQw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
etag: W/"650d8fa7-95a"
last-modified: Fri, 22 Sep 2023 12:59:19 GMT
content-type: application/javascript
content-length: 1027
content-encoding: gzip
cache-control: max-age=60, public
expires: Sun, 24 Sep 2023 04:56:47 GMT
date: Sun, 24 Sep 2023 04:55:47 GMT
x-cdn: Imperva
x-iinfo: 4-11417123-11408869 2VNN RT(1695531346593 762) q(0 0 0 -1) r(1 1)
X-Firefox-Spdy: h2
my.exness.com/accounts/static/js/main.ba5458b0.js
200 OK 384 kB URL GET HTTP/2 my.exness.com/accounts/static/js/main.ba5458b0.js
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectmy.exness.com
Fingerprint24:5A:47:29:3D:03:7F:09:E8:9F:13:EF:7A:C6:F0:8B:0B:B2:75:53
ValidityMon, 29 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65465)
Size 384 kB (383842 bytes)
Hash 24932d86846278d7c7614807dfa32a32
1737a42b4c3d87513deaabc4497a4aa143b8066e
ae51826011a3248f9766d81741d790e0d31c21a49b7cb8746824cb7e549a0913
GET /accounts/static/js/main.ba5458b0.js HTTP/1.1
Host: my.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Cookie: nlbi_2124469=UTyvQ6Gm+hhBOHgyLGzAYQAAAAAWcImNLERvVS2LJf6H4onb; visid_incap_2124469=6kLAH9rwSEelhqO55hY171LBD2UAAAAAQUIPAAAAAADx+RNWyKnSrop/9lZqm/0d; incap_ses_633_2124469=zbKjF7ua3CEy1IUH4t7ICFLBD2UAAAAADBXNoUnIF9B9VsTqXIWbQw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
etag: W/"650d8fa7-1088a6"
last-modified: Fri, 22 Sep 2023 12:59:19 GMT
content-type: application/javascript
content-length: 383842
content-encoding: gzip
cache-control: max-age=60, public
expires: Sun, 24 Sep 2023 04:56:47 GMT
date: Sun, 24 Sep 2023 04:55:47 GMT
x-cdn: Imperva
x-iinfo: 4-11417123-11375619 2VNN RT(1695531346593 769) q(0 0 0 -1) r(2 2)
X-Firefox-Spdy: h2
my.exness.com/accounts/locales/en/sso-frontend.json?v=
200 OK 2.6 kB URL GET HTTP/2 my.exness.com/accounts/locales/en/sso-frontend.json?v=
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectmy.exness.com
Fingerprint24:5A:47:29:3D:03:7F:09:E8:9F:13:EF:7A:C6:F0:8B:0B:B2:75:53
ValidityMon, 29 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (525)
Hash 388cb31869387b48cdb8d667f85be13b
dc32c3476fd670ae7c1849656631b8c6a6fd1748
efc2f1e23eeb3d694be589c11fe7e9848d97bbc5e690260fdcad56d6b1dd3370
GET /accounts/locales/en/sso-frontend.json?v= HTTP/1.1
Host: my.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
DNT: 1
Connection: keep-alive
Cookie: nlbi_2124469=UTyvQ6Gm+hhBOHgyLGzAYQAAAAAWcImNLERvVS2LJf6H4onb; visid_incap_2124469=6kLAH9rwSEelhqO55hY171LBD2UAAAAAQUIPAAAAAADx+RNWyKnSrop/9lZqm/0d; incap_ses_633_2124469=zbKjF7ua3CEy1IUH4t7ICFLBD2UAAAAADBXNoUnIF9B9VsTqXIWbQw==; AMP_2b790405f1=JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI4NzVlYWNiOS0xNWYwLTQ5YTEtYTllZS04NTQwYjY0ZDU2MWYlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjk1NTMxMzQ4ODQwJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlN0Q=; AMP_MKTG_2b790405f1=JTdCJTIydXRtX3NvdXJjZSUyMiUzQSUyMnBhcnRuZXJzJTIyJTdE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
etag: W/"650d8fa7-19e3"
last-modified: Fri, 22 Sep 2023 12:59:19 GMT
content-type: application/json
content-length: 2587
content-encoding: gzip
cache-control: max-age=60, public
expires: Sun, 24 Sep 2023 04:56:48 GMT
date: Sun, 24 Sep 2023 04:55:48 GMT
x-cdn: Imperva
x-iinfo: 4-11417123-11417184 2VNN RT(1695531346593 1783) q(0 0 0 -1) r(1 1)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 41d47531a53830929519cbac6bcf752a
c39e4c34f34823397d064f1dd018625b2321f892
77798848ecc76001633e9d6571748a6c58fc655abb7509c4deb52932479e93ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 41d47531a53830929519cbac6bcf752a
c39e4c34f34823397d064f1dd018625b2321f892
77798848ecc76001633e9d6571748a6c58fc655abb7509c4deb52932479e93ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
472 B IP
Hash e8ae2abdbc20adc47e96a3287fb7bae4
183a057d69c3a164e3deeccd0af02e573e9f5f20
ae80359c8460d251dcb0e9ad55c3cd457272c4186c2ec8eccaa65056b47810f8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 04:55:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 20 Sep 2023 23:19:11 GMT
Expires: Wed, 27 Sep 2023 23:19:10 GMT
Etag: "183a057d69c3a164e3deeccd0af02e573e9f5f20"
Cache-Control: max-age=326349,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 80b86ff2bd74569c-OSL
my.exness.com/accounts/locales/vi/sso-frontend.json?v=
200 OK 3.1 kB URL GET HTTP/2 my.exness.com/accounts/locales/vi/sso-frontend.json?v=
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectmy.exness.com
Fingerprint24:5A:47:29:3D:03:7F:09:E8:9F:13:EF:7A:C6:F0:8B:0B:B2:75:53
ValidityMon, 29 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (520)
Hash e17f97c6162eced6fc09f81fbc75b519
b4f24856bfb62c14a0794af842725a5fdbf25397
df6623077066451b81d6f5f6a13f1627f2aa155fe689f50fac53d46bb1e5ea67
GET /accounts/locales/vi/sso-frontend.json?v= HTTP/1.1
Host: my.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
DNT: 1
Connection: keep-alive
Cookie: nlbi_2124469=UTyvQ6Gm+hhBOHgyLGzAYQAAAAAWcImNLERvVS2LJf6H4onb; visid_incap_2124469=6kLAH9rwSEelhqO55hY171LBD2UAAAAAQUIPAAAAAADx+RNWyKnSrop/9lZqm/0d; incap_ses_633_2124469=zbKjF7ua3CEy1IUH4t7ICFLBD2UAAAAADBXNoUnIF9B9VsTqXIWbQw==; AMP_2b790405f1=JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI4NzVlYWNiOS0xNWYwLTQ5YTEtYTllZS04NTQwYjY0ZDU2MWYlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjk1NTMxMzQ4ODQwJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlN0Q=; AMP_MKTG_2b790405f1=JTdCJTIydXRtX3NvdXJjZSUyMiUzQSUyMnBhcnRuZXJzJTIyJTdE; language=vi
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
etag: W/"650d8fa7-1f8a"
last-modified: Fri, 22 Sep 2023 12:59:19 GMT
content-type: application/json
content-length: 3137
content-encoding: gzip
cache-control: max-age=60, public
expires: Sun, 24 Sep 2023 04:56:48 GMT
date: Sun, 24 Sep 2023 04:55:48 GMT
x-cdn: Imperva
x-iinfo: 4-11417123-11417184 2VNN RT(1695531346593 2048) q(0 0 0 -1) r(1 1)
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=GTM-TDBRFHT
200 OK 53 kB URL GET HTTP/2 www.googleoptimize.com/optimize.js?id=GTM-TDBRFHT
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (3428)
Hash 8c36faf8a269206ebc0acc3966ad3219
065852edcbb9ff8a939b4381981015ebf9a2146e
12840a0e8f35b2c0600a59c625eab99e3177befdc841185d2df2956900f78a4b
GET /optimize.js?id=GTM-TDBRFHT HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 24 Sep 2023 04:55:48 GMT
expires: Sun, 24 Sep 2023 04:55:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53278
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-KCG2RM9
200 OK 51 kB URL GET HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-KCG2RM9
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (2213)
Hash a64ad772145c729b26641ea872d9f35e
ddbc03f42853bc98b25ced09668ad7e5710e96a2
6e86e1ded7c35bc9c5ee7d77879d5203d4919ba8db86a438372594e64f60764b
GET /optimize.js?id=OPT-KCG2RM9 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 24 Sep 2023 04:55:48 GMT
expires: Sun, 24 Sep 2023 04:55:48 GMT
cache-control: private, max-age=900
last-modified: Sun, 24 Sep 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50588
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ex.exnessstats.com/rp8xbl9c32jturx0.js?ed77dlwzuc50ukt4=7hs48cp7&xadmaemxku02kwns=5e3b82d5-aa60-183e-a465-eab712c602cc
200 OK 13 kB URL GET HTTP/1.1 ex.exnessstats.com/rp8xbl9c32jturx0.js?ed77dlwzuc50ukt4=7hs48cp7&xadmaemxku02kwns=5e3b82d5-aa60-183e-a465-eab712c602cc
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (15506)
Hash 2ccf9865499ca416e93636c7af459c6c
99933ef905a8008d1e8c2a4a4c14ebb10a67cfcd
201614eb33366eb86fdc4d416605ea126fb227c87d9971f4c3c065b237e251d0
GET /rp8xbl9c32jturx0.js?ed77dlwzuc50ukt4=7hs48cp7&xadmaemxku02kwns=5e3b82d5-aa60-183e-a465-eab712c602cc HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 04:55:49 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Set-Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
www.googletagmanager.com/gtm.js?id=GTM-PRKMDF8
200 OK 99 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PRKMDF8
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (26750)
Hash 21bd5154a1c0d3c505124249cbffda62
05e5c81330d8f0c917adf4782de70b3f0df17960
765049aeb70212fe86f39d24587d6fce79921b2bd8759cb1c6729db95f216359
GET /gtm.js?id=GTM-PRKMDF8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 24 Sep 2023 04:55:49 GMT
expires: Sun, 24 Sep 2023 04:55:49 GMT
cache-control: private, max-age=900
last-modified: Sun, 24 Sep 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 99166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 41d47531a53830929519cbac6bcf752a
c39e4c34f34823397d064f1dd018625b2321f892
77798848ecc76001633e9d6571748a6c58fc655abb7509c4deb52932479e93ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 41d47531a53830929519cbac6bcf752a
c39e4c34f34823397d064f1dd018625b2321f892
77798848ecc76001633e9d6571748a6c58fc655abb7509c4deb52932479e93ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m01.amazontrust.com/
471 B URL ocsp.r2m01.amazontrust.com/
IP
Hash f13683903cd7bde8289fc00039f41c9e
7c306cba1075e87b67a0571173a8b55fa7e95c50
9e9129afb7965a8677a22197465759f67dcc362af3258d585048450485b52d5c
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Sun, 24 Sep 2023 04:55:49 GMT
Server: ECAcc (amb/6AEA)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JwUixt657039YNZyhnCcsJFUdRMLilCGDtkA9dWYjCWHdDqK70M9Dw==
ocsp.pki.goog/gts1c3
471 B IP
Hash a919451a4b737e61a8d4798732bd25ca
81887ca8ba5721aae92b25155ee72fb2950bc328
85f10626a1276cce94e6e3fd439fb0d982645177ba3ed0cb9d554ce6432bd16f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.exness.com/favicon.ico
308 Permanent Redirect 164 B URL GET HTTP/2 my.exness.com/favicon.ico
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectmy.exness.com
Fingerprint24:5A:47:29:3D:03:7F:09:E8:9F:13:EF:7A:C6:F0:8B:0B:B2:75:53
ValidityMon, 29 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f23c4815ecaef1588f16ac735c0e15d6
026bf8cdd5076014b6fc822878e0086eb44da556
43a81fb3d47b34e7d42d6b8444f592ed9251b8e57db8f67d32419aa40b1480d0
GET /favicon.ico HTTP/1.1
Host: my.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Cookie: nlbi_2124469=UTyvQ6Gm+hhBOHgyLGzAYQAAAAAWcImNLERvVS2LJf6H4onb; visid_incap_2124469=6kLAH9rwSEelhqO55hY171LBD2UAAAAAQUIPAAAAAADx+RNWyKnSrop/9lZqm/0d; incap_ses_633_2124469=zbKjF7ua3CEy1IUH4t7ICFLBD2UAAAAADBXNoUnIF9B9VsTqXIWbQw==; AMP_2b790405f1=JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI4NzVlYWNiOS0xNWYwLTQ5YTEtYTllZS04NTQwYjY0ZDU2MWYlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjk1NTMxMzQ4ODQwJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTY5NTUzMTM0OTgzOCUyQyUyMmxhc3RFdmVudElkJTIyJTNBMSU3RA==; AMP_MKTG_2b790405f1=JTdCJTIydXRtX3NvdXJjZSUyMiUzQSUyMnBhcnRuZXJzJTIyJTdE; language=vi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 308 Permanent Redirect
date: Sun, 24 Sep 2023 04:55:49 GMT
content-type: text/html
content-length: 164
location: https://my.exness.com/pa/
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-11417123-11413567 pNNy RT(1695531346593 3063) q(0 0 0 -1) r(1 1) U11
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash f5e8c4f8f278f9efbee06f1da6ca6afa
07cea281d3989868b6a516d85d886f223231c690
207b4b722f6e6827f867905eb8f9d07bb251106fd318bba1b063d0127920444a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleoptimize.com/optimize.js?id=OPT-KCG2RM9
200 OK 51 kB URL GET HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-KCG2RM9
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (2213)
Hash c388bf9cf371ba0476277d4d304ea502
4741e7ee7f72c74f647beec0d663ee2f4e0f9bdd
1d1173d496ebaf26eac560fd5f7dd93af7720352c3a9830009f09f55a4db7a7f
GET /optimize.js?id=OPT-KCG2RM9 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 24 Sep 2023 04:55:50 GMT
expires: Sun, 24 Sep 2023 04:55:50 GMT
cache-control: private, max-age=900
last-modified: Sun, 24 Sep 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50594
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.redditstatic.com/ads/pixel.js
200 OK 7.4 kB URL GET HTTP/2 www.redditstatic.com/ads/pixel.js
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerDigiCert Inc
Subjectwww.redditstatic.com
Fingerprint5B:10:93:15:D0:06:B8:27:DD:C8:15:7C:8A:49:4B:AD:06:D3:8E:15
ValidityFri, 25 Aug 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (23776)
Hash 78b6c68984a6ce5b3fcac1c6a9cad00c
02e1d366a17506cea8adfe5a15949aca89719a02
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 24 Sep 2023 04:55:50 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7409
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
200 OK 17 kB URL GET HTTP/2 sc-static.net/scevent.min.js
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerAmazon
Subjectsc-static.net
Fingerprint87:A3:D4:61:E0:AE:FC:1D:D3:A2:D8:C4:87:CE:9B:A2:FA:36:32:AC
ValidityFri, 20 Jan 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (38985)
Hash cd026c6ba8037ccb0ccd2c40164d7ee3
ad635ab0274d62f3c7e5bf8ece6cedce94b64f3d
25f0d9a182b9a8883cf36f88666a255c54f4ee878e07ab76b73b6db27d2faaa9
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 16649
server: CloudFront
date: Sun, 24 Sep 2023 04:55:50 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Mon, 25 Sep 2023 03:40:40 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R8B3NKMECQWLn-PACWilFn4Hq2jdcYuWN9QRP7HRiklpnrJSC9OEYA==
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-M71C3QBXSG&l=dataLayer&cx=c
200 OK 91 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-M71C3QBXSG&l=dataLayer&cx=c
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (9332)
Hash 016d6618872f117e0259b53c7271940c
967b355fd6228f4f1288736ebe1dfbf79336c0d4
92f5ca663eceb54ca9ca39a0458ee18b3486cc240eb951ac0e02891bb6c9bee8
GET /gtag/js?id=G-M71C3QBXSG&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 24 Sep 2023 04:55:50 GMT
expires: Sun, 24 Sep 2023 04:55:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91299
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ipqscdn.com/api/*/NlAy2Y7126rKFPVsrYoTBdQeFV1LqjVQL2uzcPyys16pOc6MtDU8TaiVrYTenecjJ9W7NgqXQfBTO4SlVLxC0junrLPnG8gpWKOCwhko7W0Za2YaZ6XXx8EJI3vgX2cxvTnEWkuBBwMny2pDf9o9wlFPSdFiLhI6S4x2SgSFMqClghVejKGVLW4SiQVUbjuyrM9PRXy9p3VphCol8LVRxHpd03n6cJA9ndq4gJWkaUi73XFN1Bioqc5V1z1MPrGE/pixel.png
200 OK 383 B URL GET HTTP/2 www.ipqscdn.com/api/*/NlAy2Y7126rKFPVsrYoTBdQeFV1LqjVQL2uzcPyys16pOc6MtDU8TaiVrYTenecjJ9W7NgqXQfBTO4SlVLxC0junrLPnG8gpWKOCwhko7W0Za2YaZ6XXx8EJI3vgX2cxvTnEWkuBBwMny2pDf9o9wlFPSdFiLhI6S4x2SgSFMqClghVejKGVLW4SiQVUbjuyrM9PRXy9p3VphCol8LVRxHpd03n6cJA9ndq4gJWkaUi73XFN1Bioqc5V1z1MPrGE/pixel.png
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subjectipqscdn.com
FingerprintC3:B5:61:26:ED:F3:F7:CA:21:34:46:27:E5:62:AF:EC:C3:BE:19:12
ValidityMon, 07 Aug 2023 08:00:22 GMT - Sun, 05 Nov 2023 08:00:21 GMT
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash a081bf544cf9348ad242ca15990387b2
30ef52511352f7835fd8f893a9699f3bd0413cf9
74b5b1fcb7e229308556ed96452541b325364be49eb16305e06da6d02a1a5b62
GET /api/*/NlAy2Y7126rKFPVsrYoTBdQeFV1LqjVQL2uzcPyys16pOc6MtDU8TaiVrYTenecjJ9W7NgqXQfBTO4SlVLxC0junrLPnG8gpWKOCwhko7W0Za2YaZ6XXx8EJI3vgX2cxvTnEWkuBBwMny2pDf9o9wlFPSdFiLhI6S4x2SgSFMqClghVejKGVLW4SiQVUbjuyrM9PRXy9p3VphCol8LVRxHpd03n6cJA9ndq4gJWkaUi73XFN1Bioqc5V1z1MPrGE/pixel.png HTTP/1.1
Host: www.ipqscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 24 Sep 2023 04:55:49 GMT
content-type: image/png
x-robots-tag: noindex
access-control-allow-origin: https://my.exness.com
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sun, 24 Sep 2023 01:08:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cef%2BnzkF0JV6iy6rwlhYbQl46%2B3zldxcre3WZIqDQxCbGOW3mhN01wCtHe%2B8E32Si9pC7%2Bk3Hpfu6G86zRmpsat9ub01tE3oBGDzj4wMTmYLuOM8KHKT3NHsfn8FsGoKiEU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b86ff47ef7b52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
315 B URL zerossl.ocsp.sectigo.com/
IP
Hash 8455b640add2c6d95965fe758e348d52
8860036345a5dfc7670ff6ae1ba839d1cd8d33f7
e20a38eb64eed73d14faea0f19c8313a0b66364a7cd6df9c2efe431e89df0e67
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 04:55:50 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Wed, 20 Sep 2023 16:13:10 GMT
Expires: Wed, 27 Sep 2023 16:13:09 GMT
Etag: "8860036345a5dfc7670ff6ae1ba839d1cd8d33f7"
Cache-Control: max-age=300981,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 80b86ffc9939569c-OSL
www.ipqualityscore.com/api/*/NlAy2Y7126rKFPVsrYoTBdQeFV1LqjVQL2uzcPyys16pOc6MtDU8TaiVrYTenecjJ9W7NgqXQfBTO4SlVLxC0junrLPnG8gpWKOCwhko7W0Za2YaZ6XXx8EJI3vgX2cxvTnEWkuBBwMny2pDf9o9wlFPSdFiLhI6S4x2SgSFMqClghVejKGVLW4SiQVUbjuyrM9PRXy9p3VphCol8LVRxHpd03n6cJA9ndq4gJWkaUi73XFN1Bioqc5V1z1MPrGE/learn.js
200 OK 5.7 kB URL GET HTTP/2 www.ipqualityscore.com/api/*/NlAy2Y7126rKFPVsrYoTBdQeFV1LqjVQL2uzcPyys16pOc6MtDU8TaiVrYTenecjJ9W7NgqXQfBTO4SlVLxC0junrLPnG8gpWKOCwhko7W0Za2YaZ6XXx8EJI3vgX2cxvTnEWkuBBwMny2pDf9o9wlFPSdFiLhI6S4x2SgSFMqClghVejKGVLW4SiQVUbjuyrM9PRXy9p3VphCol8LVRxHpd03n6cJA9ndq4gJWkaUi73XFN1Bioqc5V1z1MPrGE/learn.js
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint13:D5:12:C8:93:B8:D2:00:FB:3D:08:18:9D:E9:57:94:6F:58:57:A3
ValidityThu, 23 Feb 2023 00:00:00 GMT - Fri, 23 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (494)
Hash 8110ed2c811337bf43b8defc19de7700
19a60024154d43f3f51f54c01e2ae4fea0de8ba0
d74bff067cb63ac6c883d0179c344daee7458835ea3d3bd2e5946379f7441982
GET /api/*/NlAy2Y7126rKFPVsrYoTBdQeFV1LqjVQL2uzcPyys16pOc6MtDU8TaiVrYTenecjJ9W7NgqXQfBTO4SlVLxC0junrLPnG8gpWKOCwhko7W0Za2YaZ6XXx8EJI3vgX2cxvTnEWkuBBwMny2pDf9o9wlFPSdFiLhI6S4x2SgSFMqClghVejKGVLW4SiQVUbjuyrM9PRXy9p3VphCol8LVRxHpd03n6cJA9ndq4gJWkaUi73XFN1Bioqc5V1z1MPrGE/learn.js HTTP/1.1
Host: www.ipqualityscore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 24 Sep 2023 04:55:49 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=72000
cf-cache-status: EXPIRED
last-modified: Sat, 23 Sep 2023 23:50:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eit1u8JO9VTRvqaJ5zkWAg6NA9AbYTp95npE4oBDNO1x7K2iHzlPzYEoE%2BiR%2FEx%2Fi78qwE8COtLT6pYsQfa2GyVI0suZSKRjquMqaQ7chz1R5JZdvI1C3Csj5qXHcXR9LyWJ3f8VlBo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b86ff33ec50b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sp-trk.com/u
200 OK 36 B IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerZeroSSL
Subjectsp-trk.com
Fingerprint56:85:E4:D5:CF:85:9E:D9:1D:DC:86:A9:63:95:63:F7:EA:09:D7:FA
ValidityTue, 29 Aug 2023 00:00:00 GMT - Mon, 27 Nov 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5ef906ddb8a91781abf8a480a86891be
955239c00fd398a1474bf1fc61322c805f1dfcf1
feea81520a987f92516ff102e120cec3fbf5e35b6cdd90a1c2e9a7b66051db30
GET /u HTTP/1.1
Host: sp-trk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-length: 36
content-type: application/javascript; charset=UTF-8
date: Sun, 24 Sep 2023 04:55:49 GMT
etag: MjkwOTQxMjIyMDgzOTI1MjU5MQ
server: S
d.line-scdn.net/n/line_tag/public/release/v1/lt.js
200 OK 9.9 kB URL GET HTTP/2 d.line-scdn.net/n/line_tag/public/release/v1/lt.js
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerDigiCert Inc
Subjectline-apps.com
Fingerprint90:52:FA:A5:B0:FA:DC:D7:B9:C9:FF:24:36:83:F5:F9:36:C6:14:09
ValidityWed, 11 Jan 2023 00:00:00 GMT - Thu, 11 Jan 2024 23:59:59 GMT
File type ASCII text, with very long lines (17280)
Hash d3d2564cc3580b0de15d9c80b04c8c6a
0050f55e7365092cd56fe4609eb457b82b7798a7
3404c3685d4329cac25eef1f9f68368817b06504f395d6012fc5673437709758
GET /n/line_tag/public/release/v1/lt.js HTTP/1.1
Host: d.line-scdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: VOS
content-type: application/javascript
accept-ranges: bytes
last-modified: Wed, 30 Nov 2022 03:10:52 GMT
x-amz-version-id: QeOsX9koaYaEVSwhu6Vgw7qS-9HmTwX
x-rgw-object-type: Normal
etag: "d3d2564cc3580b0de15d9c80b04c8c6a"
x-amz-request-id: tx000006e64eda90ecbe754-006386ca0e-10fb8222-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=489000
expires: Fri, 29 Sep 2023 20:45:50 GMT
date: Sun, 24 Sep 2023 04:55:50 GMT
content-length: 9943
X-Firefox-Spdy: h2
my.exness.com/cnf/app-icons/logo.svg
200 OK 2.1 kB URL GET HTTP/2 my.exness.com/cnf/app-icons/logo.svg
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectmy.exness.com
Fingerprint24:5A:47:29:3D:03:7F:09:E8:9F:13:EF:7A:C6:F0:8B:0B:B2:75:53
ValidityMon, 29 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (2322)
Hash 00070a3cf91cd634cb3b7fa2a7974798
ec271a69be7e9fbbbbd9d76e1f3ff04f4aef0cfe
d57a08828af12ef3bbe61ffd9c493126b5d83904aef64c98d9058acd8cbae3f3
GET /cnf/app-icons/logo.svg HTTP/1.1
Host: my.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Cookie: nlbi_2124469=UTyvQ6Gm+hhBOHgyLGzAYQAAAAAWcImNLERvVS2LJf6H4onb; visid_incap_2124469=6kLAH9rwSEelhqO55hY171LBD2UAAAAAQUIPAAAAAADx+RNWyKnSrop/9lZqm/0d; incap_ses_633_2124469=zbKjF7ua3CEy1IUH4t7ICFLBD2UAAAAADBXNoUnIF9B9VsTqXIWbQw==; AMP_2b790405f1=JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI4NzVlYWNiOS0xNWYwLTQ5YTEtYTllZS04NTQwYjY0ZDU2MWYlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjk1NTMxMzQ4ODQwJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTY5NTUzMTM1MDYzNCUyQyUyMmxhc3RFdmVudElkJTIyJTNBMyU3RA==; AMP_MKTG_2b790405f1=JTdCJTIydXRtX3NvdXJjZSUyMiUzQSUyMnBhcnRuZXJzJTIyJTdE; language=vi; fp=e19e1989b72653a7152c87a7240d524a; _gcl_au=1.1.602140492.1695531350; __gtm_campaign_url=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1; _rdt_uuid=1695531350671.e40f0781-f913-4d48-bdee-1c504dcea59f; _scid=7865fbe8-bee7-4415-a4d9-beaf9436bb39; _scid_r=7865fbe8-bee7-4415-a4d9-beaf9436bb39
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
etag: "650da2d9-1390"
last-modified: Fri, 22 Sep 2023 14:21:13 GMT
content-type: image/svg+xml
content-length: 2065
content-encoding: gzip
date: Sun, 24 Sep 2023 04:55:50 GMT
x-cdn: Imperva
x-iinfo: 4-11417123-11375619 2CNN RT(1695531346593 3853) q(0 0 0 -1) r(0 0)
X-Firefox-Spdy: h2
ocsp.sectigo.com/
471 B IP
Hash 27423d4209c6f2a544820070a43fbc45
d3c933dae6a2c009599a14b39c64d05db704e895
c550ccbe16a61980b8150dcd0c3688c3e392481e210c423299d18e55d66d2cae
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 04:55:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 24 Sep 2023 00:38:11 GMT
Expires: Sun, 01 Oct 2023 00:38:10 GMT
Etag: "d3c933dae6a2c009599a14b39c64d05db704e895"
Cache-Control: max-age=590386,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 80b86ffe6a1d569c-OSL
errors.exness.com/api/332/envelope/?sentry_key=1e31cac314ee47ab8f60456b593062f2&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.38.0
403 Forbidden 3.7 kB URL POST HTTP/2 errors.exness.com/api/332/envelope/?sentry_key=1e31cac314ee47ab8f60456b593062f2&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.38.0
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerAmazon
Subjecterrors.exness.com
Fingerprint1E:DA:D0:DA:B9:50:F9:1D:16:72:2E:B4:42:C8:C5:D7:13:59:05:7F
ValidityMon, 20 Feb 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash d46fae19ea741b3b812f96d2868a7ba2
d37401f18d3a6fc1927eb05442096bd0180e1e10
1974ca49c160a29c2f3856eb5a16e6ef7254bc72a5729f9dcd5f5385602da03d
POST /api/332/envelope/?sentry_key=1e31cac314ee47ab8f60456b593062f2&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.38.0 HTTP/1.1
Host: errors.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://my.exness.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 401
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Sun, 24 Sep 2023 04:55:50 GMT
content-type: text/html
server: nginx
x-xss-protection: 1; mode=block
content-language: en
x-content-type-options: nosniff
vary: Accept-Language, Cookie
x-frame-options: deny
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
bat.bing.com/bat.js
200 OK 13 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintCD:30:E8:F8:D2:A7:C2:85:A1:F7:A2:2E:B6:B3:FD:F9:08:FA:31:D1
ValidityWed, 26 Jul 2023 23:57:23 GMT - Mon, 22 Jan 2024 23:57:23 GMT
File type Unicode text, UTF-8 text, with very long lines (45258), with no line terminators
Hash 5758d3b139bb81813a6232bbe21aeb9d
38c60cad0b17319248f863554edc11dae82a8424
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 12981
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ranges: bytes
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F0929263AF1649E48465ECC8509E3C46 Ref B: OSL30EDGE0216 Ref C: 2023-09-24T04:55:50Z
date: Sun, 24 Sep 2023 04:55:50 GMT
X-Firefox-Spdy: h2
api.ipify.org/?format=jsonp&callback=getIP
200 OK 29 B URL GET HTTP/1.1 api.ipify.org/?format=jsonp&callback=getIP
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subject*.ipify.org
FingerprintF4:76:2D:2C:65:D1:15:BE:19:A4:C5:E0:8D:EB:89:1A:B6:75:4A:54
ValidityTue, 07 Feb 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 90a39389063c7c5716745c3b3bb4fba1
a0903c9a7e90fa3c6ddb04d0ce36abbd4c7a004f
eaa6745d9d0a7698235cd6af53aad1551d975506c8405d8303282fb6d2f7ab69
GET /?format=jsonp&callback=getIP HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.1
Date: Sun, 24 Sep 2023 04:55:50 GMT
Content-Type: application/javascript
Content-Length: 29
Connection: keep-alive
Vary: Origin
my.exness.com/cnf/favicon.ico
200 OK 15 kB URL GET HTTP/2 my.exness.com/cnf/favicon.ico
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectmy.exness.com
Fingerprint24:5A:47:29:3D:03:7F:09:E8:9F:13:EF:7A:C6:F0:8B:0B:B2:75:53
ValidityMon, 29 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash eeb661efd23bdf6f2f278772f58faebd
ccd96c863d708152916539d98e402b6d5f85072a
dcfb5424b3fc8a611a3d97217819ed57d2ec2736d6796bade45b125a71c1a43c
GET /cnf/favicon.ico HTTP/1.1
Host: my.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Cookie: nlbi_2124469=UTyvQ6Gm+hhBOHgyLGzAYQAAAAAWcImNLERvVS2LJf6H4onb; visid_incap_2124469=6kLAH9rwSEelhqO55hY171LBD2UAAAAAQUIPAAAAAADx+RNWyKnSrop/9lZqm/0d; incap_ses_633_2124469=zbKjF7ua3CEy1IUH4t7ICFLBD2UAAAAADBXNoUnIF9B9VsTqXIWbQw==; AMP_2b790405f1=JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI4NzVlYWNiOS0xNWYwLTQ5YTEtYTllZS04NTQwYjY0ZDU2MWYlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjk1NTMxMzQ4ODQwJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTY5NTUzMTM1MDYzNCUyQyUyMmxhc3RFdmVudElkJTIyJTNBMyU3RA==; AMP_MKTG_2b790405f1=JTdCJTIydXRtX3NvdXJjZSUyMiUzQSUyMnBhcnRuZXJzJTIyJTdE; language=vi; fp=e19e1989b72653a7152c87a7240d524a; _gcl_au=1.1.602140492.1695531350; __gtm_campaign_url=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1; _rdt_uuid=1695531350671.e40f0781-f913-4d48-bdee-1c504dcea59f; _scid=7865fbe8-bee7-4415-a4d9-beaf9436bb39; _scid_r=7865fbe8-bee7-4415-a4d9-beaf9436bb39
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
etag: "650da2d9-3aee"
last-modified: Fri, 22 Sep 2023 14:21:13 GMT
content-type: image/x-icon
content-length: 15086
date: Sun, 24 Sep 2023 04:55:50 GMT
x-cdn: Imperva
x-iinfo: 4-11417123-11417096 2VNN RT(1695531346593 4058) q(0 0 0 -1) r(1 1)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 914a2e6ca145240556a7362822fdaa03
e391110d0d1eef11f3392ba05e47f9902a392776
37b59ca186d3100c77d6e74cd5e7ec9e30ae87a5fe54aa908bc6f5cc8a22f4df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 914a2e6ca145240556a7362822fdaa03
e391110d0d1eef11f3392ba05e47f9902a392776
37b59ca186d3100c77d6e74cd5e7ec9e30ae87a5fe54aa908bc6f5cc8a22f4df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 99bb1c614e4b7849a40d1924b2e8c9b9
28f43457ec83bf30ec3b1f9b2e4dbcb2458f83d4
38e5cbd203d1af1bbfb1807d97af3654f5ff9755312c4b0fefed8e7a5e22ec9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sp-trk.com/i/tuu32r52?lc=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&hl=2&tp=0&if=0&ov=s&te=0&so=landscape-primary&bp=Linux%20x86_64&lg=en-US&sw=1280&sh=1024&sl=0&st=0&sx=0&sy=0&ow=1280&oh=1024&aw=1280&ah=1024&cd=24&pr=1&tz=UTC&to=0&pc=48&ss=1&ls=1&tu=2909412220554039917&u=2909412220839252591&iu=2909412220554039917&il=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&su=2909412220554039917&np=def&id=1&od=0&pe=1&co=0&jv=0&ww=1280&wh=1024&es=37&hq=1&cw=0&ex=gp&pb1=-486853473&pb2=-486853473&pn=1363184998&pt=74&pd=0&t=01&a=1695531351724&r=2909412220554039917&o=x3q1z4dapu&p=0&et=342&n=pv
200 OK 35 B URL GET HTTP/1.1 sp-trk.com/i/tuu32r52?lc=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&hl=2&tp=0&if=0&ov=s&te=0&so=landscape-primary&bp=Linux%20x86_64&lg=en-US&sw=1280&sh=1024&sl=0&st=0&sx=0&sy=0&ow=1280&oh=1024&aw=1280&ah=1024&cd=24&pr=1&tz=UTC&to=0&pc=48&ss=1&ls=1&tu=2909412220554039917&u=2909412220839252591&iu=2909412220554039917&il=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&su=2909412220554039917&np=def&id=1&od=0&pe=1&co=0&jv=0&ww=1280&wh=1024&es=37&hq=1&cw=0&ex=gp&pb1=-486853473&pb2=-486853473&pn=1363184998&pt=74&pd=0&t=01&a=1695531351724&r=2909412220554039917&o=x3q1z4dapu&p=0&et=342&n=pv
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerZeroSSL
Subjectsp-trk.com
Fingerprint56:85:E4:D5:CF:85:9E:D9:1D:DC:86:A9:63:95:63:F7:EA:09:D7:FA
ValidityTue, 29 Aug 2023 00:00:00 GMT - Mon, 27 Nov 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 9179f21948595b73d52fbd3e1570f69a
6b66a77f769584900fe65d9a8692a64cade9bb7c
ea5a9da552b5560b88e3917eb37735ec3986cc24c897086deaffa9ef367e3aae
GET /i/tuu32r52?lc=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&hl=2&tp=0&if=0&ov=s&te=0&so=landscape-primary&bp=Linux%20x86_64&lg=en-US&sw=1280&sh=1024&sl=0&st=0&sx=0&sy=0&ow=1280&oh=1024&aw=1280&ah=1024&cd=24&pr=1&tz=UTC&to=0&pc=48&ss=1&ls=1&tu=2909412220554039917&u=2909412220839252591&iu=2909412220554039917&il=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&su=2909412220554039917&np=def&id=1&od=0&pe=1&co=0&jv=0&ww=1280&wh=1024&es=37&hq=1&cw=0&ex=gp&pb1=-486853473&pb2=-486853473&pn=1363184998&pt=74&pd=0&t=01&a=1695531351724&r=2909412220554039917&o=x3q1z4dapu&p=0&et=342&n=pv HTTP/1.1
Host: sp-trk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain; charset=utf-8
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
content-length: 35
content-type: application/json; charset=UTF-8
date: Sun, 24 Sep 2023 04:55:51 GMT
server: S
ocsp.pki.goog/gts1c3
472 B IP
Hash 99bb1c614e4b7849a40d1924b2e8c9b9
28f43457ec83bf30ec3b1f9b2e4dbcb2458f83d4
38e5cbd203d1af1bbfb1807d97af3654f5ff9755312c4b0fefed8e7a5e22ec9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gtm-n24g3w7-otgwz.uc.r.appspot.com/g/collect?v=2&tid=G-M71C3QBXSG>m=45je39k2&_p=563362859&cid=1246350640.1695531352&ul=en-us&sr=1280x1024&_fplc=0&ir=1&ur=NO-03&_eu=Eg&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695531348699&_s=1&sid=1695531351&sct=1&seg=0&dl=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&dt=%C4%90%C4%83ng%20k%C3%BD%20Exness&en=page_view&_fv=1&_nsi=1&_ss=2&ep.agent_id=0&ep.action_source=website&epn.event_time=1695531350&tfd=4580&richsstsse
200 OK 12 kB URL GET HTTP/2 gtm-n24g3w7-otgwz.uc.r.appspot.com/g/collect?v=2&tid=G-M71C3QBXSG>m=45je39k2&_p=563362859&cid=1246350640.1695531352&ul=en-us&sr=1280x1024&_fplc=0&ir=1&ur=NO-03&_eu=Eg&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695531348699&_s=1&sid=1695531351&sct=1&seg=0&dl=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&dt=%C4%90%C4%83ng%20k%C3%BD%20Exness&en=page_view&_fv=1&_nsi=1&_ss=2&ep.agent_id=0&ep.action_source=website&epn.event_time=1695531350&tfd=4580&richsstsse
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subject*.appspot.com
FingerprintC7:04:61:D1:B8:25:6D:06:9D:B5:5B:21:C3:A4:91:FE:DA:FE:B4:24
ValidityMon, 04 Sep 2023 08:16:43 GMT - Mon, 27 Nov 2023 08:16:42 GMT
File type gzip compressed data, from Unix\012- data
Hash 60be96bb33f57dc51e6d0d17b9a099a4
9a4d1b328212932b95fc84f06951ceb12276bb7d
5587f5241c1b4afabb6b884c9181fae93b24f22b08a4c6276f4434c639983ea6
GET /g/collect?v=2&tid=G-M71C3QBXSG>m=45je39k2&_p=563362859&cid=1246350640.1695531352&ul=en-us&sr=1280x1024&_fplc=0&ir=1&ur=NO-03&_eu=Eg&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695531348699&_s=1&sid=1695531351&sct=1&seg=0&dl=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&dt=%C4%90%C4%83ng%20k%C3%BD%20Exness&en=page_view&_fv=1&_nsi=1&_ss=2&ep.agent_id=0&ep.action_source=website&epn.event_time=1695531350&tfd=4580&richsstsse HTTP/1.1
Host: gtm-n24g3w7-otgwz.uc.r.appspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 24 Sep 2023 04:55:51 GMT
content-type: text/plain
vary: Accept-Encoding
set-cookie: FPAU=1.2.214342641.1695531352; Max-Age=7776000; Domain=exness.com; Path=/; Secure
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-origin: https://my.exness.com
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.iafstats.com/collector/dataCollector.js
200 OK 76 kB URL GET HTTP/2 api.iafstats.com/collector/dataCollector.js
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGlobalSign nv-sa
Subjectimperva.com
Fingerprint45:F7:88:F6:C8:BC:E1:CC:01:AF:BA:25:89:E1:4F:AE:FF:A2:11:EB
ValidityFri, 21 Jul 2023 16:55:45 GMT - Wed, 17 Jan 2024 16:55:45 GMT
File type gzip compressed data, from Unix\012- data
Hash 9d16f42fcd7f81607688eea0b7b6f9f0
9df9ed0ed9e54df6f7e93b13a2a4ccbf65440965
4fee9b59c6901cbc6ab5a5e4816466312dce3b03288e82842fd2423af183a803
GET /collector/dataCollector.js HTTP/1.1
Host: api.iafstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.19.0
date: Sun, 24 Sep 2023 04:55:52 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 04 Jul 2023 11:23:10 GMT
etag: W/"64a4011e-3a6d4"
expires: Sun, 24 Sep 2023 04:56:52 GMT
cache-control: max-age=60, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
set-cookie: nlbi_2831379=7A2YNkpAZ2JqE0PGMByguwAAAADKDunkJ53/LUKqK/kiXVbe; path=/; Domain=.iafstats.com
visid_incap_2831379=zsoKif/eTgm0EShYRecWRVfBD2UAAAAAQUIPAAAAAABBrR6ClQimB2TLf5LoJXRU; expires=Sun, 22 Sep 2024 22:19:14 GMT; HttpOnly; path=/; Domain=.iafstats.com
incap_ses_723_2831379=/PU6KaW8tT6Tz6tywJ0ICljBD2UAAAAAMg3lnwvIki+bq7xe/Mxxcg==; path=/; Domain=.iafstats.com
x-incap-sess-cookie-hdr: PESPcT3RayeTz6tywJ0ICljBD2UAAAAACNa9vFpYEjwNcEtEKTxR/g==
x-cdn: Imperva
x-iinfo: 11-20057419-20057402 2NNN RT(1695531352083 27) q(0 0 0 0) r(1 1) U2
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.b4887131.js
200 OK 18 kB URL GET HTTP/3 s.pinimg.com/ct/lib/main.b4887131.js
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint8E:D1:BC:9A:53:E5:51:57:5E:48:5E:22:82:8C:60:F8:74:F0:08:AC
ValidityMon, 07 Aug 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (64421), with no line terminators
Hash dda219db27ac74e50db063e1a8b0c64b
e5fcb65d47a88d5fa5600df54738fa6a53f5740f
7dbb99afa2ca46884692f7772146d6f3f7c4f1ba928babc0f490f3e7ba62114e
GET /ct/lib/main.b4887131.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
etag: "aa7df97ef17cd5e7b3b0e69ee5fe57f8"
x-amz-server-side-encryption: AES256
cache-control: max-age=1209600
content-encoding: br
accept-ranges: bytes
content-type: application/javascript
content-length: 18175
alt-svc: h3=":443"; ma=600
quic-version: 0x00000001
vary: Accept-Encoding, Origin
akamai-x-true-ttl: 1209600
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
bat.bing.com/p/action/17121251.js
204 No Content 0 B URL GET HTTP/2 bat.bing.com/p/action/17121251.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintCD:30:E8:F8:D2:A7:C2:85:A1:F7:A2:2E:B6:B3:FD:F9:08:FA:31:D1
ValidityWed, 26 Jul 2023 23:57:23 GMT - Mon, 22 Jan 2024 23:57:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/17121251.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8BCB77A4AA7A4B9B8FFC1673826959A0 Ref B: OSL30EDGE0216 Ref C: 2023-09-24T04:55:52Z
date: Sun, 24 Sep 2023 04:55:52 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=17121251&tm=gtm002&Ver=2&mid=c3529451-5f73-45f3-af75-9968bf266497&sid=a312fe505a9611ee968f2dfeea948fee&vid=a31312a05a9611eeaa3e7bd5189af7ee&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=%C4%90%C4%83ng%20k%C3%BD%20Exness&p=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&r=<=1859&evt=pageLoad&sv=1&rn=203380
204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=17121251&tm=gtm002&Ver=2&mid=c3529451-5f73-45f3-af75-9968bf266497&sid=a312fe505a9611ee968f2dfeea948fee&vid=a31312a05a9611eeaa3e7bd5189af7ee&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=%C4%90%C4%83ng%20k%C3%BD%20Exness&p=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&r=<=1859&evt=pageLoad&sv=1&rn=203380
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintCD:30:E8:F8:D2:A7:C2:85:A1:F7:A2:2E:B6:B3:FD:F9:08:FA:31:D1
ValidityWed, 26 Jul 2023 23:57:23 GMT - Mon, 22 Jan 2024 23:57:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=17121251&tm=gtm002&Ver=2&mid=c3529451-5f73-45f3-af75-9968bf266497&sid=a312fe505a9611ee968f2dfeea948fee&vid=a31312a05a9611eeaa3e7bd5189af7ee&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=%C4%90%C4%83ng%20k%C3%BD%20Exness&p=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&r=<=1859&evt=pageLoad&sv=1&rn=203380 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3904E9A95C2E66341619FA3F5DDB67EB; domain=.bing.com; expires=Fri, 18-Oct-2024 04:55:52 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2AF01A4AD00F40618A8B49A0B15DB4C9 Ref B: OSL30EDGE0216 Ref C: 2023-09-24T04:55:52Z
date: Sun, 24 Sep 2023 04:55:52 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 23ee71f34a80feec27e23d99ecada83e
62f4c8dcc03187e2bdcdfa76dc732d4eebde5cc1
429bd03ec19810ed389955d166c98e62d9850e52160fbec3dd27da2cc30200fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash d82f304bb3184a26ae49e14ad4d87091
2caa05bdfd03064e8f336795d17b8f0070b24fe4
b51043325f565bc1b55e5c5baf171a375b07ce61dccb39b7ba273da508d0f328
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M71C3QBXSG&cid=1246350640.1695531352>m=45j91e39k0h1&aip=1&z=1957467408
200 OK 42 B URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M71C3QBXSG&cid=1246350640.1695531352>m=45j91e39k0h1&aip=1&z=1957467408
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintF8:21:85:85:E7:A3:F0:03:9E:50:77:60:8D:CB:66:7C:41:ED:3D:28
ValidityMon, 04 Sep 2023 08:25:22 GMT - Mon, 27 Nov 2023 08:25:21 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M71C3QBXSG&cid=1246350640.1695531352>m=45j91e39k0h1&aip=1&z=1957467408 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 04:55:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__vi.js
200 OK 188 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__vi.js
IP
Requested by https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type ASCII text, with very long lines (831)
Size 188 kB (187860 bytes)
Hash 6796f5ca50dd404c6af09911b753af18
151ea5f8a69e65f471f634e84537d35c39251468
1395608f146db8e35cfffe46c2ffedb9a776d07a4cec8101e6047f0ec98bbf75
GET /recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__vi.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 187860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:16:30 GMT
expires: Thu, 19 Sep 2024 02:16:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 355162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tr.line.me/tag.gif?b_id=df61c5a3-7ab1-408b-883e-e236134ffc8f&b_u=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&b_d=my.exness.com&b_p=%2Faccounts%2Fsign-up%2F&b_q=%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&b_t=%C4%90%C4%83ng%20k%C3%BD%20Exness&c_t=lap&t_id=5b1b2302-19ee-4fc2-a63b-3207df779f9a&s_id=ecea850a-afa41ecc&x4=1&e=pv&v=3.3.0&_t=1695531352096
200 OK 43 B URL GET HTTP/1.1 tr.line.me/tag.gif?b_id=df61c5a3-7ab1-408b-883e-e236134ffc8f&b_u=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&b_d=my.exness.com&b_p=%2Faccounts%2Fsign-up%2F&b_q=%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&b_t=%C4%90%C4%83ng%20k%C3%BD%20Exness&c_t=lap&t_id=5b1b2302-19ee-4fc2-a63b-3207df779f9a&s_id=ecea850a-afa41ecc&x4=1&e=pv&v=3.3.0&_t=1695531352096
IP
ASN #38631 LINE Corporation
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGlobalSign nv-sa
Subject*.line.me
FingerprintF8:54:23:3A:D6:56:3D:E1:B0:A0:39:E7:DC:9A:04:53:F5:C1:E1:F8
ValidityThu, 10 Aug 2023 02:36:02 GMT - Tue, 10 Sep 2024 02:36:01 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /tag.gif?b_id=df61c5a3-7ab1-408b-883e-e236134ffc8f&b_u=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&b_d=my.exness.com&b_p=%2Faccounts%2Fsign-up%2F&b_q=%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&b_t=%C4%90%C4%83ng%20k%C3%BD%20Exness&c_t=lap&t_id=5b1b2302-19ee-4fc2-a63b-3207df779f9a&s_id=ecea850a-afa41ecc&x4=1&e=pv&v=3.3.0&_t=1695531352096 HTTP/1.1
Host: tr.line.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 24 Sep 2023 04:55:52 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Set-Cookie: _ldbrbid=tr__k1y/XGUPwVgYD3O7aDuoAg==; expires=Tue, 23-Sep-25 04:55:52 GMT; domain=line.me; path=/; SameSite=None; Secure
Cache-Control: private, no-store, no-cache, must-revalidate
region1.analytics.google.com/g/s/collect?gtm=45j91e39k0h1&_gsid=M71C3QBXSGWVl0S9wYK06Z-54SEItexA
204 No Content 0 B URL POST HTTP/2 region1.analytics.google.com/g/s/collect?gtm=45j91e39k0h1&_gsid=M71C3QBXSGWVl0S9wYK06Z-54SEItexA
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/s/collect?gtm=45j91e39k0h1&_gsid=M71C3QBXSGWVl0S9wYK06Z-54SEItexA HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://my.exness.com
date: Sun, 24 Sep 2023 04:55:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 23ee71f34a80feec27e23d99ecada83e
62f4c8dcc03187e2bdcdfa76dc732d4eebde5cc1
429bd03ec19810ed389955d166c98e62d9850e52160fbec3dd27da2cc30200fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash d82f304bb3184a26ae49e14ad4d87091
2caa05bdfd03064e8f336795d17b8f0070b24fe4
b51043325f565bc1b55e5c5baf171a375b07ce61dccb39b7ba273da508d0f328
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/s/collect?gtm=45j91e39k1h2&_gsid=M71C3QBXSGo_pw7SZFuRl_kgHh0-luSw
204 No Content 0 B URL POST HTTP/2 region1.analytics.google.com/g/s/collect?gtm=45j91e39k1h2&_gsid=M71C3QBXSGo_pw7SZFuRl_kgHh0-luSw
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/s/collect?gtm=45j91e39k1h2&_gsid=M71C3QBXSGo_pw7SZFuRl_kgHh0-luSw HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://my.exness.com
date: Sun, 24 Sep 2023 04:55:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2613423494547&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1695531353113&dep=2%2CPAGE_LOAD
200 OK 385 B URL GET HTTP/2 ct.pinterest.com/user/?tid=2613423494547&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1695531353113&dep=2%2CPAGE_LOAD
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint4D:02:6D:A8:DF:FA:2E:1C:D3:43:46:EF:CF:92:F1:7A:41:8F:BA:0B
ValidityMon, 31 Jul 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (562), with no line terminators
Hash cc80b1b72a3816a593212a5a26bf016d
151c4d26e351f82810ef28d3c58e2bfdde94db7c
192b2ece4178a456159703b5520ffc72585e066d5d09a446f88ad2a57977343f
GET /user/?tid=2613423494547&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1695531353113&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU0yWTVNbVJsTURVdE1qSXhaQzAwTmpKa0xUZzNNalF0TnpCaFpUWXlOREUwWkRVMw
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://my.exness.com
content-type: application/json; charset=utf-8
content-encoding: gzip
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 3352866489731648
date: Sun, 24 Sep 2023 04:55:53 GMT
x-cdn: fastly
pinterest-version: 73c2f08f71cb0bd2c7a40fb005c4f84dbd64f8cd
content-length: 385
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
IP
Requested by https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdVxzUgAAAAAESIS0CwqHdlMnRdv7crGI0D7-W4&co=aHR0cHM6Ly9teS5leG5lc3MuY29tOjQ0Mw..&hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&badge=bottomleft&cb=7hywkqe89cpc
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 19:47:10 GMT
expires: Sun, 22 Sep 2024 19:47:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
content-type: text/css
vary: Accept-Encoding
age: 32923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__vi.js
200 OK 188 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__vi.js
IP
Requested by https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type ASCII text, with very long lines (831)
Size 188 kB (187860 bytes)
Hash 6796f5ca50dd404c6af09911b753af18
151ea5f8a69e65f471f634e84537d35c39251468
1395608f146db8e35cfffe46c2ffedb9a776d07a4cec8101e6047f0ec98bbf75
GET /recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__vi.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 187860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:16:30 GMT
expires: Thu, 19 Sep 2024 02:16:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 355163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
api.ipify.org/?format=json
200 OK 21 B URL GET HTTP/1.1 api.ipify.org/?format=json
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subject*.ipify.org
FingerprintF4:76:2D:2C:65:D1:15:BE:19:A4:C5:E0:8D:EB:89:1A:B6:75:4A:54
ValidityTue, 07 Feb 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65
GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.1
Date: Sun, 24 Sep 2023 04:55:53 GMT
Content-Type: application/json
Content-Length: 21
Connection: keep-alive
Access-Control-Allow-Origin: *
Vary: Origin
ct.pinterest.com/v3/?tid=2613423494547&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22b4887131%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1695531353119
200 OK 35 B URL GET HTTP/2 ct.pinterest.com/v3/?tid=2613423494547&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22b4887131%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1695531353119
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint4D:02:6D:A8:DF:FA:2E:1C:D3:43:46:EF:CF:92:F1:7A:41:8F:BA:0B
ValidityMon, 31 Jul 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613423494547&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%22b4887131%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D&cb=1695531353119 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
set-cookie: ar_debug=1; Expires=Mon, 23 Sep 2024 04:55:53 GMT; Path=/; Domain=.pinterest.com; Secure; HTTPOnly; SameSite=None
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 7074125472877865
date: Sun, 24 Sep 2023 04:55:53 GMT
x-cdn: fastly
pinterest-version: 73c2f08f71cb0bd2c7a40fb005c4f84dbd64f8cd
content-length: 35
X-Firefox-Spdy: h2
api.iafstats.com/exchange/user_event
200 OK 0 B URL POST HTTP/2 api.iafstats.com/exchange/user_event
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGlobalSign nv-sa
Subjectimperva.com
Fingerprint45:F7:88:F6:C8:BC:E1:CC:01:AF:BA:25:89:E1:4F:AE:FF:A2:11:EB
ValidityFri, 21 Jul 2023 16:55:45 GMT - Wed, 17 Jan 2024 16:55:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /exchange/user_event HTTP/1.1
Host: api.iafstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 237
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Sun, 24 Sep 2023 04:55:53 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://my.exness.com
access-control-allow-methods: POST, GET, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
set-cookie: nlbi_2831379=s7+kSpd8EioUS895MByguwAAAABLorA2R6eo4kvW73wNr/UY; path=/; Domain=.iafstats.com
visid_incap_2831379=zsoKif/eTgm0EShYRecWRVfBD2UAAAAAQUIPAAAAAABBrR6ClQimB2TLf5LoJXRU; expires=Sun, 22 Sep 2024 22:19:14 GMT; HttpOnly; path=/; Domain=.iafstats.com
incap_ses_723_2831379=2JeAcXzhPCmTz6tywJ0IClnBD2UAAAAAVmR5QBL/dltirXX6UnaU9A==; path=/; Domain=.iafstats.com
x-incap-sess-cookie-hdr: K6INLMKbIRmTz6tywJ0IClnBD2UAAAAAuIx0+CfM7XQB1nArV7teGw==
x-cdn: Imperva
x-iinfo: 11-20057419-20049912 pNNy RT(1695531352083 1413) q(0 1 1 1) r(1 1) U6
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdVxzUgAAAAAESIS0CwqHdlMnRdv7crGI0D7-W4&co=aHR0cHM6Ly9teS5leG5lc3MuY29tOjQ0Mw..&hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&badge=bottomleft&cb=7hywkqe89cpc
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 15:24:26 GMT
expires: Fri, 20 Sep 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 221487
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
200 OK 5.2 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP
Requested by https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdVxzUgAAAAAESIS0CwqHdlMnRdv7crGI0D7-W4&co=aHR0cHM6Ly9teS5leG5lc3MuY29tOjQ0Mw..&hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&badge=bottomleft&cb=7hywkqe89cpc
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 5224, version 1.0\012- data
Hash a835084624425dacc5e188c6973c1594
1bef196929bffcabdc834c0deefda104eb7a3318
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 13:23:33 GMT
expires: Sun, 22 Sep 2024 13:23:33 GMT
cache-control: public, max-age=31536000
age: 55940
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdVxzUgAAAAAESIS0CwqHdlMnRdv7crGI0D7-W4&co=aHR0cHM6Ly9teS5leG5lc3MuY29tOjQ0Mw..&hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&badge=bottomleft&cb=7hywkqe89cpc
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 05:45:56 GMT
expires: Wed, 18 Sep 2024 05:45:56 GMT
cache-control: public, max-age=31536000
age: 428997
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
200 OK 12 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP
Requested by https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdVxzUgAAAAAESIS0CwqHdlMnRdv7crGI0D7-W4&co=aHR0cHM6Ly9teS5leG5lc3MuY29tOjQ0Mw..&hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&badge=bottomleft&cb=7hywkqe89cpc
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 11936, version 1.0\012- data
Hash 15d8ede0a816bc7a9838207747c6620c
f6e2e75f1277c66e282553ae6a22661e51f472b8
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 15:20:54 GMT
expires: Fri, 20 Sep 2024 15:20:54 GMT
cache-control: public, max-age=31536000
age: 221700
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdVxzUgAAAAAESIS0CwqHdlMnRdv7crGI0D7-W4&co=aHR0cHM6Ly9teS5leG5lc3MuY29tOjQ0Mw..&hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&badge=bottomleft&cb=7hywkqe89cpc
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 14:42:45 GMT
expires: Fri, 29 Sep 2023 14:42:45 GMT
cache-control: public, max-age=604800
age: 137589
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__vi.js
200 OK 188 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__vi.js
IP
Requested by https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type ASCII text, with very long lines (831)
Size 188 kB (187860 bytes)
Hash 6796f5ca50dd404c6af09911b753af18
151ea5f8a69e65f471f634e84537d35c39251468
1395608f146db8e35cfffe46c2ffedb9a776d07a4cec8101e6047f0ec98bbf75
GET /recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__vi.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 187860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:16:30 GMT
expires: Thu, 19 Sep 2024 02:16:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 355164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ct.pinterest.com/ct.html
200 OK 323 B IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint4D:02:6D:A8:DF:FA:2E:1C:D3:43:46:EF:CF:92:F1:7A:41:8F:BA:0B
ValidityMon, 31 Jul 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash 433cbac690542626f503b4269a8da12a
3e810bc4abaccf42ac5e4b0b939d63c03711bbd9
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 1079206892277286
date: Sun, 24 Sep 2023 04:55:54 GMT
x-cdn: fastly
pinterest-version: 73c2f08f71cb0bd2c7a40fb005c4f84dbd64f8cd
content-length: 323
X-Firefox-Spdy: h2
ex.exnessstats.com/MYvpr_ZZtg4Synmj?8d5448c43e04f202=J1JYsS5taiJUbL8axduT8diVSuiMjpgBPe3HlmOMl0iI3D8yrW1E706dik12MLLicf2F1SFslqFdhTbEYy9NwCuOJBOCrxVRFKMEX8HPmtm-VyeyF19KQ_33qoVn4wQwZOuI9bZkTcBCfDUzUN_Zt9xXtRPaXcqt4tjJ_lY
200 OK 81 B URL GET HTTP/1.1 ex.exnessstats.com/MYvpr_ZZtg4Synmj?8d5448c43e04f202=J1JYsS5taiJUbL8axduT8diVSuiMjpgBPe3HlmOMl0iI3D8yrW1E706dik12MLLicf2F1SFslqFdhTbEYy9NwCuOJBOCrxVRFKMEX8HPmtm-VyeyF19KQ_33qoVn4wQwZOuI9bZkTcBCfDUzUN_Zt9xXtRPaXcqt4tjJ_lY
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /MYvpr_ZZtg4Synmj?8d5448c43e04f202=J1JYsS5taiJUbL8axduT8diVSuiMjpgBPe3HlmOMl0iI3D8yrW1E706dik12MLLicf2F1SFslqFdhTbEYy9NwCuOJBOCrxVRFKMEX8HPmtm-VyeyF19KQ_33qoVn4wQwZOuI9bZkTcBCfDUzUN_Zt9xXtRPaXcqt4tjJ_lY HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 04:55:54 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
ex.exnessstats.com/S7HDpgRPo-t_vORY?2d5a1ef35c3fe18d=mhqpqsQL0j5FVCh-BDaC2zLiK1-qyGPWbk58I4h8IeJEoIX9ZOTxjGLMBWVLOijdyr4kuDnltcSG7RmgaS4VQJkyQfvP3C1lUxYbcISK--SLNjr5SLpzWpJfQbNsj0GolrCRcP0I-qAnP7WgChDkXoTO44NRK4ODKiVd-CM
200 OK 81 B URL GET HTTP/1.1 ex.exnessstats.com/S7HDpgRPo-t_vORY?2d5a1ef35c3fe18d=mhqpqsQL0j5FVCh-BDaC2zLiK1-qyGPWbk58I4h8IeJEoIX9ZOTxjGLMBWVLOijdyr4kuDnltcSG7RmgaS4VQJkyQfvP3C1lUxYbcISK--SLNjr5SLpzWpJfQbNsj0GolrCRcP0I-qAnP7WgChDkXoTO44NRK4ODKiVd-CM
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /S7HDpgRPo-t_vORY?2d5a1ef35c3fe18d=mhqpqsQL0j5FVCh-BDaC2zLiK1-qyGPWbk58I4h8IeJEoIX9ZOTxjGLMBWVLOijdyr4kuDnltcSG7RmgaS4VQJkyQfvP3C1lUxYbcISK--SLNjr5SLpzWpJfQbNsj0GolrCRcP0I-qAnP7WgChDkXoTO44NRK4ODKiVd-CM HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 04:55:54 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
ex.exnessstats.com/WSRlNimFb6XFnO2C?c541f93578c38faa=6XxRnYArH3FDk3wKXgwX8gfqk48gXTFmd-FbqHlwhdEHM6HMU-tQQXsHq2rguXmfvf1kC5W33zvnYuV40deiTGR16zR6wEFzss3792iP8Ci_xdUqkl2u32uP1YkGU7uhnWiDGBiD2Y-MvEwZB627Kmu-G-VRaGOW54tm6_c89Wz0VFyU4udqjJStAvzc69Wlw1fDqhjXS7g-0CBz&jb=3339242462716f75354c696c75702662716f354c696c7570266a71603d446b7065646d7a253232333933
200 OK 92 kB URL GET HTTP/1.1 ex.exnessstats.com/WSRlNimFb6XFnO2C?c541f93578c38faa=6XxRnYArH3FDk3wKXgwX8gfqk48gXTFmd-FbqHlwhdEHM6HMU-tQQXsHq2rguXmfvf1kC5W33zvnYuV40deiTGR16zR6wEFzss3792iP8Ci_xdUqkl2u32uP1YkGU7uhnWiDGBiD2Y-MvEwZB627Kmu-G-VRaGOW54tm6_c89Wz0VFyU4udqjJStAvzc69Wlw1fDqhjXS7g-0CBz&jb=3339242462716f75354c696c75702662716f354c696c7570266a71603d446b7065646d7a253232333933
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (5590)
Hash cf0e0fbfd5d3cb2709d300699a07df1b
b2356afd831af6000d593250dbd91fe5a12fda67
e324ba52234cb436d065ee033c49ce93ccbffc0f8201e6e8272d5afd3f5169bb
GET /WSRlNimFb6XFnO2C?c541f93578c38faa=6XxRnYArH3FDk3wKXgwX8gfqk48gXTFmd-FbqHlwhdEHM6HMU-tQQXsHq2rguXmfvf1kC5W33zvnYuV40deiTGR16zR6wEFzss3792iP8Ci_xdUqkl2u32uP1YkGU7uhnWiDGBiD2Y-MvEwZB627Kmu-G-VRaGOW54tm6_c89Wz0VFyU4udqjJStAvzc69Wlw1fDqhjXS7g-0CBz&jb=3339242462716f75354c696c75702662716f354c696c7570266a71603d446b7065646d7a253232333933 HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 04:55:54 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: ff6e0a5460f2cd6b
X-Robots-Tag: noindex, nofollow
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
ex.exnessstats.com/U38a_g7eM32-zEvq?f6d810acb0d6c96c=nXidh8P--Iyf9d2mqrjuqQ2m6mge9lhBiOLPHcqxIFFULbVIEceIABDZgO6b52lPK73Ss6DSQlota-LrKv0Ztmg_jg2gPTyWfIOnPDYMPbXS486JAs4Ls9Vj_iXH9nv0FuJI5u6-a111L_LPJlZp9LCuGig&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
200 OK 5.9 kB URL GET HTTP/1.1 ex.exnessstats.com/U38a_g7eM32-zEvq?f6d810acb0d6c96c=nXidh8P--Iyf9d2mqrjuqQ2m6mge9lhBiOLPHcqxIFFULbVIEceIABDZgO6b52lPK73Ss6DSQlota-LrKv0Ztmg_jg2gPTyWfIOnPDYMPbXS486JAs4Ls9Vj_iXH9nv0FuJI5u6-a111L_LPJlZp9LCuGig&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (313), with CRLF, LF line terminators
Hash 9a0c159249c880a78a83a3eed7194937
65036146f23e0e5b8ee71850d0172a58664718a1
d3182c3183b52fb8a9b0b6480a510390662ecdc9cd69adbd7830107cc9d88e76
GET /U38a_g7eM32-zEvq?f6d810acb0d6c96c=nXidh8P--Iyf9d2mqrjuqQ2m6mge9lhBiOLPHcqxIFFULbVIEceIABDZgO6b52lPK73Ss6DSQlota-LrKv0Ztmg_jg2gPTyWfIOnPDYMPbXS486JAs4Ls9Vj_iXH9nv0FuJI5u6-a111L_LPJlZp9LCuGig&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 04:55:54 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible: IE=Edge
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5915
Keep-Alive: timeout=2, max=99
ex.exnessstats.com/AjCFWa25zwts5E2H?a3c7294d69da0df7=0Yrw-jXwnwsg1wxE2lLP5KVXPo41j0qqFRag9h4pWibJJXHN8VgjkRqEo2VwDV-ogqw6F54hovKMWtb37rND_tgTkNOXNc1zTAo0XTgWC4Zo3Rk8olbi8_JBBtrmwZ7fRTg1AwzyipRS9V3mt5ldLIjvLZPIT2xAc661nj9Kl2GeFpe6bzB9XoYbF9NBtVl9RCfN9y0sVY5B21HAW34
200 OK 13 kB URL GET HTTP/1.1 ex.exnessstats.com/AjCFWa25zwts5E2H?a3c7294d69da0df7=0Yrw-jXwnwsg1wxE2lLP5KVXPo41j0qqFRag9h4pWibJJXHN8VgjkRqEo2VwDV-ogqw6F54hovKMWtb37rND_tgTkNOXNc1zTAo0XTgWC4Zo3Rk8olbi8_JBBtrmwZ7fRTg1AwzyipRS9V3mt5ldLIjvLZPIT2xAc661nj9Kl2GeFpe6bzB9XoYbF9NBtVl9RCfN9y0sVY5B21HAW34
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash a1581b6bbc2519187a7375b5a44cca4b
440b6fda80e88e3d7d149de209e739118bd09d5b
75509e67309c53cbf9f9e36d23088a4913287d76f560814f9e46de617a976312
GET /AjCFWa25zwts5E2H?a3c7294d69da0df7=0Yrw-jXwnwsg1wxE2lLP5KVXPo41j0qqFRag9h4pWibJJXHN8VgjkRqEo2VwDV-ogqw6F54hovKMWtb37rND_tgTkNOXNc1zTAo0XTgWC4Zo3Rk8olbi8_JBBtrmwZ7fRTg1AwzyipRS9V3mt5ldLIjvLZPIT2xAc661nj9Kl2GeFpe6bzB9XoYbF9NBtVl9RCfN9y0sVY5B21HAW34 HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 04:55:54 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
ex.exnessstats.com/hloyfI6zfQ520zP-?5d0a12e5871567b0=gVJsEiP2roysqIkKNjQOLj0Q5ukTP5wS3MdXizxBAU0xw8n4JScAiHbUeakeZXZOIZpmSfmXI28ULVhNfFaZ8-5OIKVVEYVNv9EucQfb5Vd0e9XyrNRLLCXKH93b1KSTPwPowulT8E107-TZMvoVLs0BkOM&jb=3336246e7b633d336c653136636c393c63326934383363313134303a6267346163676466356636
204 No Content 0 B URL GET HTTP/1.1 ex.exnessstats.com/hloyfI6zfQ520zP-?5d0a12e5871567b0=gVJsEiP2roysqIkKNjQOLj0Q5ukTP5wS3MdXizxBAU0xw8n4JScAiHbUeakeZXZOIZpmSfmXI28ULVhNfFaZ8-5OIKVVEYVNv9EucQfb5Vd0e9XyrNRLLCXKH93b1KSTPwPowulT8E107-TZMvoVLs0BkOM&jb=3336246e7b633d336c653136636c393c63326934383363313134303a6267346163676466356636
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hloyfI6zfQ520zP-?5d0a12e5871567b0=gVJsEiP2roysqIkKNjQOLj0Q5ukTP5wS3MdXizxBAU0xw8n4JScAiHbUeakeZXZOIZpmSfmXI28ULVhNfFaZ8-5OIKVVEYVNv9EucQfb5Vd0e9XyrNRLLCXKH93b1KSTPwPowulT8E107-TZMvoVLs0BkOM&jb=3336246e7b633d336c653136636c393c63326934383363313134303a6267346163676466356636 HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Sun, 24 Sep 2023 04:55:54 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
ex.exnessstats.com/fp/clear.png
200 OK 81 B URL GET HTTP/1.1 ex.exnessstats.com/fp/clear.png
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*, 7hs48cp7/ff6e0a5460f2cd6b5e3b82d5-aa60-183e-a465-eab712c602cc
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 04:55:54 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 24 Sep 2023 04:55:54 GMT
Expires: Fri, 22 Sep 2028 04:55:54 GMT
Etag: e5672bfa2fdb423bb22690fcacd8e5d4
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://my.exness.com
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
ex.exnessstats.com/hloyfI6zfQ520zP-?5d0a12e5871567b0=gVJsEiP2roysqIkKNjQOLj0Q5ukTP5wS3MdXizxBAU0xw8n4JScAiHbUeakeZXZOIZpmSfmXI28ULVhNfFaZ8-5OIKVVEYVNv9EucQfb5Vd0e9XyrNRLLCXKH93b1KSTPwPowulT8E107-TZMvoVLs0BkOM&ja=383132242e613d302e7a3d32266e3d39303838783132323c2661643f31303a32783332303426717a713f30783826647272353124333230302c33303a342c333038322e333030362e31323a32243330323c2c313038382c3932323c2c302e302e6d743f303764373364313336396534606e3030396a363660643b383f603069663361342e6d6e3f30267161663d3036246c683f6a7c7670732d334127324e253a446d712e657a6e6d73732c616f6f2730466361616f756c767b2732467b69676c2d7d702d30462d33467774655f736d77726167273346726372746c677a7125323e6c6e65253b447e6b253a3661655f6b616d726369656c2733465250502530346b6b64253b446c32657b666433377c643770253a3661655d736d7770636727314470707257696574615f564c5f2d323e71756a5f6966253b447070725f69676b745d273036657a5d676e25334c3126726c35352e726835653832326c6661373735333b316636676065383b3b3b676234693939303938642e6a6835313364343a36643a343236643435613464333764643f3033326d356266316a302e6873673d4c6b6e7d78266871623f446b7267646d782530323933312662736f773d44696677782e6e68613d3c38266c6f74723f32267678663d5556412e6f617460723d35316e353c3a653c623334303062666664623a3b61393b3464666436643f3266313a616531643e366966663c323931353e62396431626134353760306465326424783f706c7d67696c5f6e6c6971682d3545646164736523726c77656b6e5d756b6e646d757b5d6d656c69615d7064617167722d3545646164736523726c77656b6e5d63666f62675d6961726f6a617427354d66696e736d21706e756f696e5d73756b6169746b6f6725354764696e736529706c7767616e57716867636b75617e6525374766636e716523726e75676b6c5770656164706c63796d722d37456e616c716529706c7765696c5d746c615d726c617b677a2735456e616c71652970647767616e5f66657e616c747025374764616e716721706e776f6b6e5f7b76675d7661657f67722d3545646164736523726c77656b6e5d6863766127374d64616c7b652661636c3d3a323530393031&jb=3937246e793f4d6f72696c6e612d324e372e38253232285031312731422730324c6b6c7778253032703a365f3e342531422d323870762d33413330312e302b273232456763696d27324630323932303138312530304e697a676667782530463931312c32
204 204 0 B URL GET HTTP/1.1 ex.exnessstats.com/hloyfI6zfQ520zP-?5d0a12e5871567b0=gVJsEiP2roysqIkKNjQOLj0Q5ukTP5wS3MdXizxBAU0xw8n4JScAiHbUeakeZXZOIZpmSfmXI28ULVhNfFaZ8-5OIKVVEYVNv9EucQfb5Vd0e9XyrNRLLCXKH93b1KSTPwPowulT8E107-TZMvoVLs0BkOM&ja=383132242e613d302e7a3d32266e3d39303838783132323c2661643f31303a32783332303426717a713f30783826647272353124333230302c33303a342c333038322e333030362e31323a32243330323c2c313038382c3932323c2c302e302e6d743f303764373364313336396534606e3030396a363660643b383f603069663361342e6d6e3f30267161663d3036246c683f6a7c7670732d334127324e253a446d712e657a6e6d73732c616f6f2730466361616f756c767b2732467b69676c2d7d702d30462d33467774655f736d77726167273346726372746c677a7125323e6c6e65253b447e6b253a3661655f6b616d726369656c2733465250502530346b6b64253b446c32657b666433377c643770253a3661655d736d7770636727314470707257696574615f564c5f2d323e71756a5f6966253b447070725f69676b745d273036657a5d676e25334c3126726c35352e726835653832326c6661373735333b316636676065383b3b3b676234693939303938642e6a6835313364343a36643a343236643435613464333764643f3033326d356266316a302e6873673d4c6b6e7d78266871623f446b7267646d782530323933312662736f773d44696677782e6e68613d3c38266c6f74723f32267678663d5556412e6f617460723d35316e353c3a653c623334303062666664623a3b61393b3464666436643f3266313a616531643e366966663c323931353e62396431626134353760306465326424783f706c7d67696c5f6e6c6971682d3545646164736523726c77656b6e5d756b6e646d757b5d6d656c69615d7064617167722d3545646164736523726c77656b6e5d63666f62675d6961726f6a617427354d66696e736d21706e756f696e5d73756b6169746b6f6725354764696e736529706c7767616e57716867636b75617e6525374766636e716523726e75676b6c5770656164706c63796d722d37456e616c716529706c7765696c5d746c615d726c617b677a2735456e616c71652970647767616e5f66657e616c747025374764616e716721706e776f6b6e5f7b76675d7661657f67722d3545646164736523726c77656b6e5d6863766127374d64616c7b652661636c3d3a323530393031&jb=3937246e793f4d6f72696c6e612d324e372e38253232285031312731422730324c6b6c7778253032703a365f3e342531422d323870762d33413330312e302b273232456763696d27324630323932303138312530304e697a676667782530463931312c32
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hloyfI6zfQ520zP-?5d0a12e5871567b0=gVJsEiP2roysqIkKNjQOLj0Q5ukTP5wS3MdXizxBAU0xw8n4JScAiHbUeakeZXZOIZpmSfmXI28ULVhNfFaZ8-5OIKVVEYVNv9EucQfb5Vd0e9XyrNRLLCXKH93b1KSTPwPowulT8E107-TZMvoVLs0BkOM&ja=383132242e613d302e7a3d32266e3d39303838783132323c2661643f31303a32783332303426717a713f30783826647272353124333230302c33303a342c333038322e333030362e31323a32243330323c2c313038382c3932323c2c302e302e6d743f303764373364313336396534606e3030396a363660643b383f603069663361342e6d6e3f30267161663d3036246c683f6a7c7670732d334127324e253a446d712e657a6e6d73732c616f6f2730466361616f756c767b2732467b69676c2d7d702d30462d33467774655f736d77726167273346726372746c677a7125323e6c6e65253b447e6b253a3661655f6b616d726369656c2733465250502530346b6b64253b446c32657b666433377c643770253a3661655d736d7770636727314470707257696574615f564c5f2d323e71756a5f6966253b447070725f69676b745d273036657a5d676e25334c3126726c35352e726835653832326c6661373735333b316636676065383b3b3b676234693939303938642e6a6835313364343a36643a343236643435613464333764643f3033326d356266316a302e6873673d4c6b6e7d78266871623f446b7267646d782530323933312662736f773d44696677782e6e68613d3c38266c6f74723f32267678663d5556412e6f617460723d35316e353c3a653c623334303062666664623a3b61393b3464666436643f3266313a616531643e366966663c323931353e62396431626134353760306465326424783f706c7d67696c5f6e6c6971682d3545646164736523726c77656b6e5d756b6e646d757b5d6d656c69615d7064617167722d3545646164736523726c77656b6e5d63666f62675d6961726f6a617427354d66696e736d21706e756f696e5d73756b6169746b6f6725354764696e736529706c7767616e57716867636b75617e6525374766636e716523726e75676b6c5770656164706c63796d722d37456e616c716529706c7765696c5d746c615d726c617b677a2735456e616c71652970647767616e5f66657e616c747025374764616e716721706e776f6b6e5f7b76675d7661657f67722d3545646164736523726c77656b6e5d6863766127374d64616c7b652661636c3d3a323530393031&jb=3937246e793f4d6f72696c6e612d324e372e38253232285031312731422730324c6b6c7778253032703a365f3e342531422d323870762d33413330312e302b273232456763696d27324630323932303138312530304e697a676667782530463931312c32 HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 204
Date: Sun, 24 Sep 2023 04:55:54 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
ex.exnessstats.com/7eSiZVbYFqaFcXxU?52cf430517ad418f=74M-Gk9MCJyNBh8OJXHSgxdv_jbsXkW8KKhHcu7HU8zMdAruW1bbuUzlCOc3PH2wvltBUO2tEWMOQ1jXMp1Z2fRGh1NnP8O5_0txD9Z5SgeohaXhUHYV387CqSr6tPLwsU69TbV0hNfcqfgv8LUZKiRmWykVnzwUgv2AfRjKzKCSk8re3kK0xxlnrLsJfXdMe_6Oh5G8tGu81QbJeQ8I
200 OK 13 kB URL GET HTTP/1.1 ex.exnessstats.com/7eSiZVbYFqaFcXxU?52cf430517ad418f=74M-Gk9MCJyNBh8OJXHSgxdv_jbsXkW8KKhHcu7HU8zMdAruW1bbuUzlCOc3PH2wvltBUO2tEWMOQ1jXMp1Z2fRGh1NnP8O5_0txD9Z5SgeohaXhUHYV387CqSr6tPLwsU69TbV0hNfcqfgv8LUZKiRmWykVnzwUgv2AfRjKzKCSk8re3kK0xxlnrLsJfXdMe_6Oh5G8tGu81QbJeQ8I
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash be275ca2ec2b1a5bc7c4ebc9664dd2d4
0ec12e9544ef3c2f9f8af4776c92a76f2389461a
4746e959d5d211c989de519dbf2f44bd7bc422f85f84d17501cefc5556290ec4
GET /7eSiZVbYFqaFcXxU?52cf430517ad418f=74M-Gk9MCJyNBh8OJXHSgxdv_jbsXkW8KKhHcu7HU8zMdAruW1bbuUzlCOc3PH2wvltBUO2tEWMOQ1jXMp1Z2fRGh1NnP8O5_0txD9Z5SgeohaXhUHYV387CqSr6tPLwsU69TbV0hNfcqfgv8LUZKiRmWykVnzwUgv2AfRjKzKCSk8re3kK0xxlnrLsJfXdMe_6Oh5G8tGu81QbJeQ8I HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 04:55:54 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: noindex, nofollow
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked
ex.exnessstats.com/hp4ZoXKDxaKsqShn?5d01c65f5c2a01df=UpBGLgeSmVNGRZEvFhEOGeewRKbrQLvhcyIl5dD-Soh3GaMPWAZpr2DXfDGsBqtf3GppBElK5QSlU-vnCnCidy36VUAn9AE_HpUlDaH9SwfPvweCoga5-GgUq75gFUKXtmVupmbeFPy62fXkbnfEvygOxyQ2e13rbbb8bU6sVZIR
200 OK 29 kB URL GET HTTP/1.1 ex.exnessstats.com/hp4ZoXKDxaKsqShn?5d01c65f5c2a01df=UpBGLgeSmVNGRZEvFhEOGeewRKbrQLvhcyIl5dD-Soh3GaMPWAZpr2DXfDGsBqtf3GppBElK5QSlU-vnCnCidy36VUAn9AE_HpUlDaH9SwfPvweCoga5-GgUq75gFUKXtmVupmbeFPy62fXkbnfEvygOxyQ2e13rbbb8bU6sVZIR
IP
Requested by https://ex.exnessstats.com/U38a_g7eM32-zEvq?f6d810acb0d6c96c=nXidh8P--Iyf9d2mqrjuqQ2m6mge9lhBiOLPHcqxIFFULbVIEceIABDZgO6b52lPK73Ss6DSQlota-LrKv0Ztmg_jg2gPTyWfIOnPDYMPbXS486JAs4Ls9Vj_iXH9nv0FuJI5u6-a111L_LPJlZp9LCuGig&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (15506)
Hash 79c4a294c259656ea3245706e2394164
6ff48aee07d5675698b6c89cb146fcfa2a744f27
c1b2c8021a4474e4197591bf47003e2d50813ccf1fc74badda4523e7ce2e5687
GET /hp4ZoXKDxaKsqShn?5d01c65f5c2a01df=UpBGLgeSmVNGRZEvFhEOGeewRKbrQLvhcyIl5dD-Soh3GaMPWAZpr2DXfDGsBqtf3GppBElK5QSlU-vnCnCidy36VUAn9AE_HpUlDaH9SwfPvweCoga5-GgUq75gFUKXtmVupmbeFPy62fXkbnfEvygOxyQ2e13rbbb8bU6sVZIR HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ex.exnessstats.com/U38a_g7eM32-zEvq?f6d810acb0d6c96c=nXidh8P--Iyf9d2mqrjuqQ2m6mge9lhBiOLPHcqxIFFULbVIEceIABDZgO6b52lPK73Ss6DSQlota-LrKv0Ztmg_jg2gPTyWfIOnPDYMPbXS486JAs4Ls9Vj_iXH9nv0FuJI5u6-a111L_LPJlZp9LCuGig&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 04:55:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: ff6e0a5460f2cd6b
X-Robots-Tag: noindex, nofollow
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=96
Transfer-Encoding: chunked
ex.exnessstats.com/09RpxwvBn6f3gx-7?fb5d228307332fd2=jn_j2B9520V2jEXqtoLuVKKpf8fzRWNVZjldBTIEL6sXB3pmq-lJeUY8ORp-pnyhVKUoBheP0DhjZ_I1W-mKjWpHLZd2IWBwhHpOnrQIUJCgOUpWtrhCBJW6BLzr00_ei1iFkHIAKTbMilNESm8SHHR3fxQ&jf=3336246e7b603d376b303261666c663d67306c34363133303337603b38613a666332363639633a
204 No Content 0 B URL GET HTTP/1.1 ex.exnessstats.com/09RpxwvBn6f3gx-7?fb5d228307332fd2=jn_j2B9520V2jEXqtoLuVKKpf8fzRWNVZjldBTIEL6sXB3pmq-lJeUY8ORp-pnyhVKUoBheP0DhjZ_I1W-mKjWpHLZd2IWBwhHpOnrQIUJCgOUpWtrhCBJW6BLzr00_ei1iFkHIAKTbMilNESm8SHHR3fxQ&jf=3336246e7b603d376b303261666c663d67306c34363133303337603b38613a666332363639633a
IP
Requested by https://ex.exnessstats.com/AjCFWa25zwts5E2H?a3c7294d69da0df7=0Yrw-jXwnwsg1wxE2lLP5KVXPo41j0qqFRag9h4pWibJJXHN8VgjkRqEo2VwDV-ogqw6F54hovKMWtb37rND_tgTkNOXNc1zTAo0XTgWC4Zo3Rk8olbi8_JBBtrmwZ7fRTg1AwzyipRS9V3mt5ldLIjvLZPIT2xAc661nj9Kl2GeFpe6bzB9XoYbF9NBtVl9RCfN9y0sVY5B21HAW34
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /09RpxwvBn6f3gx-7?fb5d228307332fd2=jn_j2B9520V2jEXqtoLuVKKpf8fzRWNVZjldBTIEL6sXB3pmq-lJeUY8ORp-pnyhVKUoBheP0DhjZ_I1W-mKjWpHLZd2IWBwhHpOnrQIUJCgOUpWtrhCBJW6BLzr00_ei1iFkHIAKTbMilNESm8SHHR3fxQ&jf=3336246e7b603d376b303261666c663d67306c34363133303337603b38613a666332363639633a HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ex.exnessstats.com/AjCFWa25zwts5E2H?a3c7294d69da0df7=0Yrw-jXwnwsg1wxE2lLP5KVXPo41j0qqFRag9h4pWibJJXHN8VgjkRqEo2VwDV-ogqw6F54hovKMWtb37rND_tgTkNOXNc1zTAo0XTgWC4Zo3Rk8olbi8_JBBtrmwZ7fRTg1AwzyipRS9V3mt5ldLIjvLZPIT2xAc661nj9Kl2GeFpe6bzB9XoYbF9NBtVl9RCfN9y0sVY5B21HAW34
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Sun, 24 Sep 2023 04:55:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/javascript
api.iafstats.com/collector/787.js
200 OK 22 kB URL GET HTTP/2 api.iafstats.com/collector/787.js
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGlobalSign nv-sa
Subjectimperva.com
Fingerprint45:F7:88:F6:C8:BC:E1:CC:01:AF:BA:25:89:E1:4F:AE:FF:A2:11:EB
ValidityFri, 21 Jul 2023 16:55:45 GMT - Wed, 17 Jan 2024 16:55:45 GMT
File type ASCII text, with very long lines (65475)
Hash 7268e1e411ebef20cec3fb0d7bff99cc
47dc433475d5e22c8914c33111d188677419b934
905d075e00649b32bc2f76e3020b8521cc32eb2123259581790b5382b5385329
GET /collector/787.js HTTP/1.1
Host: api.iafstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Sun, 24 Sep 2023 04:55:52 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 04 Jul 2023 11:23:10 GMT
etag: W/"64a4011e-12271"
expires: Sun, 24 Sep 2023 04:56:52 GMT
cache-control: max-age=60, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
set-cookie: nlbi_2831379=CfYcT0sVpWRh0Dr1MByguwAAAABrPD/2U0yEuiPmMX7J95as; path=/; Domain=.iafstats.com
visid_incap_2831379=zsoKif/eTgm0EShYRecWRVfBD2UAAAAAQUIPAAAAAABBrR6ClQimB2TLf5LoJXRU; expires=Sun, 22 Sep 2024 22:19:14 GMT; HttpOnly; path=/; Domain=.iafstats.com
incap_ses_723_2831379=eDRTEo4qL1GTz6tywJ0ICljBD2UAAAAAdjl0pxn1XvFkjM2JgXA0wg==; path=/; Domain=.iafstats.com
x-incap-sess-cookie-hdr: t+ZSM/GuT06Tz6tywJ0ICljBD2UAAAAA6uP4jFN+1lZ7345mrBd3qg==
x-cdn: Imperva
x-iinfo: 11-20057419-20049912 pNNy RT(1695531352083 405) q(0 0 0 1) r(1 1) U2
X-Firefox-Spdy: h2
ex.exnessstats.com/hloyfI6zfQ520zP-?5d0a12e5871567b0=gVJsEiP2roysqIkKNjQOLj0Q5ukTP5wS3MdXizxBAU0xw8n4JScAiHbUeakeZXZOIZpmSfmXI28ULVhNfFaZ8-5OIKVVEYVNv9EucQfb5Vd0e9XyrNRLLCXKH93b1KSTPwPowulT8E107-TZMvoVLs0BkOM&jac=1&je=31373a242e68666e3537266866603d3066316a343763386d363034673533606437673530616133643f6038383b6565246a6e74663f30323138353a3f26706f3f796771246177666a3d6464373c60353438383037356b643d67623e303961636d64636337363530346561373330366134303736323063653b6438393f3b363e333136303a333166663224677a333f6664363867643f60303730386164346a3731646230666267626d653364376163616164313b343430
204 No Content 0 B URL GET HTTP/1.1 ex.exnessstats.com/hloyfI6zfQ520zP-?5d0a12e5871567b0=gVJsEiP2roysqIkKNjQOLj0Q5ukTP5wS3MdXizxBAU0xw8n4JScAiHbUeakeZXZOIZpmSfmXI28ULVhNfFaZ8-5OIKVVEYVNv9EucQfb5Vd0e9XyrNRLLCXKH93b1KSTPwPowulT8E107-TZMvoVLs0BkOM&jac=1&je=31373a242e68666e3537266866603d3066316a343763386d363034673533606437673530616133643f6038383b6565246a6e74663f30323138353a3f26706f3f796771246177666a3d6464373c60353438383037356b643d67623e303961636d64636337363530346561373330366134303736323063653b6438393f3b363e333136303a333166663224677a333f6664363867643f60303730386164346a3731646230666267626d653364376163616164313b343430
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hloyfI6zfQ520zP-?5d0a12e5871567b0=gVJsEiP2roysqIkKNjQOLj0Q5ukTP5wS3MdXizxBAU0xw8n4JScAiHbUeakeZXZOIZpmSfmXI28ULVhNfFaZ8-5OIKVVEYVNv9EucQfb5Vd0e9XyrNRLLCXKH93b1KSTPwPowulT8E107-TZMvoVLs0BkOM&jac=1&je=31373a242e68666e3537266866603d3066316a343763386d363034673533606437673530616133643f6038383b6565246a6e74663f30323138353a3f26706f3f796771246177666a3d6464373c60353438383037356b643d67623e303961636d64636337363530346561373330366134303736323063653b6438393f3b363e333136303a333166663224677a333f6664363867643f60303730386164346a3731646230666267626d653364376163616164313b343430 HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Sun, 24 Sep 2023 04:55:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=93
Connection: Keep-Alive
Content-Type: text/javascript
ex.exnessstats.com/_ia3-LqgzFz1gQ03?ea3c6952047c8f2d=_Ht1q-Bdihp6yDpUJuH68uQ9D5N0HPDfzZnn2jWZfosZ3mZALV14ogfLYwzEhmUFql71zH_FuOnwQWO90rq4PNNXunq6gg6fKmOs1iDtQe4RWUA1z79FgWSVoBl7dkUfGONHJ3dmbcjpCtTkvn_cuTxWiM3QaGxzwThAoIQ4qVW2pXi4gzfXP5LCXHQXEoKddrLyTMIvEW8OHHTBIW1uuHxhKAA&sera_parametere=ABYLAwBSU1IOBwBWAVFUUAUHB1cDBwdXVwlVUFBXBltRAwZUCVMDVlRTVhQQFwsLCBZDEUNEBnATByQXVCATUFYMRQBcBFhRWEQVF1AgE1UkVhNSdEQHBF5fFUYQQQUmQ1F0QAclE1BfDQdRUgUHAwNTDlZUUQxQB1VRAgBcBFBWXw9QUlENDVQDXgYHUldSU1YQC18PVlELVgAEBlRXV1JQBgMCAlECVBYMQV5UTlYFAg5VU1YFV1JVU1FSUVVUBF4GU1RTAQwCVAQBUFcEAQMFAFNVWFYSV1lbA1JcAFtAD19YHVATRF8NXwtaXQ5EDg0LQ1Jcc11EVQBdG0JUFFtXB1QWA1pHC3wPXBYcEAEEW0IBSj5WVVpcBFMADxAHElsEUAE%3D&count=0&max=0
200 OK 61 B URL GET HTTP/1.1 ex.exnessstats.com/_ia3-LqgzFz1gQ03?ea3c6952047c8f2d=_Ht1q-Bdihp6yDpUJuH68uQ9D5N0HPDfzZnn2jWZfosZ3mZALV14ogfLYwzEhmUFql71zH_FuOnwQWO90rq4PNNXunq6gg6fKmOs1iDtQe4RWUA1z79FgWSVoBl7dkUfGONHJ3dmbcjpCtTkvn_cuTxWiM3QaGxzwThAoIQ4qVW2pXi4gzfXP5LCXHQXEoKddrLyTMIvEW8OHHTBIW1uuHxhKAA&sera_parametere=ABYLAwBSU1IOBwBWAVFUUAUHB1cDBwdXVwlVUFBXBltRAwZUCVMDVlRTVhQQFwsLCBZDEUNEBnATByQXVCATUFYMRQBcBFhRWEQVF1AgE1UkVhNSdEQHBF5fFUYQQQUmQ1F0QAclE1BfDQdRUgUHAwNTDlZUUQxQB1VRAgBcBFBWXw9QUlENDVQDXgYHUldSU1YQC18PVlELVgAEBlRXV1JQBgMCAlECVBYMQV5UTlYFAg5VU1YFV1JVU1FSUVVUBF4GU1RTAQwCVAQBUFcEAQMFAFNVWFYSV1lbA1JcAFtAD19YHVATRF8NXwtaXQ5EDg0LQ1Jcc11EVQBdG0JUFFtXB1QWA1pHC3wPXBYcEAEEW0IBSj5WVVpcBFMADxAHElsEUAE%3D&count=0&max=0
IP
Requested by https://ex.exnessstats.com/U38a_g7eM32-zEvq?f6d810acb0d6c96c=nXidh8P--Iyf9d2mqrjuqQ2m6mge9lhBiOLPHcqxIFFULbVIEceIABDZgO6b52lPK73Ss6DSQlota-LrKv0Ztmg_jg2gPTyWfIOnPDYMPbXS486JAs4Ls9Vj_iXH9nv0FuJI5u6-a111L_LPJlZp9LCuGig&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash faff6000abeb095ff8c118557290f3a2
19614982b78fe6f38b26e513b9d6fe9f3fb27d73
c6db038c9f376b653cd0e821e6fcfc9d356dad06ea5155be996341853d48aac0
GET /_ia3-LqgzFz1gQ03?ea3c6952047c8f2d=_Ht1q-Bdihp6yDpUJuH68uQ9D5N0HPDfzZnn2jWZfosZ3mZALV14ogfLYwzEhmUFql71zH_FuOnwQWO90rq4PNNXunq6gg6fKmOs1iDtQe4RWUA1z79FgWSVoBl7dkUfGONHJ3dmbcjpCtTkvn_cuTxWiM3QaGxzwThAoIQ4qVW2pXi4gzfXP5LCXHQXEoKddrLyTMIvEW8OHHTBIW1uuHxhKAA&sera_parametere=ABYLAwBSU1IOBwBWAVFUUAUHB1cDBwdXVwlVUFBXBltRAwZUCVMDVlRTVhQQFwsLCBZDEUNEBnATByQXVCATUFYMRQBcBFhRWEQVF1AgE1UkVhNSdEQHBF5fFUYQQQUmQ1F0QAclE1BfDQdRUgUHAwNTDlZUUQxQB1VRAgBcBFBWXw9QUlENDVQDXgYHUldSU1YQC18PVlELVgAEBlRXV1JQBgMCAlECVBYMQV5UTlYFAg5VU1YFV1JVU1FSUVVUBF4GU1RTAQwCVAQBUFcEAQMFAFNVWFYSV1lbA1JcAFtAD19YHVATRF8NXwtaXQ5EDg0LQ1Jcc11EVQBdG0JUFFtXB1QWA1pHC3wPXBYcEAEEW0IBSj5WVVpcBFMADxAHElsEUAE%3D&count=0&max=0 HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ex.exnessstats.com/U38a_g7eM32-zEvq?f6d810acb0d6c96c=nXidh8P--Iyf9d2mqrjuqQ2m6mge9lhBiOLPHcqxIFFULbVIEceIABDZgO6b52lPK73Ss6DSQlota-LrKv0Ztmg_jg2gPTyWfIOnPDYMPbXS486JAs4Ls9Vj_iXH9nv0FuJI5u6-a111L_LPJlZp9LCuGig&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 04:55:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=92
Transfer-Encoding: chunked
www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ
200 OK 112 B URL GET HTTP/3 www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ
IP
Requested by https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdVxzUgAAAAAESIS0CwqHdlMnRdv7crGI0D7-W4&co=aHR0cHM6Ly9teS5leG5lc3MuY29tOjQ0Mw..&hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&badge=bottomleft&cb=7hywkqe89cpc
Certificate IssuerGoogle Trust Services LLC
Subjectmisc.google.com
FingerprintE6:D0:C1:5F:77:95:7E:8A:76:70:24:1A:94:CB:F6:3C:32:E0:B7:7E
ValidityMon, 04 Sep 2023 08:18:49 GMT - Mon, 27 Nov 2023 08:18:48 GMT
File type ASCII text, with no line terminators
Hash 0ca93e6f86d92181055a757e4849c548
134c32b607cb87f69223a21156a287ee0e0de8e7
96d4d9bcc261c98e9892f6481e4eaa895a1290403c441a4bc769994d75394256
GET /recaptcha/enterprise/webworker.js?hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdVxzUgAAAAAESIS0CwqHdlMnRdv7crGI0D7-W4&co=aHR0cHM6Ly9teS5leG5lc3MuY29tOjQ0Mw..&hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&badge=bottomleft&cb=7hywkqe89cpc
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Sun, 24 Sep 2023 04:55:54 GMT
date: Sun, 24 Sep 2023 04:55:54 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ex.exnessstats.com/hloyfI6zfQ520zP-?5d0a12e5871567b0=gVJsEiP2roysqIkKNjQOLj0Q5ukTP5wS3MdXizxBAU0xw8n4JScAiHbUeakeZXZOIZpmSfmXI28ULVhNfFaZ8-5OIKVVEYVNv9EucQfb5Vd0e9XyrNRLLCXKH93b1KSTPwPowulT8E107-TZMvoVLs0BkOM&jac=1&je=343224247f67693d31312e3b3026343a2c313d34267569653d7767607276615d696c7667726e636e576f646e7b
204 No Content 0 B URL GET HTTP/1.1 ex.exnessstats.com/hloyfI6zfQ520zP-?5d0a12e5871567b0=gVJsEiP2roysqIkKNjQOLj0Q5ukTP5wS3MdXizxBAU0xw8n4JScAiHbUeakeZXZOIZpmSfmXI28ULVhNfFaZ8-5OIKVVEYVNv9EucQfb5Vd0e9XyrNRLLCXKH93b1KSTPwPowulT8E107-TZMvoVLs0BkOM&jac=1&je=343224247f67693d31312e3b3026343a2c313d34267569653d7767607276615d696c7667726e636e576f646e7b
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hloyfI6zfQ520zP-?5d0a12e5871567b0=gVJsEiP2roysqIkKNjQOLj0Q5ukTP5wS3MdXizxBAU0xw8n4JScAiHbUeakeZXZOIZpmSfmXI28ULVhNfFaZ8-5OIKVVEYVNv9EucQfb5Vd0e9XyrNRLLCXKH93b1KSTPwPowulT8E107-TZMvoVLs0BkOM&jac=1&je=343224247f67693d31312e3b3026343a2c313d34267569653d7767607276615d696c7667726e636e576f646e7b HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Sun, 24 Sep 2023 04:55:59 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/javascript
ex.exnessstats.com/l5p-fKxK9FybwAUj?af26178f288964c7=mnfPPU5JHju6HTomYWYs5N3v9NjEbiGqL6xbCIqfTp51X_vXm1uisWsducODskCRQ-ZQKcspa7kNLMO-dGbv_YmjQnqpBzhnR3iFIeU3hTHt1UBBccpJa2tovBUvfbumduxsOD_Sixb0Gq2DQ34ULbXcpX8
0 B URL ex.exnessstats.com/l5p-fKxK9FybwAUj?af26178f288964c7=mnfPPU5JHju6HTomYWYs5N3v9NjEbiGqL6xbCIqfTp51X_vXm1uisWsducODskCRQ-ZQKcspa7kNLMO-dGbv_YmjQnqpBzhnR3iFIeU3hTHt1UBBccpJa2tovBUvfbumduxsOD_Sixb0Gq2DQ34ULbXcpX8
IP
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /l5p-fKxK9FybwAUj?af26178f288964c7=mnfPPU5JHju6HTomYWYs5N3v9NjEbiGqL6xbCIqfTp51X_vXm1uisWsducODskCRQ-ZQKcspa7kNLMO-dGbv_YmjQnqpBzhnR3iFIeU3hTHt1UBBccpJa2tovBUvfbumduxsOD_Sixb0Gq2DQ34ULbXcpX8 HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7
Origin: https://ex.exnessstats.com
DNT: 1
Connection: keep-alive
Referer: https://ex.exnessstats.com/7eSiZVbYFqaFcXxU?52cf430517ad418f=74M-Gk9MCJyNBh8OJXHSgxdv_jbsXkW8KKhHcu7HU8zMdAruW1bbuUzlCOc3PH2wvltBUO2tEWMOQ1jXMp1Z2fRGh1NnP8O5_0txD9Z5SgeohaXhUHYV387CqSr6tPLwsU69TbV0hNfcqfgv8LUZKiRmWykVnzwUgv2AfRjKzKCSk8re3kK0xxlnrLsJfXdMe_6Oh5G8tGu81QbJeQ8I
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Sun, 24 Sep 2023 04:56:04 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://ex.exnessstats.com
Content-Type: text/javascript
bat.bing.com/actionp/0?ti=17121251&tm=gtm002&Ver=2&mid=c3529451-5f73-45f3-af75-9968bf266497&sid=a312fe505a9611ee968f2dfeea948fee&vid=a31312a05a9611eeaa3e7bd5189af7ee&vids=1&msclkid=N&evt=pageHide
0 B URL bat.bing.com/actionp/0?ti=17121251&tm=gtm002&Ver=2&mid=c3529451-5f73-45f3-af75-9968bf266497&sid=a312fe505a9611ee968f2dfeea948fee&vid=a31312a05a9611eeaa3e7bd5189af7ee&vids=1&msclkid=N&evt=pageHide
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintCD:30:E8:F8:D2:A7:C2:85:A1:F7:A2:2E:B6:B3:FD:F9:08:FA:31:D1
ValidityWed, 26 Jul 2023 23:57:23 GMT - Mon, 22 Jan 2024 23:57:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /actionp/0?ti=17121251&tm=gtm002&Ver=2&mid=c3529451-5f73-45f3-af75-9968bf266497&sid=a312fe505a9611ee968f2dfeea948fee&vid=a31312a05a9611eeaa3e7bd5189af7ee&vids=1&msclkid=N&evt=pageHide HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3E2BD056856968123730C3C0849C69A9; domain=.bing.com; expires=Fri, 18-Oct-2024 04:56:05 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 84FDD8B08D114386B5124FF2C034D087 Ref B: OSL30EDGE0216 Ref C: 2023-09-24T04:56:05Z
date: Sun, 24 Sep 2023 04:56:04 GMT
X-Firefox-Spdy: h2
api.iafstats.com/exchange/user_event
200 OK 0 B URL POST HTTP/2 api.iafstats.com/exchange/user_event
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGlobalSign nv-sa
Subjectimperva.com
Fingerprint45:F7:88:F6:C8:BC:E1:CC:01:AF:BA:25:89:E1:4F:AE:FF:A2:11:EB
ValidityFri, 21 Jul 2023 16:55:45 GMT - Wed, 17 Jan 2024 16:55:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /exchange/user_event HTTP/1.1
Host: api.iafstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 212
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Sun, 24 Sep 2023 04:56:05 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://my.exness.com
access-control-allow-methods: POST, GET, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
set-cookie: nlbi_2831379=t4lfKhTfsA1QVwnwMByguwAAAABQWropVwNsEcyL480oOGxY; path=/; Domain=.iafstats.com
visid_incap_2831379=dcX0JM4NSo+D8W2Nd0xue2TBD2UAAAAAQUIPAAAAAABe5by6oGcLZUg8Vh1C/ZJv; expires=Sun, 22 Sep 2024 22:19:14 GMT; HttpOnly; path=/; Domain=.iafstats.com
incap_ses_723_2831379=AilnGQNr0nL80KtywJ0ICmTBD2UAAAAAog1dQdkZJrJwDQPMPhEMvg==; path=/; Domain=.iafstats.com
x-incap-sess-cookie-hdr: 5eQFZ13IyBeTz6tywJ0ICmTBD2UAAAAACSCQQKPnNalHhm1Se6UhNA==
x-cdn: Imperva
x-iinfo: 11-20057419-20049910 pNNy RT(1695531352083 12839) q(0 0 0 -1) r(0 0) U6
X-Firefox-Spdy: h2
gtm-n24g3w7-otgwz.uc.r.appspot.com/g/collect?v=2&tid=G-M71C3QBXSG>m=45je39k2&_p=563362859&cid=1246350640.1695531352&ul=en-us&sr=1280x1024&_fplc=0&ir=1&ur=NO-03&_eu=EAg&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695531348699&_s=2&sid=1695531351&sct=1&seg=0&dl=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&dt=%C4%90%C4%83ng%20k%C3%BD%20Exness&en=ads_conversion_Sign_Up_1&ep.agent_id=0&ep.action_source=website&epn.event_time=1695531350&tfd=5266&richsstsse
200 OK 394 B URL GET HTTP/3 gtm-n24g3w7-otgwz.uc.r.appspot.com/g/collect?v=2&tid=G-M71C3QBXSG>m=45je39k2&_p=563362859&cid=1246350640.1695531352&ul=en-us&sr=1280x1024&_fplc=0&ir=1&ur=NO-03&_eu=EAg&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695531348699&_s=2&sid=1695531351&sct=1&seg=0&dl=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&dt=%C4%90%C4%83ng%20k%C3%BD%20Exness&en=ads_conversion_Sign_Up_1&ep.agent_id=0&ep.action_source=website&epn.event_time=1695531350&tfd=5266&richsstsse
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subject*.appspot.com
FingerprintC7:04:61:D1:B8:25:6D:06:9D:B5:5B:21:C3:A4:91:FE:DA:FE:B4:24
ValidityMon, 04 Sep 2023 08:16:43 GMT - Mon, 27 Nov 2023 08:16:42 GMT
File type ASCII text, with very long lines (419), with no line terminators
Hash 6bda717b9274cf3086bcdb67b7157982
062e6a48977c9b2a4b08835912d3c20b9754862f
fcada1c730e26b28e79e102eaf69ec7ad7b25b617925c870400a71c2a423ae0e
GET /g/collect?v=2&tid=G-M71C3QBXSG>m=45je39k2&_p=563362859&cid=1246350640.1695531352&ul=en-us&sr=1280x1024&_fplc=0&ir=1&ur=NO-03&_eu=EAg&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695531348699&_s=2&sid=1695531351&sct=1&seg=0&dl=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&dt=%C4%90%C4%83ng%20k%C3%BD%20Exness&en=ads_conversion_Sign_Up_1&ep.agent_id=0&ep.action_source=website&epn.event_time=1695531350&tfd=5266&richsstsse HTTP/1.1
Host: gtm-n24g3w7-otgwz.uc.r.appspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 24 Sep 2023 04:55:52 GMT
content-type: text/plain
vary: Accept-Encoding
set-cookie: FPGSID=1.1695531352.1695531352.G-M71C3QBXSG.o_pw7SZFuRl_kgHh0-luSw; Max-Age=1800; Domain=exness.com; Path=/; SameSite=strict; Secure
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-origin: https://my.exness.com
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@3.5.0/dist/index.js
200 OK 25 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@3.5.0/dist/index.js
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type ASCII text, with very long lines (24794), with no line terminators
Hash d0ef4c05614e13490de090b6cc170b5d
15bffffed54bee42d87a180ce3f56da31cdfc606
086606d4977b5af678b2aab1569e5fe039222797b9560eec45d6f481f0eebfb8
GET /npm/@amplitude/amplitude-js-gtm@3.5.0/dist/index.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.5.0
x-jsd-version-type: version
etag: W/"60da-Fb///tVL7kLYehgM4/VtoxzfxgY"
content-encoding: br
accept-ranges: bytes
date: Sun, 24 Sep 2023 04:55:52 GMT
age: 3907927
x-served-by: cache-fra-etou8220023-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10239
X-Firefox-Spdy: h2
region1.analytics.google.com/g/s/collect?gtm=45j91e39k1h2&_gsid=M71C3QBXSGup248a130KqmQntX4YqDLQ
204 No Content 0 B URL POST HTTP/3 region1.analytics.google.com/g/s/collect?gtm=45j91e39k1h2&_gsid=M71C3QBXSGup248a130KqmQntX4YqDLQ
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/s/collect?gtm=45j91e39k1h2&_gsid=M71C3QBXSGup248a130KqmQntX4YqDLQ HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/3 204 No Content
access-control-allow-origin: https://my.exness.com
date: Sun, 24 Sep 2023 04:55:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
200 OK 938 B URL User Request GET HTTP/2 my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
IP
Certificate IssuerSectigo Limited
Subjectmy.exness.com
Fingerprint24:5A:47:29:3D:03:7F:09:E8:9F:13:EF:7A:C6:F0:8B:0B:B2:75:53
ValidityMon, 29 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (972), with no line terminators
Hash 2a8f134cfd38ec778d66df0266a73eec
ceb70d14c720d485cb2a365f95c3caba8fc67e2e
74ab9f4367c8abbd282339e5c6c27aee3883216259c51b67e4d1d961ad13a0d3
GET /accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1 HTTP/1.1
Host: my.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 24 Sep 2023 04:55:46 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Fri, 22 Sep 2023 12:59:19 GMT
etag: W/"650d8fa7-3aa"
cache-control: public,max-age=60
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
set-cookie: nlbi_2124469=UTyvQ6Gm+hhBOHgyLGzAYQAAAAAWcImNLERvVS2LJf6H4onb; path=/; Domain=.exness.com
visid_incap_2124469=6kLAH9rwSEelhqO55hY171LBD2UAAAAAQUIPAAAAAADx+RNWyKnSrop/9lZqm/0d; expires=Mon, 23 Sep 2024 01:01:06 GMT; HttpOnly; path=/; Domain=.exness.com
incap_ses_633_2124469=zbKjF7ua3CEy1IUH4t7ICFLBD2UAAAAADBXNoUnIF9B9VsTqXIWbQw==; path=/; Domain=.exness.com
x-incap-sess-cookie-hdr: vzTEATTqt1Ay1IUH4t7ICFLBD2UAAAAAD4KKj0W72x89v0hL2QR81g==
x-cdn: Imperva
x-iinfo: 4-11417123-11413567 pNNy RT(1695531346593 21) q(0 0 0 1) r(0 0) U12
X-Firefox-Spdy: h2
accounts.google.com/gsi/client
200 OK 202 kB URL GET HTTP/2 accounts.google.com/gsi/client
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT
File type ASCII text, with very long lines (3006)
Size 202 kB (201581 bytes)
Hash 55899c9e6d80b44a03bdd495ac03e783
629910d847078c08ed0f3bdc2690b3e78aa26403
8575afd2f549859d159326f2c54ecae5d882a8362aadf61991f5427ff126c8f0
GET /gsi/client HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
expires: Sun, 24 Sep 2023 04:55:50 GMT
date: Sun, 24 Sep 2023 04:55:50 GMT
cache-control: private, max-age=1800
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-vWQ3aog4k-kNWbv2hAdnig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sp-trk.com/t/tuu32r52?a=1695531350368&o=uq6snd05by
200 OK 15 kB URL GET HTTP/1.1 sp-trk.com/t/tuu32r52?a=1695531350368&o=uq6snd05by
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerZeroSSL
Subjectsp-trk.com
Fingerprint56:85:E4:D5:CF:85:9E:D9:1D:DC:86:A9:63:95:63:F7:EA:09:D7:FA
ValidityTue, 29 Aug 2023 00:00:00 GMT - Mon, 27 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (15340), with no line terminators
Hash 444aca3a618f3a62763bb08b7d0860c1
b226cb031587bacb79420c1944da1c73f8d788ae
52513fed42c177a69fe30b016fbe705d160da6aa2b6c4c2f67956f48eca4a06b
GET /t/tuu32r52?a=1695531350368&o=uq6snd05by HTTP/1.1
Host: sp-trk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-length: 5377
content-type: application/javascript; charset=UTF-8
date: Sun, 24 Sep 2023 04:55:49 GMT
server: S
vary: accept-encoding
gtm-n24g3w7-otgwz.uc.r.appspot.com/_set_cookie?val=sPjZGd%2BsSSb827X5AppCiIfL2rhHHOHGGKOXuZfkisqMilm2onRBkYzaKgtxkC5lgxkP81hV4o5Or81IVyKOD1uiviaV9bSS9w4YBpuh3yn9%2BXNtT8yXXXIVKN7sjBKqGYxRY2ePiNO3oTHkKlBe4hyzOXqbrq4wy2FeWPYJSaWJoqqUdqjfiLyTuQAGr6TDyawb2rTm%2Bvb2zvL%2BeKWxAWwY7w6NsKekXhp%2BPRWZ
200 OK 0 B URL GET HTTP/3 gtm-n24g3w7-otgwz.uc.r.appspot.com/_set_cookie?val=sPjZGd%2BsSSb827X5AppCiIfL2rhHHOHGGKOXuZfkisqMilm2onRBkYzaKgtxkC5lgxkP81hV4o5Or81IVyKOD1uiviaV9bSS9w4YBpuh3yn9%2BXNtT8yXXXIVKN7sjBKqGYxRY2ePiNO3oTHkKlBe4hyzOXqbrq4wy2FeWPYJSaWJoqqUdqjfiLyTuQAGr6TDyawb2rTm%2Bvb2zvL%2BeKWxAWwY7w6NsKekXhp%2BPRWZ
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subject*.appspot.com
FingerprintC7:04:61:D1:B8:25:6D:06:9D:B5:5B:21:C3:A4:91:FE:DA:FE:B4:24
ValidityMon, 04 Sep 2023 08:16:43 GMT - Mon, 27 Nov 2023 08:16:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_set_cookie?val=sPjZGd%2BsSSb827X5AppCiIfL2rhHHOHGGKOXuZfkisqMilm2onRBkYzaKgtxkC5lgxkP81hV4o5Or81IVyKOD1uiviaV9bSS9w4YBpuh3yn9%2BXNtT8yXXXIVKN7sjBKqGYxRY2ePiNO3oTHkKlBe4hyzOXqbrq4wy2FeWPYJSaWJoqqUdqjfiLyTuQAGr6TDyawb2rTm%2Bvb2zvL%2BeKWxAWwY7w6NsKekXhp%2BPRWZ HTTP/1.1
Host: gtm-n24g3w7-otgwz.uc.r.appspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 24 Sep 2023 04:55:52 GMT
content-type: image/gif
set-cookie: FPGSID=1.1695531351.1695531351.G-M71C3QBXSG.WVl0S9wYK06Z-54SEItexA; Max-Age=1800; Domain=exness.com; Path=/; SameSite=strict; Secure
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdVxzUgAAAAAESIS0CwqHdlMnRdv7crGI0D7-W4&co=aHR0cHM6Ly9teS5leG5lc3MuY29tOjQ0Mw..&hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&badge=bottomleft&cb=7hywkqe89cpc
200 OK 54 kB URL GET HTTP/3 www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LdVxzUgAAAAAESIS0CwqHdlMnRdv7crGI0D7-W4&co=aHR0cHM6Ly9teS5leG5lc3MuY29tOjQ0Mw..&hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&badge=bottomleft&cb=7hywkqe89cpc
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc.google.com
FingerprintE6:D0:C1:5F:77:95:7E:8A:76:70:24:1A:94:CB:F6:3C:32:E0:B7:7E
ValidityMon, 04 Sep 2023 08:18:49 GMT - Mon, 27 Nov 2023 08:18:48 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (45347)
Hash be862fb4ab546e7f4d85125c462d84df
36455b78a5ae242b2922228935633e69c30fd947
a8d3c9187f461067487b4adf885cd08340730c2d489584af5b79c97d5673400e
GET /recaptcha/enterprise/anchor?ar=1&k=6LdVxzUgAAAAAESIS0CwqHdlMnRdv7crGI0D7-W4&co=aHR0cHM6Ly9teS5leG5lc3MuY29tOjQ0Mw..&hl=vi&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&badge=bottomleft&cb=7hywkqe89cpc HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 24 Sep 2023 04:55:53 GMT
content-security-policy: script-src 'nonce-MTtLv32vNgqFTZjKsEAfuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.recaptcha.net/recaptcha/enterprise.js?render=explicit&hl=vi
200 OK 945 B URL GET HTTP/2 www.recaptcha.net/recaptcha/enterprise.js?render=explicit&hl=vi
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc.google.com
FingerprintE6:D0:C1:5F:77:95:7E:8A:76:70:24:1A:94:CB:F6:3C:32:E0:B7:7E
ValidityMon, 04 Sep 2023 08:18:49 GMT - Mon, 27 Nov 2023 08:18:48 GMT
File type ASCII text, with very long lines (945), with no line terminators
Hash edbfeea9d0c49eaa79a954636b101849
3ba6a3efd0fa04fc98fa15c9d5702859b7c17a07
3b7fc2649f12df57708b50d801c535fd1b84d805b1385eb541055a1bb0c8f2ab
GET /recaptcha/enterprise.js?render=explicit&hl=vi HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Sun, 24 Sep 2023 04:55:51 GMT
date: Sun, 24 Sep 2023 04:55:51 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gtm-n24g3w7-otgwz.uc.r.appspot.com/_set_cookie?val=3KHrgG%2FGFvgLXXzJRbWS0aKQOccMcTwdnLYDTKANewVagbja%2FzNOTcYWTJu14yVmAeGWEKNJUWp%2F3dv5rlRImKoMbiYnRzy6X86bOdgDiOpnWOhUAatI5XzQ%2BkoMGToZ%2BiyoAyDezFy18q3lejocEdRiJ%2BOXEeQlonNLO%2FjEm2%2Be1VnYdVGfD%2FJBhU7ndOfM%2BpmttUMCak2F5DG4qWp%2FmpP3j6W1Xw%3D%3D
200 OK 0 B URL GET HTTP/3 gtm-n24g3w7-otgwz.uc.r.appspot.com/_set_cookie?val=3KHrgG%2FGFvgLXXzJRbWS0aKQOccMcTwdnLYDTKANewVagbja%2FzNOTcYWTJu14yVmAeGWEKNJUWp%2F3dv5rlRImKoMbiYnRzy6X86bOdgDiOpnWOhUAatI5XzQ%2BkoMGToZ%2BiyoAyDezFy18q3lejocEdRiJ%2BOXEeQlonNLO%2FjEm2%2Be1VnYdVGfD%2FJBhU7ndOfM%2BpmttUMCak2F5DG4qWp%2FmpP3j6W1Xw%3D%3D
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subject*.appspot.com
FingerprintC7:04:61:D1:B8:25:6D:06:9D:B5:5B:21:C3:A4:91:FE:DA:FE:B4:24
ValidityMon, 04 Sep 2023 08:16:43 GMT - Mon, 27 Nov 2023 08:16:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_set_cookie?val=3KHrgG%2FGFvgLXXzJRbWS0aKQOccMcTwdnLYDTKANewVagbja%2FzNOTcYWTJu14yVmAeGWEKNJUWp%2F3dv5rlRImKoMbiYnRzy6X86bOdgDiOpnWOhUAatI5XzQ%2BkoMGToZ%2BiyoAyDezFy18q3lejocEdRiJ%2BOXEeQlonNLO%2FjEm2%2Be1VnYdVGfD%2FJBhU7ndOfM%2BpmttUMCak2F5DG4qWp%2FmpP3j6W1Xw%3D%3D HTTP/1.1
Host: gtm-n24g3w7-otgwz.uc.r.appspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 24 Sep 2023 04:55:52 GMT
content-type: image/gif
set-cookie: _fbp=fb.1.1695531351946.1811407407; Max-Age=7776000; Domain=gtm-n24g3w7-otgwz.uc.r.appspot.com; Path=/; SameSite=Lax; Secure
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
my.exness.com/v4/wta-api/geo/countries
200 OK 11 kB URL GET HTTP/2 my.exness.com/v4/wta-api/geo/countries
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectmy.exness.com
Fingerprint24:5A:47:29:3D:03:7F:09:E8:9F:13:EF:7A:C6:F0:8B:0B:B2:75:53
ValidityMon, 29 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (10928), with no line terminators
Hash a7d3576aa09d47ae8cbb4b26003bd1cb
97c6a21555d14bc654778b88cb476fbcd620e6cf
fc7ca19a472ff2f17412a749d81a3118e7f9884d85afeb0d21f75a3baa437b38
GET /v4/wta-api/geo/countries HTTP/1.1
Host: my.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Cookie: nlbi_2124469=UTyvQ6Gm+hhBOHgyLGzAYQAAAAAWcImNLERvVS2LJf6H4onb; visid_incap_2124469=6kLAH9rwSEelhqO55hY171LBD2UAAAAAQUIPAAAAAADx+RNWyKnSrop/9lZqm/0d; incap_ses_633_2124469=zbKjF7ua3CEy1IUH4t7ICFLBD2UAAAAADBXNoUnIF9B9VsTqXIWbQw==; AMP_2b790405f1=JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI4NzVlYWNiOS0xNWYwLTQ5YTEtYTllZS04NTQwYjY0ZDU2MWYlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjk1NTMxMzQ4ODQwJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTY5NTUzMTM1MDYzNCUyQyUyMmxhc3RFdmVudElkJTIyJTNBMyU3RA==; AMP_MKTG_2b790405f1=JTdCJTIydXRtX3NvdXJjZSUyMiUzQSUyMnBhcnRuZXJzJTIyJTdE; language=vi; fp=e19e1989b72653a7152c87a7240d524a; _gcl_au=1.1.602140492.1695531350; __gtm_campaign_url=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1; _rdt_uuid=1695531350671.e40f0781-f913-4d48-bdee-1c504dcea59f; _scid=7865fbe8-bee7-4415-a4d9-beaf9436bb39; _scid_r=7865fbe8-bee7-4415-a4d9-beaf9436bb39
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 24 Sep 2023 04:55:50 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
uber-trace-id: 00000000000000000974f0598ef9c346:6ac5372f072a9ab7:0b171990c077961a:03
x-request-id: c1e208d678f04ac5ad0127c3a10bf0b6
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-store
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-11417123-11413567 pNNy RT(1695531346593 4066) q(0 0 0 -1) r(1 1) U2
X-Firefox-Spdy: h2
ex.exnessstats.com/Xsb8_Pmz3YUDQiX2?235db6c73b4d8b1b=-rS4oWyLk3DObqAGv3Yd5lecRMyLIVVcv1wYhFOy1ZDJoEiKKSvGCAOJ5nqdzlOfHbW3HDRbmknV033vvpKgmBYWvB-upCdNlaw_Tb959bL1kvdkwvOYqLr_iGVPblpsjNzj_6DKJeIOWlMQaFVBs8LTgRS0R0STycYLclzc4Dltf9C8vDmOlLXZqGHPdcZXU_Q5UbL8Zei8FwBnUqU&je=353324246263633d392670656557757866617c653d27374a253230322530302733432735422530307e6772253a322531413b253f46253f44
204 204 0 B URL GET HTTP/1.1 ex.exnessstats.com/Xsb8_Pmz3YUDQiX2?235db6c73b4d8b1b=-rS4oWyLk3DObqAGv3Yd5lecRMyLIVVcv1wYhFOy1ZDJoEiKKSvGCAOJ5nqdzlOfHbW3HDRbmknV033vvpKgmBYWvB-upCdNlaw_Tb959bL1kvdkwvOYqLr_iGVPblpsjNzj_6DKJeIOWlMQaFVBs8LTgRS0R0STycYLclzc4Dltf9C8vDmOlLXZqGHPdcZXU_Q5UbL8Zei8FwBnUqU&je=353324246263633d392670656557757866617c653d27374a253230322530302733432735422530307e6772253a322531413b253f46253f44
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerSectigo Limited
Subjectex.exnessstats.com
Fingerprint00:47:4C:AB:7F:A7:43:51:F9:96:D5:4F:33:3B:C9:6D:35:DF:8D:73
ValidityMon, 24 Oct 2022 00:00:00 GMT - Tue, 24 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Xsb8_Pmz3YUDQiX2?235db6c73b4d8b1b=-rS4oWyLk3DObqAGv3Yd5lecRMyLIVVcv1wYhFOy1ZDJoEiKKSvGCAOJ5nqdzlOfHbW3HDRbmknV033vvpKgmBYWvB-upCdNlaw_Tb959bL1kvdkwvOYqLr_iGVPblpsjNzj_6DKJeIOWlMQaFVBs8LTgRS0R0STycYLclzc4Dltf9C8vDmOlLXZqGHPdcZXU_Q5UbL8Zei8FwBnUqU&je=353324246263633d392670656557757866617c653d27374a253230322530302733432735422530307e6772253a322531413b253f46253f44 HTTP/1.1
Host: ex.exnessstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Cookie: thx_guid=d5d562b6dc4bd13ef46a720b2ce3bcb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 204
Date: Sun, 24 Sep 2023 04:55:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
gtm-n24g3w7-otgwz.uc.r.appspot.com/g/collect?v=2&tid=G-M71C3QBXSG>m=45je39k2&_p=563362859&cid=1246350640.1695531352&ul=en-us&sr=1280x1024&_fplc=0&ir=1&ur=NO-03&_eu=EA&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695531348699&_s=3&sid=1695531351&sct=1&seg=0&dl=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&dt=%C4%90%C4%83ng%20k%C3%BD%20Exness&en=fetch_user_data&ep.agent_id=0&ep.action_source=website&epn.event_time=1695531350&ep.session_id_custom=1695531351&up.client_id_custom=1246350640.1695531352&tfd=10351&richsstsse
200 OK 394 B URL GET HTTP/3 gtm-n24g3w7-otgwz.uc.r.appspot.com/g/collect?v=2&tid=G-M71C3QBXSG>m=45je39k2&_p=563362859&cid=1246350640.1695531352&ul=en-us&sr=1280x1024&_fplc=0&ir=1&ur=NO-03&_eu=EA&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695531348699&_s=3&sid=1695531351&sct=1&seg=0&dl=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&dt=%C4%90%C4%83ng%20k%C3%BD%20Exness&en=fetch_user_data&ep.agent_id=0&ep.action_source=website&epn.event_time=1695531350&ep.session_id_custom=1695531351&up.client_id_custom=1246350640.1695531352&tfd=10351&richsstsse
IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerGoogle Trust Services LLC
Subject*.appspot.com
FingerprintC7:04:61:D1:B8:25:6D:06:9D:B5:5B:21:C3:A4:91:FE:DA:FE:B4:24
ValidityMon, 04 Sep 2023 08:16:43 GMT - Mon, 27 Nov 2023 08:16:42 GMT
File type ASCII text, with very long lines (419), with no line terminators
Hash a73228b21696631fd9fdf5014b6ad179
3adc97b3e7113853006c45c9fb465d4dac1bcac5
2ab872c34ddea94e5f276341fb62478f7e3b41f0bec15da700d1331037892e8c
GET /g/collect?v=2&tid=G-M71C3QBXSG>m=45je39k2&_p=563362859&cid=1246350640.1695531352&ul=en-us&sr=1280x1024&_fplc=0&ir=1&ur=NO-03&_eu=EA&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695531348699&_s=3&sid=1695531351&sct=1&seg=0&dl=https%3A%2F%2Fmy.exness.com%2Faccounts%2Fsign-up%2F%3Futm_source%3Dpartners%26lng%3Dvi%26ag_campaign%3DPRP%26cid%3Dl0esfl17td7r%26ag_source%3Dprp_keti_VN_%26sub_id%3Dprp_keit_%26ex_ol%3D1&dt=%C4%90%C4%83ng%20k%C3%BD%20Exness&en=fetch_user_data&ep.agent_id=0&ep.action_source=website&epn.event_time=1695531350&ep.session_id_custom=1695531351&up.client_id_custom=1246350640.1695531352&tfd=10351&richsstsse HTTP/1.1
Host: gtm-n24g3w7-otgwz.uc.r.appspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://my.exness.com
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 24 Sep 2023 04:55:57 GMT
content-type: text/plain
vary: Accept-Encoding
set-cookie: FPGSID=1.1695531357.1695531357.G-M71C3QBXSG.up248a130KqmQntX4YqDLQ; Max-Age=1800; Domain=exness.com; Path=/; SameSite=strict; Secure
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-origin: https://my.exness.com
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
s.pinimg.com/ct/core.js
200 OK 3.5 kB IP
Requested by https://my.exness.com/accounts/sign-up/?utm_source=partners&lng=vi&ag_campaign=PRP&cid=l0esfl17td7r&ag_source=prp_keti_VN_&sub_id=prp_keit_&ex_ol=1
Certificate IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint8E:D1:BC:9A:53:E5:51:57:5E:48:5E:22:82:8C:60:F8:74:F0:08:AC
ValidityMon, 07 Aug 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (3551), with no line terminators
Hash 0726f4805a03f714f25d41d7a4825faf
d51dab5a35814f55b77ef04f7889c62f2e1afbc3
2d9f1f7b0fc596d2641fac3538536a2c1d54894d09069638ff275361008c8967
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.exness.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "d27ea869d7ce22e300e4a4a927526193"
x-amz-server-side-encryption: AES256
cache-control: max-age=7200
content-encoding: br
accept-ranges: bytes
content-type: application/javascript
content-length: 1473
alt-svc: h3=":443"; ma=600
vary: Accept-Encoding, Origin
akamai-x-true-ttl: 7200
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
45.60.78.64
147.92.191.92
139.162.131.144
23.38.200.197
104.18.15.101
18.138.67.99
188.114.97.1
0.0.0.0