www2.derivatives.com Open in urlscan Pro
216.74.152.161 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://track.imaginesoftware.com/y.z?l=https%3a%2f%2fwww2.derivatives.com%2fimagine-auth&j=380541231&e=741&p=1&t=h&1DAEF7AD21E448...
Effective URL:
https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+...
Submission: On November 21 via manual (November 21st 2024, 2:13:21 pm UTC) from US — Scanned from US

Summary HTTP 25 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 25 HTTP transactions. The main IP is 216.74.152.161, located in United States and belongs to CENTURYLINK-LEGACY-SAVVIS, US. The main domain is www2.derivatives.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on May 17th 2024. Valid for: a year.

This is the only time www2.derivatives.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	104.248.15.35 104.248.15.35	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	216.74.152.161 216.74.152.161	3561 (CENTURYLI...) (CENTURYLINK-LEGACY-SAVVIS)
1	172.253.63.95 172.253.63.95	15169 (GOOGLE) (GOOGLE)
6	23.199.55.5 23.199.55.5	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	172.253.115.95 172.253.115.95	15169 (GOOGLE) (GOOGLE)
7	142.251.167.94 142.251.167.94	15169 (GOOGLE) (GOOGLE)
1	23.199.55.15 23.199.55.15	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
25	7

2 104.248.15.35 (Clifton, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 2.jngo.net

track.imaginesoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.74.152.161 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: www2.derivatives.com

www2.derivatives.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.199.55.5 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-199-55-5.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.167.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.199.55.15 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-199-55-15.deploy.static.akamaitechnologies.com

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	derivatives.com www2.derivatives.com	123 KB
7	gstatic.com fonts.gstatic.com	131 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 460 p.typekit.net — Cisco Umbrella Rank: 571	355 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415 fonts.googleapis.com — Cisco Umbrella Rank: 29	7 KB
2	imaginesoftware.com 2 redirects track.imaginesoftware.com	1001 B
0	tsimagine.com Failed www.tsimagine.com Failed
25	6

	Domain	Requested by
8	www2.derivatives.com	www2.derivatives.com
7	fonts.gstatic.com	fonts.googleapis.com
6	use.typekit.net	www2.derivatives.com
2	track.imaginesoftware.com	2 redirects
1	p.typekit.net	www2.derivatives.com
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	www2.derivatives.com
0	www.tsimagine.com Failed	www2.derivatives.com
25	8

This site contains links to these domains. Also see Links.

Domain
www.tsimagine.com

Subject Issuer	Validity	Valid
www2.derivatives.com GeoTrust TLS RSA CA G1	`2024-05-17` - `2025-06-17`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-17` - `2025-11-17`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=
Frame ID: FB6804C007FCD53CBA1B365FCC21FB8E
Requests: 24 HTTP requests in this frame

Frame: https://www2.derivatives.com/samlsso?spEntityID=https://imagine.force.com
Frame ID: 9213D7EED7426CB8D972A313BC1BF33A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TS Imagine - Client Login

Page URL History Show full URLs

https://track.imaginesoftware.com/y.z?l=https%3a%2f%2fwww2.derivatives.com%2fimagine-auth&j=380541231&e=741&p=... HTTP 302
https://track.imaginesoftware.com/z.aspx?page=y&l=https%3a%2f%2fwww2.derivatives.com%2fimagine-auth&j=38054123... HTTP 302
https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

96 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

1
Countries

616 kB
Transfer

643 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.tsimagine.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.imaginesoftware.com/y.z?l=https%3a%2f%2fwww2.derivatives.com%2fimagine-auth&j=380541231&e=741&p=1&t=h&1DAEF7AD21E4487C8E789ACE2A250EDF HTTP 302
https://track.imaginesoftware.com/z.aspx?page=y&l=https%3a%2f%2fwww2.derivatives.com%2fimagine-auth&j=380541231&e=741&p=1&t=h&1DAEF7AD21E4487C8E789ACE2A250EDF HTTP 302
https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request imagine-auth Show response
www2.derivatives.com/
Redirect Chain

https://track.imaginesoftware.com/y.z?l=https%3a%2f%2fwww2.derivatives.com%2fimagine-auth&j=380541231&e=741&p=1&t=h&1DAEF7AD21E4487C8E789ACE2A250EDF
https://track.imaginesoftware.com/z.aspx?page=y&l=https%3a%2f%2fwww2.derivatives.com%2fimagine-auth&j=380541231&e=741&p=1&t=h&1DAEF7AD21E4487C8E789ACE2A250EDF
https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=

10 KB
10 KB

294ms
87ms

Document
text/html

216.74.152.161
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.74.152.161 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

www2.derivatives.com

Software

Apache/2.4.34 (Red Hat) /

Resource Hash

0eb4e44286995e8957eebbe3e8d706d915bf800a07531e8510efe1658764f266

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Thu, 21 Nov 2024 14:13:15 GMT
P3P: CP="CAO DSP COR PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT DEM STA LOC" CP="CAO DSP COR PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT DEM STA LOC"
Server: Apache/2.4.34 (Red Hat)
Strict-Transport-Security: max-age=15768000;includeSubDomains
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

Redirect headers

X-Powered-By: Express
cache-control: private,private, must-revalidate, max-age=0
connection: close
content-length: 302
content-type: text/html; charset=utf-8
date: Thu, 21 Nov 2024 14:13:15 GMT
location: https://www2.derivatives.com:443/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=
pragma: no-cache
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK jquery-2.1.4.min.js Show response
www2.derivatives.com/scripts/ 82 KB
83 KB 265ms
88ms Script
application/javascript 216.74.152.161
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.derivatives.com/scripts/jquery-2.1.4.min.js

Requested by

Host: www2.derivatives.com
URL: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.74.152.161 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

www2.derivatives.com

Software

Apache/2.4.34 (Red Hat) /

Resource Hash

f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=

Response headers

Strict-Transport-Security: max-age=15768000;includeSubDomains
ETag: "14979-52e446499ad00"
Connection: close
Accept-Ranges: bytes
Content-Length: 84345
P3P: CP="CAO DSP COR PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT DEM STA LOC", CP="CAO DSP COR PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT DEM STA LOC"
Date: Thu, 21 Nov 2024 14:13:16 GMT
Last-Modified: Thu, 17 Mar 2016 20:22:44 GMT
Content-Type: application/javascript
Server: Apache/2.4.34 (Red Hat)
X-Frame-Options: SAMEORIGIN

GET
H/1.1 404
Not Found rob_derivatives20.css
www2.derivatives.com/css/ 0
0 262ms
87ms Stylesheet
text/html 216.74.152.161
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.derivatives.com/css/rob_derivatives20.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.74.152.161 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

www2.derivatives.com

Software

Apache/2.4.34 (Red Hat) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=

Response headers

Strict-Transport-Security: max-age=15768000;includeSubDomains
ETag: "2389-61d8a97fe81cb"
Connection: close
Accept-Ranges: bytes
Content-Length: 9097
P3P: CP="CAO DSP COR PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT DEM STA LOC", CP="CAO DSP COR PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT DEM STA LOC"
Date: Thu, 21 Nov 2024 14:13:16 GMT
Last-Modified: Thu, 18 Jul 2024 19:29:12 GMT
Content-Type: text/html; charset=UTF-8
Server: Apache/2.4.34 (Red Hat)
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK rob_derivatives2020.css
www2.derivatives.com/css/ 15 KB
16 KB 264ms
89ms Stylesheet
text/css 216.74.152.161
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.derivatives.com/css/rob_derivatives2020.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.74.152.161 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

www2.derivatives.com

Software

Apache/2.4.34 (Red Hat) /

Resource Hash

f18efe7537501c472cc7c4960c1a18766be741f6294948ce008437600d90192a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=

Response headers

Strict-Transport-Security: max-age=15768000;includeSubDomains
ETag: "3ced-5b1a230236e80"
Connection: close
Accept-Ranges: bytes
Content-Length: 15597
P3P: CP="CAO DSP COR PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT DEM STA LOC", CP="CAO DSP COR PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT DEM STA LOC"
Date: Thu, 21 Nov 2024 14:13:16 GMT
Last-Modified: Wed, 14 Oct 2020 14:17:14 GMT
Content-Type: text/css
Server: Apache/2.4.34 (Red Hat)
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK tsi225.png
www2.derivatives.com/images/ 2 KB
2 KB 270ms
90ms Image
image/png 216.74.152.161
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.derivatives.com/images/tsi225.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.74.152.161 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

www2.derivatives.com

Software

Apache/2.4.34 (Red Hat) /

Resource Hash

41f0f556f95908fda34300a2b323603a2968a2be38fbf00fefcefad7763c6d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=

Response headers

Strict-Transport-Security: max-age=15768000;includeSubDomains
ETag: "737-5cb7dd2e31040"
Connection: close
Accept-Ranges: bytes
Content-Length: 1847
P3P: CP="CAO DSP COR PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT DEM STA LOC", CP="CAO DSP COR PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT DEM STA LOC"
Date: Thu, 21 Nov 2024 14:13:16 GMT
Last-Modified: Wed, 08 Sep 2021 15:49:13 GMT
Content-Type: image/png
Server: Apache/2.4.34 (Red Hat)
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK wso2loginShim.js Show response
www2.derivatives.com/scripts/ 3 KB
3 KB 273ms
91ms Script
application/javascript 216.74.152.161
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.derivatives.com/scripts/wso2loginShim.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.74.152.161 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

www2.derivatives.com

Software

Apache/2.4.34 (Red Hat) /

Resource Hash

8494b17a017609135648ccf474243ed14890d87e83801cc0b170f912a2946538

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=

Response headers

Strict-Transport-Security: max-age=15768000;includeSubDomains
ETag: "bae-533322377fa00"
Connection: close
Accept-Ranges: bytes
Content-Length: 2990
P3P: CP="CAO DSP COR PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT DEM STA LOC", CP="CAO DSP COR PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT DEM STA LOC"
Date: Thu, 21 Nov 2024 14:13:16 GMT
Last-Modified: Thu, 19 May 2016 13:42:00 GMT
Content-Type: application/javascript
Server: Apache/2.4.34 (Red Hat)
X-Frame-Options: SAMEORIGIN

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 271ms
91ms Script
text/javascript 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www2.derivatives.com/

Response headers

content-encoding: gzip
age: 338948
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 16:04:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 16:04:08 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5437
x-xss-protection: 0
server: sffe

GET
H2 200 mdc0vzf.js Show response
use.typekit.net/ 18 KB
7 KB 400ms
187ms Script
text/javascript 23.199.55.5
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/mdc0vzf.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.55.5 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a23-199-55-5.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fc96d537dd8787325f8e88f1269154fe2b124b205ff9d32e29bc38c0fea716a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www2.derivatives.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 6801
date: Thu, 21 Nov 2024 14:13:16 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H/1.1 503
Service Unavailable samlsso Show response
www2.derivatives.com/ Frame 9213 299 B
519 B 3275ms
3094ms Document
text/html 216.74.152.161
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.derivatives.com/samlsso?spEntityID=https://imagine.force.com

Requested by

Host: www2.derivatives.com
URL: https://www2.derivatives.com/scripts/wso2loginShim.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.74.152.161 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

www2.derivatives.com

Software

Apache/2.4.34 (Red Hat) /

Resource Hash

5764fed31b533e202f88d735a531f70a4ee3f66bb856afa4277872a758e6b578

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: close
Content-Length: 299
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 21 Nov 2024 14:13:16 GMT
Server: Apache/2.4.34 (Red Hat)
X-Frame-Options: SAMEORIGIN

GET loginbg.png
www.tsimagine.com/wp-content/uploads/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 360ms
180ms Stylesheet
text/css 172.253.115.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,900,700italic,700,400italic,300,300italic&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f95.1e100.net

Software

ESF /

Resource Hash

e197f382830309b2a80a77398a4f8ff6fbbefc473dfd8df6e74ee3dba3adc51a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www2.derivatives.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 14:13:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 14:13:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 14:13:16 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 l
use.typekit.net/af/f80f1d/00000000000000003b9aefb8/27/ 32 KB
32 KB 244ms
80ms Font
application/font-woff2 23.199.55.5
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f80f1d/00000000000000003b9aefb8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www2.derivatives.com
URL: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.55.5 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-199-55-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a266e11de86ad85e8a31f22f3f3d362b500e59245ef84eda7d781b72273c96b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www2.derivatives.com
Referer: https://www2.derivatives.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "5b1424bf708a1baf048831772af7891cda52e1e0"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 32984
date: Thu, 21 Nov 2024 14:13:16 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/29352b/00000000000000003b9aefb9/27/ 33 KB
33 KB 328ms
167ms Font
application/font-woff2 23.199.55.5
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/29352b/00000000000000003b9aefb9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: www2.derivatives.com
URL: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.55.5 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-199-55-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 34999e61b61a93cf7831d4976d1a79a95733db6a3ba41ef0247ee0cc8ccbe406

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www2.derivatives.com
Referer: https://www2.derivatives.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "41bd63e072fcddb931e4f5c670a122a6ae75b1a8"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34028
date: Thu, 21 Nov 2024 14:13:16 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/ 31 KB
31 KB 350ms
190ms Font
application/font-woff2 23.199.55.5
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www2.derivatives.com
URL: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.55.5 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-199-55-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4bfa71344815432ab4b5365a2356537db077754717d1d84ced1360a2de60908b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www2.derivatives.com
Referer: https://www2.derivatives.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "625d31c6ff36363142e14c9d9cf9f2747ce3803a"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 31984
date: Thu, 21 Nov 2024 14:13:16 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/ 33 KB
33 KB 295ms
135ms Font
application/font-woff2 23.199.55.5
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: www2.derivatives.com
URL: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.55.5 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-199-55-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 793889965167b8d9112fe3f0c45cae6b97f40b930c54c2e079823f153f013962

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www2.derivatives.com
Referer: https://www2.derivatives.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "0a37e0f13f84c73347be23130bb6d2063bc1d8a8"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33804
date: Thu, 21 Nov 2024 14:13:16 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/cba6f9/00000000000000003b9ada40/27/ 217 KB
217 KB 365ms
205ms Font
application/font-woff2 23.199.55.5
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cba6f9/00000000000000003b9ada40/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www2.derivatives.com
URL: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.55.5 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-199-55-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cdd22b6e3e9dbae0ea9308679b0680c96a5849b4a22c5a32d28ac354f3e67be7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www2.derivatives.com
Referer: https://www2.derivatives.com/

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "c68e9153060f2fa030e75120476876f2f3e054df"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 222260
date: Thu, 21 Nov 2024 14:13:16 GMT
content-type: application/font-woff2
server: nginx

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 251ms
156ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900,700italic,700,400italic,300,300italic&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www2.derivatives.com
Referer: https://fonts.googleapis.com/

Response headers

age: 458041
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 06:59:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 06:59:16 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 367ms
272ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900,700italic,700,400italic,300,300italic&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www2.derivatives.com
Referer: https://fonts.googleapis.com/

Response headers

age: 521254
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 13:25:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 13:25:43 GMT
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18492
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 347ms
252ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900,700italic,700,400italic,300,300italic&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www2.derivatives.com
Referer: https://fonts.googleapis.com/

Response headers

age: 469255
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 03:52:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 03:52:22 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 183ms
91ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900,700italic,700,400italic,300,300italic&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www2.derivatives.com
Referer: https://fonts.googleapis.com/

Response headers

age: 521252
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 13:25:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 13:25:45 GMT
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18436
x-xss-protection: 0
server: sffe

GET
H3 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 19 KB
19 KB 282ms
190ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900,700italic,700,400italic,300,300italic&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www2.derivatives.com
Referer: https://fonts.googleapis.com/

Response headers

age: 458035
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 06:59:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 06:59:22 GMT
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19780
x-xss-protection: 0
server: sffe

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 216ms
124ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900,700italic,700,400italic,300,300italic&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www2.derivatives.com
Referer: https://fonts.googleapis.com/

Response headers

age: 524438
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 12:32:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 12:32:39 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20144
x-xss-protection: 0
server: sffe

GET
H3 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 315ms
223ms Font
font/woff2 142.251.167.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900,700italic,700,400italic,300,300italic&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f94.1e100.net

Software

sffe /

Resource Hash

d6d436fde6c23ffcdf1adc1626ace4d8f58086e98228f2451e5a65b248309260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www2.derivatives.com
Referer: https://fonts.googleapis.com/

Response headers

age: 470979
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 03:23:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 03:23:38 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20216
x-xss-protection: 0
server: sffe

GET
H2 200 p.gif
p.typekit.net/ 35 B
205 B 344ms
80ms Image
image/gif 23.199.55.15
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=mdc0vzf&ht=tk&h=www2.derivatives.com&f=139.140.175.176.28096&a=3126593&js=1.21.0&app=typekit&e=js&_=1732198397242
Requested by: Host: www2.derivatives.com
URL: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.55.15 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-199-55-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www2.derivatives.com/

Response headers

cache-control: public, max-age=604800
etag: "66d916d6-23"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35
date: Thu, 21 Nov 2024 14:13:17 GMT
content-type: image/gif
last-modified: Thu, 05 Sep 2024 02:26:30 GMT
server: nginx

GET
H/1.1 200
OK favicon.ico
www2.derivatives.com/ 7 KB
8 KB 272ms
91ms Other
image/vnd.microsoft.icon 216.74.152.161
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.derivatives.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.74.152.161 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

www2.derivatives.com

Software

Apache/2.4.34 (Red Hat) /

Resource Hash

2b02466d4fc23b6140efcd443fe590ecbf204c26fda1c090bf97ea6f20a78238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www2.derivatives.com/imagine-auth?utm_source=JangoMail&utm_medium=Email&utm_campaign=RiskSmart%2b+Version+24.2+Patch+1+Upgrade+Complete++(380541231)&utm_content=

Response headers

Strict-Transport-Security: max-age=15768000;includeSubDomains
ETag: "1cee-5debc47a88e40"
Connection: close
Accept-Ranges: bytes
Content-Length: 7406
P3P: CP="CAO DSP COR PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT DEM STA LOC", CP="CAO DSP COR PSAa PSDa CONi OUR IND PHY ONL UNI COM NAV INT DEM STA LOC"
Date: Thu, 21 Nov 2024 14:13:19 GMT
Last-Modified: Wed, 11 May 2022 13:18:41 GMT
Content-Type: image/vnd.microsoft.icon
Server: Apache/2.4.34 (Red Hat)
X-Frame-Options: SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.tsimagine.com
URL: https://www.tsimagine.com/wp-content/uploads/loginbg.png

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			track.imaginesoftware.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDQCSBBQDD Value: JFFGLCEDGIKMKEAIKDELBEBP

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www2.derivatives.com/css/rob_derivatives20.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www2.derivatives.com/samlsso?spEntityID=https://imagine.force.com Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000;includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
p.typekit.net
track.imaginesoftware.com
use.typekit.net
www.tsimagine.com
www2.derivatives.com
www.tsimagine.com
104.248.15.35
142.251.167.94
172.253.115.95
172.253.63.95
216.74.152.161
23.199.55.15
23.199.55.5
0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440
0eb4e44286995e8957eebbe3e8d706d915bf800a07531e8510efe1658764f266
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
2b02466d4fc23b6140efcd443fe590ecbf204c26fda1c090bf97ea6f20a78238
34999e61b61a93cf7831d4976d1a79a95733db6a3ba41ef0247ee0cc8ccbe406
41f0f556f95908fda34300a2b323603a2968a2be38fbf00fefcefad7763c6d06
4bfa71344815432ab4b5365a2356537db077754717d1d84ced1360a2de60908b
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
5764fed31b533e202f88d735a531f70a4ee3f66bb856afa4277872a758e6b578
793889965167b8d9112fe3f0c45cae6b97f40b930c54c2e079823f153f013962
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8494b17a017609135648ccf474243ed14890d87e83801cc0b170f912a2946538
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a266e11de86ad85e8a31f22f3f3d362b500e59245ef84eda7d781b72273c96b0
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
cdd22b6e3e9dbae0ea9308679b0680c96a5849b4a22c5a32d28ac354f3e67be7
d6d436fde6c23ffcdf1adc1626ace4d8f58086e98228f2451e5a65b248309260
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e197f382830309b2a80a77398a4f8ff6fbbefc473dfd8df6e74ee3dba3adc51a
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f18efe7537501c472cc7c4960c1a18766be741f6294948ce008437600d90192a
fc96d537dd8787325f8e88f1269154fe2b124b205ff9d32e29bc38c0fea716a3

www2.derivatives.com Open in urlscan Pro 216.74.152.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

96 %HTTPS

0 %IPv6

6 Domains

8 Subdomains

7 IPs

1 Countries

616 kBTransfer

643 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

www2.derivatives.com Open in urlscan Pro
216.74.152.161 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

96 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

1
Countries

616 kB
Transfer

643 kB
Size

1
Cookies

25 HTTP transactions
0 data transactions